Food for thought for our Defence Forces whose IT Security awareness/implementation needs a big overhaul considering the massive dependence on IT today!!
Check out the US Air Force 'Software Protection Initiative' and specifically the 'Lightweight Portable Security' Linux OS - which is the need of the hour. This one (LPS) has made it to my CD utility box!!!
Extract from the Software Protection Initiative Site of the US Air Force:
"Lightweight Portable Security (LPS) creates a secure end node from trusted media on almost any Intel-based computer (PC or Mac). LPS boots a thin Linux operating system from a CD or USB flash stick without mounting a local hard drive. Administrator privileges are not required; nothing is installed. The ATSPI Technology Office created the LPS family to address particular use cases. LPS-Public is a safer, general-purpose solution for using web-based applications. The accredited LPS-Remote Access is only for accessing your organization's private network.
LPS-Public allows general web browsing and connecting to remote networks. It includes a smart card-enabled Firefox browser supporting CAC and PIV cards, a PDF and text viewer, Java, and Encryption Wizard - Public. LPS-Public turns an untrusted system (such as a home computer) into a trusted network client. No trace of work activity (or malware) can be written to the local computer. Simply plug in your USB smart card reader to access CAC- and PIV-restricted US government websites.
LPS differs from traditional operating systems in that it isn't continually patched. LPS is designed to run from read-only media and without any persistent storage. Any malware that might infect a computer can only run within that session. A user can improve security by rebooting between sessions, or when about to undertake a sensitive transaction. For example, boot LPS immediately before performing any online banking transactions. LPS should also be rebooted immediately after visiting any risky web sites, or when the user has reason to suspect malware might have been loaded. In any event, rebooting when idle is an effective strategy to ensure a clean computing session. LPS is updated on a regular basis (at least quarterly patch and maintenance releases). Update to the latest versions to have the latest protection. "
Check out the US Air Force 'Software Protection Initiative' and specifically the 'Lightweight Portable Security' Linux OS - which is the need of the hour. This one (LPS) has made it to my CD utility box!!!
Extract from the Software Protection Initiative Site of the US Air Force:
"Lightweight Portable Security (LPS) creates a secure end node from trusted media on almost any Intel-based computer (PC or Mac). LPS boots a thin Linux operating system from a CD or USB flash stick without mounting a local hard drive. Administrator privileges are not required; nothing is installed. The ATSPI Technology Office created the LPS family to address particular use cases. LPS-Public is a safer, general-purpose solution for using web-based applications. The accredited LPS-Remote Access is only for accessing your organization's private network.
LPS-Public allows general web browsing and connecting to remote networks. It includes a smart card-enabled Firefox browser supporting CAC and PIV cards, a PDF and text viewer, Java, and Encryption Wizard - Public. LPS-Public turns an untrusted system (such as a home computer) into a trusted network client. No trace of work activity (or malware) can be written to the local computer. Simply plug in your USB smart card reader to access CAC- and PIV-restricted US government websites.
LPS differs from traditional operating systems in that it isn't continually patched. LPS is designed to run from read-only media and without any persistent storage. Any malware that might infect a computer can only run within that session. A user can improve security by rebooting between sessions, or when about to undertake a sensitive transaction. For example, boot LPS immediately before performing any online banking transactions. LPS should also be rebooted immediately after visiting any risky web sites, or when the user has reason to suspect malware might have been loaded. In any event, rebooting when idle is an effective strategy to ensure a clean computing session. LPS is updated on a regular basis (at least quarterly patch and maintenance releases). Update to the latest versions to have the latest protection. "
No comments:
Post a Comment