No Context Visibility - No Security : Mogambo Kush Hua

No Contextual Visibility - No Security : Mogambo Kush HuaMost of us would have seen the movie, Mr. India during our childhood. If not, do watch the movie. It is one of India’s first well directed science fiction movie. In short, the story is about Mogambo who wants to conquer India. He is looking for a secret formula using which an invidiual can become invisible. Fortunately for us Indians, the secret formula lands with Aruna Verma (Anil Kapoor), the hero of this movie and he saves us from Mogambo. What would have happened, if Mogambo would have got access to the secret formula of invisibility? He would have destroyed us as how would our arm forces or police machinary fought an invisible enemy. An iconic movie and very relevant for the security industry.

Unlike Mr. India, in cyber security, Mogambo has always had the secret formula of invisibility. Not only he, but his attacks too are invisible to us. They breach our network and data, easily without us even being aware of it. Existing firewalls are fighting an invisible enemy without having the tools to idenitfy these threats and defend against them. Like Mr. India, we need a red glass through which we can see these threats. A tool, which will help in providing visibility and bring context to the data that is flowing through our network, enhancing our capibility to identify external and internal threats.

We cannot protect ourselves from things we cannot see, hear or even communicate. With the explosion of cloud applications, concept of perimeter security no longer holds true. Instead of securing our infrastructure, we need to secure our data. But to do so, we need visibility and context of this data. Existing firewalls are blind to contextual information of data and are unable to protect us against data leaks and unknown and malicious external or internal attacks. Without contextual information, it is difficult to distinguish between good and malicious data.

IT professionals are desperate for more security visibility which could make the difference between the life and death of an organization.  With the help of “security and contextual visibility”, IT professionals are able to monitor the data flow within an organisational, allowing them greater control over network, users, applications and potential risks which come along with data flow over the internet. Ignoring security visibility has grave overarching consequences including fines, penalties, reputation of maintaining poor security standards leading to loss of clients and causing significant impact on its revenues. Contexual security visibility of data helps IT professionals in laying a strong foundation in data security required for doing business over the internet.

So how do you get to the front of the pack? You See the Threat, Hear the Threat, and Communicate the Threat. GajShield’s Next Generation firewalls come with contextual data visibility and protection. GajShield’s context based system understand web application / cloud applications by creating context which helps an enterprise to setup policies based on the web application instead of IPs, Usernames which have no relevance to the above application. GajShield has been providing cloud security and data leak features on its range of security appliances since 2008. GajShield mature technology in its firewalls provides visibility to the cloud applications used by an enterprise and also by managing and controlling these applications.

Cost of Data breaches in India

Cost of Data breaches in India

India is no longer immune to security attacks and breaches. Internet has become the backbone of doing business. Indian companies are becoming easy target to attackers as a race to connect globally leaves them with gaping holes in their security implementation. Some companies with alleged breaches were Zomato, IndiGo Airlines, Cosmos Bank, JNU port, Jio and State Bank of Mauritius. Many breaches go unreported as companies feel revealing such information would impact their brand and that there is still no penalities on hiding breaches within an organisation. It has also been reported that 22,000 Indian websites were attacked between April 2017 to January 2018 alone. Indian businesses were top victims of ransomware attacks where 67% were hit with it. 9 in 10 companies who claim to have end point protection were attacked.

 

Cost of data breaches in India

In the last five years, cost of data breaches in India have doubled and mind you this only takes into consideration of breaches which were reported. Government is working on a data privacy policy which will mandate all companies to report such breaches and they will be penalised too. Security is a serious business and it does not imply just installing a firewall or an end-point solution. According to Gartner, attackers use know vulnerability that remain unpatched as developing a new malware is far more expensive. By not patching servers or end-points and using outdated perimeter security, companies are left open to targets and there is very little cost for attackers in doing so.

Email are the easiest target to attack as organisations attackers get access to employees who are most vulnerable. Often mails are crafted to raise the curosity of an employee, like sending a ‘PO’ to a sales person, or sending a resume to an hr manager. As India moves rapidly to connect their businesses and use the internet as a platform to do commerce, managers need to understand that security has to become the core focus in their business architecture. Leaving gaps will not only lead to business losses, but allow reputation. Understanding various data contact points and ways to secure access from such points, will go a long way to improve security. Also, data needs to be encrypted so that even when an attackers has breached your gates, your company and consumer data is well protected.

