Mobile security issues due to surpass computers

January 27, 2011

Yesterday the SANS News-bites reported that according to the Cisco 2010 Annual Security Report, cyber criminals appear to be shifting their focus from Windows machines to mobile devices. Users are falling prey to social engineering scams through social networking (i.e. Facebook, Twitter, etc.), email and phone calls. Social Engineering is best described as tricking the user to respond typically by clicking a link, downloading an attachment or in this case even accepting a phone call.

Other important notes in this report is that there has been a decrease in spam and the focus for cyber criminals is shifting to Apple based products. Spam decreased due to the large number of “take downs”. Apple is under attack because of the large increase in product sales primarily focused on the Ipad.  To my point that I have made about why the perception that Apple has a more secure product… it is security by obscurity but as Apple surges in market share the hackers are taking note. For the same reason criminals hold up banks… it is where the money is.

Here is a link for the rest of the story. Also below is a news report involving the recent breach involving AT&T and the Apple Ipad.

Cybercrime migrating to mobile and Apple, Cisco report


Apple Ipad – Is it for your business?

January 18, 2011

Several of our clients, primarily business leaders, have purchased an Apple Ipad and then called to have it installed on their network. BEWARE! Almost all networks aren’t 100% compatible with the Ipad operating system and you might be dissapointed with the financial investment you just made. For instance, Microsoft’s email server system (Microsoft Exchange) will probably need to be updated before your email will work. If you have a fairly new server or have a hosted or cloud offering then this might not be a problem. Also your Ipad doesn’t connect to your network the same way your Microsoft Windows systems do so accessing networked shared resources (Mapped Drives, Printers, etc) might be cumbersome, problematic or won’t work. Finally many of today’s business applications aren’t compatible with the MAC operating system so you might find that your Accounting program, industry specific custom application or some other favorite application just won’t run.

There are competing Windows based Ipad copy cat’s coming out everyday and at this years CES (largest geek event of the year) in Las Vegas was dominated with manufactures showing off their tablets or Ipad look alikes.

In closing… I love the concept and Apple has got the right concept but research first then buy your Ipad that way you aren’t dissapointed with your original intent for the purchase. I suggest waiting before buying this technology for your business, where there is demand there is money and Apple will work to meet the need or another manufacture will do it for them.

Reasons how your data will be compromised

January 11, 2011

If you notice all of these reasons have to do with your employees and their awareness (or lack there of). Firewalls, passwords and other popular security measures won’t stop your data from ending up in the wrong hands. Start a security awareness program within your organization, remind them often (at least quarterly) and make it a priority (or they won’t care).

  1. Employees taking information from the office to work at home.
  2. Failure to recognize and report adverse information about a co-worker.
  3. Processing data on unapproved computer systems.
  4. Employee reluctance to challenge strangers in restricted areas.
  5. Business travelers not reporting suspicious contacts or foreign travel.
  6. Employees falling for social engineering ploys for sensitive data (hoax, spam, etc).
  7. Cleared workers’ failure to recognize potential approaches from foreign spy services.
  8. Improper handling and disposal of sensitive data.
  9. Workers bringing unauthorized portable devices into work and opening up the network to hackers, spies and information thieves.

Security on home computers

December 17, 2010

As time evolves businesses will likely decrease their brick and mortar office space, move into a more virtual atmosphere and employees will work remotely from home. When this becomes more of the norm these employees will either have two (or more) systems or they will consolidate all of their personal and business information onto one system. Your employees will probably not want to have one computer for business and one for personal, they will want it all on one. So how can business leaders enforce security measures if they don’t own the equipment? Can we enforce policies that state they are not allowed to use business systems for personal use? This certainly is going to create all types of issues as we move forward. Building a security mindset will be the best way to make sure your corporate data will stay safe because it is going to be left up to the employee to make good decisions on how they use the system that has access to your corporate data.

I’ve mentioned in previous posts there is a grant provided by the state of Virginia to help businesses make the investments necessary to allow employees to work remotely, Take a look at their site as there still funds available, we are very familiar with this grant and we are experts at helping businesses receive the funds. Check out my previous post (or click on the “working from home” category) for more information. $35,000 Grant

December 1, 2010 is a grant provided by the state of Virginia to assist businesses in creating a remote workplace to allow employees to work from home. This is an incredible opportunity that any business leader should absolutely look into to see if it could fit into their business. Most businesses get the full grant amount, $35,000!!

No more sick days

November 18, 2010

If employees are sick they stay home for the day but not anymore! Unless someone is completely out of it they are probably just wasting away in front of a TV but most illnesses are just annoying or it just might be a bad back issue or even just a sick child. When employees are enabled to work remotely they are less likely to take a sick day because the fact is they will still be able to work remotely. Obviously this won’t apply to every type of job but certainly administrators or users that utilize a computer to perform their task or at least a portion of their job is possible through the use of a computer. Our business has redefined the term “sick day” and we don’t mind at all if people stay home. One of our most productive employees only reports on site one time per week and I have reaped the benefits of being able to do the type of projects that are difficult to get done amongst all of the distractions at the office.

Of course when setting up your system to be accessible from outside of your office there are always concerns about the security of your system. We have seen many companies do this with little or no concern about security. This of course leads to issues that in some cases causes the business leader(s) to do away with the Telework program that was implemented and ban all remote access to the network. This is of course the wrong mindset yet again as the network is still just as vulnerable.

If you decide to make teleworking a part of your corporate culture I recommend you always consult an expert in securing data and someone who truely understands how and why systems are compromised then… Just say no to sick days!

%d bloggers like this: