As we’ve seen in recent years, natural disasters can lead to long-term downtime for organizations. Because earthquakes, hurricanes, snow storms, or other events can put data centers and other corporate facilities out of commission for a while, it’s vital that companies have in place a comprehensive disaster recovery plan.
Disaster recovery (DR) is a subset of business continuity (BC), and like BC, it’s being influenced by some of the key trends in the IT industry, foremost among them:
- Cloud services
- Server and desktop virtualization
- The proliferation of mobile devices in the workforce
- The growing popularity of social networking as a business tool
These trends are forcing many organizations to rethink how they plan, test, and execute their DR strategies. CSO previously looked at how these trends are specifically affecting IT business continuity; as with BC, much of the impact they are having on DR is for the better. Still, IT and security executives need to consider how these developments can best be leveraged so that they improve, rather than complicate, DR efforts.
Head over to the source and see how IT disaster recovery is being impacted by each of the four.
- 33 Cloud Service Providers Join Zerto Cloud Disaster Recovery Ecosystem (sys-con.com)
- Symantec and Microsoft team for disaster-recovery service (techworld.com.au)
- Colocation’s role in Disaster Recovery & Business Continuity (cashzilla.wordpress.com)
As technology evolves with the rise of the cloud and BYOD, so does the debate on keeping corporate information secure.
Many companies also require remote wiping capability on employee devices in case they are lost or stolen, plus communication encryption software. They also require employees not to use a single password for multiple sites, and some are forbidding passwords of a single word.
But Parris, who formerly held technical and sales management positions at Boeing Computer Services and founded Intercede, argues that securing email also requires identity management — a system that creates a digital identity for employees and other third parties connected to an enterprise, which will then track, “who is sending which email and information to whom, when and protecting it in transit and at rest.”
Even that will not ensure protection of the email, he said. “It must also be run on a secure platform that delivers tightly controlled policy to enforce data labeling, digital message signing, encryption and checking of the actual content.”
Jeff Wilson, principal analyst for security at Infonetics, agrees that an email management platform would help, since “most people are getting email on [multiple] mobile devices that could be lost, stolen, or compromised.”
But he noted a more basic problem for many companies: “They don’t even have an accurate inventory of devices connecting to their network or a framework for building a security policy and buying appropriate security solutions.”
Since email is the primary method of information sharing, enterprises must keep it secure, “to protect intellectual property and to compete in the global business environment,” Parris said.
Due to the loose restrictions Google places on it’s app-marketplace?
Clickjacking rootkits could pose the next big threat for the Android platform, according to a research team out of North Carolina State University. Led by computer science professor Xuxian Jiang, the team has developed a prototype clickjacking rootkit that’s more sophisticated than the other Android-oriented malware already out there.
This new prototype rootkit — which attacks the Android framework, rather than the kernel — differs from other malware in key ways, according to Jiang. “Unlike other rootkits for the platform, this one can function without a restart and without deep modification of the underlying firmware,” Jiang explained in a video in which he demonstrates the rootkit in action. “But it can still do all the things that a rootkit wants to do, such as hide or redirect apps.”
In other words just as with other computing devices keep anti-virus software up-to-date.
- Researchers create prototype Android clickjacking rootkit (androidauthority.com)
- “Clickjacking” Android could lead to app level phishing (h-online.com)
An exploit for an unpatched vulnerability in the MSXML (Microsoft XML Core Services) has been incorporated into Blackhole, one of the most widely used Web attack toolkits, according to security researchers from antivirus firm Sophos.
The security flaw is identified as CVE-2012-1889 and is what security researchers call a zero-day vulnerability — an actively exploited vulnerability for which an official patch doesn’t yet exist.
Be sure to keep that anti-virus up-to-date and also utilize the Fix-It tool Microsoft has made available.
- Hackers exploit Windows XML Core Services flaw (infoworld.com)
- Danger! Unpatched Microsoft security vulnerability being actively exploited (nakedsecurity.sophos.com)
- CVE2012-1889: MSXML use-after-free vulnerability (eset.com)
Are you placing active filters on data leaving?
The purpose of a firewall has been burned into the head of just about every person who uses the Internet, and the thought of functioning without protection from the bad people is sheer lunacy.
However, nearly all firewalls are unidirectional. They may protect you from nefarious pokes and prods from the nether regions of the Internet, but they’ll happily ship out any data you send from the inside. Only at the higher levels of enterprise IT do you see active filters for data leaving the network.
Paul Venezia makes a great point at the end:
As in so many facets of IT, to be forewarned is to be forearmed. The
quest for true network security and visibility is an ongoing struggle,
and even with all the notice in the world, there’s no winning this arms
race. But that doesn’t mean we can just quit. If you’re not watching
your outbound traffic now, plan on doing so as soon as possible. Whether
you start with something as “simple” as NTop or go for the big guns like the NIKSUN device, it’s a worthwhile investment of time and money — kinda like firewalls.
Read more at: The firewall threat you don’t know | Data Center – InfoWorld.
- Firewall Management 201: Firewall Policies are not a Black or White Decision (algosec.com)
- Stupid security mistakes: Things you missed while doing the hard stuff (infoworld.com)
- Beyond the Firewall: What You Need to Know About Threats and Security in 2012 (thesecuritysamurai.com)
Google calls the program “experimental,” but says it gives security researchers new incentives to report Web flaws directly to Google’s security team. “As well as enabling us to thank regular contributors in a new way, we hope our new program will attract new researchers and the types of reports that help make our users safer,” Google said Monday in a blog posting announcing the program.
The idea is to give Google a chance to fix the vulnerabilities before the bad guys get their hands on them. So, in order to qualify, security researchers must privately disclose new flaws to Google first before they go public with their research. In return, the hackers qualify for cash rewards of between US$500 and $3,133.70, depending on the severity of the flaw.
Google has already paid out about 50 such rewards for Chrome bugs since launching a similar program last January. Google doesn’t pay out for bugs in all of its products, however. There are no bounties for finding flaws in Android, Picasa or Google Desktop, for example.
With the Web program, Google is breaking new ground. (Source: InfoWorld)
Very interesting way to find security bugs. Check out the risks and Google’s guidelines at the source.
Powered by ScribeFire.
- Google Offers Bounty to Web Bug Hunters (pcworld.com)
- Google calls bug bounty hunters to YouTube, Blogger (go.theregister.com)
- Rewarding web application security research (googleonlinesecurity.blogspot.com)