Decision Group, Inc.

18/06/2015

Security Concerns in E-Detective System
Response to the Enquiry of International Business Times, UK
=========================================
Few days ago, we got the enquiry of system security concerns in E-Detective from International Business Times . The enquiry is at the vulnerability point of unauthenticated user to read arbitrary files on the system. This may include database credentials and captured data intercepts.

Actually we are fully aware of such security concern since 4 years ago when our client asked to enhance the security level of E-Detective system. The most important guideline of E-Detective deployment is that E-Detective should be deployed in the closed network domain without Internet access to outside world. This network domain should be also isolated from other corporate or government service network segment. By this way, only few authentic staff can access the internal system.

Since all users of E-Detective are of 4 types: operator, administrator, auditor and datamvr. Operator has the authorized right to input queries and view the scope of intercepted data by his/her own right. Administrator can have authorized right to conduct the operation of system backup, user management, and software system tuning…etc. Auditor has the only right to check and view all log files in the system. The last type of user is only for data transport between different systems, and it cannot be used for system access. None of these users has the superuser right of root. In most cases, root is basically set to hibernation status after system is activated by license under customer SLA request in order to terminate security backdoor.

Besides, E-Detective can be integrated with OTP server for more secured access control, and all logon access record will be reviewed in OTP server for auditing. Biometric access mechanism module with fingerprint can be also available by customer request, but it depends on whether the fingerprint reader is supported on user workstation.

After all, E-Detective system is used by our customer for network forensic purpose, such as internal data leakage protection, cyber evidence collection and lawful interception. System security is always the top priority for our customer. All the vulnerabilities mentioned in the news by International Business Times have been fixed several months ago. “Customer IT security is always our top concern,” said Casper Kan Chang, CEO of Decision Group, “and we have already fixed all the vulnerabilities in this current version of E-Detective for more than 11 months.” For those existing customers with old version of system still has concern, Decision Group will update it for free without hesitation.

If you have any request or question about the security mechanism, please contact with us by: [email protected]. We will be happy to fulfill your request.

17/06/2015

Greetings !!
Just to send our best greeting – Ramadan Kareem to you and hope you, your colleagues and family are peace and blessing in this Ramadan.
At the occasion of the upcoming Ramadan, we would like to present to all of our friends ; clients & relationships our very best and warmest wishes to them and indeed all of their families.

01/06/2015

Welcome to meet us in COMPUTEX TAIPEI 2015

COMPUTEX TAIPEI 2015
Venue: TWTC Hall 3, Taipei, Taiwan
Booth: G0745
Date: 2 - 6 June, 2015
Website: http://www.computextaipei.com.tw/

2015年第三十三屆台北國際電腦展
COMPUTEX TAIPEI 2015
地點 : 台北世貿三館
日期 : 2015/06/2 - 2014/06/06
攤位號 : G0745

For more than three decades COMPUTEX TAIPEI has grown with the Taiwan and global ICT industry to offer the world's best procurement and product showcase. During this time, its organizer TAITRA (Taiwan External Trade Development Council) has molded it into one of the world's best launching sites for…

13/05/2015

Significance of IT Security for Emerging IOT
The Best Solution by Decision Group against Internal Threats

The most significant topic in MWC 2015 is all about Internet of Things (IOT), which is the ubiquitous network connection with both cyber and physical worlds. Though the maturity of IOT technology is not yet and still developing by bumps and leaps, we can see a lot of solutions provided by different vendors around the application of IOT. Among all, there are 3 major fields in the mainstream of IOT development: different tier of pivotal platforms for operation, data collection and analysis, and, the most important, IT security.

