Just as advances in technology are helping the criminally minded find new ways to breach both physical property and data, technology is evolving to combat threats and keep real and intangible property safe.
There are increasing numbers of strategies to minimize risks to computer systems, said David Usher, president of CMIT Solutions of Wilmington. Usher, whose company provides outsourced IT services for small businesses, sees three challenges for those businesses in 2016.
The first is the need to encrypt data to comply with HIPAA, payment card industry and other regulations. The second is malware, in which messages may come from credible-looking sources but carry phony invoices, phishing scams or viruses.
“These typically come from companies like Amazon or PayPal,” Usher said. “Or it’s a spoofed address, the message looks like it’s coming from a friend.”
Then there’s the return of what Usher calls the Cryptowall. This kind of threat, known as a Trojan horse or Ransomware, encrypts files on a compromised computer. The attacker then asks the user to pay to have the files decrypted.
“Backup is the most important thing, but not just any backup,” Usher said, explaining that putting files on one drive or sharing them through a service like Dropbox is not secure enough, because a hacker or disgruntled employee can get into the database. “You need redundant backup: on-site and off-site.”
There is no one tool to protect computer systems, according to Usher.
“It’s like putting Swiss cheese on top of a sandwich. There are lots of holes, but if you layer several slices, you minimize the holes,” he said.
He recommends purchasing four kinds of programs, those overlapping slices of Swiss cheese: anti-virus software; anti-spam software that reviews emails and tries to catch devious ones; ad-blocking software that kills many pop-up ads and prevents that means of malware delivery; and network monitoring software that looks into a customer’s system and blocks communication from known sources of threats.
“It’s a little bit of a Whac-A-Mole game, but you want to make sure your network is communicating only with known, credible sources,” Usher said. “But no matter what we do, the problem is the human element, and sometimes we get tricked.”
He admitted that a recent Facebook message almost got him, but his better instincts prevailed just before he clicked through.
Other strategies include keeping personal business off company devices, using many different passwords and changing them often to limit exposure (managing passwords through a credible password management service, if you don’t want to remember multiple codes), and not telling yourself that your small business would be of no interest to hackers, Usher warned.
He pointed out that the Target customer data breach in late 2013 came about when hackers were able to break into the system of one of its vendors, an HVAC company in Pennsylvania. Because Target had not segregated its customer data, Usher said, the hackers obtained information for millions of customers.
Alex Cherones, director of threat services for AT&T nationwide, can see the cybersecurity big picture. After all, his company analyzes about 108 petabytes of data coming through its networks – roughly 40 times the amount of data in the Library of Congress – every day.
“We’re seeing increased amounts of attacks,” he said. “The types of attacks and the attackers themselves are becoming smarter in the way they are doing things.”
The frontier has moved from hacks into enterprise databases or phishing for personal data to attacks on apps, mobile devices and wearable technologies, which can provide all kinds of sensitive information on the user, Cherones said. And the security industry anticipates that a new target will be automobiles.
“The smarter automobiles get, the more opportunities there will be for hacking,” he said, adding that AT&T and other providers are racing to anticipate security loopholes and develop preventive and mitigating measures for the enterprise marketplace. Consumer education is also essential, Cherones said.
Thanks to competition and technological advances, the cost of property security is declining, while capabilities are improving.
Justin MacDaniel, sales manager for the Wilmington office of Protection 1, likens the current affordability of sophisticated security systems and high-resolution surveillance video to the cost arc of flat-screen televisions.
“When flat-screen TVs came out, they were only for the wealthy,” he said. “Now everybody can afford it. Now anybody and everybody can afford to feel secure and be secure, from a residence to a large business.”
Protection 1 and other similar businesses – while still offering security systems for homes and businesses – have also moved into entire automation systems, which allow property owners remote control of everything from access to temperature, MacDaniel said.
Kevin Gallagher, president of Wilmington-based American Detection Systems, has been in the security business for 38 years. He’s witnessed a revolution in technology, from one-panel, battery-powered burglar alarm systems to today’s products that combine alarms and amenities, with information sent via text or video to customers’ smartphones as well as to responders.
Those systems themselves are more secure, thanks to advances in communications technology, according to MacDaniel. For one thing, his company no longer uses phone lines as the means of system communication with responders and property owners.
“All a criminal would have to do is cut through the phone line. To me, that’s not security,” he said, explaining that communication through cable or Internet can go down because of weather or other problems. “We now use cellular devices, which dial out.”
What’s the hottest trend in building security? MacDaniel says it’s the increasing use of high-definition video for private residences and small businesses. Such video has long been standard in large companies, which use it to keep track of who’s coming and going.
“IP [Internet protocol] video now allows hi-def video suitable for prosecutable evidence,” MacDaniel said. “You can zoom in with minimal distortion. That’s where the industry is headed.”
Video is definitely the way of the future, said Gallagher. With a pinpoint lens, he said, a camera now can illuminate a dark interior and provide an identifiable image of an intruder.
“We’re finding that police, when there’s a crime in an area or when they’re looking at a particular residential or business neighborhood, are requesting playback from cameras,” he said.
By having system providers host their video service, customers also avoid the potential loss of on-site video, Gallagher said.
“A robber at a [convenience store] can carry off the DVR so the store doesn’t have video, but what he doesn’t know is that the video is also being stored off site,” he said.
Providing video hosting also boosts a provider’s recurring monthly revenues and helps drive down the cost of monthly service, Gallagher said.