There was no sensitive data on the iPad, just in case something like this ever happened. Security features are enabled anyway.

When I arrived hours later the receptionist said they hadn’t heard anything about any missing devices. I checked and now Find my iPhone showed the device’s location to be about 30 miles away, complete with an address and a satellite view of a residence.

I asked if they had any idea why my iPad would be at such and such address. The helpful person at the desk said, “Can you wait a moment? I need to call the owner of my company.”

I was told that the address was that of an employee whom they’d had other problems with before. They informed me that, after the phone call, the owner had actually driven to the home, recovered the iPad, and terminated the person on the spot. Hopefully the owner isn’t the kind of terminator that Arnold Schwarzenegger portrayed in the Sci-Fi movie. I told them not to fire the guy—maybe he is just trying to feed his family and losing his job wouldn’t help him. It was just nice to know I’d have the iPad back soon.

Your device can tell you, “I’ll be back!” with that thick German accent, “Ahl be bock!”

Turn on a locating service for your device today.

Please post your comments on this blog.

They drop this in the trash and nobody really notices. Even when they come back to retrieve the goods from the trash, nobody pays much attention then either.

Watch the garbage practices at your organization!

Please post your comment on this blog.

Physical security even includes examining how prepared you are from major weather incidents to becoming prepared if someone comes into your organization with a gun. Locks are examined, practices of your team members, security policies, security alarm response time, and the effectiveness of video security CCTV cameras. Even the lighting around your building at night is important to have examined. Physical security auditors frequently have more than 200 checkpoints to examine so you can feel more confident that you are prepared.

The more prepared you are, including both IT and physical security, the better you will survive, and hopefully protect against, a breach of some kind. Not only that, you may be required by regulations to be audited for physical security.

Please post your comments on this blog.

To me, one of the most shocking facts is that companies do not control their Internet access. There are wonderful web tools out there that will allow you to:

• Track who’s going to what sites
• Log employee activity in case you ever need evidence in a lawsuit
• Selectively block groups and/or individual users from accessing specific categories of sites

I find that the main reason companies do not use these tools is that the blocking scenario makes executives choose between yes to allow or no to block. Deciding between yes and no is easy when you’re thinking about some categories of sites. But there will always be several sites that are difficult to come to agreement about.

In order to get over the hump, it is important to start blocking the sites that everyone can agree to block. And if you have final say at your company, then you can decide which site you want to block. The point is, if you can’t decide on specific categories, you don’t have to block them right now. Just by setting up these tools, they increase your security. More and more websites are being infected with malware and that can result with you and your users becoming infected to something known as a drive-by download. These tools will do their very best to protect you from drive-by downloads.

Contact your IT department today and ask them to enable Internet blocking, logging, and tracking.

Please post your comments on this blog.

There are easy to access tools that allow even unsophisticated criminals to monitor your traffic if you go through a hotel’s network. When you use one of the 3G services, this equipment doesn’t work anymore. Not to say that the 3G connection is totally secure, but all things being equal, it is almost always more secure than a WiFi or plug-in Ethernet port at a hotel.

Then there is speed. So many hotels have very limited bandwidth, and when the hotel is full of hotel guests using the Internet service, everything slows to a crawl. When your traveler whips out their 3G card, they may find that the access is much faster—especially if they are not in a fringe coverage area, and not in a very congested city.

Please share your experiences and post your comments on this blog.

• A snapshot image of your servers every 15 minutes so, if a server crashes, you are able to quickly restore to 15 minutes before.
• The ability to, during the night, use available bandwidth to copy your data offsite to a secure data center in case something devastating happens at your site.
• In some cases, the capability to actually perform as a “crashed server” so your users can keep working even if a server crashes.

Generally, the business continuity appliances are sold and maintained by IT consultant firms in your area. The Barracuda is an example of an appliance you can get directly. Some examples of devices can be found at www.connectwise.net and www.barracudanetworks.com.

I encourage you to contact your local IT consultants to see what business continuity appliances they offer. Please post your comments on this blog.

Executives often want to know what steps to take when they purchase a new computer.

1. You may want to have a qualified IT professional help you reinstall the Windows 7 operating system without all the extra programs that come installed with the computer these days. Often, those programs are only for a 30 day free trial and the extra bloat just bogs down your whole computer. I like having a clean computer from the beginning.
2. Install a quality anti-virus program. If you are going to connect to the office, let a qualified IT professional from the office set up your client to the enterprise anti-virus / anti-malware / software firewall package they use.

   If the machine is strictly for your own personal use, you may choose to use Kaspersky, McAfee, Symantec, Trend Micro, or whatever your qualified IT professional is most familiar with using.

   Caution—there are many “download” programs on the internet that are really viruses so purchasing the boxed copy if often your best bet.

   Additionally, get the whole suite including the software firewall—not just anti-virus. Be sure to choose “update” before installing when prompted during the installation process since the CD will be older than the current version.

   You may need to edit settings for specific programs you “know are ok” if the firewall marks them as suspicious and restricts their activity. Just make sure you don’t accidentally enable a “bad” program to damage your computer.Schedule automatic full system scans daily—or at least weekly. They can happen during the night if you don’t want the scan to slow your computer down.

   Keep an eye on the automatic updates to be sure they are being applied as soon as they are released.

3. Backup. If you take time to understand it, image backup is the “way to go” for primary backups. Be sure to apply the updates regularly. Products include Ghost, True Image from www.acronis.com and ShadowProtect Desktop.