The fundamental platform for IOT operation is consisted of different layers from head-end devices to physical networks, from networks to cloud service, from cloud service to business application, and eventually from business application to vertical operation process in corporate. For example, when a member client enters a supermarket store, all his or her movement and stay duration at each booth will be well tracked with his or her sales records as well. All this information will be fed into ERP backend systems of client membership record, sales, warehouse inventory, supply chain, and finance/accounting …etc. Manager of supermarket store can easily understand the consumer behavior, hot sales, inventory status and related business performance by day, week, month, quarter and year, and can quickly make decision for adjustment on sales and marketing strategy to increase the revenue and reduce the management cost. It is the critical business and management process for supermarket store.
From the above example, all the basis data are from POS machines, RFID price tags or membership card, infrared scanner, inventory racks, Intelligent NVR, and air condition control…etc. via different interfaces, but finally those are through the same backbone - IP network to different backend systems for fulfillment of the entire business process. The data can be processed by big data analysis in order to expose the trends behind by many factors. Business manager can look at these trends reflected by these data, and find the best strategy for sales management.

All the above IOT operation processes are pretty good paradigm for business owner, except one point: how do you protect these critical data from both internal and external threats? Now it is quite easy to set up IT security mechanism against external threats, because there are clear IT security governance guide, such as ISO27001, and powerful security systems, such as IDS, for prevention, tracking and defense; however, it is not so effective to face internal threats. Internal threat is usually hidden inside corporate, but it is like the malignant tumor, which eats up all healthy body piece by piece, or a potential bomb, which may explode in the long run. However it works, it will end up with the corruption of corporate credit and governance, and impacts business seriously.
“We see that lots of good enterprises suffer internal threats and come to collapse finally with nothing left,” said Casper Chang, CEO of Decision Group “and that’s why we try to help enterprise prevent such thing happen again and again.”

For IT security risk with internal threats, Decision Group provides 2 network forensic solutions to enterprises: one is E-Detective (ED)/ED2S deployed with firewall systems for internet access surveillance, and the other is Enterprise Data Guard System (EDGS) deployed with core router for intranet access surveillance. ED/ED2S works on the target traffic, conducts the content reconstruction by different online services and protocols, and provide effective analytic tool for investigation and evidence collection on internal threats. EDGS can works as an intranet surveillance center on the internal online services, such as corporate email, file servers, portal service and database transaction…etc. as well as the central monitor center on peer-to-peer online services, such as Skype, eDonkey…etc., by deployment of monitor agent in each client devices through common office environment package, which is tool of corporate service desk for client PC/laptop management. Both are the must-to-deploy IT security systems for corporate to protect internal data on IT and IOT networks.

For large corporate with different location sites of branch office, Decision Group also provides the Data Retention Management System (DRMS) in regional hub data center or in central IDC site for centralized data management. Corporate can deploy Centralized Management System (CMS) to manage all data workflow from each branch office and administrate all ED/ED2S, EDGS and DRMS systems centrally. Besides, all internal data can be exported to other systems, such as SIEM/SOC or DLP, through CMS. After all, it will provide the simplified and streamline IT security management on the potential internal threats by single window.

With the network forensic system working on internal links of both internet and intranet, the potential corporate IT security risk by internal threats, such as data leakage, cyber bullying, s*x harassment, and blackmail…etc., can be monitored and controlled down to minimum level. More and more IT security officers and senior management team come to know the significance of prevention from internal threats and like to take effective steady action. Decision Group full set of network forensic solution will be the best one for corporate IT security management. If you are interested in this new solution, please contact with us by [email protected] or you may check out our website: http://www.edecision4u.com.

Edecision4u.com provides lawful intercept, computer forensics cyber security services by using of E-Detective System. We have technical support delivered on a 24x7 basis.

12/05/2015

Subject: Invitation to meet Decision Group in Computex 2015, Taipei, Taiwan!
June 2 - 6, 2015 (Tuesday - Saturday), Decision Group Booth: G0745, TWTC Hall -3.
Venue: Taipei World Trade Center Hall 3
--------------------------------------------------------------------------------------------------------
* COMPUTEX TAIPEI 2015
* Venue: Taipei World Trade Center (TWTC) Hall 3, Taipei, Taiwan
* Booth: G0745
* Date: 2 - 6 June, 2015
* Website: http://www.computextaipei.com.tw/
* www.edecision4u.com


Dear valued partners:

We are of great pleasure to invite you to our booth in Computex 2015. You may find more detail of the exhibition as above.

This is a show which plays a very special role as a catalyst to growth and innovation of the entire Information Security industry. This window to a fascinating marketplace will be unveiled in only three days, and offers a welcome meeting place for the seasoned professions from the world. By this year in 2015 Decision Group will be there on your service and sincerely invite you to meet us. It's in our best interest to have you for success.

We will be using the opportunity to showcase our product portfolio:
* Real-time network & content forensics
* Nationwide Lawful Interception & Internet Monitoring
* Cyber Security & Internet Security solutions
* Advanced wireless & Wi-Fi tactical interception
* New 2nd generation of Portable NIT (Network Investigation toolkit).

Decision Group, founded in 1986, focuses on R&D development of both industry automation and network forensic systems. We rely on long-term partnership and follow our business motto, i.e. honesty, sincerity and responsibility in the market. We fully understand it take times to realize a really good and reliable partner for each other. So, we invite you to know us through this important event.

In the meantime, it is also good chance for you to know us, our products, and our services personally in our booth, though you may know it from our website - http://www.edecision4u.com/, which offers valuable information of our products and services, as well as other resources such as articles and videos: Our YouTube video with E-Detective: https://www.youtube.com/channel/UCFbnogK6juLEI5PhUp9Ib8A, and you may also have the online demo of E-Detective at https://60.251.127.211:13443/ (Login: root Password:000000) for your experience.

If you like to have a meeting with us, please write Email to [email protected]. We will be glad to arrange it for you. In fact, we are confident that our product and solution can meet your expectation and requirement. So, come to meet us !!

We Wish You Great Prosperity!

.....................*^_^*............ ...............................................................
Thank you and best regards,
Casper Kan Chang / Group CEO
DECISION GROUP
Tel.+886-2-2766-5753; Fax.+886-2-2766-5702;
www.edecision4u.com; www.decision.com.tw

For more than three decades COMPUTEX TAIPEI has grown with the Taiwan and global ICT industry to offer the world's best procurement and product showcase. During this time, its organizer TAITRA (Taiwan External Trade Development Council) has molded it into one of the world's best launching sites for…

05/05/2015

定興科技股份有限公司 舉辦網路封包鑑識課程
時間：May 2, May 3, May 9 2015 三天 08:30 - 17:30
地點：警察大學科技學院
使用教材： 定興科技股份有限公司自編 網路封包鑑識課程教本
講師： 張 侃，朱惠中 教授，賴建宏 博士，鐘鴻鵬，高大宇 教授
參加學員： 警察大學 資管系2、3、4年級 及 研一、研二

29/08/2014

Significance of Network Forensic Device to Enterprise Secured IT Environment

How to Effectively Control Internal Threats inside Enterprise

Internal threat is like cancer in the early stage. When it grows silently, nobody senses its existence. Once it has impact on health, it has been growing rampant inside body and even risked life. It is quite essential for IT security officer and auditor in enterprise to find out potential internal threats as early as possible.


In high tech industry, lots of companies suffered billions US dollars loss for the past 10 years just because few disgruntled employees carried core business confidential to competitors or opened new business to compete against ex-employers. There was more than 10 billion US dollar loss, according to market survey, by corporate internal threats worldwide in 2013, and, worst of it, most of cases are still going through long term lawsuit process for reparation now. What victim company loses is not only money, but it also loses business momentum in the market and credit to both partners and customers.


Why is it hard to detect internal threats inside enterprise IT environment? Most of enterprises are lacking efficient procedure and appropriate equipment to prevent it, though those enterprises invested lots in IT security enhancement every year against any kind of potential IT threats. On the other hand, the trend of “Bring Your Own Device” (BYOD) in corporate IT environment by cloud computing increases the risk of malice data leakage.
“We fully understand how serious about internal threats inside enterprise IT environment is,” said Casper Chang, CEO of Decision Group “because I and Decision Group also suffered such internal threat before. We have developed powerful weapon by network forensic technology against such risk, and also like to share our experience and technology to our customers.”


