February 9, 2011
Chances are you are not only connected to your business network but that you are also connected to another unknown or malicious networks with highly sophisticated cyber criminals. Let me explain…
You are aware of your local network. It consists of servers, printers, other systems and even devices like PDA’s. Then there are peer to peer file sharing networks or P2P networks. These are networks that consist of subscribers to services like Napster, Kazaa and Gnutella where users can share files like music, images and video. The threat with being associated with these networks is you are giving other anonomyous users access to your system and with little efforts they can access other files that consist of your financial information or office documents. This is a growing concern with business leaders that have users that use their corporate systems for these purposes.
Then there is the botnet. A Robot Network is where an agent (software program) is installed on your system and makes you part of a network. One of the most poplular and recent bots is the Conficker worm, said to have made its way onto over 7 million government, business and home systems. Most of these networks are run by cyber crime syndicates like the Russian Business Network, Shadow Crew and the Gray Pigeons.
Albert Gonzalez, one of the captains of Shadow Crew, was responsible for the largest security breachs including companies like 7-Eleven Inc., New England grocery store chain Hannaford, and payment card processor Heartland Payment Systems.
Have your systems checked and checked often to make sure you aren’t sharing information you would have rather not have. The other threat is these other networks use your system resources to spread spam and host images just to name a few.
Here is an interesting story about a company that was breached as a result of a user having a P2P application installed on one of its systems. Below is a video that YOU MUST WATCH that illustrates how your children can expose all kinds of information that is stored on your system.
Information Week Article
February 1, 2011
There are five steps to creating a good security plan: assess, plan, execute, monitor and repeat.
- Risks Assessment. Identify key digital assets and information that need to be protected, including hardware, software, documentation and data. Review the threats and risks. Make a prioritized list of items to protect.
- Plan. Create a work plan for preventing, detecting and responding to security threats. Identify who will be responsible for implementing and monitoring the plan. Agree a timetable for implementation.
- Execute. Communicate with staff. Train where necessary. Remediate until all know threats are mitigated.
- Monitor. Continue to monitor for new threats and followed with prompt remediation. Build a mindset that security is a discipline and build this mindset into your culture. Software tools alone can’t secure your data. Continue to educate end users and those that have access to the data. Update and modify the plan as changes occur in personnel, hardware or software.
- Repeat. Plan for a complete review periodically. Consider assessing quarterly but not longer than a time from of six to twelve months after you complete the first plan or when your business goes through significant changes.
Commit to the program and don’t wait until an incident disrupts your business. It isn’t the breach that will really cost you it is the tarnished image that businesses get following the breach is the most costly. Statistics show that customers, typically the high profile ones, will abandon a company or system if they feel uncomfortable with the security of it.
Here is a great example.
January 24, 2011
Ever wanted to do something extraordinary!? Well this is your chance! About two years ago just like Forest Gump I decided to start running and haven’t stopped yet. If you own a business or know a business owner that might be interested in supporting Team Sklar and our cause “Kicking Cancer’s Butt!” please contact me. 804-730-2628 / firstname.lastname@example.org
We are currently training for the Virginia Beach Shamrock half marathon and we will be running to kick cancer’s butt again!
We need all the help we can get!
Here is a list of past/current sponsors. We can’t thank them enough! I often joke that if I run out of room on the shirt I’ll run with a cape to fit the logo’s of all of our major sponsors on it!
– Computer Telephone Technologies
– Telecom Consulting Group
– Atwood Printing
– Actuarial Consulting Group
– Fun Bus
– CWD Kids
– Network People
– Cobb Technologies
– ADSS Global
– Computer Site Columbus
– Code Blue
and many more!
” He who wished to secure the good of others, has already secured his own.”