Out with the old, in with the new. As Kanguru continues to increase production of our flagship Defender Elite secure USB flash drive, we have phased out the previous generation Defender and Defender Pro models. Clearance inventory can now be purchased at discounted prices here.
The older products are great for organizations that are concerned about security, but might not need the stringent requirements of FIPS 140-2 certification. The Defender and Defender Pro use strong AES hardware encryption and do not require any software, drivers or administrator rights to use. Check our clearance page for daily updates.
Kanguru's encrypted flash drives and remote management console have applications across a variety of industries. Kanguru has been involved with flash drive standardizations in organizations spanning government, healthcare, and financial industries to name a few.
One such partnership we are pleased to announce involves a top ten, prestigious Maryland Law Firm. Kanguru's secure flash drives and remote management software were chosen to help keep their confidential data safe and secure and also help them meet regulations relating to data security and privacy. The security features built into the Kanguru Defender V2 help prevent data leaks and costly penalties for non-compliance with data breach regulations.
Kanguru's high level of security features include: 256-bit AES Hardware Encryption, onboard anti-virus, and remote management with KRMC Cloud. These features, coupled with an attractive price point earned Kanguru a key spot within their overall security program.
Here at Kanguru we frequently talk about encrypting and securing your mobile data, but sometimes don't stress enough the importance of tracking and monitoring data usage. As important as it is to secure your data, it is equally important to know where it is going.
When an employee leaves the office for the day, taking his work with him on a flash drive, where is that data going? A quick stop by the local coffee shop and opened up on one of their unsecure wireless networks? To an unsecure home computer?
These possibilities along with the risks associated with them are why Kanguru emphasizes a total security solution. This can be especially advantageous to organizations that are required to meet security regulations like HIPAA, the Hitech Act or any one of the many state-level data breach laws.
Tracking and monitoring can be done via Kanguru's Remote Management Console and USB Device Control, a tandem of products designed specifically to allow organizations to keep tabs on and secure their portable data.
It's time to look beyond encryption and recognize the importance of end point security as a key element to the overall big picture of securing your data. Some options to look for in endpoint security and remote management:
1.) Device Control - Control what, when and how USB devices are allowed to access your computers
2.) IP and Domain Control - Manage which IP addresses and/or domains are allowable for devices to access via whitelist and blacklist methodology.
3.) Auditing and Reporting - Get a full audit trail with detailed graphical reporting and the ability to export both customizable audit logs and graphs for external analysis to ensure proper compliance.
4.) Remote Provisioning - Remotely manage security policy changes from a single location. Control password complexity, password expiration, software updates, patches, A/V definitions, online and offline access, and more.
The Examplas blog picks up on a recent SC Magazine story:
We were intrigued to find out the results of a recent survey of dry cleaners today. Yes, that’s right, dry cleaners. How on earth could that possibly be of interest to us at Exemplas, you cry? Well, because of one nugget of information that leapt out at us- more than 17,000 USB sticks were left in items of clothing deposited at the dry cleaners in 2010!
The survey canvassed more than 500 dry cleaners and launderettes in the UK and found that USB sticks continue to turn up where they don't belong.
The Dept of Health and Human Services is stepping up enforcement of HIPAA privacy laws by handing out new fines against two violators.
From Government Computer News:
HIPAA requires health plans, health care clearinghouses and most health care providers to protect the privacy of patient information through administrative, physical and technical safeguards.
After an investigation by OCR, the agency found Mass General in violation when an employee left documents relating to 192 patients on a subway train. The documents, which were never recovered, included information on patient names, dates of birth, medical record numbers, health insurers and policy numbers, diagnoses and name of providers for 66 of those patients. HHS discovered the loss after a patient reported the records lost on March 9, 2009.
Mass General was fined $1 Million for this violation. Imagine how many USB flash drives and other portable devices get lost in subway trains, taxis and other public places every year. With HHS handing down stiff penalties, it's time to consider security plans for these devices.
It might be on a flash drive owned by a government employee and it probably isn't encrypted.
KATU has the story of a lost flash drive containing social security numbers for about 300 Oregon Dept of Corrections employees. It's not clear whether the Dept had a security policy in place regarding portable storage. These incidents are preventable with the right combination of technology and security policies.
Much has made recently of the "insider threat" and how it can affect an organization's data security. But which is really a bigger threat to your organization? A hacker or a disgruntled employee with access to the company's confidential data?
The answer might surprise you. Although the intent of a hacker is generally more insidious (stealing your banking log-in, for example), the insider threat is actually more costly simply due to an employee's access to company data.
A recent survey, "2011 CyberSecurity Watch Survey" found that, although there are more instances of cyber threats, their overall cost is less than that of an insider-caused data breach. The survey concluded that more attacks (58%) are caused by outsiders (those without authorized access to network systems and data) versus 21% of attacks caused by insiders (employees or contractors with authorized access)... however 33% view the insider attacks to be more costly.
Click here for the full story at SecurityWeek.
The loss of an unencrypted portable hard drive containing private health information has proven extremely costly and time consuming for Health Net, Inc., and Health Net of the Northeast, Inc.
The health insurance company is now being fined $55,000 by the State of Vermont and must also submit to a data-security audit and file reports with the State regarding the company's information security programs for the next two years.
"The lawsuit is Vermont's first enforcement action under the Security Breach Notice Act and the second HIPAA enforcement action of its kind since state attorneys general were given HIPAA enforcement authority in 2009."
Read more at Infosec Island.
Don't let an unsecure flash drive cause business disruption, productivity loss, revenue loss, and fines.
Recent events in the news have demonstrated the ease with which portable devices can be used to steal confidential data.
Avoid your own personal Wikileaks by securing your USB flash drives. Kanguru's secure flash drives and remote management capabilities provide excellent protection against data leaks.
The Kanguru Defender Elite coupled with Kanguru Remote Management Console (KRMC) give CIO's and CISO's an unprecedented level of control over their flash drives. Data breaches can be prevented with features such as:
Remote Disable/Delete - Remotely disable or delete devices compromised by rogue employees to protect sensitive information and prevent data breaches.
Domain/IP Control - Restrict drive usage to approved domains & IP ranges and prevent unauthorized use in external networks.
Offline Restrictions - Control whether devices can be used offline. Prevent unauthorized use in external networks.
Auditing and Reporting - KRMC enforces a full audit trail with detailed graphical reporting and the ability to export both customizable audit logs and graphs for external analysis to ensure proper compliance.
Which is more costly to a business? Spending the money to become compliant with federally mandated security regulations or remaining noncompliant?
A recent study by the Ponemon Institute compared the cost of complying with state and federal security regulations vs. the cost of potential business disruption, productivity loss, revenue loss, and fines. Read more about it here.