What if Your UPS Failed Today
Most people do not even know they have a bad battery until it’s too late. If your battery is 3-4 years old, you need to look at replacing it. When a disaster occurs UPS vendors will be in short supply and will not be able to deliver all of the units that are required. Part of your Disaster Recovery Plan needs to have spares in place before the diasaster occurs. Energy resources are becoming scarcer and more expensive, making electrical efficiency in the data center an increasingly important consideration. When selecting large UPS systems for your data center, number of significant but often overlooked factors can increase your total cost of ownership due to operational inefficiencies.
Cracking GSM Phone Security - Disaster Recovery Implications
(TechWorld.com) Two enterprising researchers claim to have figured out a way to eavesdrop on calls made using GSM mobile phones, cracking open its much-vaunted encryption. GSM calls can now be recorded over long distances and cracked open in half an hour using only $1,000 worth of field-programmable gate array-aided computer equipment and a frequency scanner. Although GSM’s 64-bit A5 stream cipher has been theoretically vulnerable for some time, this is the first time anyone has demonstrated a way of doing it without investing in expensive, specialized equipment and without it taking years. If one spends $100,000 on hardware and the crack can be done in only 30 seconds using massively parallel processing technology. Pico Computing Inc., is now developing the fast version to sell to agencies such as law enforcement, but plans to give away the slower version for free. GSM is used all over the world by mobile phone companies, and is used in the U.S. by several networks, most notably AT&T and T-Mobile. It is considered to be secure enough that even criminals use it, simply cycling phones to avoid the theoretical risk of being tracked. The attack depends on exploiting a vulnerability in the way GSM sets up calls. Assuming attackers were able to find out a phone’s mobile subscription identification number and built-in hardware ID — garnered by sending a text message to that phone, say — they would have enough information to isolate calls from that phone. Because networks set up some frames of the call security exchange using the same plain text scheme, throw enough hardware at the problem and the encryption can be forced open by using mathematical tables. “f we know the plain text, we can derive exactly what is coming out of A5.
Data Loss a Real Disaster Planning Concern
Consider the Herculean efforts today to protect the network from threats: Intrusion prevention systems scan packets for potentially damaging content; email security systems check for viruses in email content and firewalls block unsolicited connections. To stop the onslaught of threats to corporate and government networks, a host of software and appliances are being deployed daily . In general, these border police applications are doing a fairly decent job of stopping unauthorized intrusion at the door to your network. But what about organizational insiders? Which applications or appliances are scrutinizing the information being passed out of the network? Intrusion prevention systems and firewalls aren t looking for intellectual property sliding out the door right under their virtual noses. Specifically in healthcare organizations, what about patient information sent unprotected over the Internet to another provider? Add in the always-changing regulatory environment, and security is a unique challenge. All it takes is one misstep to compromise sensitive information. These are legitimate, authorized users communicating in an above-board way but potentially exposing sensitive data in the process. This is the core of the immensely complex problem of data loss.
Discussion Area - Leave a Comment