State & Local Government

State & Local Government Cybersecurity Landscape

Cyber-attacks on government agencies are happening at an alarming rate. These attacks cost U.S. state and local governments millions of dollars in remediation and disrupt employee work and citizen services. Governments must be concerned about the loss of sensitive citizen, client and employee information, whether through a cyber event on a PC or unauthorized access to documents at the printer. According to a Verizon study, personal information is the top type of data lost in public sector breaches.The costs of such a breach can quickly escalate. One study estimates an organization will incur $2.2 million in costs for a data breach that involves less than 10,000 compromised records.

Several factors make government agencies easy targets. Budget constraints may require some agencies to use outdated computers that cannot support the security features needed to protect against current threats. Many agencies lack funding to develop, implement and manage robust security policies. And the mix of technologies in most government agencies make security management more challenging, which may inadvertently provide an opening for attacks.

Amajor source of security vulnerabilities lies in endpoints: the PC and Mobile device employees use to do the everyday work of government. Although an agency may not have full awareness of endpoint vulnerabilities, hackers

certainly do. As one example, a county IT director noted an increase of more than 300 percent in endpoint attacks at agencies across Washington state.

A lack of control or inability to monitor endpoints creates significant security risks and may lead to:

  • Unauthorized people seeing sensitive information due to careless user actions
  • Cybercriminals stealing data or holding computer files for ransom or blackmail
  • An attack on critical agency systems through an endpoint’s network connection

Multiple factors contribute to these potential scenarios, but perhaps the most common is inadequate security settings and lack of proactive monitoring. Over time, infrequent monitoring and inconsistent installation of software patches can increase the risk of both PC, laptop and mobile devices.

Government and Education Cybersecurity Endpoint Protection

The valuable data stored in PC memory or hard drives may be easily viewed or stolen unless strong security measures are in place. These measures include defining strong security policies at the agency level and educating  users to consistently follow good security practices. When default security settings aren’t optimized, the device becomes a “weakest link,” giving hackers an easy entry point into the organization’s network. Sometimes it’s just a matter of incomplete endpoint awareness. When an agency has hundreds or thousands of PCs and devices to track, it can be hard to maintain up-to-date knowledge of all endpoints. One analysis found that a government organization typically doesn’t know about 12 percent of its network-connected endpoints.  If the IT team doesn’t have visibility and control of an endpoint, it can’t be certain it is adequately secured. IT can address these vulnerabilities with a combination of security technology, policies and practices.

It’s easy to assume that a firewall application and anti-virus software are all that’s needed to secure a PC. Although these measures remain important, they cannot deliver full protection against today’s sophisticated attacks. Achieving this higher level of protection involves both best practicesand technology tools. Best practices begin with basic measures such asrequiring strong passwords and not allowing users to share accounts.Many governments are also choosing to adopt the extensive bestpractices in the U.S. National Institute of Standards and Technology (NIST) Cybersecurity Framework. As a supplement to cybersecurity practices, advanced security toolsprovide stronger protection than traditional tools for PC applications,data and network connections.

Cybersecurity today means protecting every endpoint with robust technologies and practices. The goal is to keep hackers from breaking in and limit the chance of accidental breaches. How can a public sector organization make these security improvements given the constraints of staffing and budgets?

Causes of a breach:

A lack of control or inability to monitor endpoints creates significant security

risks and may lead to:

  • Unauthorized people seeing sensitive information due to careless user actions
  • Cybercriminals stealing data or holding computer files for ransom or blackmail
  • An attack on critical agency systems through an endpoint’s network connection

Multiple factors contribute to these potential scenarios, but perhaps the most common is inadequate security settings and lack of proactive monitoring. Over time, infrequent monitoring and inconsistent installation of software patches can increase the risk of both PC, laptop and mobile devices.

Up until now, organizations have lacked the ability to fully protect their endpoints from a zero-day keylogger. Most keyloggers have the ability to change their form and go undetected as they quickly spread between the endpoints in your enterprise.

How do you fight back? With EndpointLock: Patented keystroke encryption for desktops and mobile devices.

What Are Keyloggers?

