BE WARNED – THE OLYMPICS ARE COMING!

We will soon be the target for major attacks.

David Hobson, MD of Global Secure Systems (GSS), talks about the forthcoming threats to head our way.

The Olympics is one of the largest global events staged by any individual country yet, unfortunately, the headlines often have little to do with the athletes’ performance on the field - The Munich massacre of 1972; the Atlanta bombing of 1996 and this year’s games haven’t even begun in Beijing yet they’ve been making headlines. And soon it will be our turn.

The recent issues and protests surrounding the torch on its journey through the streets of London, Paris and San Francisco have highlighted some very serious security issues we will face in the run up to, and during, 2012. Once the UK steps into the limelight, with the baton passed to London during the closing ceremony at this year’s event on the 24th August, the focus will be redirected and we will become the next major target of attacks driven by political and religious beliefs – believe it or not, not everyone in the world loves the UK and our culture. These attacks are more than likely to be both physical and digital and will, undoubtedly, be a magnificent smokescreen for organised crime to hide behind. The security community faces a tremendous challenge of educating organisations about the threats to their business.

At the end of 2007 the Times newspaper had a front page story disclosing details of an unprecedented warning issued by CPNI – Centre for Protection of National Infrastructure to major businesses in the UK accusing China of carrying out state-sponsored espionage against vital parts of Britain’s economy, including the computer systems of big banks and financial services firms. The Government alleges that British companies doing business in China are being targeted by Chinese State Organisations using the internet to steal confidential commercial information (a touch ironic with them hosting this years Olympics!). And we’re not alone, while I was in the USA, recently, it was publicly confirmed that the US Defence Department acknowledged that their systems have also been compromised by China and they have no idea to what extent and depth. So what are the threats to your organisation and why would the Government issue notices to anyone?

As the dependence on IT continues to grow, so does the realisation of how much sensitive or critical information is held within IT environments. As more and more sensitive data is digitised, and regulatory requirements become increasingly stringent, organisations face the challenge of securing and protecting their data against unauthorised access, tampering and loss. An enterprise's network is an inherently complex entity including a myriad of devices, platforms, applications and operating systems. Because of increased employee mobility and the growing number of end-user network-capable devices, tracking and controlling network access has become essential to maintaining data security in corporate networks. Organisations must balance access to these resources, whilst protecting valuable assets and ensuring customers' privacy. Failing to get the equilibrium right proves to be a costly business issue.

The sheer number of threats and intrusions to corporate IT systems has grown phenomenally in the past few years and today's security risks are complex. Threats to an organisation range from external threats to internal threats as well as passive threats. Networks and personal computers need to be protected from vandals (malicious mobile code, Trojans, worms, VB/JavaScript), viruses, data exposure and inappropriate content. To better deal with the rapidly evolving threats, organisations are moving towards combining proactive and reactive security measures both within the existing network and at the boundaries where the network may interface with external and unknown devices. Historically associated with protecting a network against attack from the Internet, firewalls are increasingly becoming more important for securing a network against internal threats.

So where to start? Even thinking about dealing with the number of security vulnerabilities that your organisation faces is enough to cause a migraine. Finding and prioritising the sheer volume of network's vulnerabilities, and then ensuring that they are fixed, is a nearly impossible task that can leave your organisation exposed. Implementing ongoing vulnerability management to discover and assess vulnerabilities, and to implement and maintain system configurations, will ensure secure environments saving time and money in the long run.

The threat to business is increasing as we rely upon the data within an organisation. The good news is that UK plc finally seems to be waking up to the threat to their business. The information we have suggests that, after many high profile data losses, boardrooms are finally giving security a bigger piece of their IT budget. Is this because no CEO wants to see himself or herself on the front page of the nationals, and have to explain to their shareholders how they lost all their customer data? Or is it because the threats are finally being given proper airtime?

