Last year will go down in history as the year where cyber-crime migrated from
amateur hackers and script kiddies to professional criminals making easy money
on the Internet. Last year showed dramatic increases in many online crime areas:
worms, viruses, spyware, spam, phishing, and extortion.
Sophos (a well known anti-virus solution vendor) identified more than 10,000
new viruses, an increase of more than 50% over 2003. The relatively recent
Anti-Phishing Working Group issued a press release stating that the number of
phishing attacks increased by 1,200% from December 2003 to June 2004 and
continues to grow at 30% per month. PCs owned by consumers are being
compromised by the thousands, spyware sits on well over 60% of consumer PC's
and 25% of business computers.
Spam will likely represent more than 90% of all email in 2005. And to make
matters worse, modified versions of worms now appear in days instead of
months.
All of this means that organizations will have to work harder
to defend themselves against these malicious attacks.
Joe Tartaglia / High Caliber Solutions
If there are any topics you would like to see discussed in the future or
if you have any comments, please contact me at
JoeT@HighCaliber.com
Although conventional wisdom states that you should change your passwords
every 90 days or less, there are those that disagree with this. Their
argument goes like this:
In real life, expiring passwords is not very practical. Forcing users to
employ strong passwords (mixed numerals, case, etc.) is one of the best
things that can be done to secure a network, however having these expire on
a regular basis without the ability to reuse them defeats the system. It
takes time to create a good password that someone can remember without
writing it down. With passwords expiring monthly, most people will resort
to trivial passwords that are easy to remember, knowing that they are
throw-aways. Having an automatic password approval process whereby each user
is forced to choose a strong password, with ALL of the recommended factors
(mixed case, numbers, etc.) and ensuring that a common dictionary word or
name has not been used is best. This may take a few minutes for the user to
come up with at first, but will ensure a much more secure network.
Having users choose a new password monthly will only ensure that someone
will resort to common words, thus defeating the security. It only takes one
lazy or frustrated user to compromise the network.
Using "pass phrases" (long phrases that include mixed-case, numbers, etc.)
would add another level of password integrity. The old networks that limit
passwords to eight (or so) characters should be replaced with those requiring
longer passwords that will most certainly need to include a multi-word phrase
in order to meet the minimum length.
Interesting point of view. I believe it has some merit.
A snapshot backup is a point-in-time copy or image of data on a storage
device which is often done at frequent intervals or as files change.
The most common use for snapshots is quick, easy restores of accidentally
erased or corrupted data. However, snapshots can be used for a lot more
than simply fixing users' mistakes.
Basically, any time you need a copy of the data stored on a device,
you should consider snapshots. By using snapshots, you can easily move
data to new hardware, whether for the purpose of replacing the existing
hardware, rearranging the way data is stored, or consolidating several
devices onto one.
Just remember it is possible to have too much of a good thing. While some
snapshot-creating software like Windows XP will automatically delete old
snapshots, other applications don't. Worse, not all of them fail gracefully
when they've filled their allotted disk space. If you have an application
that automatically deletes old snapshots, set the parameters appropriately
for your enterprise. If you have applications that don't automatically clean
house, then you should monitor them and remove old files as appropriate.
Microsoft stresses the importance of keeping computers up to date with the
latest updates available from the Windows Update Web site. This is relatively
simple if you have a single computer or only a handful of computers.
However, one of the challenges a lot of network administrators face is to
find an efficient method of distributing software updates to servers and
workstations. In small environments, visiting each computer to perform the
installation of an update might take only a few hours. However, in medium to
large networks, administrators need a secure, reliable, and efficient way of
distributing updates as they are released.
One of the options now available for distributing updates is Software
Updates Services (SUS). One of the appealing things is that you can download
the software for free from Microsoft's Web site. It's also fairly simple to
use. SUS consists of two components: the server and the client. The server
(which can be running Windows 2000 or Windows Server 2003) downloads updates
from Microsoft's Windows Update Web site and stores them locally.
So when new updates are posted to the Windows Update site, they are
downloaded and the network administrator is notified that they are
available. The clients can then download the updates from the server instead
of retrieving them from the Windows Update site. It's also a good way of
cutting down on WAN traffic.
A lot of documentation you will come across states that updates should be
tested before they are deployed. One of the main benefits of using SUS is
that all or specific updates can be tested before being deployed in your
production environment. This eliminates the possibility that clients will
download updates before they have been tested and approved by the network
administrator.
1. Start with the basics. Go over your backup plans and implement
procedures where none exist. The best disaster recovery plan can’t recover
data that hasn’t been backed up. As the first step, ensure that your plan
covers all aspects of your environment that are critical to the ability to
address a disaster.
2. How far do you need to go? Determine whether you need wide-area disaster
recovery – this will provide the ability to recover data and resume
operations at another location outside your own metro area. You can
maintain application and data availability during fires, floods and power
outages without breaking your budget.
3. Support from above. Secure senior management support of the plan to
ensure that disaster recovery is a priority throughout the enterprise.
4. How wide do you need to go? If you do need wide-area recovery, make sure
that the system mirrors data to a remote location.
5. Redundancy. Make sure that your recovery system
contains no single points of failure. Disaster prevention begins with the
server and storage platforms – consider redundant hot-swap components, such
as disk drives, fans and power supplies.
6. Start locally, manage globally. If an administrator is in a remote
location during an outage, then remote management capabilities will play an
important role in troubleshooting and diagnosing problems from a remote
location in order to bring the server back online quickly. Make sure your
recovery system supports remote administration.
7. Backup starts with the client. Determine if the recovery system includes
support for desktop and portable computers. Vital data is often stored on
PCs – regular backups are essential and often overlooked.
8. Choose your partners wisely. Partner with a hardware/services provider
that can provide full service support before, during and after a disaster.
This allows you to maintain your business operations by turning over the IT
disaster recovery functions to the partner so you can focus on your
employees, customers and business operations. Make sure this partner can
deploy, track and deliver the mission-critical parts you need to keep your
business running.
9. Clearly define roles. Make sure your disaster recovery plan considers
the effects of an event on your employees – they should know exactly what is
expected of them. Make sure everyone has appropriate contact and escalation information.
10. Leave yourself some room. Ensure that your recovery system can scale
with your future needs and that it doesn’t lock you into a particular
technology or vendor.