Archive for August, 2009

What is SAM? SAM is short for Software Asset Management. It’s about the infrastructure and processes for managing and optimizing the “purchase, deployment, maintenance, utilization, and disposal of software applications within an organization.” The goal of SAM is to reduce IT costs and the risks associated with use of software, while also increasing end-use productivity.

SAM is one part of a wider business practice known as IT asset management. Computrace, for example, is designed for the management and tracking of your IT assets.

Microsoft recently put together a list of 10 reasons to implement SAM in your organization. These 10 reasons are:

1. Smoother operations
2. Better price points
3. Better market position
4. Financial security
5. Eliminate waste & redundancy
6. Volume discounts
7. Every employee benefits
8. Liability
9. Future benefits
10. Corporate governance

Read the full explanation of the benefits here. You can also take Microsoft’s SAM ROI test to see how your program rates.

If purchasing a used laptop, it’s important to buy from a reputable source that you know and trust – or you may risk acquiring a stolen machine. When distinguishing a legitimate secondhand dealer from an illegitimate one, both common sense and intuition can go along way. If the circumstance seems suspicious – it probably is.

Most thieves are looking for a quick cash turn around, so will sell a stolen laptop to a naive buyer from almost any location. On a weekly basis, Absolute traces stolen computers to individuals that have purchased the machine from “some guy” at a random locale – and have unknowingly received stolen property. 

Although the scenarios may sound obviously suspicious, Absolute commonly recovers stolen computers from people who have bought them in alley ways, abandoned lots, roadsides and street corners; not your typical locale for a trustworthy transaction.

Of the week’s situations which should have raised a red flag in the buyer’s mind, Absolute has recovered laptops after the following shady transactions:

• Man buys computer from the back of a car, parked outside of a popular chain computer store. (If you don’t actually have to go into the store to purchase the computer – isn’t that a bad sign?)

• Computer purchased from a group of adolescents selling a variety of electronics in a convenient store alley

• “Some guy” on a busy downtown street sells a woman a laptop for $40 

• Boy buys laptop from a friend who claimed to have found it “in an alley”

Buyer’s beware (and be smart!).

Business travelers are often putting their data at risk by using public Wi-Fi access points – wireless networks freely available to connect to. When you don’t have a wired network access point, connecting to a wireless network at random may not be your best alternative. It can open you to malicious attacks and to those who track your activities – including capturing private information like passwords.

In order to avoid the risks associated with unknown Wi-Fi networks, there are two solutions you can use.

USB Internet Stick

By connecting a special USB stick to your computer, you can have access to the web in the same way you would with an internet-enabled phone – via a cellular network. Most major cellular providers have one of these options, though they go by many names – in Canada, examples are the “Rogers Rocket Stick” or the “Bell Wireless USB Modem”.

Right now, Verizon is the only company offering a USB modem that will work in 175 countries (Windows only).

The upside: it is more secure than a Wi-Fi access point
The downside: no added security benefits, most USB sticks are often country-specific, making them impractical for International business travelers.

Virtual Private Network (VPN)

A VPN supplies connectivity to support remote access to the business network. You connect to the internet with whatever means you have available – wired or wireless – and connect to the VPN. VPN technologies use tunneling to create the connection to the business network and uses encryption protocols to provide you with private access both to the company network and through it. This means you can access company data as well as access the Internet through this more secure connection.

A VPN uses various security mechanisms to protect these private / virtual connections. There are lots of vendors out there for VPNs, including the Cisco Easy VPN.

The upside: you connect to a secure network, so outsiders can’t monitor your web use

The downside: there are many technologies involved in choosing the right VPN solution for you. For some tips on choosing, visit here and here.

The NY Times had put a great article this week entitled "On the Trail of the Missing Gadget." Of course, Absolute Software’s Computrace / LoJack products fall into this category of "missing gadgetry retrieval", so to speak. The article does a great job of generalizing how these technologies and services work, and how absolutely easy it is for the end user. The software just sits there until you need it – then we do all the work to help retrieve your missing gadget if it does go missing! Simple!

