90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!
Solved
What are the security risks associated with hard copies and backups.
Posted on 2004-08-05
I am putting together a security paper for my company. This question encompasses many different areas as one can imagine.
1) more and more features have the potential to create more security holes and fewer people managing the security actually understand all the complexity that is involved.
2) Dozens of services running on just as many ports can create a security nightmares
3) many applications by default are coming 'out of the box' secure by default. Even Windows is installing with security policies inplemented expecially on the Domain Controllers
4) Security issues with hard copies and backups
1) more and more features have the potential to create more security holes and fewer people managing the security actually understand all the complexity that is involved.
2) Dozens of services running on just as many ports can create a security nightmares
3) many applications by default are coming 'out of the box' secure by default. Even Windows is installing with security policies inplemented expecially on the Domain Controllers
4) Security issues with hard copies and backups
2
3 Comments
Active 6 days ago
1) fully understanding the products you impliment is key, testing is where you can find most of the inital bugs, or undesirable behaviour. Products used must come with complete documentation, or during testing phase be satisfactorially documented by testers.
2) All unnecessary ports and services should be turned off or blocked.
3) ...
4) Back-ups should either be encrypted during transmission over the network and stored off site by a trusted party, most companies are happy to guide you through their process's of their storage proceedures and transport precautions.
Let's have an example http://www.connected.com/
A product like Connected TLM offers several advantages over many backup solutions, backup files are compressed before being sent over the network, as well as being encrypted before traversing the network, backup's are broken up into 5-10 meg chunks, also encrypted. Duplicate files are not backed up. The files are recoverable, as long as you can setup the same username, and password for the account that backed them up, there is no problem. So if you had a 500 meg backup job of a few dozen files, that 500 meg's of data would actually be stored in 50-100 compressed/encrypted archives, that what you can search faster, because you do not have to decompress 500 meg's to restore 1 or 2 files, instead you uncompress 5 or 10 megs instead, speeding up the process. Also Delta's of backed up files are saved, and you can actually keep multiple versions of files, without having to back up each file version entirely... just the changed parts. Also back to the no duplicate storage... say the company sent everyone the same power-point presentation, instead of each and every person getting the PPT saved, the first person to back-up the PPT would send it to the server, then the next person who went to back up their PC, would get a "Flag" that said they also had the same PPT, and the next, and the next... the PPT would only be backed up once, however the back up would be aware of the others that may need that same file. If anyone changed the file slightly, and when to back it up, just the Delta of the canges would be backed up. The no dup's allows you to back up one PC, and then everyone in the company could probaly do a "complete" back up of their own machines, without using very much space at all.
-rich
2) All unnecessary ports and services should be turned off or blocked.
3) ...
4) Back-ups should either be encrypted during transmission over the network and stored off site by a trusted party, most companies are happy to guide you through their process's of their storage proceedures and transport precautions.
Let's have an example http://www.connected.com/
A product like Connected TLM offers several advantages over many backup solutions, backup files are compressed before being sent over the network, as well as being encrypted before traversing the network, backup's are broken up into 5-10 meg chunks, also encrypted. Duplicate files are not backed up. The files are recoverable, as long as you can setup the same username, and password for the account that backed them up, there is no problem. So if you had a 500 meg backup job of a few dozen files, that 500 meg's of data would actually be stored in 50-100 compressed/encrypted archives, that what you can search faster, because you do not have to decompress 500 meg's to restore 1 or 2 files, instead you uncompress 5 or 10 megs instead, speeding up the process. Also Delta's of backed up files are saved, and you can actually keep multiple versions of files, without having to back up each file version entirely... just the changed parts. Also back to the no duplicate storage... say the company sent everyone the same power-point presentation, instead of each and every person getting the PPT saved, the first person to back-up the PPT would send it to the server, then the next person who went to back up their PC, would get a "Flag" that said they also had the same PPT, and the next, and the next... the PPT would only be backed up once, however the back up would be aware of the others that may need that same file. If anyone changed the file slightly, and when to back it up, just the Delta of the canges would be backed up. The no dup's allows you to back up one PC, and then everyone in the company could probaly do a "complete" back up of their own machines, without using very much space at all.
