Will Slack rule the world of Shadow IT?

As the business environment and challenges are always changing, new cloud applications are constantly being deployed throughout the organization. Speed and flexibility are the main reason for employees to use them without being sanctioned by IT departments, which find themselves in a constant battle to keep confidential file transfers under control and stop sensitive data from getting into the wrong hands.

Slack is a messaging app used for collaboration in companies, but it has also become popular among freelancers and other independent professionals who need to communicate with different collaborators. In fact, it’s revolutionizing the way teams work by bringing messages from people together with notifications from the tools they may use at work, creating a unified archive of information accessible through powerful search. The adoption rate is great, with 3 million…

Read more

CoSoSys’ research at Infosec Europe 2016 reveals USB devices still represent a big threat

In 2016 – the year of IoT innovations, wearable technology, and cloud computing – we have discovered some interesting facts. What is considered by many an “old-fashioned”, obsolete or close to extinction tool – the USB storage device–plays an interesting role in today’s work environment. Aside from the many customers that have implemented our Device Control solution to monitor and control how portable storage devices, like USB thumb drives, are being used, we also wanted to get a pulse from the 2016 Infosecurity visitors. Therefore, one of our main objectives as an exhibitor at this year’s event, on top of showcasing our DLP and MDM solutions, was to gather more information about visitors’ policies towards the use of USB devices. We conducted a research by surveying 180 respondents working in organizations from different verticals, most of them from the UK, but…

Read more

Let’s Talk Data Loss Prevention at InfoSec Europe, booth #G147

Infosecurity is Europe’s largest conference on information security, featuring over 315 exhibitors and presenting the most diverse range of products and services. There will around 12,006 unique visitors from every segment of the industry. This year’s edition, like the previous one, will be held at Olympia, London from 7th to 9th June 2016. You can check the venue program and location here.

We will attend as an exhibitor for the 3rd time to showcase our main product: Endpoint Protector 4, cross-platform award-winning DLP solution.

“We are glad to participate for the 3rd time as exhibitors at the Europe’s biggest Infosecurity conference and exhibition. During the entire event, our team will greet visitors at our booth with insights into DLP technology and 1:1 demos. We invite you to join us for 3 days of great interactions,” says Roman Foeckl, founder and CEO of CoSoSys.…

Read more

DLP in hospitality – a success story at the Mandarin Oriental Hotel, Bangkok

The quality of the services and safety are extremely important in the hospitality industry. Hotels do not only have to ensure their guests feel welcomed and comfortable but also safe and safety goes further than safe deposit boxes for valuable assets or money that most hotels provide in each room. Hotels are obliged to protect their customers’ data against data leakage, theft or loss and to secure it against cyber attacks. People usually are not aware of this, but hotels hold a lot of private records, like credit card numbers, e-mail addresses, company data, for business travelers, ID numbers, and other sensitive data. I was never curious how hotels protect or what they do with my personal details, but that’s something that each of us should investigate. You wouldn’t want your vacation to turn into a disaster because the hotel where you are staying suffered a breach and you have to …

Read more

Close Look into Insider and External Threats

One challenge we face many times is related to the confusion between the threats our Data Loss Prevention and Mobile Device Management solutions address. Even though DLP has become very popular and, while it has not reached maturity, pretty much any IT Manager or CSO knows what DLP is, but there is still some confusion regarding the risks it minimizes or what user behavior is controlled. In fact, data security is so complex, that the confusion regarding on how threats act and how software responds extend to other solutions as well, not only DLP.
To bring some clarity into what DLP covers, we need to make a distinction between external and internal threat vectors:

Insider threats

For a complete protection, organizations must also address the biggest threat of the 21st century – insider threats. While IT Administrators are busy securing the network and setting up the firewall to make sure…

Read more

Introducing the refined USB Enforced Encryption from Endpoint Protector 4 DLP

With each product update, we strive to make IT administrators’ experience better and to enhance data security features, with the final scope to prevent data losses and data thefts in organizations. Today I would like to drill down into the refined cross-platform Enforced Encryption module (available for Windows and Mac OS X), the most recent release for Endpoint Protector 4, our DLP and MDM solution.

We call Enforced Encryption…

The capability of automatically encrypting data on USB storage devices and authorizing the use of only encrypted USB devices. We do this with the correlation between Endpoint Protector 4 Data Loss Prevention product and the EasyLock, password-protected USB encryption software. Referring strictly to the DLP tool, it monitors two main channels as exit points for sensitive data: portable storage devices and online applications and services. Besides…

Read more

Bots, Botnets, Zombies, Humans and Data Loss

Just by looking at the blog post title, it’s easy to understand that we’re talking about computers and confidential data. However, for those that vaguely remember the terms and are more up to date with the latest episodes of The Walking Dead, let’s do a quick refresh and get on the same page. We’ll also get to see what the terms mean right now and what the future will bring, how the human factor can’t be ignored and last but not least, touch on some social engineering.

Relation between bots, botnets and zombies

How a botnet works – Image source: Wikipedia

Typically, a bot can be considered a script, malware or a type of application that is designed to execute specific automated tasks which would be too time-consuming for an actual person. Being “fun loving people”, they tend to gather and socialize, creating botnets. Since a botnet can be made up of computers all over the globe,…

Read more

Panama Papers – massive breach, worldwide consequences

Up until now, pretty much everybody knows about the Panama Papers. If you’re not living in a bunker with no connection to the outside world, there is no way you didn’t find out about the biggest data breach in history. It is bigger than WikiLeaks or the Snowden leak. While the media is extensively covering this subject, IT security industry experts have been more or less silent, maybe because it is a highly sensitive subject. It is the kind of happening that you do not know how to classify because there are too many implications and with each day passing by, the snowball effect is getting bigger and bigger.

We just want to express our thoughts about this massive breach and we’re summing up some of the discoveries, to keep you up to date.

So, here are the facts until now:
  • Over a year ago an anonymous source started sending documents which gathered up to 11.5 million documents (2.6 terabytes of
Read more

Anti-tampering measures for an Endpoint DLP

Data Loss Prevention tools, like any other software, require security features that ensure no hacker, malicious individual or curious characters bypass it and manage to leak sensitive data from an organization. Besides specific DLP capabilities, performance and price, the security of the solution itself and the anti-tampering measures are also key criteria that make a DLP solution complete and powerful.
Here are the top security features most CSOs ask about and you should also search for in an endpoint DLP solution:

1. Client uninstall protection

DLP at the endpoint level has server-client architecture. The server part is where the management of the security policies is done while the client software is installed on each computer of the network that needs to be controlled for sensitive data transfers. To stop users from uninstalling the client-software, thus cutting the communication…

Read more

Not another USB propagated malware!

March 25, 2016 Author: Device Control 0 Comments

Not long ago we faced the BadUSB threat and now, security researchers have discovered another sophisticated malware which can spread through USB devices. The “USB Thief”, as it is called, seems to be a highly specialized “thief”, since it can penetrate networks undetected, leaving no traces and working only on the USB drive on which it was injected by the attacker. According to the Eset researchers, it is also empowered with mechanisms that prevent the reproduction that could be used for malware analysis or discovery.

How it works

When connecting an infected USB device, the malware executes simultaneously with portable applications and runs in the background, posing as a plug-in or a DLL file. It makes its way into the user’s computer to steal data and, in no time, it vanishes, with no evidence of the damage it made. It is also capable of protecting itself against reverse-engineering…

Read more