Tag Archives: Adobe

Backup, Storage and Hardware Requirements when Considering SaaS

September 23, 2015 Damien Garvey

SaaS (software as a Service) is software delivery process that permits to access data from various devices by using web browser and Internet connection. SaaS is changing backup, storage, and hardware requirements. It is the job of software vendors to maintain codes, databases and servers that represent the application.

Hardware
In SaaS model, notable hardware changes occur in server closet. SaaS is given to customers running web browser and operating system to get access to required services. If your workers execute only one task by using web browser, IT is capable to scale back specifications of the computer. It is a bit risky as employees get help from various programs to carry on their job. Most of utilized programs need local resources like advanced graphics, processing power and storage. For instance, users select Autodesk and Adobe to design projects on desktop. Later on these projects are uploaded to cloud to carry on data analysis. What is more critical is massive file size that is troublesome to move even if clients have fast Internet connection.

Storage
It is often noticed that SaaS providers presume that companies are given cloud storage by default. IT professionals are well aware that data storage in the cloud is very practical, but it is not acceptable when companies need to store very sensitive information.

Google Docs and Gmail are the two options to signify how companies can store their information in the cloud. Gmail users believe that their contacts, calendars, and emails are stored in the cloud. On the other hand, Google Docs are synchronized between local drive and Google’s servers; therefore, it is not obvious where the document is actually being saved.

Here question arises, is it possible for SaaS customers to trim down storage on laptops and desktops by using small and fast SSDs? Answer is not definite. If customers are using a product with offline mode, they can save data in cloud as well as locally. Conversely, when office type docs are designed that require only small space, one can get away with a smaller local storage.

Backup
Hosting companies offer backups and maintenance to SaaS customers. What is important for customers is to get an idea of data type for backup and how frequently data will be used.

Backup keeps old data that is still important for the company and used for compliance. Businesses are required to comply and maintain data retention laws. It is highly important for public companies. Due to complicated nature of the compliance law, the industry has attracted a huge number of compliance professionals and lawyers, who are eager to help companies achieve their and are giving their data retention and security goals.

Millions of companies depend on SaaS providers to run applications. However, applications keep data saved in internal databases. Though it has extended the SaaS definition, it demonstrates the tremendous pressure that forces companies to keep sensitive information safe from data breaches.

It could be confusing for workers to move between local backup and online clouds while working on their workstations. Employees must know in detail where the data is present and how to get access to information. That is where the duty of SaaS providers gets started.

Security Threats Are Changing, So Are The Strategies

June 24, 2015 Stewart Parkin

Security threats are changing. They are becoming more persistent, virulent and debilitating. But strategies to control and counter these threats are also changing; evolving.

Two APTs that created ripples in the recent years are RSA SecurID Hack and Operation Aurora. Unfortunately, both these were state sponsored threats and cannot be classified with the normal types of threats that are faced by organisations in the course of computing over the Internet. RSA SecurID Hack is an APT that was released in 2011. This attack compromised systems that used RSA SecurID two factor authentication tokens to generate one time passwords.

Operation Aurora was an APT that stole sensitive intellectual property along with source codes from computing Giants like Google; Adobe. The attack was very sophisticated, coordinated and orchestrated. The attackers had immense technical skills and an ability to take advantage of weaknesses of the target organisation. The attacks also, are not short term with aim to capitalise on temporary windows of opportunity. They were threats that exploited vulnerabilities that had not yet been identified by the organisations themselves and were designed to unfold over a period of time (spanning years) using multiple vectors; combining a number of security breaches.

As a result, any traditional methods of securing the organisations data stores, fails in the face of an APT. Alternate strategies will have to be discovered and implemented. The security strategy will have to be more proactive and have the capability of detecting and preventing an APT even as the perpetrators attempt to reconnaissance the organisation for weaknesses.

