Archive for the ‘Security Links’ Category

There have been a number of very useful articles out in the last week or so. Too many to share one at a time. So, I thought I’d put together another link post to point you towards some very useful articles:

• Eric Geier writes for InformIT some “Tips to Secure your Home Wi-Fi Network“
• Bruce Schneier also has a new article out about securing your data while traveling that’s worth some consideration: “Protect Your Laptop Data From Everyone, Even Yourself“.
• Another thoughtful article on SafeKids.com by Larry Magid: “How to stop cyberbullying.“
• Forbes.com’s Amanda Berlin puts together an article on “How to Protect Your Online Reputation.“
• NetworkWorld continues their IT Best Practices series with this article by Linda Musthaler and Brian Musthaler: “The notification chain when a breach is suspected“

If you find any articles you think would interest the readers here, let me know!

Image: Clipart

Absolute Software recently attended the Infosec conference, and Bill Pound, VP international corporate development at Absolute, has an article out this week in ComputerWeekly about beating the airport data theft threat. Whether you’re a regular business traveler or gearing up for that big summer trip, Bill offers some great tips to keep in mind.

Airports are a prime location for the loss or theft of laptops; London’s Heathrow airport has up to 900 devices going missing per week, for example. Though some of these laptops may be password-protected or encrypted, data security concerns still exist. And with good reason – the data could be worth far more than the lost device.

Bill offers several pieces of advice, from laptop tracking software such as Computrace to beefing up security policies so that employees understand how to protect their devices against loss or theft. Basic airport security precautions include: not checking your laptop as luggage, using an inconspicuous bag, always watching your bag, adding identification to your bag, and being extra wary when going through security checkpoints. You can read more here.

Some other great reading for you:

• PCI DSS compliance: You can’t just check the boxes
• Survey: 37% of employees would become insiders given the right incentive
• Nine steps to halt data breaches

Image: clipart

Sometimes there’s so much good advice out there that it’s impossible to cover it all. Rather than miss out on some of these gems, I’m going to point out some good list-based articles that have caught my attention, highlighting the salient points of each.

Laptop Security Is a Three-Legged Stool – Intel

This list fits in snugly with our own motto of “mutli-layered laptop security” at Absolute, which we talk about here. For now, check out the “3 legs” of laptop security:

1. Physical Security
2. Data Protection
3. Protection Solution

9 Dirty Tricks: Social Engineers’ Favorite Pick-Up Lines – CSO Online

These are tactics employed by criminals (cyber and otherwise) to scam you out of personal information or money or to gain access. The list had 8 tricks, not 9, but who’s counting? ;)

1. “I’m traveling in London and I’ve lost my wallet. Can you wire some money?”
2. “Someone has a secret crush on you! Download this application to find who it is!”
3. “Did you see this video of you? Check out this link!”
4. “This is Chris from tech services. I’ve been notified of an infection on your computer.”
5. “Hi, I’m from the rep from Cisco and I’m here to see Nancy.”
6. “Can you hold the door for me? I don’t have my key/access card on me.”
7. “You have not paid for the item you recently won on eBay. Please click here to pay.”
8. “You’ve been let go. Click here to register for severance pay. “

5 Tips for Managing Security in a Recession – CSO Online

Another great look at how to prioritize your security spending and planning this year.

1. Prioritize based on risk/reward
2. Have the right mix of people on your team
3. Build repeatable processes
4. Create an optimal shared cost strategy
5. Automate and outsource wisely

Top 5 Security Resolutions for New PCs – InformIT

If you’ve just bought a new computer, take some quick security steps before you start using it! Here are 5 resolutions to take:

1. I Will Patch My Systems
2. I Will Use Common Security Tools
3. I Will Back Up My Data
4. I Will Secure My Wireless Router
5. I Won’t Write Down My Passwords

And to end off the great tips offered in these articles, walk the lighter side with this ID-theft-themed Dilbert comic.

There have been a number of great news items in the security field in the past couple of weeks. So, this post will share some that I found particularly interesting or useful.

The Center for Strategic & International Studies (CSIS) Commission on Cybersecurity for the 44th Presidency has released its final report, “Securing Cyberspace for the 44th Presidency.” The report indicates the importance of Cybersecurity as a national security issue, that privacy and civil liberties should be reflected in cubersecurity issues, and that a national security strategy is necessary.

Control Risks has released its annual RiskMap report for 2009. The RiskMap provides an assessment of global and regional political and security risks that businesses are likely to face in the upcoming year. Read more about that here and here.

Roger Grimes at InfoWorld sets out the two primary things you need to know in order to secure your home computer (or home business computer). Although he talks about anti-virus programs, his two main pieces of advice involve being smart (don’t download it if you don’t trust it) and to patch your system regularly – he does recommend the commercial version of Secunia’s Software Inspector for this. Keep reading here.

