« July 2011 | Main | September 2011 »

August 2011

August 26, 2011

Why AuthAnvil is a good idea when firing techies

So if you haven't heard, last week it was reported that a disgruntled employee that resigned after a dispute with management from the U.S. subsidiary of Japanese drug-maker Shionogi decided to get retribution by logging into the company's critical virtualization infrastructure and wiping out 15 virtual hosts that were running e-mail, order tracking, financial and other services. According to court filings by the U.S. Department of Justice, this attack effectively froze Shionogi's operations for a number of days, leaving company employees unable to ship product, to cut checks, or even to communicate via e-mail. The cost to Shionogi was well over $800,000 US, including over $300,000 in costs to restore operations and respond to the attack.

What is interesting about this incident was that the ex-employee was hired back as a consultant with full credentials for a few more months, and never had that access recinded. The result was that he was able to log in from a McDonalds many months later into a management console he had secretly installed and do his damage. The only reason he got caught was he used his own credit card at the McDonalds just minutes before the attack, and logged in as administrator well after he was let go from the company using his home PCs. Hope that burger was worth it.

Investigators were lucky to be able to bind his credit card transaction to the incident. Had that not occurred, it would have been extremely more difficult to identify the culprit. Of course, had AuthAnvil been used to protect the administrative credentials, they could have simultaniously revoke his access to all systems by disabling his token when his contract was terminated. Or at the very least have evidence of the login when it occured by binding his own OTP to the shared administrative credentials being used. Goes to show just how easy this sort of thing can happen, and how it can happen so quickly.

Simply put, if you are using a virtualization enivronment like VMWare or HyperV, you own it to yourself to ensure the infrastructure is well protected. You should be enforcing strong authentication to prove the identity of the party accessing the underlying parent server(s), and ensure your HR processes revoke such access to said systems when the ex-employee is no longer with the organization.

Using AuthAnvil to help revoke access when letting an employee go is rather trival. With a single click you can prevent them from accessing systems and services you may or may not have remembered they have access to. If it has an AuthAnvil protection scope, they won't be able to get in.

Posted at 03:56 PM in In the Trenches | | Comments (0) | TrackBack (0)

| |

August 03, 2011

Beyond the Data - Episode 102: Account Auditing

So for some time now we have heard IT Service Providers talk about the risk of backdoor accounts being created across client networks they manage. Or the fact people can be added to administrative groups when they aren't supposed to. The feeling is that it isn't easy to monitor for that.

But it is. And this episode of Beyond the Data is all about that.

If you cannot see the embedded video above, please visit beyondthedata.tv to watch this, and all other episodes. You can also follow the conversation there via Facebook and Twitter and leave your own thoughts and comments.

Let us know what you think!

Posted at 08:56 AM in Beyond the Data, Tips & Tricks | | Comments (0) | TrackBack (0)

| |

August 02, 2011

Protecting an Astaro Security Gateway with AuthAnvil

 
One of the nice things about AuthAnvil is how well it plays with complimentary security technologies. For IT Service Providers who are responsible for dozens (if not hundreds) of different small business clients, it becomes vitally important that you consider the network edge. Having an AuthAnvil protection scope with two-factor authentication to work with your firewall and VPN appliances is important. Especially when you consider audit controls for remote access to the edge, and the networks they protect.

The good news for our customers who use Astaro is that we have you covered. If you are a customer of Sophos Network Security, we have full guidance on how to implement AuthAnvil to work on the Astaro Security Gateway for PPTP VPN, and for full management to the Astaro Security Gateway itself.

Astaro-Logon 
 


So now you can require your technicians to prove their identity when they look to change security policy on Astaro devices. You can obtain deep non-repudable audit logging for all the different networks you manage right from within AuthAnvil, and you can simultaneously revoke a staff member's access to all Astaro devices in a matter of one click within AuthAnvil. All for free.

So if you are working with Astaro and own AuthAnvil, consider checking out our HOWTOs for PPTP VPN and full web admin. You will find it's pretty easy, and leverages your investments in both solutions to significantly increase the security effectiveness of your authentication subsystem across all the client networks you manage. Never-mind the new business opportunities in introducing safer teleworking with a combination of Astaro VPN + AuthAnvil for the customers you service.

Enjoy!

Posted at 11:56 AM in Product News | | Comments (0) | TrackBack (0)

| |

August 01, 2011

Scorpion Software offices closed for BC Day

Scorpion Software will be closed on August 1st for BC Day, a stat holiday celebrated across British Columbia on the first Monday in August each year.

All staff will be enjoying the long weekend. Emergency SERVER DOWN support is still available to those clients who open a case through www.scorpionsoft.com/help.

Normal operations will resume on August 2nd.

Posted at 08:30 AM in In the Trenches | | Comments (0) | TrackBack (0)

| |

Visit Our Company Website
Subscribe to this blog's feed

Categories

Archives

More...

Become a Fan

Connect With Us