Services > Security

As its name implies, security protects your business. There are two aspects to protection: prevention of security violations and business continuity & recovery after breakdowns occur. Contact Technology Decisions to protect your business and your peace of mind.

Prevent Security Violations

“The only thing worse than having no security, is believing you do when you don’t.”

Most people know that optimizing the security of today's computer systems and networks requires a formidable combination of technical skill and practical know-how. What most don't know is how much security depends on sound business judgment.

Security is not a piece of equipment. It's not done once and it's over. if it's going to be effective, security must be integrated within your way of doing business and supported at every level of your organization.

Technology Decisions can define and implement an optimal balance of security and operational efficiency that works for your organization. Our Security Prevention services include:

  • Risk Assessment - Find out where your systems are vulnerable and where they are strong.
  • Security Strategy - Obtain a roadmap and guidebook to optimum security.
  • Security Implementation Assistance - Get the help you need to make your security plan take effect.
  • Security Audits - Discover how safe your day-to-day security practices make you.

The only thing worse than having no security is believing you do. Contact us to check on your situation.

 

Did you know...

  • One in five workers (21%) let family and friends use company laptops and PCs to access the Internet.
  • More than half (51%) connect their own devices or gadgets to their work PC.
  • A quarter of these do so every day.
  • Around 60% admit to storing personal content on their work PC.
  • One in ten confessed to downloading content at work they shouldn't.
  • Two thirds (62%) admitted they have a very limited knowledge of IT Security.
  • More than half (51%) had no idea how to update the anti-virus protection on their company PC.
  • Five percent say they have accessed areas of their IT system they shouldn't have.
  • 1 in 500 emails has confidential information
  • Over 65% of security threats are from insiders who are permitted access to sensitive data by the employers
  • 93 million records of US residents have been exposed due to security breaches
  • On average, it costs a company $182 per data record lost
  • Over 70% of companies consider insider information loss a very significant risk

- statistics from survey conducted by ICM Research

 

Internal Security Threats

The fastest growing security threat is internal. Types of security threats embodied by internal personnel are:

  • The Security Illiterate
    This group comprises the vast majority of employees. They have a very limited knowledge of security and put their business at risk through using their work computer at home or transferring files to and from thumb drives even though it may be work related or images of their friends/family.
  • Gadget Geeks
    Those that come to work armed with a variety of devices/gadgets, all of which get plugged into their PC.
  • Unlawful Residents
    Those who don't follow policies and rules. Download music, play games, have enough computer knowledge to be dangerous.
  • Malicious/Disgruntled
    A very small minority of employees. This group will maliciously hack into areas of the IT system to which they shouldn't have access or infect the network purposely from within. Usual users that know they will be leaving the organization soon and need to take the database to their next employment opportunity.

 

Preparing an attack

Security Threats

New attacks on IT systems are launched continuously. A sample of what your business is facing:

  • Spoofing
  • Person in the Middle
  • Asymmetrical information warfare
  • DOS/DDOS
  • LAND and Smurf attacks
  • Trojan horse
  • Zombies
  • Account Harvesting
  • SPAM
  • Phishing
  • Spyware
  • ACK Piggybacking
  • SYN/ACK Flooding
  • Backdoors
  • Boot Record/Program Infector
  • Brute Force
  • Buffer Overflow
  • TFTP Eavesdropping
  • DHCP Spoofing
  • Replay
  • Teardrop
  • Logic bombs
  • Ping-of-Death
  • Dictionary/Hybrid Attack
  • Echo/ICMP Attack
  • Emanations/Radiations Monitoring & Analysis
  • Ephemeral Port
  • Fingerprinting
  • Fork() Bomb
  • Fragment Overlap Attack
  • Hijack
  • Inference Attack
  • Input Validation Attack
  • Log Clipping
  • Monoculture
  • Morris Worm
  • Overload
  • Sniffing
  • Ping Scan/Sweep
  • Port Scan
  • RPC Scan
  • Polymorphism
  • Promiscuous Mode
  • QAZ
  • Race condition
  • Reconnaissance
  • Scavenging
  • Social Engineering
  • Stack Mashing
  • Steganalysis
  • TCPDump