Nowadays, enterprise IT environment is getting more and more complicated because of versatile of business demands from market and multiple functions of internal organization. To this requirement, Decision Group offers full spectrum of network forensic solutions against potential internal threats at every corner of enterprise IT environment.


First for enterprise wireless and wired networks, we offer different network forensic devices to check the malice behavior. In wireless network, Decision Group Network Investigation Toolkit (NIT) can effectively combat all traffic through enterprise wireless network. You may verify whether there is any unknown access and intrusion from employee own mobile device or through spilled-over wave.


In enterprise wired network, there are lots of difficulties to collect all traffic extensively due to configuration of network segment and traffic volume; however, Decision Group network forensic solutions focus on 2 perspectives of IT security: internet link and intranet link. Most of internal threat instants are of data leakage through internet. So, how to detect whether there is any potential data leakage possibility among outbound messages to internet is very critical to enterprise. On the other hand, the risk of data leakage among outbound messages is much higher in those HTTPS protected messages. Decision Group provides E-Detective can effectively detect those potential data leakage instance in those outbound messages, whatever plain messages or HTTPS messages, notify IT security officer if suspicious messages are detected and keep suspicious messages as evidence.


Another point of internal threats is inside intranet. Those threats such as harassment, blackmail, cyber bully…etc., are very common in daily office life. How to maintain a secured office environment for all employees is very important. Decision Group provides Enterprise Data Guardian System (EDGS) to monitor all internal activities of enterprise emails, file transferring and data accessing…etc. Through deployment of EDGS, IT security can easily confirm those malice cyber activities in enterprise IT environment.


The above functions we mention are the data interception of Decision Group network forensic solution. Practically IT security officer cannot only check out each activity record of potential internal threats, but IT security officer can also use many powerful analytic tools, like bandwidth usage by person, service usage by person, link analysis…etc., provided by Decision Group solutions to find out what the fact and motive is behind these internal threats. Long term analysis on these intercepted records can also provide an insight on employee office behavior. This analytic report can be integrated into part of corporate IT auditing report.


For those enterprises with multiple office location, the deployment of Decision Group network forensic solution can be multi-tier with distributed frontend system in each branch office and centralized backend management (CMS) and data retention systems (DRMS) in enterprise data center. By this way, IT security officer and auditor can monitor all potential internal threats in the entire enterprise IT environment centrally. Besides, Decision Group network forensic solutions can be integrated easily with different corporate IT management systems, such as SIEM, IDS, DLP and NMS, to provide a seamless IT security web for any potential IT risk.


Over all, Decision Group has developed full spectrum of network forensic solutions for enterprise IT demand on effective internal threat prevention. All the products are based on the IT governance and IT risk mitigation for enterprise IT environment.


Please also check out our website: http://www.edecision4u.com for more product sales, technical and service information. Wherever you are, if you need more information about our products and services, please contact with [email protected]. We’ll be glad to give you our utmost support service.



About Decision Group, Inc.
Decision Group is a company focused on worldwide renowned DPI application of E-Detective. Decision Group, established in Taipei, Taiwan since 1986, is one of the leaders in manufacturing of PC-Based Multi-Port RS232/422/425 Serial Cards, Data Acquisition & Measurement Products and Industrial Automation and Control Systems.
Decision Group, in the year 2000, started a new line involved in designing and developing equipment and software for Internet Content Monitoring and Network Forensics Analysis Solutions. Now, Decision Group has positioned itself as a total-solution provider with a full-spectrum of products in its portfolio for network forensic and lawful interception.
More Information and Contact by Email: [email protected]
URL: www.edecision4u.com (Global), www.internet-recordor.com.tw (Taiwan), www.god-eyes.cn (China), www.decisionjapan.com (Japan) ,
www.e-detective.de (Germany), www.edecision4u.fr (France), www.edecision4u.es (Spain and Latin America)

http://www.edecision4u.com/2014news/20140828_New%20Release.html

How to monitor, restrict, collect more evidence, and even block such iVote on domestic matters from extra-terrestrial area is in the top priority list of national security mission in some states