Enterprises have also increased the use of SaaS applications. This leaves them exposed to data leaks as most perimeter security are unable to provide visibility of data that flows through such applications. Context based firewalls are able to watch the flows to SaaS applications and bring context to the information flowing to it, which leads to improved security by allowing organisation to treat SaaS applications like any layer 7 protocol and set policies based on such protocols.

Wish you a very happy Diwali and a safe and secure New Year 2019

diwalibanner2018

Wish you all a very Happy Diwali and a Secure New Year. Securing a company will always remain a challenge. The cost of data breaches in India has doubled in the last 5 years. From smaller companies to large enterprises, no one is immune to cyber attacks, many of which go unreported. Almost, 22,000 Indian companies were attacked from April 2017 to January 2018, India business being the top victims of ransomware attacks worldwide.

Securing an organisation has to be more practical. A copy book style will not work. There are just too many ways that protections can be breached. Many a times, we are not even sure, whether our gates have already been broken. Each aspect of protecting an organisation has to viewed holistically and an approach, not being overbearing on users, will go a long way.

More often we make our security too complicated and end up mis-managing it. Any security implementation should begin with knowing what to protect and understanding the attack vectors. You need to create your own defence rings around your data with a zero trust approach, assuming all access points are vulnerable and will be compromised. Once this is understood, it becomes very easy to secure your data.

Hope, this year we will have fewer breaches and a more secure year, ahead.

Cloud Access Security Broker (CASB)

Enterprises always need to balance between the risk of an application and the business opportunity it presents. Same goes with cloud computing. If IT leaders block applications due to the security risks it presents, organization lose the opportunity of the benefits that cloud computing presents, specially lowering computing and infrastructure costs. If they adopt cloud applications without considering the risk, it can prove fatal. 

IT managers are always at a dilemma and are looking for the right solution which helps them to balance risk and opportunities. As applications moves from enterprise boundaries to cloud, it brings in newer risks to data. They also have very limited control of their cloud infrastructure.  A well-defined risk model can address the above concern.

Cloud Access Security Broker (CASB) enables security professionals to control and manage SaaS applications. It provides visibility in the cloud applications used by an enterprise and helps to control the risk of choosing cloud as a service platform. According to Gartner the demand for CASB  has grown exponentially and they expect that 85% of enterprises will use CASB by 2020.

How is CASB useful? 

Many enterprises are blind to cloud services used by their users. They need visibility to these applications so that the risks can be determined. Next Generation firewalls with CASB support provide in-depth visibility of all such applications used. This provides the first step to enterprise to control and manage such applications. Using Next Generation firewalls, they can block all such applications they feel, do not provide enough security to their data and bring added risks to the enterprise without any reasonable advantage.

Context based CASB solutions provide complete visibility to many cloud applications like Google Suite, Office 365, File sharing services like DropBox, Google drive etc. It also allows them to setup policies to block these applications when used on non-secure devices or outside their perimeter. For example, it will help your enterprise to setup policies to limit the access of Gmail for your back office only from your enterprise network, whereas sales representatives can access it from anywhere but from trusted devices only. This brings in the same kind of security as your in-house managed applications.

Advance CASB products allow to limit the use of cloud applications for personal use. For example, access to Facebook would only be allowed with the corporate id and all personal ids would be blocked when used from enterprise network, also called as ‘Split Profiling’. You can setup policies to limit the usage of cloud application. For example, you can block all uploads for a user of DropBox and only allow to download files from it. With built-in Data Leak Prevention engine, it brings added security to data and helps in mitigating risks that cloud computing adds to an enterprise.

As enterprises increase their usage of cloud services, security professionals will need to balance the risk along with it. They will need a solution for secure and complaint way of using such applications and services. CASB provides such a solution. Enterprises will need to choose solution which will provide CASB along with Next Generation Firewall and UTM platforms.