Organisations and cloud services may have to institute a layered security. The layering will have to begin at the Perimeter. Shared accounts will have to be managed effectively by encrypting and securing passwords; creating complex passwords that are difficult to break; restricting access to administrative accounts and preventing password sharing by automatic login.

The next security layer should include server hardening. Server hosts should be protected with firewalls and definitions of high risk applications for exclusion. Sessions should be recorded; examined and unusual activities should be instantly highlighted for deeper investigation. Analytical tools should be made available to evaluate and examine these activities and track the time, date, source IP and user ID of the login. Phishing protection; anti-virus installation and employee education should follow.

In short, “defense in depth” security concepts should be implemented.

Adobe Suffers Large Security Breach

October 15, 2013

Nearly 3 Million of Adobe’s customers have had their private information compromised during a cyber attack on its website, Adobe has confirmed. Adobe also stated that it was investigating the illegal access of some source code for its products, which included the hugely popular Adobe Acrobat and ColdFusion.

Adobe�s chief security officer, Brad Arkin stated that Adobe �deeply regretted� the incident. He states �We believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems. We deeply regret that this incident occurred. We�re working diligently internally, as well as with external partners and law enforcement, to address the incident.”

In an interview with the BBC Chester Wisniewski, who is a senior advisor at Sophos, thought that the breach could be very serious. He went on to say “billions of computers around the world use Adobe software, so if hackers manage to embed malicious code in official-looking software updates they could potentially take control of millions of machines. This is on the same level as a Microsoft security breach,” he added.

Security experts Brian Krebs and Alex Holden are assisting Adobe with their investigations. The two discovered a 40GB cache of Adobe source code while investigating attacks on three US data providers, Dun & Bradstreet, Kroll Background America, and LexisNexis. Mr Krebs�said�the Adobe code was on a server he believed the hackers used.

Immediately Adobe said that it is resetting the passwords for customer accounts it believes were compromised, and that those customers will get an email alerting them to the change. Whilst also recommending customers affected change their passwords and user information for other websites for which they used the same ID.

For those US customers whose debit or credit card information is suspected of being accessed, Adobe is offering a complimentary one-year subscription to a credit-monitoring programme.

Adobe said it had notified law enforcement officials and is working to identify the hackers. All information can be found on the Adobe blog, here.

Application Security: Adobe Case Study

December 20, 2011

The promised updates for those who are using the Adobe Reader 9.x and Acrobat 9.x applications on a Microsoft Windows operating system have been released. Adobe had to release the unscheduled updates due to an increased number of cases of hackers exploiting a security weakness in the software which enabled them to hijack the machine, and potentially compromise confidential data.

These updates for the applications aim to prevent hackers from exploiting memory-corruption bugs, which were allowing them to hijack the Windows based machines. When Adobe became aware of the attacks, Adobe�s advisory stated that the security weaknesses were �being actively exploited in limited, targeted attacks in the wild.� It has been well documented that other versions of the applications for other operating systems such as Mac and Unix do possess the same memory corruption bugs. As there have been no instances of the security flaw being exploited on other operating system other than Windows, Adobe have taken the decision to release the patch update with other schedule updates in January.

The attacks have been traced back to as early as November 1^st by researchers from antivirus provider Symantec. The hackers initially conducted the attacks by circulating harmful emails which exploited the security weakness and installed the Backdoor. Sykipot. This is a Trojan horse which gives the attacker(s) a back door entry to the compromised computer.

Despite the new updates and previous implementation of other security features such as a security sandbox, it still isn�t easy sailing for Adobe security team. A new vulnerability in the applications has been discovered and is in a remote procedure call (RPC) component. Adobe has yet to comment on how serious they perceive this security flaw to be and so far, they have only revealed that they are �only aware of one instance� of it being used.

Despite the significant security improvements that Adobe have made to their applications over the last year, new vulnerabilities seem to be discovered as previous ones are fixed. There is no doubt that the Adobe security team will keep battling and carry on improving the security of their applications.