13/08/2014

Free Lawful Interception Training Program to Decision Group Global Partners

The unique LI Training Opportunity for Those Aggressive LI Partners

Cybercrime has become more and more of a focus on societies since cyber fraud and cyber terrorism is more and more rampant. Many law enforcement authorities in different states are starting to look for effective LI solutions to prevent trans-territorial cyber criminals.

For the past few years, Decision Group has expanded its network forensic business through valuable strategic partners in many different parts of the world. Now Decision Group is planning to invest more resources on strategic partner programs by offering free partner training on lawful interception technology in order to meet the strong demand in the worldwide market. Our partner’s customers expect our partners to have extensive knowledge of lawful intercept and an understanding on how to collect information of cybercrime activities.

Decision Group will deliver its experience and technology to our solution partners to meet the demands of their customer. Decision Group provides training programs on Lawful Interception for our partners in terms of LI frame, regulations, telecom network infrastructure, deployment and consideration. Through this program, our partners will learn the skills necessary to help customer to design, plan and deploy LI system for their requirement and compliance with state mandates. Also, Decision Group provides an integrated training program on practical operation in the simulated environment,

Decision Group will provide partners with an extensive understanding of system design, planning and deployment in different telecom networks, management, and concerns of lawful interception. It is the best training on lawful interception for partners who want to enter the market and provide qualified proposals to potential law enforcement customers.

Through Decision Group’s training programs, our partners will have the skills and expertise to exceed their customer’s expectations. “We do believe that the win-win business strategy is the best policy for both Decision Group and our partners”, said Casper Chang, CEO of Decision Group, “We offer free marketing and sales training programs for those aggressive partners, and our partners bring Decision Group’s solutions and services to their customers who demand the best.”

In order to enhance our partner’s competence, Decision Group offers free partner LI training on lawful interception technology with free accommodation of 2 beds through the Decision Group partner program. In this program, partners can sign the reseller agreement with Decision Group in designated market territories and become devoted to marketing Decision Group’s solutions and services without offering those of any competitor’s.

We welcome you to participate in our partner program and in marketing our lawful interception solutions and services. If you are interested in this program, please send your request to, [email protected]. We will contact you, send you the detail training agenda and arrange the free LI training for you.



About Decision Group, Inc.
Decision Group is a company focused on worldwide renowned DPI application of E-Detective. Decision Group, established in Taipei, Taiwan since 1986, is one of the leaders in manufacturing of PC-Based Multi-Port RS232/422/425 Serial Cards, Data Acquisition & Measurement Products and Industrial Automation and Control Systems.
Decision Group, in the year 2000, started a new line involved in designing and developing equipment and software for Internet Content Monitoring and Network Forensics Analysis Solutions. Now, Decision Group has positioned itself as a total-solution provider with a full-spectrum of products in its portfolio for network forensic and lawful interception.
More Information and Contact by Email: [email protected]
URL: www.edecision4u.com (Global), www.internet-recordor.com.tw (Taiwan), www.god-eyes.cn (China), www.decisionjapan.com (Japan) ,
www.e-detective.de (Germany), www.edecision4u.fr (France), www.edecision4u.es (Spain and Latin America)



http://www.edecision4u.com/2014news/20140812_New%20Release.html

How to monitor, restrict, collect more evidence, and even block such iVote on domestic matters from extra-terrestrial area is in the top priority list of national security mission in some states

06/08/2014

Enhanced Management Capability on Network Forensic Systems

Decision Group Central Management System for Distributed Deployment

Nowadays, people like to send messages, talk to friends, watch TV and movie, and share information with others through Internet by ubiquitous mobile devices. Telecom service providers also deploy next generation of network system with more high speed and large capacity for such demand from subscribers.


