Change BIOS Settingsīrien Posey, a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS, notes that a common technique for preventing use of USB storage devices is to “disable USB ports at the BIOS level.”īIOS (Basic Input Output System) contains the settings responsible for controlling the basic functions of a computer. “In addition to an automated architecture, agencies will benefit from real-time monitoring capabilities to understand network activities and identify anomalous user behavior, greatly reducing threats such as an insider with a flash drive whose intentions could pose a security risk,” Ash says. public sector at Cisco Systems, says that modern security “needs to focus on architectural end-to-end network protection from the data center, to the growing number of endpoint devices and sensors that are being connected, all the way in to the cloud.”Īsh advises that “keeping security analysts, teams, and the architectural components themselves updated on the latest threat intelligence, event information, context and policy is extremely important.” Will Ash, director of security for the U.S. Veriato even “allows bosses to play back videos of what took place on a user’s screen and can collect ‘communications activity’ both on traditional email programs as well as ‘popular webmail services.’”
The Post notes that monitoring techniques are now quite advanced, and can track not just which websites users visit, “but also when they plug in USB storage devices, move or copy files, and what programs they run, privacy experts say.” It is a $200 million-a-year industry, according to a study last year by 451 Research, a technology research firm, and is estimated to be worth $500 million by 2020.” The NSA and many other agencies routinely track the activity of users on work-issued computers and devices.Īccording to The Washington Post: “Employee monitoring is so extensive in American society that it may be difficult for workers to know just how far they might have to go to avoid it. Network and Behavioral Monitoring Can Track Employees SIGN UP: Get more news from the FedTech newsletter in your inbox every two weeks! 1. The short answer: There are ways agencies can go about this, some more sophisticated than others. How can agencies ensure that their IT systems and data are as protected as possible from unauthorized USB flash drives? The drive, or any information that was downloaded, has not been located.”Īlthough Winner was reportedly caught by the FBI because of the way a scanned document had been folded or creased (thus revealing that it had been printed), the disclosure about Winner’s alleged interest in USB flash drives reveals an ongoing flaw in government IT security.Īlthough agencies may ban the use of USB flash drives to prevent the theft and dissemination of classified information, it might be impossible to block them completely from federal IT environments. NBC News reports: “The government alleges that Winner did just that - insert a flash drive into a top secret computer while she worked in the Air Force. Jennifer Solari, an assistant United States attorney, said in a court hearing that Winner allegedly “plugged a peculiar query into an internet search engine last year: ‘Do top secret computers detect when flash drives are inserted?’” according to The New York Times.
Last month, Reality Leigh Winner, a 25-year-old National Security Agency contractor and Air Force veteran, pleaded not guilty to one count of “willful retention and transmission of national defense information” after authorities accused her of disseminating a classified intelligence report to the news media.
0 kommentar(er)