Adobe Tighten up Software Security

December 8, 2011

Lockheed Martin’s computer incident response team and the Defense Security Information Exchange, who both monitor potential security threats for military contractors and other organisations, have revealed that hackers have been exploiting a weakness in the most recent versions of Adobe Reader and Acrobat applications. Adobe have confirmed this and explained that the security weakness in the applications are allowing hackers to hijack computers which are using Microsoft Windows, putting confidential data at risk of being stolen.

Adobe’s advisory commented on this and stated that the weakness in the applications is �being actively exploited in limited, targeted attacks in the wild.�

So far, hackers have only targeted computers which use the Microsoft Windows operating system and Reader 9.x. However, other versions of these applications are also vulnerable to attack.

Adobe has already taken emergency measures in an attempt to improve the security measures and aim to release an update by the end of next week. These updates will only be for the Reader 9.x and Acrobat 9.x versions.

Adobe is taking its time to release the important updates for other versions and it is expected that they will release updates for Reader X and Acrobat X and other versions that run on the UNIX and OS X operating systems on January 10^th. Brad Arkin, Adobe’s senior director of product security and privacy, has revealed that there is no need to rush with the other updates. He claimed that a security sandbox that has been built into Reader X has thwarted attacks and the versions that have been written for the operating systems, other than Microsoft Windows have not been targeted.

In a blog post, Arkin publicised the reason for staggering the release of the updates. He stated �Focusing this release on just Adobe Reader and Acrobat 9.x for Windows also allows us to ship the update much earlier. We are conscious of the upcoming holidays and are working to get this patch out as soon as possible to allow time to deploy the update before users and staff begin time off. Ultimately the decision comes down to what we can do to best mitigate threats to our customers.�

It is generally considered that Adobe�s efforts to improve the security of its software over the last year have been worthwhile as significant steps forward have been taken. The implementation of the sandbox to the version of Reader is generally seen as one of the most important factors which have helped to improve the security of the software. Another key factor is the speed that the Adobe team responds to security issues that arise and release a patch to make the application more secure.

Despite these improvements, Adobe still have some way to go as some versions of the application are still being targeted and exploited by hackers. It has been recommended that users switch to a version that hasn’t been targeted as much and those who need the software on a Windows operating system should switch to Reader X.

PDF flaw actively targeted

January 12, 2010

Adobe has once again been the focus on line criminal activity after a new vulnerability in the PDF format emerged.

Although the security flaw is due to be patched in an update set for imminent release, experts have reported that it has already been exploited by hackers in order to seize control of an infected machine after initiating a system crash.

It was half way through December 2009 that the vulnerability was first discovered, although Adobe decided to withhold a software update until the scheduled release date, leaving millions of users around the world potentially at risk.

Brad Arkin, who is head of security at Adobe, said that to release a patch earlier would have compromised the timing of the imminent security update, which Adobe releases every three months.

The threat is widely believed to have become a reality amongst members of the data protection industry, with a blog post on a mainstream vendor’s website claiming to have found examples of a modified PDF file allowing hackers to compromise the host’s PC online. The flaw affects both the Adobe Acrobat and Reader programs.

When the malicious PDF is executed it will dump a file named BKDR_POISON.UC onto the host computer. This file will then open up Internet Explorer, access a third party website controlled by the hackers and allow them to modify the infected PC in any way that they may choose.

Although it has decided to hold back the release of a patch addressing this problem to coincide with other essential security updates, Adobe has given its customers a means by which to work around the problem until the fix arrives. Users are being told to disable JavaScript when using Reader, although for some this may not be a particularly convenient solution.

The logistical problems of patching security vulnerabilities are approached in various ways by different companies. Adobe’s approach is not entirely unusual, or indeed deserving of excessive criticism, as the flaw had been discovered but not exploited on a large scale. In the face of serious problems, the firm may well have reacted more swiftly.