Debit card breach: Hitachi owns up to systems being compromised in mid-2016

We should have norms for organisations in India to quickly disclose any breach in their network. Other companies can learn from such attacks and they can use this information to protect their network. Awareness of Security will also help end consumers to be more cautious in handling digital transaction. As we move towards digital economy, transparency by organisations will help to improve confidence by a long way. 

Hitachi Payments Services on Thursday accepted its systems were compromised by a sophisticated malware in mid-2016 which led to one of the biggest cyber security breaches in country, with 3.2 million cards being affected, causing a scare over security of card-based transactions.

http://www.business-standard.com/article/finance/debit-card-breach-hitachi-owns-up-to-systems-being-compromised-in-mid-2016-117020900504_1.html

Wishing you a very Happy and Secure New Year

First the good news, you no longer will be forced to pay service charge at restaurants. Some of the well known restaurant would not pass the service charge to the servers and would keep it as profits. Many a times, I had to fight whenever I have been unhappy with the service. Happy that the government has clarified and we can pay the service charge at our will.

For the bad news, cyber attacks will only increase in year 2017. Attackers have shifted their focus to more targeted attacks, which will be difficult to catch using traditional methods. We will need more sophisticated methods to identify such attacks and mitigate them. Context based security is one such method. It helps in identifying breaches and thus protecting users data.

With more and more enterprise application moving to cloud services like Google or Office 365, it becomes important that security devices are able to identify the legitimate use of such applications. Corporates would like to limit access to such applications only for their company use. Firewalls will have to become intelligent to identify such use and prevent data leaks through personal use.

Ensure that you take backups of all your critical data and files. Ransomware will subside, if they realise that their efforts is not bearing them fruits. We too have to play an important role to improve security of our networks and internet as a whole. Wish you once again a very happy and secure new year.

An apple a day keeps the attackers at bay !!!

As we reach the end of this year and look back at the numerous cyber attacks, one question that keeps coming to everyones mind is 'Can we win the war against attackers as we enter the new year?' We can find the answer in the old saying, 'An apple a day, keeps the doctor away'.  As we need to regularly monitor our health,  similarly, we need to monitor the security of our network too. By ignoring it,  it will give in and be compromised.

Let me begin with saying that it is not difficult to keep our network and data safe. Let us not be too overwhelmed and worried with the daily breaches that we hear. Like our physical health, it requires dedication to keep our network fit. If security management is incorporated in our daily routine, it will show wonderful results. Check your application and data, regularly, and see if they are all in a healthy condition.

Routine checkups can help find problems before they start or in their earlier stages where it is relatively easy to resolve. If you are unable to do so, the problem may spread to your complete network and can cause severe damage which may be very difficult to recover from. Ransomware showed how, if not limited, can even end up encrypting files on your file shares and affect not only the user who open the attachment, but everyone in the organisation.

Like your body, your security too requires regular maintenance. If you do not take care of it, you will end up making it easy for attackers to break it. Be in regular touch with experts who will help you in knowing the latest vulnerability and how to fix them. Keep your software updated and take regular backups of your critical data. Simple things, if done daily, can help improve health of your network and bring happiness to you in the new year.

Wish you a very happy and secure new year !!!

Should Small Companies be worried about Cyber Security ?

Many owners of small companies do not wish to invest in security. They feel there is not much to loose and why would anyone hack into their network and for what. This myth has been bursted with ransomware.

Ransomware has attacked all organisations, irrespective of their size. Monetary gain is what drives the attacker. This has affected small organisations more than large ones, as they do not have required process or infrastructure to backup their files on a regular basis. Large organisations can delete and restore their files and ransomware would not causing any harm to them.

Small organisations have few resources and are driven with profitability in mind. More often than not, security is compromised if it causes any hindrance in their business. Also, since people are already over loaded with work, ensuring security in all aspect of work is far fetched.

As we welcome the new year, every organisation should resolve to bring security at the centre of all processes and ensure that they are prepared in case of any attack. If done, the new year will bring less of distribution and more business for small organisations too.