   As with any backup software, it is important to enable encryption of the media. That way, if anyone ever gets your backup drive, they won’t be able to read any of the private information without your password.

   After installing your image backup software on your new computer, always perform a backup and restore. This is “less dangerous to test” on a new computer since you do not have lots of your important data on the machine yet.

   I like the “Lights out Restore” option that works with many computers so you don’t need the product CD to boot if your computer crashes as long as the primary part of the hard drive still functions. Be sure to test Lights Out Restore before you actually need it since this feature does not always work with every computer.

   You may have at least 2 backup drives and alternate using them each time you backup.

   Additionally, you may also choose to augment your image backups to your USB drives with an online service such as www.sosonlinebackup.com in case you lose your laptop and your backup drives.

4. If you plan to give away your old computer, you will want to erase all of your data from the hard drive. It is best for a qualified IT professional to do this for you. Please read these helpful tips if you would rather do it yourself.
5. I also strongly encourage you to enable the full disk encryption on the laptop—hopefully it comes with that capability—Most computers do these days. You may want the help of a qualified IT professional to help you configure this option.
6. Regularly apply your Microsoft Patches—just be sure to use the “Check for Updates” option in Windows 7 instead of ever responding to an e-mail telling you to “get this update.” The e-mail is bogus and the “update” it refers to is most likely a virus.

   Microsoft normally releases patches on the second Tuesday of every month—and sometimes during the middle of the month. Note that the “automatic updates” setting is not always reliable—so checking manually is a good idea.

   Always have a good image backup before installing patches You always have a good backup anyway—right?

7. Computer manufacturers offer a way to get updates to their utilities and drivers too. The main computer manufacturer patches to get are the ones that say they are a “critical security update.”
   Be sure to make backups before installing the patches – I’ve had manufacturer patches mess up my computer but was always able to restore back to where I was before. Applications need to be up to date as well.

The care and feeding of a new computer these days can be involved, and the more solid a foundation you start with, the longer your computer will serve you well.

Please post your comments on this blog.

This company, like many, had separate networks for e-commerce and for administration. The IT professional had been telling his CEO that the organization was “compliant” based on the security of the office administration network—not the IT systems that actually process, store, and transmit credit card information.  He pretended to be shocked that he needed to secure the computers and network that actually handle the credit card data.

As IT professionals, it is important to know what we are talking about when we answer a CEO’s question. Especially if a wrong answer could lead to the CEO facing fines, lawsuits, and even the failure of a business. If we don’t know, the proper response is, “I do not know but I will find out.”

As a C-level executive, business owner, and as a manager, it is important to understand that, unfortunately, some IT professionals will tell you that you are compliant with specific regulations when they really don’t know.

I want to extend my gratitude to the IT professionals who do act responsibly!

Please post your comments on this blog.

It is also important to have adequate ventilation and fans to circulate the air through the servers so that the temperature inside the computer chassis remains cool as well.

Additionally, it is useful to put monitors in the server room so that if the air conditioning fails at night or over a weekend, alerts will be automatically generated to notify appropriate personnel who can come in to fix the problem before the servers are damaged.

While you are at it, lock your server rooms to prevent intrusion, monitor for floods if that is an issue in your building, and use appropriate power filtering to prevent electrical surges and spikes from damaging your servers.

Please post your comments on this blog.

Let’s see—the only way I can think of is to never share any client data with your employees—ever. Even without computers, if an employee is privy to client data, they may “steal” that and use it for other purposes.

The goal is to protect private client data—and you may choose to never enter that into a computer system your employees can access—or never enter it into a computer at all.

If your employees do want to access client data, and you just do not want the employees to be able to easily take large amounts of information, the challenges increase dramatically. Even so, the possibilities are closer than you may realize. Thanks to application delivery and virtualization technologies, you can allow employees to work from home, or the office, without having information stay resident on their computer. You can also restrict them from being able to:

• Save to a local drive
• Print information
• Copy and paste outside your protected space
• Or otherwise retain any information

However, there is little to stop an e-savvy employee from using a digital camera to take a screenshot, or using a yellow sticky note to write down someone’s credit card information or social security number. At least these kinds of activities take “time,” so you are restricting the speed of stealing data.

For what technology cannot solve, your corporate legal advisors can step in. They can help you with non-disclosure agreements, acceptable usage policies, and other agreements for your workers to sign. The key point here is that these do not necessarily prevent the theft, but they do provide you some recourse if the employee is ever caught.

There is even IT data security insurance. If your insurance provider does not offer this service, or if you want to shop around, I know someone who does offer IT security insurance.

In some organizations, prevention is crucial. Once the data gets out, the organization may be damaged beyond repair.

To prevent an employee from e-mailing themselves a client list, there are Data Loss Prevention DLP tools available in the world. They watch for suspicious behavior and can quarantine such messages before sending them out. That delay gives the responsible person in your organization the opportunity to stop the data before it leaves.

There are other strategies as well:

• Provide people with only the information they need to know. A good book full of these examples is Blind Man’s Bluff: The Untold Story of American Submarine Espionage by Sherry Sontag and Christopher Drew.
• Rotate employees through specific duties so their time to do harm is limited.
• Force employees to take mandatory vacations during which time illegal behaviors may be detected.
• Have a separation of duties such that it would be difficult for one employee to commit fraud all by themselves.

While “total protection” may result in your employees not being able to function, there are strategies that can provide you with both productivity and security.

Please post your comments on the blog.