in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Indian Military Research Facility Suffers Computer Theft - Electrified Fences Not Enough For Computer Security

The Times of India and several other news sites are carrying articles about a break‑in to the Defence Material Store Research Development and Establishment (DMSRDE) in India.  As far as I can tell, this is a research laboratory under aegis of the Ministry of Defence (or Defense, if you prefer), a branch of an Indian DARPA that deals with materials research.  As such, one would expect a more than adequate level of security.  The details in the Times article bears this out: “the entire boundary wall is fenced and the wires are electrified.”  I’d assume armed guards, most probably military, were also securing the entrances as well. Three computers were stolen, and due to the circumstances, there is a not-unsurprising belief that this was an inside job.  Thankfully, nothing of strategic importance has been stolen, according to official statements released by the government; however, I would imagine there are some reasons for concern.  One of the computers had the names of projects, and the names and addresses of the scientists working on them.  Supposedly the information regarding the project was “coded,” whatever that may mean.  I guess it could mean that the contents were encrypted.  Or perhaps all the scientists and projects were given codenames such as Mr. Pink, a la Reservoir Dogs. The other two computers were used for laboratory work such sample identification and quality measurement, so I would imagine that security‑wise they don’t pose a problem.  The situation could have introduced all sorts of difficulties for the researchers, but they have backups to everything that they’ve done so far, so the situation is a minor inconvenience for the researchers.  For the government, however, this is a major headache.  To begin with, who was behind this?  And why did they do this?  Just a random burglary, or something more sinister?  And how could someone so easily carry out a such a plan? As is usually the case in any attempt to steal, breaching the outside perimeter is hardest.  But once that’s taken care of, there wasn’t much protecting the computers in the research lab.  The door to the room where these three machines were located had a simple lock that was broken; indeed, that was the first hint that something was wrong when people started to arrive to work.  The rest was probably easy.  Go out the way you came in.  If you were a janitor, you’ve got trash bags and containers to hide the booty. 

Computer security experts always say that there is no perfect security solution.  My guess is any security or safety expert will say the same, ranging from OSHA to Secret Service agents.  Knowing this, the best one can do is to minimize the risk of security and data breaches and thefts.  Whether by design or by luck, the DMSRDE wasn’t subject to a particularly alarming data breach, but the potential that it could have been more must be worrisome.  Furthermore, reviewing and planning committees must have been under the impression that what they had in place was enough for the circumstances.  They’ll probably want to review their inventory as well as current security policies and practices, and even consider encryption, such as provided by AlertBoot, to further minimize any potential risks they find

 
<Previous Next>

German Authorities Cannot Crack Skype Encryption. Should You Use The Same for Your Endpoint Security?

In The Digital Age, The Sun Never Sets On The (Former) British Empire: Canada Has Laptop Security Woes, Following UK And India

Comments

AlertBoot Endpoint Security said:

Or at least, it certainly feels like it. In addition to last week’s UK government public relations fiasco

November 27, 2007 2:21 AM
 

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.