Full Disk Encryption with CMS EasyEncrypt Upgrade Kit

A quick video demo of our new EasyEncrypt full disk encryption hard drive upgrade solution.

CMS Products Introduces an EasyEncrypt Upgrade Kit

Costa Mesa, Calif., (August 15, 2008) – CMS Products, Inc., (http://www.cmsproducts.com/) a leader in data security, backup, disaster recovery and content management technologies today announced availability of its “EasyEncrypt” Upgrade Kit for notebook computers with SATA hard disks.
The EasyEncrypt upgrade kit allows notebook computer users to quickly and easily replace existing, non-encrypted disk drives with a state-of-the-art, secure, hardware encrypted disk drive using AES 128-bit encryption and strong password support.

Because the EasyEncrypt utilizes “always on” data protection via its government grade AES 128-bit encryption scheme, data is always safe and secure. EasyEncrypt supports BIOS level ATA password locking for pre-boot authorization.

With EasyEncrypt, a computer’s Windows operating system, applications, data and personal settings are seamlessly transferred to the new hardware-encrypted disk drive supplied with the EasyEncrypt upgrade kit. The new encrypted disk drive can then physically replace the non-encrypted disk drive within the notebook.

The EasyEncrypt upgrade kit comes with all of the hardware required to connect its encrypted disk drive to your system via the USB interface. After the transfer of all data to the new encrypted disk drive is complete, the old, still functioning unencrypted disk drive can be used in the external enclosure supplied with the kit. This provides the user with additional portable storage for data with little security value.

EasyEncrypt is available through resellers and at http://www.cmsproducts.com/

About CMS Products
CMS Products has sold more than two million units of software while installing more than four million complete storage solutions in 90-plus countries. The complete line of product offerings includes automatic backup solutions for both portable and desktop computers, RAID systems, backup and disaster recovery software, media management software, notebook hard drive upgrades and data transfer kits and high capacity desktop hard drives.

Another entry for the Identity Theft and Data Loss file...

We saw the following story about a potentially major personal data breach affecting Google employees and thought it was worth passing on.

As Valleywag and eWEEK originally reported on July 2nd, that Google employees hired before Dec. 31, 2005, received notices that their personal data, including Social Security numbers and birth dates had been compromised by a break-in at Colt Express Outsourcing Services, a payroll and human resources outsourcing company.

The Valleywag report says the break-in occurred at Colt Express on May 26 and Google informed employees on June 9 about the breach. As a result, employees are getting a free year of identity theft protection.

Google employees looking to get an explanation from Colt Express will find the company's Web site is no help. The site only reports that the "home page will be reconstructed."

The likely reason for the Colt Express site being down is that Ceridian, the giant payroll processing and human resources company that serves more than 25 million employees, announced in early February 2008 that it had acquired "certain assets" from Colt Express. Ceridian's benefits services division is now providing services to Colt's clients.

This latest case demonstrates again that poor physical security is a more prevalent cause of data breaches than remote hacking attacks. Most of the biggest data breaches reported over the past couple of years have resulted from laptop computers being lost or stolen.

This means that the solution to these problems is a combination of improved physical security at business offices of all kinds to make it harder to steal computers and new data protection services that attempt to erase or block access to storage disks after computers have been stolen.

On June 30, Dell started offering a set of services for its business computers that not only try to track missing or stolen laptops, but also attempt to remotely erase sensitive corporate data from a hard disk drive.

Such services are likely to become more prevalent as corporate IT managers learn that they haven't truly secured employee and customer data until they implement some kind of effective system that tries to block access to data contained on the hard disks of lost and stolen computers.

According to Vallywag, employees of CNET Networks were also affected by this security breach.

CMS Products offers a suite of data security solutions, including the ABS Secure Encrypted Backup solution for laptops and CE Secure encryption software, technology that could have offered much greater data protection for the employees of Google and CNET Networks.

10 Ways Your Employees Pose a Security Risk for Your Organization

eWEEK.com posted an interesting article summarizing the top business security risks on their web site. We summarize here:

1. USB Drives - Unprotected USB drives are a prime way of letting sensitive company data walk out the door. Short of blocking USB flash drives altogether, companies can use device management software to monitor the ways the drives are being used.

2. Laptops - Employees are taking laptops everywhere, especially as they get lighter, making them more vulnerable to loss or theft. But even taking them to the safety of employees' own living rooms doesn’t protect these devices from infection through improperly secured home networks, exposing enterprise networks to viruses and other malware.

3. P2P - Applications such as Skype and instant messaging create security holes that can let Trojans and other spyware onto your network, particularly if employees are allowed to share those infected files.

4. Employees sending sensitive work files to their unaudited personal Web addresses are vulnerable to having their accounts hacked and critical company data stolen because, in theory, Web mail doesn’t have the same security as your enterprise e-mail.

5. WiFi - Logging onto unsecured wireless networks at home, the local Starbucks or on the road leaves data at risk unless employees are careful to log onto networks through a VPN or take other security measures.

6. Smart Phones - Allowing employees to bring nonstandard-issue smart phones and PDAs into the workplace means they’re storing highly portable and sensitive data on equipment that they can take home with them if they leave the company, leaving you with little or no security recourse.

7. Collaboration Tools and Hosted Software - Collaboration tools such as SharePoint, wikis and even e-mail distribution systems are great in theory but security risks in practice, unless administrators actively monitor the distribution and usage of user names and passwords. Not taking these security measures leaves the systems open to people who should not have access.

8. Social Networks - Facebook and MySpace in particular are unsecured and invite employees to share critical information while wasting time, while add-on applications available through those sites could hide malware and spyware, posing additional security threats.

9. Unauthorized Software Updates - Allowing employees to download patches or upgrades before your networks are ready can render user PCs and the network itself vulnerable to hacks and other security attacks.

10. Virtual Networks - Avatars posing as colleagues or "friends with benefits" could actually be competitors hoping for a chance to steal corporate data, passwords or other access vectors to sensitive information.

Secure Encrypted Backup Solutions by CMS

A quick video demo for our ABS Secure encrypted backup solutions.

Tips on how to recover files

We thought this was quite a useful instructional on various methods to recover files.

Redundant Backup Solutions by CMS

We have put together a quick video to demonstrate the CMS Velocity2 Series Redundant Backup Solutions.