  • Keyloggers can record every keystroke made on a mobile device or desktop
  • Keyloggers are the single biggest threat leveraged in the first stages of almost all advanced threats
  • Today’s anti-virus solutions are unable to identify and stop keylogging
  • 98% of enterprise breaches include a phishing attack to install a keylogger
  • Keyloggers can change form and go undetected for months or years

How Keyloggers Hurt Businesses?

Keyloggers can steal your:

  • Privacy
  • Usernames and passwords
  • Personal identity
  • Credit card numbers
  • Proprietary corporate data
  • Email accounts
  • Corporate transactions
  • Banking data

EndpointLock and KTLS

Keystroke Transport Layer Security (“KTLS”) is a patented cryptographic protocol that provides for the encryption and transport of keystrokes, at the kernel level. It activates at the time of secure boot, or entry into any application or web browser. This proprietary technology is unique to CromTec Cyber Solutions.

KTLS can be utilized in both desktop and mobile environments as a critical component of endpoint security. The protocol provides strong cryptography at the time of keystroke entry, to protect the initial transmission of usernames and subsequent keystrokes entered in to any program or application.

EndpointLock is the commercial product name by which KTLS is implemented within an enterprise.

EndpointLock™ Key Features:

Continuous Protection

  • The only solution that protects against zero-day keyloggers.

  • Operates as an anti-subversive, detects untrusted drivers and displays a warning containing the name of any suspicious driver.

  • Automatically installs to your TPM (Trusted Platform Module) if available.

Visual Alerts

  • Anti-Screen Scraping blocks screen capture.

  • Anti-Clickjacking Warning visually alerts you with a red dotted outline of untrusted areas.

  • CryptoColor: Visual confirmation highlights verifies the text fields are safe to type into.

Versatile

  • Can be installed in an enterprise and deployed via group policy.

  • Compatible with McAfee ePolicy Orchestrator

  • Can encrypt double-byte characters

  • Can encrypt all international keyboards

  • Works with PS2, USB, Wireless & Bluetooth keyboards

Trusted

  • Built here in the USA, and more than 8 Million consumers and corporations have already downloaded our technology.

  • McAfee ePO (ePolicy Orchestrator) Compatible

EndpointLock™ for iOS and Android Devices

endpoint_mobile

  • Supports: Apple iPhones & iPads, Android Phones & Tablets.

EndpointLock:

  • Encrypts all user keystrokes
  • Creates a secure keyboard with your branding
  • Supports all iOS and Android mobile devices
  • Supports all 5G iOS and Android IOT devices
  • Routes encrypted data around the vulnerability
  • Protects against infected apps and phishing emails/messages

An estimated 16 million mobile devices are infected with mobile malware, with threats constantly on the rise. Traditional keystroke data flows from your mobile keyboard through your operating system before it appears in your apps. Hidden along the way are areas of vulnerability where cyber criminals can plant keylogging spyware. With (BYOD) Bring your own device and mobile cyber attacks both increasing, enterprises must address security with tools to thwart the massive vulnerabilities that exist when using infected apps and phishing emails and messages, which download keylogging spyware.

EndpointLock™ for Mobile protects your keystroke data by installing a secure encrypted keyboard that creates an alternate pathway to your apps, routing your encrypted data around the areas of vulnerability. For added security, the EndpointLock™ pathway is protected by a complex 256-bit encryption code

EndpointLock™ Mobile SDK (Software Developer’s Kit)

Secure your Desktop and/or Mobile Apps

Get keystroke encryption embedded right into your desktop and mobile app. Users will feel confident as they provision and use the app and add their credentials including typing in their credit card numbers.

EndpointLock for Desktop Other Security Features

TPM (Trusted Platform Module) Support:

EndpointLock will automatically detect if a PC has an Intel TMP (Trusted Platform Module) chip, which is designed to secure hardware and software integrity by integrating cryptographic keys into devices, and will install directly to the TPM on the PC.

Kernel Compromise Warning Feature:

Warns the user of a kernel breach by detecting the presence any unsigned software or if a driver has been altered since it was released. EndpointLock indicator will turn yellow to indicate warning and log details of the breach including identity of the breached computer and its file location within that system.

Self-Monitoring Capability

Anti-subversion technology prevents EndpointLock from being
by-passed by other software by reinstalling itself in the first position in the kernel level.

