Posts Tagged ‘IT security procedures’
Is defense indepth that good?
Many IT departments tell their executives that having multiple firewalls, anti-virus protection, VPN’s, etc. are all you need for security. How does a firewall help you if the attack comes from inside your perimeter?
Continue reading ‘Is defense indepth that good?’
Should you block your employees from accessing social media?
In the past, I’ve been known to instruct companies to block all employees from social media. Times are changing.
Continue reading ‘Should you block your employees from accessing social media?’
Disable USB ports
If you are concerned about your users using the USB ports on your computers to, accidentally or intentionally, steal information or plug in unauthorized devices that might infect your network, you may want to discuss these options with your qualified IT professional.
Continue reading ‘Disable USB ports’
Copy machines store copies of your documents
When CBS ran the 5 minute video about how your copy machines hold copies of all the documents copied on their internal hard drives, many of you started asking questions.
Continue reading ‘Copy machines store copies of your documents’
Two crucial pieces of advice for executives
My wife and I were traveling a little over a week ago when we got a phone call that one of our immediate relatives dropped dead from a heart attack. He was standing in line at the pharmacy to get medicine his doctor just prescribed for “heart burn” and collapsed, unconscious, and his heart was no longer pumping blood. Simply put: he died.
Continue reading ‘Two crucial pieces of advice for executives’
Executives say it is hard to enforce IT policies
I see this all the time. Executives say “we do not restrict our users from going to inappropriate web sites” or “we do not force our employees to change passwords—some have had the same password for 10 years.”
Continue reading ‘Executives say it is hard to enforce IT policies’
How Twitter was hacked
What happened to Twitter can happen at any company. The attacker exploited common problems in many corporate networks.
Continue reading ‘How Twitter was hacked’
Should you be worried about the virus attack on April 1?
Yes, there is a lot of concern over a “really bad virus” attacking on April 1. Should you be concerned? In fact, many computers are already infected.
The virus goes by the name of Conficker and it is also known as Downadup (and also Downup and Kido). My advice remains the same as always: be concerned about a really bad virus every single day of your life. If you are following IT security best practices, then there is nothing more to do in preparation for April 1.
Still, I was amazed during the Y2K bug nine years ago how many executives decided, “ok, let’s go ahead and take appropriate IT steps since there is a deadline.” If your organization has been postponing some of the simple IT security basics, maybe Conficker’s “bright side” is that you’ll do what needs to be done.
Details of some of the steps to take include:
Continue reading ‘Should you be worried about the virus attack on April 1?’
When firing an employee – involve your IT department
Be sure to involve your IT department when terminating an employee.
You trust your employees to access the organization’s data, and along with that access comes the ability for them to harm your organization. Other companies have experienced problems such as:
- The employee copying client information to take with them when they go
- The employee deleting or damaging any company data
- The employee covering their tracks of any wrong-doing by editing audit logs
- The employee sending out damaging information from the company e-mail address
- The employee accessing the computer network remotely in the future from home
- The employee accessing confidential data to release publicly, sell, or even use for extortion to seek revenge on the company
- The employee knowing someone else’s password and logging in under their account to perform any of these tasks
- Damaging any of the services such as the company web site, e-mail system, or any other services they have access to
- Physically damaging company property such as laptops and PDA devices
What can you do to protect this?
Continue reading ‘When firing an employee – involve your IT department’
Are You Looking for Security That’s Fast, Cheap, and Easy?
Quite simply, full-disc encryption means everything on your drive is safe and secure from being accessed by unauthorized people. Many people say they don’t use full-disk encryption tools because they think it’s expensive. Well, it’s not expensive at all. I have full-disk encryption that came included for free with my laptop. Some people also believe that security is very difficult to configure. No. Enabling full-disk encryption only adds about 45 seconds to your computer’s setup once the IT professional knows the procedure. It’s very easy.
Continue reading ‘Are You Looking for Security That’s Fast, Cheap, and Easy?’