Anti-Malware Being Solved by Ubiquitous Protection
John Jefferies, vice president of
Viruses and other malware spread effectively, because their creators designed them to be ubiquitous [existing or being everywhere at the same time] to computing. Malware relies on users taking few, if any, actions and those actions are part of normal computer usage. Fundamentally, computer users do nothing out of the ordinary to spread malware.
The reason that anti-virus software is effective in mitigating the spread of viruses is that it is ubiquitous as well. When anti-virus and anti-malware software fails, it is almost always due to the requirement for users to take some action, such as renewing or installing the software. Ubiquitous protection works.
drives are now ubiquitous to organizations and bypass protections that
organizations implemented as part of their malware prevention programs. This
resulted in many significant incidents; most notably the incident that affected
the US military commands in Iraq and Afghanistan. There is also the issue that
massive amounts of data have been lost, as USB drives are easy to lose. In
response, IronKey created a solution that returns ubiquitous security to
organizations, while allowing them to enjoy the convenience of USB drives.
When people think of computer viruses, they think of fast spreading programs that travel via e-mail or through malicious and compromised websites. Then there are worms that spread themselves throughout the Internet and internal networks in hours. There are a variety of other methods that spread viruses and worms and other forms of malware.
However, few people seem to remember the first decades of viruses where they were spread by people exchanging games and pirated software via 5 ¼” and later 3 ½” floppy disks. Viruses did not spread as quickly as they do today, but they somehow made their way around the world.
The mechanism was relatively simple in that the viruses were loaded into the control and information sectors of the disks, and were activated upon being loaded into a disk drive. The viruses then copied themselves to the boot sector of the system hard drive. Whenever a floppy disk was loaded into the computer, it was then infected by the virus. At the time, viruses primarily damaged the hard drives and deleted data, and were highly malicious in nature.
As connectivity increased, floppy drives became obsolete, so malware spread via the Internet. However, USB technology overcame both the storage volume and read write technology and became a viable method for data transfer. Malware then started exploiting USB drives. The most notable and critical occurrence of USB distributed malware is a November 2008 incident where USB drives were determined to be the source of an infection that crippled US military computers in war zones.
Much like malware itself, anti-malware software focused first on preventing PC based infections from floppy drives. As the malware threat moved from the physical transfer of storage devices to the Internet, anti-malware software in the corporate environment moved to server and perimeter based platforms. While many organizations maintained PC based protection, clearly anti-malware software is not as widely distributed as it should be, as demonstrated by the US military incident. Also as demonstrated by the military incident, USB drives bypass even the most supposedly secure network protections, like closed networks. Frequently people on closed networks believe that they cannot be infected because their systems are not vulnerable.
IronKey incorporates a wide variety of protections to prevent the incidents described as well as most malware infections. Specifically, IronKey’s Anti-Malware Protection Initiative incorporates multiple elements of protection for USB drives. These protections are:
§ Policy-based controls to restrict IronKey usage to trusted networks. IT can control on which networks users can use their IronKey Enterprise devices.
§ Keylogger prevention for protecting IronKey device passwords. Optional on-screen password entry protects your device’s password from being sniffed if your computer is infected with keystroke logging malware.
§ Anti-worm secure AutoRun protection. This prevents AutoRun malware from infecting IronKey devices and corporate or government networks.
§ Anti-Malware scanning. IronKey has launched its service for delivering anti-malware scanning updates to detect and remove a broad spectrum of malware from being copied onto or off your IronKey.
§ Remote management and security updates. IronKey Enterprise devices are managed remotely, allowing IronKey to provide automated security and anti-malware updates over the Internet or corporate network.
§ Malware-protected software and firmware updates. IronKey software and firmware is digitally signed at IronKey labs, and is validated in hardware by IronKey devices, preventing them from being infected by malicious firmware.
§ Secure manufacturing processes. IronKey manages a secure supply chain, ensuring that devices cannot be infected during the manufacturing process. IronKey devices are designed and assembled in the United States.
§ Secure provisioning and quality assurance processes. IronKey software and firmware is provisioned in IronKey secure facilities.
§ Always-on hardware encryption. IronKey’s encryption cannot be disabled or compromised by malware.
IronKey provides a proactive and ubiquitous solution that ensures that even when humans attempt to bypass physical, technical and operational controls, either intentionally or unintentionally, malware remains off of networks. IronKey is proactive in that the above protections are inherent in all drives and constantly protect themselves from attack. Likewise, IronKey is ubiquitous in that no user action is required. Users are not even aware of the protections built into the devices, nor does it matter to their function.
IronKey USB drives are appropriate and critical for all organizations. While some organizations do remove USB access to systems, that is becoming more difficult as standard PC peripheral devices, such as printers, keyboards and mice, connect via USB ports. Given the convenience of USB drives, it is impossible to prevent users from using them. IronKey is the proactive and ubiquitous solution to the inevitable issue of USB based malware.
IronKey’s award-winning products and services combine the world’s most secure flash drive with the world’s most powerful USB management software. IronKey’s USB flash drives bring the power of authentication, encryption, identity management and privacy to businesses and consumers in 23 countries. IronKey’s management software and associated services allow enterprises of all sizes, government agencies, the military, and other organizations to take back control of the mobile data that has been leaking out of their organizations due to the uncontrolled proliferation of USB drives. With IronKey, organizations centrally administer, remotely manage, and enforce policies on thousands of devices located anywhere in the world. Thousands of customers, including over 50 Fortune 500 companies, government agencies and military organizations that handle some of the most sensitive security information in the world trust IronKey to protect business critical data. All IronKey products are FIPS 140-2 validated. For more information, please visit www.IronKey.com.
Send mail to
questions or comments about this web site.