NEWS

Get ready for PogoPlug, CeteraPlug, HipServ and EyeCon - they are OEM versions of ShevaPlug and are coming to a network near you... looks like an electrical wall outlet adapter and offers the ability to easily and covertly move your data out of your network.... not necessarily with administrative permission.

Article via Paul Henry ( www.forensicsandrecovery.com)

The OEM partners of ShevaPlug include:

• Cloud Engines Pogoplug - The Pogoplug enables remote viewing of external storage devices via a web browser. The device connects to an external hard drive or memory stick via USB, and to a router via gigabit Ethernet, says Cloud Engines. The 4.0 x 2.5 x 2.0-inch device plugs directly into a wall socket, and enables remote uploading of multimedia, including access from an Apple iPhone. Regularly $100, it is now available for pre-order at a special price of $80, says the company.
• Ctera Networks CloudPlug - This Plug Computer device converts any USB drive into a NAS device, and provides secure offsite backup, says Ctera. The CloudPlug is aimed primarily at service provider OEMs that want to offer online backup services to consumers and small businesses. Equipped with gigabit Ethernet and USB 2.0 ports, the device offers features including automatic and secure online backup, and data snapshot restore, says the company.
• Axentra HipServ - Axentra has ported its home media server application to the SheevaPlug platform, providing applications for storing, managing, sharing, viewing, or listening to digital media content remotely over the web or across a home network, says the company. HipServ for SheevaPlug is said to enable connection to third-party services such as online backup and photo print apps, as well as social networking sites like Facebook and Flickr. Recently upgraded to HipServ 2.0, the software is built on Red Hat Linux Enterprise, and is said to support UPnP-AV, DLNA, WMC, and iTunes media standards.
• Eyecon Technologies Eyecon - This "media companion" application enables remote mobile users, including iPhone users, to discover content from sources including the Internet, DVRs, PCs, and NAS devices. The Eyecon software can then direct the media files to any connected device in the home, says the company.

This will certainly be something to watch.

This $79 device can allow a user to plug in a USB drive and a network connection and then share files anywhere in the world....

Look at PogoPlug - It simply uses your networks always open SSL port 443 outbound (gotta let every one have net access) to connect to the remote PogoPlug Servers and the user then can connect to the server or directly to the device using the back channel over SSL - port 443 from anywhere.

Hmmmm install a hidden pocket sized sniffer and then dump the data to a USB drive and use one of the OEM versions of ShevaPlug to covertly ship the data home.... how long before we hear about one of these used in data breach incidents and what about the security on the PogoPlug servers themselves?

Looks like it might be time to re-evaluate those "Right of Use Policies" and to consider tightening up those firewall rules to only allow specifically authorized users to have outbound access across port 443.

USB devices are already our Achilles heal in data breaches and devices such as these are poised to take it to a whole new level. Certainly increases the value of removable media security solutions - better get control of your removable media before it gets control of you....