Microexpert Products Page

What is Internet Protective Monitoring?

It's every director's nightmare, your most valuable customer database has ended up in your competitors hands. Even worse it was sent out from a computer on your network by a disgruntled employee. It could have been credit card data or medical records, it might even have been leaked by mistake.

Do you remember the United States of America V Randall Edward Schuster case?

Schuster made an unauthorised copy of his employer's customer database and attempted to sell the database to a competitor. Schuster accessed the database, copied it, evaluated it and then decided what information would be valuable to the competitors. Schuster then researched the competitors, contacted the potential buyers and mailed a portion of the database before negotiating the final sale of the database. After pleading guilty upon arrest and after appealing to reduce his sentence for mail fraud, theft of government property, and stolen property, Schuster received four months imprisonment, four months home confinement and two years supervised release.

Schuster’s punishment pales into significance compare to the damage done to the organisation. The loss of these sensitive materials meant that they lost potential as well as existing customers, acquired a tarnished reputation and gave an advantage to their competitors. Don't let any thing like this happen to you.

Internet Protective Monitoring is the application of techniques that inspect the contents of the packets of data flowing in and out of your network to the internet looking for any form of unauthorised activity. This includes inbound malware attacks from corrupt web sites as well as the leakage of sensitive information, perhaps in emails, such as credit card numbers or customer data files. Having detected such undesirable behaviour an effective Protective Monitoring system will at least alert the system owners to the security problem and with more advanced systems will actually prevent malware getting into your system or sensitive data getting out.

There are three ways of applying such Protective Monitoring (PM) techniques,

1. Install PM Software modules onto each of your computers linked to a common management supervisor
2. Install PM appliances linked to a common management supervisor at the internet access points of your network system
3. Divert all your internet traffic through an external PM monitoring and supervision system

Each method has its advantages and disadvantages. Installing intensive monitoring systems onto all your computers is not ideal because of the processing overhead incurred, just think about the effects of typical anti-virus software, however some activities such as USB memory stick dumps cannot be easily detected any other way. Diverting all your traffic to an external PM supervision system may incur the penalty of a single point of failure whilst the installation of local appliances may be an expensive overhead for complex networks. Microexpert offers solutions that adopt the best characteristics of all these techniques to minimise costs depending on your particular network configuration.

Protective Monitoring systems are a form of Intrusion Detection and Prevention Systems (IDSs and IPSs) which are increasingly relied upon as malware becomes ever more prevalent. These devices are essential to prevent certain types of attacks as they work along side traditional security barriers, such as Firewalls and Anti-Virus software, adding to the effectiveness of the existing countermeasures provided. Protective Monitoring however goes a stage futher in that it can detect the loss of sensitive data as well as detecting patterns of data behaviour from multiple sources even at different times.

Protective Monitoring systems are also able to record the events of any attacks and provide audit trails, allowing further investigation as required.

Protective Monitoring devices can be configured to protect (detect and stop) against:

• The attempted introduction of malware
• Attempts to breach access control systems
• Leakage of sensitive information from within a corporate or domestic network (DLP, Data Loss Prevention)
• Attacks against servers and network devices such as routers and firewalls
• Unauthorised data in email
• Unauthorised data in social networking sessions
• Unauthorised web activity
• Sending or receiving of pornographic material
• Behaviour consistent with racism, sexuality or bullying
• Paedophile internet grooming through social networking

The MirKatz Network Defence Units are designed to provide a rich combination of signature and heuristic technologies for Protective Monitoring in government, commercial and domestic environments.

MirKatz Network Defence Units

One clear example of protective monitoring in a natural environment is the altruistic behaviour shown by meerkats. Meerkats demonstrate altruistic behaviour within their colonies on a day to day basis. One or more meerkats will stand sentry (on lookout) whilst other members of the clan forage or play, warning them of any dangers that are approaching.

When a predator is spotted, the meerkat performing as sentry gives a warning bark, alerting the other members of the apparent dangers, allowing the members of the gang to run and hide in one of it's many bolt holes across their territory. The sentry meerkat is the last to run down the bolt hole and is the first to reappear from the burrow and search for predators, constantly barking to keep the other members of the clan underground. If there is no threat, the sentry meerkat will stop signalling and the others feel safe to emerge from the bolt holes.

In the same way that the meerkat demonstrates this altruistic behaviour dail, MirKatz offer a range of products to protectivley monitor networks in the Commercial and Domestic environments.

The MirKatz NDU-330 (Enterprise)

The MirKatz Network Defence Unit-330 (NDU-330) is specifically designed to suit the requirements of a government, financial or commercial environment. Apart from protecting the organisation against internet malware attacks the unit is able to safeguard valuable data such as employee details, customer databases and income & revenue details. The MirKatz NDU-330 device also allows authorised users full management capability.

The MirKatz NDU-330 device can be tailored to suit the needs of organisations in the government, financial and commercial sectors. The devices are currently available in English only, however if additional or alternative languages are required, please contact one of our advisors at Microexpert, where we will be happy to help you further.

For further information about the MirKatz NDU-330 device, please click on the link below, where you will be redirected to our MirKatz website:

www.mirkatz.com

MirKatz NDU-007 (Domestic)

The MirKatz Network Defence Unit-007 (NDU-007) has been specifically designed for the needs of the family in a domestic environment by safeguarding family members from the threats of the internet across the whole home network. In the same way as a meerkat sentry, the NDU-007 will alert parents of any undesired or unauthorised content exchange on the internet including bullying and themes of a sexual nature as well as blocking the compromise of confidential information such as credit card numbers and personal address data. The NDU-007 is particularly configured to detect internet grooming attempts by paedophiles. Parents can be alerted by email or SMS messages.