Anti-Screen Scraping Feature

Hides the screen from screen loggers and sends them a black screen.

Anti-Clickjacking Feature:

Makes the invisible, visible. Hackers can embed invisible objects into
iFrames, EndpointLock can detect this type of attack and unhide the invisible object, and paint a border around the object, alerting the user not to click on this object.

How EndpointLock™ and KTLS Work

EndpointLock proactively stops keyloggers by encrypting each keystroke at the point of data entry, and rerouting the encrypted keystrokes directly to the browser or desktop application.

With EndpointLock, instead of capturing your actual data, keyloggers see only a random string of meaningless numbers.

EndpointLock is designed as a secure keyboard, available whenever a browser or desktop application is launched. This keyboard can be branded with your logo and hyperlink.

KTLS uses the AES encryption with a key size of 256 bits to encrypt keystrokes. The same key is used to encrypt and decrypt.

The KTLS protocol secures connections between the keystroke and applications:

  • Symmetric cryptography encrypts the transmitted data to ensure privacy
  • The keys for this symmetric encryption are generated uniquely for each connection
  • The encryption is based on a shared secret generated from the Trusted Platform Module, or else by a built-in Random Number Generator
  • Keyloggers can’t obtain the negotiated secret, even if they place themselves in the middle of the connection
  • No attacker can modify the keystroke transmission during the negotiation without detection, which generates kernel-layer alerts
  • The encrypted session key is stored in secure memory, shared by all KTLS system components
  • KTLS proactively reroutes the encrypted keystrokes directly to the browser or desktop application

Trending for Business: BYOD

Bring Your Own Device

  • 80% of businesses support a BYOD policy
  • 60% of workers use a smartphone for business purposes
  • BYOD market: $30 billion in 2014  à  $367 billion by 2022
  • Companies encouraging BYOD save $350 per year, per employee

67% of business data breaches are due to employee mobile device use

*Source: Forbes, January 2019

EndpointLock Features:

  • A toolbar turns on automatically when browser or application is launched
  • Advanced, 256-bit encryption
  • Early-warning kernel and ID theft monitoring
  • User-friendly, comprehensive reporting dashboard
  • Screen-capture protection
  • Clickjacking protection
  • Protection against Dark Web email attacks*
  • ID theft protection insurance*
  • Crypto-color visual verification technology

*Add-on, enhanced services, for licensed EndpointLock solutions

EndpointLock Benefits:

  • Enterprise-grade
  • Certified by Windows, Mac, Linux, Android and iOS operating systems
  • Supports keyboard-enabled iOS and Android 5G IOT devices
  • Deployed directly into Layer 0, within the kernel itself
  • Encryption and decryption occur directly within the application, without any modification to the app required
  • Compatible with Intel’s TPM (Trusted Platform Module)
  • Easily scalable: deployed through MS GPO, PowerShell, SCCM and 3rd-party apps
  • Works with PS2, USB, wireless, Bluetooth and international keyboards
  • Small memory footprint
  • Requires no spyware database updates

EndpointLock is CromTec Cyber’s unique flagship product, and is a crucial component of a comprehensive Managed Endpoint Security strategy, which we can craft for your business.

ENDPOINTLOCK

PROTECTING PRIVACY AND VITAL INFORMATION

CONSUMER PROTECTION:

  • Identity
  • Passwords
  • Online purchases
  • Credit cards
  • Banking data
  • Health data
  • Email and texts

BUSINESS PROTECTION:

  • Logins and passwords
  • Employee keystrokes
  • Enterprise risk
  • Corporate IP
  • Transactions
  • Financial data
  • HR data

CEMS – CromTec Endpoint Managed Security

The CEMS Product Suite:

Establish a layered security strategy, with a customized program:

  • Assess your risk and threat vulnerabilities
  • Manage your endpoints
  • Detect and respond to threats
  • Provide back-up and disaster recovery solutions
  • Implement effective policies
  • Monitor your cyber health status

  1. CEMS ASSESSMENT

  2. ENDPOINTLOCK™

  3. CEMS MOBILE

  4. CEMS DESKTOP

  5. CEMS COMPLETE

error: