THE VIEW FROM THE CLOUD: Computer Forensics Tools

It’s official: the world is saturated with digital devices. The numbers aren’t exact, but if Gartner (News - Alert) forecasts are accurate, 4.9 billion connected devices are in use this year. This colossal figure is up 30 percent from 2014 and will reach 25 billion by 2020. However, that’s not taking into account the comparison of real-time data from mobile network analysis firm GSMA Intelligence and the US Census Bureau (U.S. and World Population Clock). Their research shows the number of active SIM cards surpassed the number of human beings on the planet. That’s more than 7.2 billion cell phones!

Technology has changed the way we live and work. In three decades, computers, laptops, tablets and smartphones transformed tenuously connected economies into a tightly interwoven global market. That’s the good news. The bad news is for all technology giveth, it can taketh away. While small and large businesses are able to grow stronger and faster than ever, they hold higher risk for financial loss. Aside from impervious cybercrime, such as fraud and identity theft, stolen devices and unapproved software installation is a concern in nearly every IT department and industry today.

Lost and Seldom Found

Last year, the Ponemon Institute (News - Alert) issued a report to determine the financial implications of lost or stolen laptops. The study, The Billion Dollar Lost Laptop Problem, included 329 private and public American companies from a dozen industries. Employee numbers ranged from less than 1,000 to more than 75,000. Participating organizations indicated that on average 263 laptops were unaccounted for in a 12-month period. Of those, only 12 were recovered. The collective financial impact totaled $2.1 billion, or $6.4 million per organization.

Company equipment goes missing for many reasons. Often sent for repair, laptops and other systems are left on a shelf gathering dust. Other times, they are left in hotel rooms or unlawfully removed. It’s an all too familiar scenario that goes something like this: The IT manager is called to meet with the IT security manager. As the IT manager sits down, he sees a laptop on his desk with a sticky note that says, “Found on bus.” 

This story is a common nightmare for any IT manager. However, they often don’t worry about the laptop’s data safety, although hard disks are not always encrypted.

Following inspection of the device, the disk was not encrypted. Company data has been removed and leaked onto the Internet. How could this happen?

Why is my PC running so slow?

Unauthorized software is a major risk factor for system networks. In a 2013 survey, a worldwide antivirus company performed a routine scan of their customers’ environments. The study found that nearly 80 percent of employees used unauthorized software on their endpoints. While most users had admin-level privileges on their systems, primarily because they were using personally owned laptops, other users were from the IT support department.

Without proper management, patching, updates and configurations, organizations are unable to provide adequate protection for their valuable assets. Software asset management is still not a top priority among CIOs, even though software licenses and maintenance costs were approximately 21 percent of IT budgets in 2014 (Deloitte). After password reset, the number one incident for helpdesks and service desks is slow-running PCs, often due to unauthorized or incorrect software installation or updates.

Prevention in the Cloud

Preventing lost and stolen devices and quickly identifying unauthorized software is a challenge for any organization. However, cloud-based computer forensics tools for retrieving devices and protecting sensitive data are offering invaluable benefits for organizations utilizing them. With new cloud-based tools, you can audit within your environment each system in your network, identify if the system is being used, when it was last seen and who was the last user on the system. This not only provides a thorough inventory, but also peace of mind for the IT manager who can review what software is installed, when it was installed and which users are logging onto the system to use it. Whether the user is working from home, remotely or on another network, with the help of micro-responders, IT managers are enabled to effectively manage their environment, prevent loss and contribute to growth rather than deficits.

Not every system needs the same level of control, but IT professionals can begin by assessing the sensitivity of their business systems and department functions. This enables them to design a policy that meets risk requirements. Simple reports from an intuitive web console can enable IT managers to view all software installed throughout the environment, particularly those which do not belong to the company baseline. This eliminates what would otherwise be painful and time consuming projects.

With the power of history at your fingertips, helpdesks can replay changes of any device or group of devices over any period of time. This easily identifies the cause while tracking all assets, regardless of where they are in the world or who is using them. IT managers can replay all changes to the disk encryption service and pinpoint the exact day it was disabled, who performed it and what other changes occurred the same day. With this evidence, the IT manager can create a case to identify the employee responsible for the data breach and provide audit reports to successfully close the issue. At the same time, the IT manager can quickly identify all laptops that do not have encrypted hard drives and fix them before being discovered by the IT security manager. It’s a win-win situation.

As new cloud technologies emerge, collaboration is essential in balancing security with the interests of an entire workplace. To seize an expanded role while keeping pace with innovation, IT teams must take the lead and assume the position of driver and trusted advisor. This allows organizations to create competitive advantages by utilizing cloud solutions to solve complex technology challenges. While many enterprises already employ both on and off premise solutions, how many end users have Dropbox (News - Alert) and utilize Salesforce or Office 365? As this major shift occurs, with or without the consent of IT, organizations will wonder if the IT department is an enabler or roadblock to innovation. By determining how IT departments can support the enterprise and enhance employee productivity, they will surely foster a culture of collaboration and innovation. This protection of the organization’s most valuable assets will secure IT’s place and guide companies through the next wave of new technology.

ABOUT THE AUTHOR: Ashley Leonard is the president and CEO of Verismic Software, a global industry leader providing cloud-based IT management technology and green solutions. He is a technology entrepreneur with 25 years of experience in enterprise software, sales, and operational leadership. Leonard worked nearly two decades as a successful senior corporate executive, providing critical leadership during high-growth stages of well-known technology industry pioneers. He founded Verismic in 2012 after successfully selling his former company, NetworkD (News - Alert), an infrastructure management software organization. Leonard currently manages U.S., Australian and European operations, defines corporate strategies, oversees sales and marketing, and guides product development. Leonard works tirelessly to establish Verismic as the leading provider of IT endpoint management solutions delivered from the cloud by building beneficial industry partnerships and creating a strong, innovation-driven culture within the Verismic workforce. Verismic’s latest offering, Cloud Management Suite (CMS), is an agentless, cloud-based IT management software solution that is revolutionizing the way IT professionals engage in endpoint management. For more information, visit www.cloudmanagementsuite.com.