There’s an interesting article by Tom Olzak at Tech Republic asking if state and federal breach notification mandates are unreasonable. I’ve always been a huge proponent of national legislation as key; I believe consumers need to be informed of breaches in order to mitigate their risk and choose which companies they choose to trust. Tom agrees with this, and argues against statements to the contrary made by Chris Wolf, an attorney and head of the Proskauer Rose (Washington, D.C.) law firm’s privacy and security group. You can read the article here.

Also an interesting read from informIT, an article entitled “Software [In]security: Software Security Top 10 Surprises“.

Have you found any security reports or news to be an interesting read of late? If so, do share the link in the comments!

Image anitapatterson @morguefile

A number of great articles for consumers, about technology, security and identity theft, caught my eye this week. Rather than talk only to one or two of these articles, I wanted to point to some of them for you to check out:

• ConsumerReports.org creates 7 online blunders that can ruin your computer or identity
• Network World warns – beware of Obama spam
• CNet’s podcast – what’s next for net neutrality?
• Chris Pirillo’s 10 tips to keep your notebook safe when traveling – though Chris forgot to mention LoJack for Laptops, he’s previously spoken very highly of it!
• eSchool News – Florida considers virtual school
• Another great tip – how to protect yourself against identity theft over the phone

Also, given the recent elections, you may wish to read Barack Obama’s Information Security plans here.

Security links for the week:

• Microsoft announces 6 security updates, download here ; QuickTime announces update with 8 security fixes, download here
• Sean Martison of LeaderTalk asks “How does technology funding affect technology integration?”
• Rosie Lombardi of InterGovWorld asks “Laptop security: insure, recover or delete?”
• Mark Wagner writes for Educational Technology and Life: “How Virtual Worlds Help Real Students: The River City MUVE”
• Paul Wenske writes for TheState.com “Lax Laptop security spurs privacy worry”

Happy Friday the 13th

Tags: security, security links, business security, education security

Check out this week’s interesting news stories from around the web:

• Concord Hospital has fired the billing system contractor (Verus) who accidentally left 9000 private records on the web.
• Florida’s K12 Online Conference is planned for the fall: October 15-19 and October 22-26. Topics include Classroom 2.0 and New Tools/Technology
• New malware attack focuses on tricking users to download a program (malware well hidden) needed to view a website.
• Wired for Health Care Quality Act of 2007, and IT Health bill, was introduced at the Senate
• The Pentagon’s Office of the Secretary of Defense (OSD) shut down 1500 computers after a security breach.
• Michael Moore is backing national health care reform – his new movie on the same topic, Sicko, will soon be released.

Tags: security, malware, health it, it, government reform, security breach

As we swing into the weekend, here are some security news items for your edification:

• David Canton of the London Free Press writes an editorial on how “Online Records Pose Risks”
• A Southern Ontario school announces a new stringent electronic policy in response to cyberbullying. All Internet activity will be monitored, and offenders face stiff penalties.
• Send your dad a “Phish & Tips” e-card via the FTC for Father’s Day – complete with tips on keeping personal information secure
• Nestor Arellano of ITWorldCanada writes about new Spammer tactics
• A DC school administrator is being investigated for identity theft of DC school employees
• The FBI released a report indicating that there are “Over 1 Million Potential Victims of Botnet Cyber Crime” [via Brandon Sun]

Tags: security, identity theft, security news

Here are some recent happenings in the security field:

• Sharon Gaudlin of InformationWeek: “Hackers Blamed for Data Breach that Compromised 300,000“
• The University of Ontario Institute of Technology is offering Canada’s first Masters in IT security.  Offered via IT Business
• Jon Brodkin of Network World: “Shoppers willing to pay extra for privacy confidence“
• Kim Zetter of Wired: “Secret Service Operative Moonlights as Identity Thief“
• Klea Theoharis on TMCnet: “Identity Theft: How Major Corporations May be Exposing Your Private Records without Knowing It“

Tags: data breach, security, security information, business security, data security, identity theft

Here are some articles related to security to read over the weekend:

• The Weston Mercury writes that Identity theft branded woman a criminal (via flying hamster)
• Erin Norlin writes on CSO Online that Microsoft funds open source identity
• Absolute Software news: Computrace Anti-Theft Security Embedded in Toshiba Notebook Computers [PDF]
• Security Focus reports that TJX: Breach cost company $17 million to date
• A DeSales University student is conducting a survey on Computer Technology in Elementary Schools
• Google has launched an Online Security blog
• CBS asks the question: What if every child had a laptop?

Have a great weekend!

Tags: security, security links, identity theft, laptop security, laptops, tjx breach, absolute software, online security