Nsauditor Network Security Auditor - Advanced All-In-One Network Tools Suite!
  Recommended Product
Network Security Audit Software
Network Security Audit Software and Computer Security Tools
  Learn More
 
 
  Network Security Software
Network Bandwidth Monitor Network Bandwidth Monitor
NBMonitor tracks Internet bandwidth usage (upload and downloads) and shows process names initiated network connections...
Network Hardware Inventory Software Network Hardware Inventory Software
Nsasoft Hardware Software Inventory is a powerful network inventory software for home, office and enterprise networks...
BlueAuditor Monitors Mobile Devices in Wireless Network BlueAuditor Monitors Mobile Devices in Wireless Network
BlueAuditor is a wireless personal area network auditor and easy-to-use program for detecting and monitoring mobile devices in a wireless network...
Network Access Monitoring Network Access Monitoring
ShareAlarmPro allows easily perform network shares and folder monitoring, block unwanted users attempting to access secured shares...
Network Shares Monitoring Network Share Watcher
Monitors network folders permissions and identify shares which are violating company data access policy...
NetworkSleuth Network File Search Utili NetworkSleuth Network File Search Utiliy
NetworkSleuth is a network file searching utility, that allows you to quickly locate files across a network....
Product Key Finder Product Key Finder
Product Key Explorer enables you to quickly recover over 3000 popular software product keys from network computers...
Backup Key Recovery Crashed Drive Keys Recovery Backup Key Recovery Crashed Drive Keys Recovery
Backup Key Recovery retrieves product keys for Windows, MS Office, SQL Server, Adobe products and more than 2500 popular software products...
 
 

Network Security News

What Your IT Pro Knows About You

July 11 2011

For many small companies, the IT staff is a single person or even a consultant brought in to handle the business's computing upkeep. Either way, the question of what your IT person knows about the inner workings of the company is well worth asking--because the IT person may know far more about your company, employees, and personal information than you ever thought possible.

Take a look at your server room or server closet, and you'll probably see a bunch of white, gray, and black boxes, lots of wires, and a swarm of blinking lights. If one box was surreptitiously monitoring every piece of data that entered or exited your Internet connection--phone calls, video chats, AIM messages, and so on--could you identify that piece of hardware? What if it was the size of a wall-wart-style power supply, like the one for your home DSL router? What if it wasn't in that room at all, but was tucked above a ceiling tile?

It's easy for an IT person to come to work in the morning, plug a small portable hard drive or SD Card into a tiny embedded system, and run a packet capture of everything moving across the network--or perhaps just the Internet traffic--and then pocket that data at the end of the day. At home, the IT snoop can reconstruct everything that went through your network and sift through it as time and inclination permit.

One of the few ways to protect your sensitive Internet traffic from being sniffed and reconstructed is to use SSL-secured websites, especially for logins. If you happen to hit http://somewebsite.com and log in during the day, someone snooping on the network will know your username and password. If you use https://somewebsite.com or if the site is smart enough to force logins through SSL, that information will be encrypted. However, many other Internet activities have no SSL option, and they'll remain open for inspection.

When an IT person works on your PC while you're at lunch, it's a snap for them to install a software or hardware keylogger that records and relays to them, via any number of methods, every character you type. No form of encryption can defeat this type of snooping.

The Real Deal

By using those simple methods, a nefarious and skilled IT pro can easily collect data on every transaction that crosses your network. In fact, the same device could also run code that fishes through company file shares--password-protected or not--for keywords and email messages of interest to someone offsite.

And about that ceiling tile--would you know if a Wi-Fi access point with a hidden SSID was tucked up there? Such a setup would enable a person to park across the street and access the Internet through your corporate Internet connection and wreak all kinds of havoc without leaving a trace. Having the feds show up to ask about child pornography traced to that location isn't something that any business wants to endure, but it's amazingly simple for a malicious IT person to execute that very scenario in just about any business that has an Internet connection.

That's why you need to be able to trust your IT person or team implicitly. There's simply no way for a nontechnical business owner to know what the company's IT folks are actually doing with their network and servers.