With the case of more advanced technology, like we employ at Absolute, the recovery is aided by services such as GPS, keystroke captures, or by internet connections to gather evidence and help determine where the lost device is being used. At Absolute, our recovery team also continues the process until the point when the device is recovered. This is by far the safest route, as you, the customer, never come in contact with the criminals. This also enables law enforcement agencies to prosecute those responsible for thefts.

John Livingston, CEO of Absolute, explains why:

"We will purposefully never reveal a location to a consumer customer. We won’t do it. Once you declare that it’s lost or stolen, we take control over the location at that point. We purposely keep some safe distance between the end user and the thief."

Absolute employs a team of 40 investigators with experience in law enforcement. This team then works closely with local law enforcement agencies to recover stolen devices. If you have sensitive data on your device, you have the option to trigger a remote delete of that data. We’re also working on a way to permanently disable the computers, which will hopefully be another deterrent to theft.

You can learn more about the Absolute recovery process here.

The U.S. Government Accountability Office (GAO) has released another information security report in July, which indicates that federal agencies continue to make progress with information security policies and practices, but there is still the need to “mitigate persistent weaknesses.” Just like the report issued earlier this year, the report indicates progress made under the Federal Information Security Management Act of 2002 (FISMA).

The report says that for the fiscal year 2008, almost all 24 major federal agencies had weaknesses in information security controls. These weaknesses include issues with access control, configuration management, segregation of duties, continuity of operations and security management.

The GAO says these weaknesses are the result of security programs not being fully implemented. While control activities – such as awareness training – have gone up, several agencies reported decreased levels of testing security controls and training for employees with significant security responsibilities.

The GAO recommends that the Director of the Office of Management and Budget (OMB) make several changes to their guidance policies, including the implementation of an “approve” or “disapprove” of agency security programs after review periods. This is suggested so that agencies are held accountable for implementing effective security programs.

You can download the full report here [PDF].

The Houston Family Examiner has written an article entitled “Tips to protect senior citizens from elder abuse identity theft”. In this article, I was pointed to the AARP as one of the sources for information on identity theft for the elderly. There, I found a wealth of useful information to pass along.

The AARP writes articles regulary on Identity theft, such as this one. This article suggests great preventative measures for identity theft including: checking your credit report once a year, never giving out your Social Security Number, shredding personal information (including credit offers), cutting back the number of cards you carry, hiding your PIN when you key it in, keeping information in your home secure (consider a safe) and never giving out your credit card or banking information to anyone unless you independently can confirm they are a legitimate business.

The AARP also offers an Identity Theft Course to help you understand and identify identity theft. The course will help you:

• Know what identity theft is
• Do a wallet check to protect yourself from identity theft
• Take steps to protect yourself from identity theft in your home and on the road
• Recognize early warnings of identity theft
• Take the first steps if you’re a victim of identity theft
• Have the numbers to call to get help or more information

Start the course here!

Hat tip to I’ve Been Mugged

Breach Security has released it’s Web Hacking Incidents Database (WHID) 2009 Bi-Annual Report, indicating that social networking sites were the most targeted market for hackers so far this year.

The data, compiled from application-related security incidents that are publicly reported, indicates that 19% of the hacks in the first half of 2009 were targeting social networking sites like Twitter and Facebook. This is the first year when social networks became an attack sector. In 2008, government was the leading sector being targeted. The data also indicates a 30% increase in overall web attacks compared to the first half of 2008.

“The dramatic rise in attacks against social networking sites this year can primarily be attributed to attacks on popular new technologies like Twitter, where cross-site scripting and CSRF worms were unleashed,” said Ryan Barnett, director of application security research for Breach Security. “Looking back at 2008, a notable election year, government-related organizations were the top-ranked attack victims and have now dropped to number three. The WHID report demonstrates that hackers can be fickle, following popular culture and trends to achieve the most visible effect for their efforts, which means that companies must be vigilant in implementing web application systems and monitoring application activity.”