 

Security breach: Debit/ATM card breach - What more can banks do

As per news-paper report (This is how an ATM virus compromised 3.2 million debit cards in India) a virus or malware infection at Hitachi Payments Services led to the compromise of millions of debit cards. Not many details are known on the malware that has caused this havoc. It is unfortunate that even after knowing about the infection, customers were not flagged. RBI has to take a serious note of this and work on disclosure norms so that precautionary measures can be taken in future.

Hitachi Payment system should come out with detailed reason of the malware and how it affected the ATMs. This will be a good learning for other organisations and they too can take pro-active steps in future. As for banks, they need to provide a mechanism for customers to check if their card has been compromised and pro-actively change their pin and notify them accordingly. Interestingly my bank allows me to change the PIN, only at the ATM. There is no way I can change the PIN by logging onto the bank website. This prevents me from changing my PIN regularly. Implementation of two-factor authentication would also go a long way to assure customers on the security of their accounts. Debit/ATM cards too need to move away from magnetic strip cards to EMV based. EMV based cards consists of a microchip that contains data traditionally stored in the card’s magnetic strip. These work with new point-of-sale readers that scan the chip and process payment transactions in a secure manner using encryption.The chip reduces fraud because it contains a cryptographic key that authenticates the card as a legitimate bank card and also generates a one-time code with each transaction. This means thieves can’t simply take account numbers stolen in a breach and emboss them onto the magnetic strip of a random card, or program them onto the chip of a random chip card, to make fraudulent purchases at stores or unauthorized withdrawals at ATMs.

 

Some of the above measures will help in reducing threats to the banking system and bring more assurance to customers that their money is safe. 

Security breach: SBI blocks over 6L debit cards

In one of the biggest card replacements in Indian banking, State Bank of India has said that it will re-issue around six lakh debit cards to customers, which have been blocked following a malware-related security breach in a non-SBI ATM network.

http://timesofindia.indiatimes.com/business/india-business/Security-breach-SBI-blocks-over-6L-debit-cards/articleshow/54926828.cms

For a long time, security has been ignored. It's consequences are now being felt. Though not much is known about malware and which bank's ATM have been infected, it is clear that this breach would have affected other banks too. Hardship faced by people whose debit cards were blocked and not being able to withdraw cash from ATM's could further alleviate common man from using technology and question security of all initiative taken to move towards a cashless society.

 

It is time that organisations conduct their due diligence when they inter-connect with other company networks and also ensure that their customers are well protected. Banking industry has to move fast to protect against such malware as we will see more such attacks in future.

GajShield honored as among 20 Most Promising Cyber Security Company of 2016

It is an immense pride, for a company, to get recognized and applauded for the ideas that innovates in any field. GajShield and its team’s gladness is indescribable as we hold are heads high for being among the 20 Most Promising Security Companies by CIOReview. Overwhelmed with gratitude, we owe our success to all our clients who have kept their faith in us to provide security solution to their enterprise. This acknowledgment will motivate us further and will help us to create ingenious solutions, and will also boost our zeal for excellence.

This is a new feather added in our cap since we have already achieved various business milestones seamlessly. Innovation is one of our greatest assets and with technologies like Context based Data Leak Prevention, Cloud Security, we have always been ahead of the security solution curve which helps to create real security solutions of today’s and tomorrow’s enterprise. We already have our fortified presence in 40+ countries and are expanding our global footprints too. With 14+ years of Establishment, we are fueled with great knowledge, strong network, and high confidence. We have always worked seamlessly to achieve excellence. This recognition will help to take our business to the next level.

 

More details....

Rural Indian villages are about to get lifesaving treatment through an app

India has just one doctor for every 1,700 people, and while 70% of the population is in rural areas, about 60% of the healthcare infrastructure is in cities.

http://money.cnn.com/2016/10/03/technology/intelehealth-india-doctor-health-worker-app/index.html

With majority of population being in rural India and very few doctors to take care of them, telemedicine is the way to go. With the advancement of technology like IOT of health, it will not only reduce the cost of treating a patient in rural places, but will also help in diagnosing the disease early with quicker treatment.

 

India, too needs to have a central repository of health information, probably linked with Aadhar (with appropriate security and anonymity), it will help in identifying spread of disease, plagues and with bioinformatics lead to better research and improving healthcare in India.