On the other side, with versatile type of information on Internet, internet threats inside enterprises and cyber fraud in society become more and more rampant. Impact of such cybercrimes is more significant to economic and political situation of state. No matter in enterprises for cyber security or in telecom IDC for lawful interception, the deployment of network forensic systems will be more complicated and multiplicity in order to intercept target traffic extensively.


In reality, we have also helped build up such distributed deployment of network forensic systems for several clients from enterprises and law enforcement agencies in several states. From technical viewpoint, as solution provider, we deeply hope the architecture of implemented systems is as simple as possible. Actually, in customer network environment with high speed and large capacity traffic, we must adopt distributed deployment to balance traffic loading in accord with performance of network forensic systems.
Under such distributed deployment requirement, how to coordinate and manage all distributed systems for major network forensic task is very critical to customer business i.e. centralized management on all involved systems.


“We know how customers expect and manage these highly integrated systems,” said Casper Kan Chang, CEO of Decision Group “so we enhance the capability of centralized management with industrial standard technology – SNMP management in order to provide more stable solution with high degree of integrity for customer mission critical task, no matter for cyber security or lawful interception.”
The current distributed deployment Decision Group provided is with 3 tier architecture:

Tier-1: in this layer, there are all front-end data collection and protocol analyzer systems, such as E-Detective, ED2S, iMediator and Wireless-Detective systems.
Tier-2: in this layer, there are data retention system and provision data system.
Tier-3: in this layer, there are centralized management system and secondary data analysis systems.
The above 3 tier systems form a complete solution for dedicated customer operation, i.e. lawful interception or ITSM.
The SNMP management support in Decision Group Centralized Management System is at 2 different levels:

Coordination and management among different systems – in highly distributed deployment, there are many systems with different roles and functions: some are data collection systems from network devices, some are data retention systems, some are data filtering and scoping management systems, and some are data analysis systems. Thus, coordination and management for seamless processes among different systems is very important.
Integration with SOC or NMS system – basically all deployed network forensic systems are not aliens to other network devices in the same IDC site. How to manage all network forensic systems under the same governance scope is very important. So, integrate with SOC or NMS system is the fundamental requirement for network forensic system to be deployed in customer network environment.
By such requirement, Decision Group has provided system management capability by SNMP support in some projects since 2013 on few network forensic products. As the distributed deployment becomes more popular in 2014, we decide to enhance SNMP support to our full spectrum of product and also add SNMP manager in our Centralized Management System.
This enhancement will not only provides strong system coordination and management capability among Decision Group network forensic solutions, but it also provide high integration capability with other backend SOC and NMS for more IT government and ITSM support.
Please also check out our website: http://www.edecision4u.com for more product sales, technical and service information. Wherever you are, if you need more information about our products and services, please contact with [email protected]. We’ll be glad to give you our utmost support service.





About Decision Group, Inc.
Decision Group is a company focused on worldwide renowned DPI application of E-Detective. Decision Group, established in Taipei, Taiwan since 1986, is one of the leaders in manufacturing of PC-Based Multi-Port RS232/422/425 Serial Cards, Data Acquisition & Measurement Products and Industrial Automation and Control Systems.
Decision Group, in the year 2000, started a new line involved in designing and developing equipment and software for Internet Content Monitoring and Network Forensics Analysis Solutions. Now, Decision Group has positioned itself as a total-solution provider with a full-spectrum of products in its portfolio for network forensic and lawful interception.
More Information and Contact by Email: [email protected]
URL: www.edecision4u.com (Global), www.internet-recordor.com.tw (Taiwan), www.god-eyes.cn (China), www.decisionjapan.com (Japan) ,
www.e-detective.de (Germany), www.edecision4u.fr (France), www.edecision4u.es (Spain and Latin America)

http://www.edecision4u.com/2014news/20140801_New%20Release.html

How to monitor, restrict, collect more evidence, and even block such iVote on domestic matters from extra-terrestrial area is in the top priority list of national security mission in some states