Download a copy of the report here.

Also making major news right now is the indictment of Albert Gonzalez on charges of hacking into the Heartland Payment Systems. Gonzalez is already awaiting trial over his involvement in the TJX hack, putting him as part of the hacking team behind two of the largest hacker-based breaches in history. Read more here.

User Who Should Have Known Better: Lawyer/Auxiliary Sherriff

Date Stolen: May 27, 2009
Date Recovered: August 17, 2009
Location: Texas
Scenario: The Absolute Theft Recovery Team performed forensics on a stolen machine, gathering evidence that suggested its unauthorized user was in the legal profession. When police met up with the identified individual to recover the computer, it was confirmed that he was not only a lawyer, but also an auxiliary Sherriff. The user claimed to have purchased the laptop from “some guy on the street”. Shouldn’t he have recognized – and avoided – a suspicious situation?  

Most Recoveries Made by One Investigator: 16

Date Recovered: August 14, 2009
Location: Oklahoma
Scenario: Marking his 16th individual laptop recovery facilitated by Computrace technology and the Absolute Theft Recovery Team, an Oklahoma Officer recently recovered a computer after it was heisted in a home burglary.

Most Exotic Recovery Location: Peru

Date Stolen: May 14, 2009
Date Recovered: August 16th, 2009
Location: Peru
Scenario: While dining on vacation in Peru, a couple was distracted by a suspicious group of passers-by. With in minutes, both the group of people – and the couple’s laptop –had disappeared. Absolute was able to trace the laptop to Lima, and working with local police, successfully recovered the machine.

PC World has put together a series of tips about traveling abroad with your laptop. The tips are more targeted to regular travelers than business travelers and are quite useful.

Tips for your Laptop and International Travel:

• If your hotel doesn’t have ethernet or Wi-Fi, a local cafe will. Internet connections won’t be an issue!
• Customs may search your laptop as you bring it into this other country – be sure your hard drive doesn’t have anything that it shouldn’t (this includes private information as well as information that could be considered espionage and pornography)
• You may be required to decrypt any encrypted files for customs. Be prepared to do this.
• Make a back-up of all your data before you leave the country
• If you expect you’ll need any ‘private’ data while abroad, you can store it online in a secure location accessible by FTP or other secure means. You can thus download it once you’ve passed customs.
• If your laptop is new, take receipts – you don’t want your local customs charging you when you return, thinking you bought it abroad!
• Don’t forget to take a voltage adapter on your laptop, as well as preparing a power plug adapter

Don’t forget to check our past blog posts about Laptops in Airports here, here and here. And be sure to beef up the security of your laptop before you go with LoJack for Laptops or Computrace.

Image: clipart

McAfee has released the Q2 Threat Report for 2009, which indicates that spam volumes have gone up by 141% since March, making this the “longest ever streak of increasing spam volumes” on record. The Q1 threat report, discussed here, indicated that cybercriminals had taken over almost 12 million new IP addresses (zombies) since January, a 50% increase over 2008. This record has now been broken: Q2 set a new record for zombie computers levels, at nearly 14 million.

In addition to spam volumes, the Q2 report looks at some new trends and threats, as well as continued trends of cybercrime as a service and cybercriminals targeting social networks. Indeed, a major attack was led against Twitter and Facebook just this week.

Key Findings from this Threat Report:

• > 14 million computers have been enslaved by cybercriminal botnets (16% increase over Q1)
• Spam has risen 80% in this quarter, over Q1, with June beating the highest ever recorded spam level
• Spam comprised 92% of all mail, also setting a new record high
• Over a 30-day period, AutoRun malware troubled more than 27 million files, making it one of the most prevalent pieces of malware in the world (with a detection rate greater than Conficker was)
• There were nearly 14 million new zombies in Q2, also a new record. Computers in the U.S., China and Brazil lead for zombie figures.

Download the Q2 Report here [PDF].