April, 2005

If there are any topics you would like to see discussed in the future or if you have any comments, please contact me at JoeT@HighCaliber.com

Bullet Points

  • Printing Problems - Survey Results

    A survey of nearly 1,000 IT Managers around the world conducted recently has found the biggest problem with their printing networks was "printing waste" (56%).

    The next biggest problem was their inability to "account for what was being printed" (41%).

    To determine how important the problem was to solve, 62% of the respondents said they would switch all their printers to a single brand if that printer manufacturer solved these problems.

    Sunbelt provides a solution for these problems. Check it out here:
    http://www.sunbelt-software.com/PrintManagerPlus.cfm

    The survey was done on IT Managers of over 950 organizations around the world (companies, government agencies, schools and universities). The average number of users in the average organization was 2,500 users. Organizational sizes of those surveyed were as small as 5 users to organizations of over 50,000 users.

     

  • Top 25 Technology Breakthroughs, Last 25 Years

    Interesting reading:

    http://www.cnn.com/2005/TECH/04/01/cnn25.top.technology/index.html

     

  • What's Installed on Your PC?

    Here's an easy way to get a list of all the Microsoft programs that are installed on your computer:

    1. Click Start
    2. Click Help
    3. Click Support
    4. In the left column of the Help and Support window, under Pick a Help Topic, click Windows basics.
    5. In the left pane, click to expand Core Windows tasks.
    6. Click Searching for information
    7. In the right pane, under Pick a task, click Get information about your computer
    8. In the right pane, under What do you want to do?, click View a list of Microsoft software installed on this computer. This list can be copied and pasted into another document.

     

  • Line Numbering in Microsoft Word

    Here's how to add line numbers to all or part of a Word document:

    1. Switch to Print Layout view by clicking View in the top menu bar and then clicking Print layout in the drop down menu.
    2. Select the area you want numbered. For example, to add line numbers to a paragraph, triple-click anywhere within the paragraph. You can also press [Ctrl] and [A] at the same time to select the entire document.
    3. Click File in the top menu bar
    4. Click Page Setup
    5. Choose the Layout tab and look for the Apply to box. Make sure it reflects the area you want to add numbers to. For example, if you selected text, the Apply to box should be set to Selected text.
    6. Click on the Line Numbers button.
    7. Check the Add line numbering text box
    8. Choose the numbering options (beginning line number, increment, and so on). If you want numbers to begin at 1 for the first line and increment by 1 through the end of the document, be sure to select the Continuous option in the Numbering section. (The default starts numbering at "1" with each new page.)

     

  • Password Protecting Your PC During Standby or Hibernation

    Here's how to make sure that your computer asks for a password when it resumes from standby or hibernation:

    1. Click Start
    2. Click Control Panel
    3. Click Performance and Maintenance
    4. Click Power Options
    5. Click the Advanced tab
    6. Check the box labeled Prompt for password when computer resumes from sleep. Now the computer will require that you enter the password for the currently logged on user account when it resumes.

     

Top

The Five Worst Security Practices

Regardless of your organization's size, we all face the same security challenges — keeping intruders away from our private information. Unfortunately, people responsible with security keep often make the same basic mistakes. Here is a list of the five worst security practices experts have found in businesses both large and small.

1. Failing to enforce policies

The number one worst security practice is failing to properly set security policies, not training people, and especially declining to enforce an established policy.

If your organization wants good security practices, it must establish a clearl set of policies. Among other things, these policies must define basic usage rules, such as never opening strange e-mails, surfing random sites on personal business, or downloading files from the Web.

But security experts have been saying this for years, so why isn't it working? That's simple: Even when there are policies in place, there are seldom any real consequences for breaking the rules—or any reward for those who don't.

Few organizations have established a point system tied to rewards for following good practices. Consider the impact that a significant prize for the employee with the best security record could have on security. For example, everyone could start with 100 points, losing one point for every out-of-policy security mistake, even if it doesn't result in actual damage or loss.

Establishing security policies that are more than a stack of paper and providing employee incentives for such policies could go a long way to helping organizations improve security.

2. Ignoring new vulnerabilities

Second on the list is failing to take appropriate action when new vulnerabilities surface.

Most security managers receive automatic notification of new patches and/or monitor at least one security Web site. But there is simply so much information available that many people don't even bother to read the alerts they subscribe to. A far smaller number actually adjust policy or perform updates to fix the problems they do learn about.

3. Relying too much on technology

Another big mistake is relying excessively on technological fixes and paying too little attention to actually using them.

For example, if you tell upper management that you've installed the top antivirus software or the latest firewall, they'll think you've done your job. But unless you've carefully configured that firewall and maintained the antivirus software, you really haven't done much of anything.

Setting up a firewall properly in some environments can be as much art as science. It isn't a set-it-and-forget-it task any more than installing antivirus software ends all your malware worries. Instead, you have to keep tweaking the firewall to meet new needs, sometimes even blocking some ports for a few weeks after a new port scanning epidemic surfaces.


4. Failing to thoroughly investigate job candidates

The fourth biggest mistake is failing to properly screen job candidates for criminal records or even poor financial decisions, particularly for candidates outside of the IT department.

Americans in particular feel that personal privacy is one of the most important basic human rights. They tend to respect others' desires for privacy, which often results in a reluctance to investigate the background of job candidates. In fact, a recent online discussion questioned whether it's reasonable to use a person's financial history as a tool in deciding if he or she would make a dependable employee.

Many people questioned this practice despite the fact that companies have widely employed it for two simple reasons. First of all, if people are careless with their own finances, how well will they protect yours? Second, if someone's under financial pressure, he or she is more subject to outside pressures to indulge in activities that compromise security.

5. Expecting too much from technical skills

The fifth biggest mistake is an unhealthy reliance on the IT staff's technical skills for security planning.

When choosing someone to head up security, most managers see nothing but the incredible complexity of networks and software, and they then assume the best person for the job is the one with the most technical skills. However, while technical knowledge is necessary, a gut feeling for security along with a healthy dose of paranoia is far more important for the head of security, provided someone on the IT team has the knowledge and skills related to the technical side of software and hardware security.

Earlier this year, someone walked into a University of California Berkley office and walked out with a laptop containing personal data about more than 98,000 people, including Social Security numbers. This theft not only highlights the need for simple and basic physical security, but it also emphasizes a misplaced reliance on technology. Apparently, the university had instituted encryption technology. However, while they had scheduled the laptop for encryption, no one had yet encrypted the notebook's hard drive at the time of the theft.

 

Top