Posts Tagged ‘IT network security’
Business executives are liable for security breaches
Most executives put the IT team in charge of IT security and then forget about it until they need to approve a capital expenditure.
Continue reading ‘Business executives are liable for security breaches’
IT Security is like a Heart Attack
Most people wait until they have a heart attack before eating right and exercising, but it may be too late.
Continue reading ‘IT Security is like a Heart Attack’
How are the hackers getting past your firewall?
I get calls from IT Professionals asking what to do when a cybercriminal is trying to log in through the network remotely with a brute force “password guessing” attack. The IT professionals often state they are surprised an outsider could do this “since the firewall was up and running.”
I’m used to executives wanting a single “silver bullet” to take care of security, and am educating them and their IT professionals alike that no single IT security device or strategy can be viewed as complete on its own.
For example, these two statements are wrong: “I know we are safe because our firewall is up and running.” “I am safe traveling on the road because I always connect to my office through a VPN.” Firewalls and VPN’s are wonderful IT security tools – mandatory security tools if you ask me – and they are not enough. Today’s cyber security situation is so dire that you need many different layers of protection in place. There is NO SUCH THING as an IT security “silver bullet.”
Does it help not to open e-mail from strangers?
An executive recently wrote me, “I got a virus that infected our network because I opened an e-mail message from someone I didn’t recognize – I’ll never do that again!”
While that strategy may help some, it is far from being a reliable way to protect your network. First of all, without performing some technical detective work, it is hard for a non-IT professional to tell who the e-mail came from anyway. You may get an e-mail from a cybercriminal who uses “spoofing” to make the e-mail message appear that it is coming from your best friend, bank, the FTC, or anyone else.
Better protection comes from scanning tools running at one or more locations including your e-mail server, your firewall, your spam filter, and the anti-virus client on your local machine.
Training users “not to open e-mail from strangers” is a moot point if your user is supposed to open e-mail messages from prospects interested in your company’s products and/or services. There is some training that matters though…
Continue reading ‘Does it help not to open e-mail from strangers?’
Should you be worried about the virus attack on April 1?
Yes, there is a lot of concern over a “really bad virus” attacking on April 1. Should you be concerned? In fact, many computers are already infected.
The virus goes by the name of Conficker and it is also known as Downadup (and also Downup and Kido). My advice remains the same as always: be concerned about a really bad virus every single day of your life. If you are following IT security best practices, then there is nothing more to do in preparation for April 1.
Still, I was amazed during the Y2K bug nine years ago how many executives decided, “ok, let’s go ahead and take appropriate IT steps since there is a deadline.” If your organization has been postponing some of the simple IT security basics, maybe Conficker’s “bright side” is that you’ll do what needs to be done.
Details of some of the steps to take include:
Continue reading ‘Should you be worried about the virus attack on April 1?’
Useful utility helps patch your computer
Out of date applications can be slow, have bugs, and even be security risks.
If you have never tried the scans at www.secunia.com you may want to. There is a simple online version of the scan and also more in depth scans you can purchase. One of the most useful parts of the program is that it shows you where to find patches and updates that your system needs to be fully functional.
Continue reading ‘Useful utility helps patch your computer’
Avoid a major pitfall of outsourcing your IT services
Most organizations outsource IT at least some of the time, and some outsource 100% of their work.
When your organization outsources the IT support, without the appropriate checks and balances, the tactic of “put out the IT fires but don’t prevent the fires” can get out of control. Look at the vicious cycle below:
Should you have an IT audit before or after you upgrade your network?
The best answer, of course, is both. However, if you are only going to have one audit, most people think it should be AFTER your own IT professionals have implemented the very best solutions they know. This can be a costly mistake.
Continue reading ‘Should you have an IT audit before or after you upgrade your network?’
Are You Prepared for an IT Security Breach?
In 2006, the FBI partnered with 313 companies who agreed to be in a study about IT security. The companies came from various sectors, such as medical, education, transportation, manufacturing, and many more. Combined, these companies lost over $52 million due to various types of security breaches, including viruses, theft of proprietary information, network abuse, and data sabotage. That’s $167,000 plus per company! You certainly don’t want to be part of that loss.
Continue reading ‘Are You Prepared for an IT Security Breach?’