When it comes to instant messaging, many organizations allow their
employees to call the shots. In a recent TechRepublic Quick Poll,
members revealed whether their organization has an instant messaging
policy. See how you compare.
Those of you in regulated industries (Financial, Health care, etc.) should
seriously consider putting in place a formal policy regarding the use
of instant messaging in the workplace. Also keep in mind that regulatory
bodies may require that you capture and archive all IM traffic.
Let us know if we can help.
Joe Tartaglia / High Caliber Solutions
If there are any topics you would like to see discussed in the future or
if you have any comments, please contact me at
JoeT@HighCaliber.com
Scanit's Browser Security Test automatically checks your browser
for various security problems. When the test is finished you get
a complete report explaining the discovered vulnerabilities,
their impact and how to eliminate them:
(These are from Basic Travel Tips by Chris A. MacKinnon as reprinted from Processor.)
To help you protect your computer equipment while traveling:
Never leave a laptop unattended. Also be careful not to leave equipment
on luggage carts, shuttle bus luggage racks, or security checkpoints.
Don't allow yourself to doze off between flights without a hand or foot
on your computer.
Disguise carry bags - don't make it obvious that you are carrying a
laptop. Carry generic carry-on bags.
Install persistent tracking software on your PC to increase the assurance
of getting the machine back if it is stolen.
Try not to leave your laptop in a vehicle; if you must, ensure it is out
of plain view.
Do not leave a meeting or conference room without your laptop. Take it
with you, or it may not be there when you return.
Always use a cable and lock whenever the laptop is left unattended.
Label portable computers and bags with your name and address.
Be aware of distractions such as a tap on the shoulder by a stranger, a
bump by another traveler, or a commotion at security checkpoints-these are
golden opportunities for thieves.
Symantec announced that there has been a first sighting of the SymbOS.Cabir
worm in the U.S.
The worm, which affects the Nokia Series 60 phones, was found in the wild in
a mobile phone store in Santa Clara, California. But don't panic just yet.
"Although the last year has seen a few small outbreaks of mobile phone-based
attacks, it will still be another two years or more before such attacks get
to be more common," said Vincent Weafer, senior director of Symantec Security
Response.
The SymbOS.Cabir worm first appeared in June 2004, and there are currently
more than 20 proofs of concept variations on the SymbOS.Cabir threat. The
worm is able to replicate itself by repeatedly sending itself out to whatever
Bluetooth-enabled devices it can find within close proximity. It doesn't
actually destroy files or cause any damage to the mobile phone or the data
being stored on it.
"What we've seen over the last couple of months is reports of Cabir in the
wild in various parts of Asia, reports in the past in Canada, and now we
have the first report in the U.S. and some places in Europe," Weafer said.
"What's happening is people are travelling on airplanes, so it's going from
one part of the world to the other. They're actually carrying the virus with
them on their cell phones."
It's probably not going to spread in any big way, though, Weafer said. There
are a few big ifs keeping the worm from spreading. Because it uses Bluetooth
to propagate, the cell phone the worm is on has to be in close proximity to
other phones. Since it attacks Symbiant-based phones, primarily in the Nokia
Series 60 phone, and not many people have those types of phones compared to
those that have traditional cell phones, there isn't a lot of opportunity
for it to propagate, he said. Additionally, the Bluetooth on the phone would
have to be enabled and set to accept content to receive the worm. Obviously
those who accept content are at risk, but still, the risk is small.
"Apart from being affected, the consequence is it can run out your battery
faster than normal," Weafer said. While cell phones automatically go into
standby mode when they're not being used, the SymbOS.Cabir worm keeps the
cell phone active by continually looking for Bluetooth connections.
For those unfortunate enough to be affected, there are removal tools
available on the Symantec Web site, at http://www.symantec.com
Scam artists are targeting Microsoft customers with an email-based
phishing campaign in which the scammers attempt to fool users into
revealing their credit card numbers. The campaign takes advantage
of a recent Microsoft anti piracy announcement that warned users
that the company will deny most product updates to users who have
illegitimate Windows copies.
