Jul 19, 2017

[WhitePaper] How to use G Suite to protect against Ransomware

How to use G Suite to protect against Ransomware

Index
Ransomware infection route and severity

Ransomware has been infected by opening e-mail attachments or visiting suspicious websites. However, it is known that it is infected even if only Internet connection is used by using security weakness of MS Windows OS recently.

According to the security industry, the main culprit is the "WannaCry," which began circulating around Europe on December 12 (local time). Warner Cry is a variant of Ransomware known as WannaCrypt, which infects computers by exploiting security vulnerabilities in Microsoft's Windows operating system.

Key files in the infected computer are encrypted and can no longer be opened by the user. The attacker requires $ 300 as a condition for passing the encryption key and doubles the price if he does not pay the ransom within three days. The attacker threatens to permanently delete the encrypted file if he does not pay the ransom for seven days.

WarnerCry was able to spread around the globe in the first place because it would automatically be infected by running email attachments or visiting certain Web sites, unlike traditional Ransomware, even if they were only connected to the Internet. WarnerCry also has a worm feature that uses Windows Server Msessage Block (SMB), a file-sharing network feature of Windows, to infect not only that computer but also other computers connected to the network.

Because of this situation, there is no way to avoid infection with Ransomware, so its severity is higher than expected.

Typical prescriptions from Ransomware solution providers

A security vendor supplying a vaccine does not offer a specific solution for files already infected with Ransomware (files encrypted by Ransomware). However, in order to minimize infection in advance, four guidelines are suggested.

  • Spamming Email Attention
  • Back up important files
  • Set "Read Only" for important documents
  • Maintain the latest security patch of MS Windows OS

In other words, the point of this rule is that one of the Ransomware infection route is received through e-mail, and if you get infected, you should make the original backup to the safe store so that you can restore the original.  

Security solution vendors are pushing the introduction of a spam processing e-mail system that prevents spam in addition to existing e-mail systems. Storage or backup solution vendors are promoting the need for backup devices to back up important files.

It is an important document, but it is not uncomfortable to set it as 'read only' as it should be edited frequently. In some cases, document management solution providers may encourage the introduction of expensive document management systems that can be centrally controlled, while important documents are managed with appropriate security regulations.

MS Windows OS security patches are made from time to time. However, since malware hackers who create Ransomware are always exploiting Windows OS vulnerabilities, OS security patches are not a fundamental solution.

Full Content Download - PDF




Apr 5, 2017

[New 4 features for Chrome Device of 100 new products announced at Next 17]

Last March 8-10, Google hosted the Cloud Platform Next 17 conference on a grand scale. At that time, Google announced 100 new products.

Note: List of 100 published products

Https://www.blog.google/topics/google-cloud/100-announcements-google-cloud-next-17/

These 100 products have been announced in the following categories.

  • Google Cloud Acquisitions
  • Google Cloud Security
  • Data Analytics
  • Database Services
  • Machine Learning Services
  • GCP Pricing & Support
  • Developer Platforms & Tools
  • Infrastructure
  • G Suite-Enterprise Collaboration & Productivity
  • Android & Chrome Devices
  • Google Cloud Customers

Here are four of the 100 new products that are related to Chrome.

100-announcements-17

Building on the momentum from a growing number of businesses using Chrome digital signage and kiosks, we added new management tools and APIs in addition to introducing support for Android Kiosk apps on supported Chrome devices. 
55. Android Kiosk Apps for Chrome - Android Kiosk for Chrome lets users manage and deploy Chrome digital signage and kiosks for both web and Android apps. And with Public Session Kiosks, IT admins can now add a number of Chrome packaged apps alongside hosted apps.
56. Chrome Kiosk Management Free trial - This free trial gives customers an easy way to test out Chrome for signage and kiosk deployments.
57. Chrome Device Management (CDM) APIs for Kiosks - These APIs offer programmatic access to various Kiosk policies. IT admins can schedule a device reboot through the new APIs and integrate that functionality directly in a third- party console.
58. Chrome Stability API - This new API allows Kiosk app developers to improve the reliability of the application and the system.
------------------------------

Apr 3, 2017

[About Stylus pen for Samsung Chromebook Plus - Pros. & Cons.]

One of the things that makes Samsung Chromebook Plus different from other Chromebooks is its stylus pen support.