 

WiFi Security Threats

Specific Attacks on WiFi systems include:

  • WEP IV key reused
  • Open Authentication used
  • Crackable WEP IV key
  • Shared Key Authentication
  • 802.1x rekey timeout too long
  • Device Unprotected by TKIP
  • Device Unprotected by PEAP
  • Pre-Shared Key Mode in Use in 802.11i Network
  • Unencrypted Multicast or Broadcast
  • Station with Open WLAN Connection
  • DOS Attacks
  • Authentication Failure Attack
  • FATA Jack
  • EAPOL Logoff Attack
  • Premature EAP-Success Attack
  • De-Auth Broadcast Attack (Includes both WLAN Jack, Void11)
  • Dis-Assoc Broadcast Attack (Includes ESSID Attack)
  • Association Table Overflow; Authentication Flood
  • EAPOL-Start Attack
  • EAP ID Flood Attack; Un-authenticated Association
  • Association Flood
  • RF Jamming Attack
  • CTS Flood
  • PSPF Violation
  • Rogue AP by Radio Band
  • Rogue AP by SSID
  • Rogue Client by Radio Band
  • Rogue Client by SSID
  • RF Coverage Compromised
  • AP Signal Too Weak
  • Channel With Overloaded APs
  • APs With Mutual Interference
  • Channel With High Noise Level
  • Hidden Station Detected
  • Frame Retry Rate Exceeded
  • Low Speed Tx Rate Exceeded
  • Excessive Missed AP Beacons
  • Excessive Multicast / Broadcast
  • AP Overload by Utilization
  • High Speed Not Supported
  • Missing Performance Options
  • Both PCF DCF Active
  • Conflicting AP Configuration
  • Ad-hoc Node Using APs SSID
  • Dictionary Attack on EAP Methods
  • Unassociated Station Detected
  • AP System or Firmware Reset
  • AP With Flawed Power Save Implementation
  • 802.11g AP With Short Time Slot
  • 802.11g Beacons With Wrong Protection
  • 802.11g Protection not Implemented
  • 802.11g Protection Overhead
  • Device Thrashing Between 11g and 11b modes
  • 802.11g Pre-standard Device
  • 802.11g Non-standard Data Rates
  • Higher Layer Protocol Problem
  • Mismatched SSID
  • Wildcard SSID
  • Mismatched Channel
  • Mismatched Privacy
  • Inconsistent AP Config
  • Re-Association Failure
  • EQUIP Failure

 

Tools

As attacks proliferate, so do defensive tools and techniques, including:

  • Firewalls and DMZs
  • IDS
  • VPN
  • Symmetric, Public, and Private Keys
  • Asymmetric Cryptography
  • LDAP
  • 3DES
  • ECC
  • IDEA
  • HMAC
  • MD5
  • Nonce
  • MSSP
  • Hash/one-way functions
  • Kerberos
  • Non-repudiation
  • Ingress/egress filtering
  • Diffie-Hellman
  • Digital certificates, signatures, and watermarking
  • QKD-Quantum key distributions and key cracking
  • Granularity of access
  • Honeypots & Honeynets
  • 3-way Handshake
  • ACLs
  • IPSec
  • SSL/TLS/TTLS
  • S/MIME
  • Authentication & Authorization
  • Transmission Integrity
  • MS-CHAP
  • PAP
  • PGP
  • PPP/PPTP
  • L2TP/L2F
  • SSH
  • SHA-x
  • SOCKS
  • Static/Stateful Inspection/Filtering
  • Trap/Trace
  • Checksum
  • CRC
  • Hybrid Encryption
  • Jump Bag
  • Lattice techniques
  • Least Privilege
  • MOE - Measures of Effectiveness
  • One-way Encryption/Function
  • Penetration test
  • Polyinstantiation
  • Split Horizon w/ Poisoned Reverse
  • Proxy Server
  • RSA
  • Role Based Access
  • S/Key
  • Steganography
  • TCP Wrapper

 

Technology Decisions, Inc.

Phone: +1 847.361.3633   Email: matt@technologydecisions.net

© 2003-2008 Technology Decisions, Inc. All Rights Reserved.