New products that protect assets and users from nefarious individuals were on display in the desert this year at Demo 2003, including new ways to secure data.
As more and more systems and users get hooked up to public networks, and as more and more wireless networks come on-line, IT managers are faced with a dual threat. How do I provide ready access to all my systems and data wherever my users might be, while still protecting vital corporate access?
Two of the security systems load applets on workstations and servers, but secure different parts of a system. The last two offer radically new ways to encrypt data, and uniquely identify users.
Viruses, worms, Trojan horses and other malware have been at the forefront of many users and IT managers recently. From viruses and worms like Slammer, I Love You and Anna Kornikova, to spyware like Back Orifice, unauthorized and rogue programs can wreak havoc inside and organization. In addition, some user behavior can unintentionally bring networks and systems to their knees.
ImmuneEngine, a new protection product from BBX Technologies
aims to control these incursions by blocking and removing unauthorized executables before they can run on a system.
The system works by loading a small application on each machine, which monitors the Windows kernel, tracking the memory stack, mouse activity, keyboard activity and all of the message queues inside the system. When the application detects that an executable has been written to the system, it deletes that program before it can run. If an already running application starts behaving badly as determined by system policies ImmuneEngine attempts to remove it from the program stack without crashing the underlying system. Thus buffer overflow attacks, hidden email-based worms, and other malicious hidden programs are kept from running, and ruining a protected system.
It wont stop everything, and its not designed to replace anti-virus and other signature-tracking apps. Instead, the company claims it provides a "last line of defense" for 32- bit Windows -based workstations and servers. It wont block everything, but it adds another layer of security to an existing environment. The client takes up only 3-4 megabytes of storage, and results in a 3% performance hit on a 700MHz computer.
Pricing starts at about $175 per workstation, and is now available.
This company solves a different part of the security problem, in a similar way. Rather than focus on protecting a system from rogue executables, Liquid Machines tries to protect the intellectual property contained in spreadsheets, documents and data files from being improperly altered or stolen. This has become an even more important security issue now that notebook computers have become so widespread, and its so easy to email a file to anyone.
The Liquid Machines
Information Security Platform, like ImmuneEngine, works by loading a small applet onto each secured PC or notebook. That applet then encrypts data files, and uses rules and group-based security policies stored on a central server to determine users level of access to those files.
The companys software loads itself along with any application, and controls access to file creation, saving, deleting, copy and paste and printing functions. Based on a users security level, they can be restricted from even opening a file.
The applet that runs on every PC includes a copy of all the policy rules contained on the server. When a file is opened, the system checks those policies to determine access level, and whether to decrypt the file at all. If a user is operating untethered, on a notebook or stand-alone desktop, the locally cached policies are used.
However, the company has also implemented a time-out feature as well. If that policy is set for 2 days, for instance, then if the computer hasnt connected to the server during that interval, all file access is blocked.
Its not foolproof a truly determined thief can always take a snapshot of a screen with a digital camera, or grab a screen capture of sensitive data. But it does offer another level of key protection.
The software and server will go into beta-testing next month, and should be available later this year. Liquid Machines is targeting financial institutions, pharmaceuticals and government agencies that need secure data protection even when a notebook has left the network. The server is expected to cost $35,000, while each client adds another $150 to the cost. Later in the year, they expect to extend the protection system to cover email and messaging as well.
Two other fascinating high-level security applications were debuted as well. MagiQ
showed off an intriguing technology, code named Navajo, that it claims is "hacker-proof. It works by using a quantum cryptographics -- essentially a single photon transmitted over a fiber connection -- to create unbreakable encryption. Its based on the laws of physics, and terribly complex. Head to the company site for more information.
As if retinal scans and fingerprints werent enough, Delean Vision
showed off an identification technology using details of human skin. It uses standard PC webcams to capture a skin image, and then it compares that image to its database of users. It seems far out, but actually seemed to work.
Secure Zip Files: PKZIP
showed off a new version of its zip software that adds RSA BSAFE encryption to standard zip files. The company has made some strong efforts to integrate security and Notes/Outlook support into the program.