Most people have a 5 year itch (for work) and maybe a 7 year itch (for other things), but I have a 4 year itch which is about to be satisfied. The upcoming XXII Olympic Winter Games. I love sports and nothing is as special, thrilling or can compare to the competitiveness and uniqueness that is the Olympic Games. This year, the Games will be held in Sochi Russia. The first in the Russian Federation since the breakup of the USSR. And while physical security will be at the upmost highest level, I want to point to this article (http://ziften.com/sorm-sparks-need-for-endpoint-data-protection/) and talk about IT security.
The level of surveillance with SORM will be quite remarkable. This is public knowledge and endorsed by the Russian Government. But privately, it is anyone’s guess as to how deep the monitoring will go. On the other hand, you will most likely (if not 100% definitely) see Internet criminal activity spike during these two weeks in February. With the world’s media, dignitaries, public figures and athletes all gathered together, it makes for a very ripe bounty to pillage.
Companies that are sending employees over to the Games need to stress caution when they are using any IT supported device during this time. Using publicly available WIFI whether in the hotel, restaurant or maybe even around the events themselves, and you are possibly exposing your system to unwanted actors. Targeted campaigns and phishing attacks are themed around the Games and if your system is not constantly monitored for changes in behavior, compliance and vulnerability, you are at risk.
Ziften is helping its customers every day in monitoring their systems and ensuring they receive the extra level of security they come to rely on us for. We even have some customers who will be at the Games and they know we will be there with them and not just in spirit. Our unique approach gives them the comfort in knowing that we will be helping to protect their assets.
Below are some important areas Ziften captures with real-time alerting:
- Ensure critical applications like Anti-Virus, VPN and Systems Management are always running
- Alert on exact binary and systems that are connecting to known bad/malicious IPs through our intelligence feeds
- Actionable alerts on processes, services and BHOs using proprietary algorithms
- Alert when any vulnerable application is running, not just a static scan on the system