The point of this warning is not to sound a hysterical alarm and spread fear or uncertainty; it is simply to note the truth. The scenarios described above are extremely easy to implement, and they are undoubtedly happening in businesses all over the world right now, without anyone else in the company having any inkling of what is going on. Usually, sinister IT practices are uncloaked only when a different IT person or consultant arrives without warning to the treacherous IT person.

Many stories detail the misbehavior of IT people who have gone rogue and done everything from stealing and selling company data, to planting logic bombs in company servers that permanently cripple a business. The latest public example came out just a few weeks ago when disgruntled IT admin Walter Powell used keylogger data to hack back into his previous employer's network and inflict some $80,000 worth of damage, including causing a pornographic image to appear on the conference room television during a PowerPoint presentation at a board meeting.

You hear about the incidents where the perpetrators are caught; but for each of those, there are dozens that are never publicized, and more that simply aren't detected.

Trust but Verify

The only way for a small company to protect against this type of internal threat is to use an outside consulting group to audit its network regularly. Many large and small outfits perform this type of work, with wildly different costs, skill sets, and degrees of effectiveness. You can always call IBM or EDS, or go with a budget-friendly smaller firm. As when hiring any other prospective services provider, it pays to get plenty of references first.

The audit should consist not just of physically inspecting all computing resources, but also of performing a Wi-Fi scan to detect rogue access points, and of running scanning software on each PC (or at least a random number of them) to look for keyloggers and the like.

Of course, if you resort to these auditing measures, you send your in-house staff the clear message that you feel you can't trust them, which can hurt morale and may even cause the IT suspect to implement extraordinary methods to find out why you're being "overprotective" of your network and what you're trying to hide.

Perhaps the best way to handle the situation is to be frank about it. Discuss the security need for a second set of eyes on the network, and emphasize that bringing in an outside group to do security audits is in your IT department's best interests. After all, if your network does get compromised, the outside company responsible for testing the network and pronouncing it secure must shoulder a substantial amount of the blame for failing to identify the vulnerability.

If the price of annual or biannual security audits makes your budget watchdog howl, your options for protecting against an IT staffer gone wild dwindle. If you're somewhat technically inclined, you can download and use a Wi-Fi sniffing app for your smartphone, such as WiFi Analyzer, WiFiFoFum, or WiEye for Android to alert you to the presence of hidden Wi-Fi network SSIDs. If you use an iPhone, though, you're out of luck unless you jailbreak your phone, because Apple removed all Wi-Fi scanning applications from its app store last year. Regardless, simply scanning for rogue access points doesn't guarantee that other untoward devices aren't collecting data somewhere on your network.

In a small or medium-size business, being able to trust your employees is vitally important, as is being able to navigate a sensible course between budget constraints and the potential for future problems. Consider yourself very fortunate if your IT group has earned your complete trust, and you can confidently say that you don't have to worry about this problem.

Sours From

View more news

 
  Most Popular Articles
 
 
  Popular Searches
network security magazine network security auditor network security news network security software corporate network security network security systems home network security product key finder password recovery software Network Bandwidth Monitor Network Access Monitoring data access policy monitoring remote shutdown Network File Search key recovery Network Monitoring Computer Security Ethical Hacking Network Security Network Inventory Software Information Security
 
 
  Partner Sites
Network Security Auditor
Nsauditor is a complete networking utilities package that includes more than 45 network tools and utilities for network auditing, scanning,network connections monitoring and more. For more information, please visit:
www.nsauditor.com


Password Recovery Software
SpotAuditor is All-in-one password recovery program that offers administrators and users a comprehensive solution for recovering passwords and other critical business information saved in users' computers. For more information, please visit:
www.password-recovery-software.com

Product Key Explorer
Product Key Explorer quickly recovers and displays product key, including Windows 7 keys, Windows Vista key, Windows XP product key, Microsoft Office 7 product key, MS office 2010 key, Adobe Photoshop, Adobe CS5, CS4, CS3, SQL Server, Electronic Arts games and more than 3000 popular software products:
www.product-key-explorer.com/