Is It Warfare or Something Else?

The term “warfare” – when talking about information warfare or cyber warfare – is somewhat misleading.  The term “warfare” indicates a conflict between governments, nations, or at least corporate entities.  The problem I have with using this term in this context is that it implies that the average individual is not at risk or affected.

The amount of data about the average person that is now stored on government, corporate, or social sites, servers, and databases is astonishing; while no one entity may have the entire puzzle, many have pieces.  Retailers collect information on what you buy and how you pay. Creditors collect information on your assets, debts, and credit ratings.  There is all kinds of stuff “out there” – Just do a simple Google search and you will find information that may surprise you…

https://www.mindpointgroup.com/wp-content/uploads/2014/08/Impact-of-Cyber-Attacks-on-the-Private-Sector.pdf

That being said, information warfare affects everyone.  Look at the OPM hack – millions of people had detailed and confidential information compromised, along with countless other people who had been interviewed, listed as a reference, or involved in a security clearance review. Data breaches at major retailers, such as Target and Home Depot, have exposed the information of many more.

http://www.heritage.org/research/reports/2014/10/cyber-attacks-on-us-companies-in-2014

Maybe we should coin a new term, perhaps “Cyber Assault” or “Cyber Mugging.”  After all, we are hearing more about direct attacks against private individuals, such as ransomware attacks, where a hacker locks down your computer until you pay them to release it.  This sort of attack really is not “warfare” between large organizations, but an electronic version of extortion and theft that can happen to almost any private citizen.

http://www.trendmicro.com/vinfo/us/security/definition/Ransomware

Standardization... Again!

I know I have beat this horse before, but it amazes me how such a simple concept can be ignored. Recently the Stagefright vulnerability in Android OS version 2.2 and above was announced.  Google has promised a speedy fix to this issue, but it may not be as simple as they say.  Because there are so many vendors and manufacturers – each with their own versions, restrictions, and customizations to the Android OS – a simple patch may not be able to work on many systems.  With 950 million devices affected, how many will not be able to be fixed?

“But because many users are not running the latest version of Android — in many cases because they simply cannot, thanks to restrictions in place by handset makers — the vulnerability is said to affect an estimated 95 percent of Android device owners. That would mean some 950 million Android handsets could be affected by the exploit.”

http://appleinsider.com/articles/15/07/28/stagefright-vulnerability-compromises-android-phones-with-1-text-message-may-affect-950m-devices

In contrast, Apple reports that 85 percent of its users are running iOS 8 or later, 13 percent are still on iOS 7, and only 2 percent are on earlier versions.

I’m not going to debate the merits of Apple versus Android here.  But with a limited set of versions in use, patches, security updates, and fixes are much easier and faster to release.

The same is true in your own environments.  Imagine running several different operating systems, with multiple applications, on disparate hardware platforms.  Now you have to know (and be proficient with) several operating systems, applications, and hardware platforms, and you need to keep monitoring and management in mind as well.

I get it, and I have done it… Installing some lightweight OS and tweaking it until it performs great and is relatively secure sounds good, but multiply that process by hundreds or thousands of systems and the “fire and forget” method of a standardized environment starts to look pretty good.  Less potential for bad press, anyway.

http://www.pcworld.com/article/2953484/android/google-pledges-a-speedy-stagefright-security-fix-for-nexus-devices.html

What is an Enterprise?

Lately, I have been part of an ongoing debate about what exactly constitutes an enterprise, so I thought I would pop over to my Google and settle this conversation quickly… Imagine my surprise when I could find no clear definition. That is not to say that I found no definitions; rather, I found many - most of which do not match each other.

Below are a couple examples of what I found searching the Internet:

“1) An enterprise server is a computer containing programs that collectively serve the needs of an enterprise rather than a single user, department, or specialized application. Historically, mainframe -sized computers have been enterprise servers although they were not referred to as server s until recently.  As smaller, usually UNIX -based servers and Wintel computers have become faster and have been provided with enterprise-wide program management capabilities, they have also  been referred to as enterprise servers.  In this usage, an enterprise server is both the computer hardware and its main software, the operating system.  Examples are Sun Microsystems' computers with their UNIX -based Solaris or Linux systems, Hewlett-Packard (HP) systems, the upper end of Windows 2000 systems, and IBM's iSeries systems (the largest of which is the zSeries 900 -formerly called the S/390 ).

2) Some companies use enterprise server to describe a ‘superprogram’ that runs under the operating system in a computer and provides services for the system administrator and for the business application programs and more specialized server s that run in the computer.  Before this usage originated, such services were sometimes considered part of the operating system itself or came in separate software packages.  Originally, many services provided by an enterprise server tended to be available only on IBM or similar mainframe computers, while less powerful computers ran specialized applications.  As these smaller "server" computers (such as those from Sun Microsystems and HP) became better adapted for business (and recently Internet) applications, the bundle of services required to manage a company-wide set of applications was renamed ‘the enterprise server.’  More specialized servers include the Web server, firewall server, database server, and so forth.”

http://whatis.techtarget.com/definition/enterprise-server

“Definition - What does Enterprise Computing mean?

Enterprise computing is a buzzword that refers to business-oriented information technology that is critical to a company’s operations.  Enterprise computing encompasses all the various types of enterprise software, including database management, relationship management and so on. Enterprise computing is usually seen as a collection of big business software solutions to common problems such as resource management and streamlining processes.

Techopedia explains Enterprise Computing

Enterprise computing is sometimes sold to business users as an entire platform that can be applied broadly across an organization and then further customized by users within each area. This means the analytics, reporting, database management and other applications are standard across the system, while the application packages being used and the data being accessed in each area will be different.  In this sense, enterprise computing is a departure from finding single software solutions to specific business problems, such as inventory or accounting software. Instead, enterprise computing is intended to offer integrated solutions to these problems.”

http://www.techopedia.com/definition/27854/enterprise-computing

In looking at these various definitions, it becomes apparent that enterprise can be defined in multiple ways, either as a server providing an enterprise service or as a suite of management tools (software) to manage the aforementioned servers.  So, which is it?  One or the other, both or neither?

I believe an enterprise to be a set of systems that work together to provide services to the entire organization.  I also believe that to be considered “Enterprise Level,” some sort of centralized management and monitoring needs to be incorporated into the structure.

That’s a pretty plain and simple definition; however, it also highlights a problem that we have in our industry – namely, the lack of consistent terminology.   Remember “The Cloud”?  Ask any vendor what the cloud is, and you will get a different answer from each one.  Ask a Windows admin and a Unix/Linux admin the definition of enterprise, and watch the arguments ensue.  I was told by a vendor that another vendor’s storage solution was not “Enterprise” class storage… Well, go ahead and define that for me.   Each system was designed to be highly available and redundant, so what makes one “Enterprise” and another not?  Stay tuned for continued Enterprise theme on my next blog post.