-rich
Different organisations have different problems.
"1) more and more features have the potential to create more security holes and fewer people managing the security actually understand all the complexity that is involved."
Many of the security holes are well known and based on well known weaknesses in programs used almost everywhere, like Outlook (Express), Internet Explorer, IIS etc. One way to counter the threats is to avoit these products and use e.g. Pegasus, Mozilla and Apache instead; it will not make you "safe", but you'll have a lot less to worry about, probably. A good antivirus software is key, obviously.
"2) Dozens of services running on just as many ports can create a security nightmares"
Yes, indeed. The remedy is of course to have a good firewall protecting the network AND to keep after the workstations/users, educating them about the risks and performance losses associated with having a lot of things running on a computer. The last part is probably the hardest... Any network admin will probably benefit from looking through info at sites like www.grc.com, www.spywareinfo.com, www.answersthatwork.com . A policy in writing for some kind of user guidance is a good idea too.
"4) Security issues with hard copies and backups "
Depends on the organisation, I'd say. What is the worst case scenario: Someone unauthorized getting hold of the data or the data just vanishing into thin air? Both?
I believe there are a number of "best practice" rules that can be applied in most cases, but I don't believe in generalization as a work method. Each case, each organisation should have it's own security philosophy that all involved understand. Without the understanding nothing much is accomplished, as people tend to take shortcuts around obstacles they don't understand. And you can't implement CIA-grade security in all workplaces either...
/RID
"1) more and more features have the potential to create more security holes and fewer people managing the security actually understand all the complexity that is involved."
Many of the security holes are well known and based on well known weaknesses in programs used almost everywhere, like Outlook (Express), Internet Explorer, IIS etc. One way to counter the threats is to avoit these products and use e.g. Pegasus, Mozilla and Apache instead; it will not make you "safe", but you'll have a lot less to worry about, probably. A good antivirus software is key, obviously.
"2) Dozens of services running on just as many ports can create a security nightmares"
Yes, indeed. The remedy is of course to have a good firewall protecting the network AND to keep after the workstations/users, educating them about the risks and performance losses associated with having a lot of things running on a computer. The last part is probably the hardest... Any network admin will probably benefit from looking through info at sites like www.grc.com, www.spywareinfo.com, www.answersthatwork.com . A policy in writing for some kind of user guidance is a good idea too.
"4) Security issues with hard copies and backups "
Depends on the organisation, I'd say. What is the worst case scenario: Someone unauthorized getting hold of the data or the data just vanishing into thin air? Both?
I believe there are a number of "best practice" rules that can be applied in most cases, but I don't believe in generalization as a work method. Each case, each organisation should have it's own security philosophy that all involved understand. Without the understanding nothing much is accomplished, as people tend to take shortcuts around obstacles they don't understand. And you can't implement CIA-grade security in all workplaces either...
/RID
Active 6 days ago
Agreed, and it's what I was getting at... generalization leaves you open to many other vectors, each issue or program needs to have a detailed approach and documented histroy. Best practices would help put some of your questions in perspective.
Here are some great guides: http://www.sans.org/rr/catindex.php?cat_id=8
-rich
Here are some great guides: http://www.sans.org/rr/catindex.php?cat_id=8
-rich
Featured Post
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Free Data Recovery software is an advanced solution from Kernel Tools to recover data and files such as documents, emails, database, media and pictures, etc. It supports recovery from physical & logical drive after a hard disk crash, accidental/inte…
Through the video, you can check the migration process of Outlook PST file to PDF. Kernel for Outlook to PDF tool can convert Outlook emails with all attributes like Subject, To, From, Cc, Bcc and other folders such as Inbox, Outbox, Sent Items, Jun…
Suggested Courses
Course of the Month6 days, 5 hours left to enroll
569 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.