Here's how the scam works: The scammers flood inboxes with email messages
that appear to come from security@microsoft.com; one rendition bears the
subject line "Microsoft Windows Update." The message notes, "If you do not
comply with our policy, windows [sic] will ask you to reactivate your serial
number, and it will become invalid ... So you will lose any information on
your computer. If you do not validate your serial number, your copy of
windows [sic] will be labeled as piracy." A similar message offers to give
users Microsoft security tools.
The messages then ask users to visit a specific Web page and update or
validate their Windows Product IDs and credit card information. The messages
note that credit cards won't be charged but that the numbers are required to
ensure that users' versions of Windows are legitimate. Humorously, the email
appears to come from the Windows XP Activation Team. The message leads users
to a non-Microsoft Web site that's based in Romania, however, and there's no
such entity as the Windows XP Activation Team. Furthermore, Microsoft would
never request credit card information via an email message.
Security researchers note that the scam is even more insidious than it first
appears. In addition to stealing users' credit card numbers, the Web site
that's linked in the message attempts to install spyware on users' systems
when they visit the site. The spyware is delivered in the form of a
Microsoft Internet Explorer (IE)-based Browser Helper Object.
In addition to taking precautions to protect your portable devices, it
is important to add another layer of security by protecting the data
itself.
Although there are ways to physically protect your laptop, PDA, or
other portable device, there is no guarantee that it won't be
stolen. After all, as the name suggests, portable devices are designed
to be easily transported. The loss of your equipment is one thing
but the exposure of information on the device could have very serious
consequences. Also, remember that any devices that are connected to
the internet, especially if it is a wireless connection, are also
susceptible to network attacks.
How can you address this issue?
Use passwords correctly - Don't choose options that allow your
computer to remember passwords, don't choose passwords that
thieves could easily guess, and use different passwords for
different programs.
Consider storing important data separately - There are many forms
of storage media, including zip disks, CDs, DVDs, and removable
flash drives (also known as USB drives or thumb drives). By saving
your data on removable media and keeping it in a different location
(e.g., in your suitcase instead of your laptop bag), you can protect
your data even if your laptop is stolen.
Encrypt critical files - By encrypting files, you ensure that
unauthorized people can't view data even if they can physically
access it. When you use encryption, it is important to remember
your passwords; if you forget or lose them, you may lose your data.
Install and maintain anti-virus software - Protect laptops and
PDA's from viruses the same way you protect your desktop computer.
Install and maintain a firewall - While always important for
restricting traffic coming into and leaving your computer,
firewalls are especially important if you are traveling and
utilizing different networks. Firewalls can help prevent outsiders
from gaining unwanted access.
Back up your data - Make sure to back up any data you have on your
computer. Not only will this ensure that you will still have access
to the information if your device is stolen, but it could help you
identify exactly which information a thief may be able to access.
We have come across many small to medium business owners that have
told us that they believed that tape backups are all they needed
to prevent data loss and insure business continuity. Our experience
shows this to be a flawed assumption. Even if it were true, we have
found that many organizations are not using tape backups effectively
and so are often not protected at all.
Business owners should ask themselves how much data they can potentially
lose during a disaster. For example, if users update data in a real-time
application (such as a purchasing system), you probably can't afford to
lose any data. But if you change data infrequently, you can probably
live with 24 hours or more.
The maximum amount of data that you feel your business can lose without
seriously hurting your operation is often called your Recovery Point
Objective or RPO.
If your RPO is 24 hours or more, your organization can potentially use
tape backup as its sole means of data protection. However, if you do,
you must make sure that you move tapes off-site regularly and perform
frequent test restores to ensure that the data is actually getting
backed up.
If your RPO is less than 24 hours, you can't rely solely on tape.
It's too risky to depend on a tape backup that usually occurs just once
a day. if a system goes down before the backup window, you could easily
lose an entire day's worth of data.
Instead of tape backups, you may want to look into data replication
solutions. Available for a great range of prices, these tools generally
offer the ability to fail over to other servers and perform additional
tasks.
The closer your RPO gets to zero data loss, the more expensive your
data protection solution will become. However, increasing an RPO from a
few minutes to several hours can expand your options and reduce cost
dramatically.
It is very important that your organization recognize and understand the
benefits and the risks of using only tape backup. Relying solely on tape
backups, particularly if you're not using them effectively, can give your
business a false sense of security about its data protection strategy.