The MirKatz NDU-007 device can be uniquely created to suit the individual requirements of parents and authorised users in the domestic environment. The devices are currently available in English only, however if additional or alternative languages are required, please contact one of our advisors at Microexpert, where we will be happy to help.

For further information about the MirKatz NDU-007 device, please click on the link below, where you will be redirected to our MirKatz website:

www.mirkatz.com

Halifax Ghostbust After Trial Closed

After over a month of eagerly awaiting and nail biting, the case brought to Nottingham Crown Court on the 30th April earlier this year has finally come to a close. The case had all Chip and PIN holders everywhere listening and watching the updates of the story as the first UK case to question the strength of the bank's security measures unravelled.

Alain Job, the 40 year old football coach for Basildon Town Ladies Football Club, brought forward a lawsuit with Halifax Building Society challenging Chip & PIN security after claiming that £2,100 disappeared from his account. The hearing, held at Nottingham Crown Court on the 30th April, lasted a day, with Halifax building society claiming that Mr Job had used his real card at an ATM machine and inferring that Job was either trying to defraud the bank, or he was grossly negligent in handling his card and PIN. However, due to the complexity of the case heard by the judge, the verdict took over a month for the judge of the one-day trial to deliver.

The judge of the trial has ruled in favour of the high street bank, Halifax in the country's first ever phantom withdrawal lawsuit. The judge based his ruling on printouts from log files to show that Job's real card had been used for the transactions and that the machine had not defaulted to reading magnetic-stripe data.

The suit was filed after two critical piece of evidence once held by Halifax were destroyed, including the original ATM card and the Authorisation Request Cryptogram that could have proved that the card's Chip had been read and authenticated by the machine.

Mr Alain Job says that he is currently studying the judgement before deciding whether he wishes to appeal the ruling.

“Emotional Hub” Data Backup

A new Symantec survey has revealed that people are more likely to check the oil in their car than they are to back up valuable data. When you consider that computers are much more than working machines, they have become very much woven into our everyday lives as both 'life storage' facilities and 'emotional hubs' that contain our digital souls, it is rather surprising that we are so lax about backing it all up.

Despite the admittance to feelings of anger and upset when data is lost, the survey participants are quite clear about it. 34% make regular data back ups, and only 22% back up all of their data. Of the 1000 people Symantec surveyed, 38% said that they had lost files and the average replacement cost cumulated for a UK user when it comes to all the data on their PC, was a hefty £1258.

The mostly costly data to replace was video, worked out to £158 for all recorded TV content on an average PC, with home videos adding another £108 and for downloaded movies, £101. Household information beat off the music data in the replacements costing, with £85 on average for documentation compared to £80 for the tunes.

A strong emotional connection has also been confirmed by the Symantec survey. The huge ranges of personally significant files stored on the PC's are emotionally sentimental, with the loss of photos, personal information, financial information and work or academic documents being the most impacting upon our emotions. Lost photos were top of the list with 82% saying that they would be upset at losing these memories which is a shame as this is the most likely type of data to be lost. The survey shows that of the 45% who had experienced data loss some 48% had lost digital images.

Con Mallon, director of product marketing at Norton told us “Our relationship with our computers has changed in recent years. We now use them as the storage vault for priceless, unique files with huge emotional value, replacing the treasured photo albums, or the stacks of love-letters tied with ribbon. This is why I am concerned at people’s complacency: only 22 per cent of people surveyed backup all of their files.”

Laptop Owners Have "Gadget-Obsessed Lives"

A recent study conducted by Credant Technologies has found that many people who own a laptop are browsing the web in their pyjamas for more than six hours a week. The survey revealed that more than half of UK workers are taking their laptop or other mobile devices to bed and are using them before going to sleep.

Credant Technologies, a data protection company, undertook the survey on 300 workers to uncover patterns of laptop use and security implications.57% of these confessed to spending at least six hours a week working on their laptops from their bed before they go to sleep. Most of them suggested that their partners found the habit "very annoying", with 8% of the offenders admitting to spending more time on mobile devices than talking to their partners each night.

44% of the respondents admitted to storing important work documents on their mobile devices and 54% of those devices lacked encryption, whilst one-fifth of the respondents acknowledged using wireless networks that aren't secure while they work in bed. The survey also revealed that 87% of respondents favour connecting to the Internet via wireless networks while in bed and 47% said they connect to wireless networks in hotels without thinking about security.

Michael Callahan, Vice President at Credant, said, “This survey confirms that there is a growing population that is no longer restricted by working hours or confined to the office building itself.” Callahan remarks, “People are mobile and will work anywhere -- even in bed. Therefore, when sensitive and valuable data is being held on these devices and they get lost, it can have pretty detrimental and far-reaching consequences to both the worker and their employer.”

Credant advised the 4 per cent of respondents who said the last thing they do before going to sleep is to check their e-mail messages and complete work to "take a long, hard look at their gadget-obsessed lives." The company also advised encryption of data stored on mobile devices, the use of strong passwords, awareness of all points of connection, turning off unsecured Bluetooth and Wi-Fi devices, and leaving the laptops behind at bedtime.