Either way, one of the issues the security industry faces is that if it does its job well, it will never be able to prove that the money was well invested because incidents have been prevented before they happened! I had the good fortune to sit next to Richard Walton, former Director of Communications and Electronic Security Group, GCHQ at a couple of events recently. He rightly pointed out that had legislation been passed before 9/11, making it compulsory for airlines to fit locked armour doors to a plane cockpit, 9/11 would not have happened. Well, not in the form that it did. In my opinion the industry would have been up in arms over the extra expenditure calling it unnecessary. Perhaps in hindsight this is something that should have been done, after all there had been plenty of hijackings of aircraft before but hindsight is a wonderful thing.

We need Finance Directors to recognise the real benefits from an investment in security that is necessary not only for today but to protect us into the future. As a result of this outlay, when they see fewer breaches, that should be recognised as money well spent instead of down the drain. The threats will be growing, with UK plc becoming a major global target in the run up to 2012. There’s no time to be wasted as it’s pointless to secure the door after the horse has bolted.

London’s Olympics will definitely be reported on and subsequently be remembered in history, let’s just hope for all our sakes it’s for the right reasons.

www.gss.co.uk

Bye, Bye Standby – A Warning!

by Michael Smith (Veshengro)

While I am a great fan, ever since I was given one of the sets of this device for review on a trade show that I attended some time back (see my product review), I must now issue here a small little warning, though an important one.

DO NOT USE LCD Flat Panel computer monitors with the “Bye, Bye, Standby” units in order to turn the monitor(s) remotely on and off. The power surge into the monitor on turning it on via a “Bye, Bye, Standby” unit at the socket can cause serious damage to the monitor and its circuitry. The spike of power on switching such a monitor on in such a way is very noticeable and even audible; a very distinct “tchunk” noise can be heard and a flash can be seen on the screen . This spike can and will damage the monitor's circuitry.

This just has happened to me after having used the “Bye, Bye, Standby” units with the PC and its monitor for a couple of months now day in and day out. Now the monitor will not “hold” the picture for the first three minutes or so when starting the PC; it flickers off and on until it finally, when it is warm enough I guess, come to rest and settles. It would appear that, as I said, it needs to war up first now ever since it started behaving in this manner. All I can put it down to is the spike from the switching on of the monitor via the “Bye, Bye, Standby” unit.

So, let the user beware!

My serious recommendation is to have the monitor, any LCD monitor (and even CRT, for those that still use them), plugged into a socket separate from the “Bye, Bye, Standby” units and turn the monitor off and on – to conserve power and energy – manually by means of its own power button. This is, generally, located in the center of the buttons on the monitor surround itself, and the power button is, normally, the bigger of the buttons. This should protect the monitor form any such surges while at the same time giving you, the user, the same energy savings as would be by using the “Bye, Bye, Standby” units.

What most people do not realize is that it is the monitor, even an LCD monitor, that takes the greatest amount of energy, more than the PC (as long as it is NOT processing anything) and even in standby the monitor still draws a considerable amount of electricity and is quite an energy guzzler. All you have to do is actually remember to turn the monitor(s) off manually; that is to say each and every one individually.

While, as I said, I do very much like the “Bye, Bye, Standby” units and must say that it helps not having to crawl under the desk every time in oder to turn off devices, had I known the impact it could have on a LCD monitor I would have done as I now advise here.

Using the “Bye, Bye, Standby” units, however, has made it possible, for the first time in years, to, without having to, as said, crawl under the desk, to turn off my “old” scanner. The latter does not have an on/off button which, I must say, I find rather daft.

So, while, all in all, I am very happy with the “Bye, Bye, Standby” set up this is just a little warning to users to beware as regards to their monitors being connected to this system and that the spike caused by the turning on of the supply to the monitor at the socket via the “Bye, Bye, Standby” unit can cause damage to the monitor.

Once again, just beware, and turn monitors on and off manually at their individual power buttons.

© M Smith (Veshengro), May 2008

Storage Expo 2008, A Date for your Diary

Storage Expo, the UK’s definitive event for data storage, information and content management, provides visitors with the opportunity to compare the most comprehensive range of solutions and services from all the leading suppliers whilst addressing today’s key issues in an unrivalled education programme. Organisations increasingly have to look at how they store, manage and protect all kinds of information and data, from its creation, through to archiving and final destruction.

The show is now in its 8th successful year and in addition to more than 100 exhibitors the education programme features over 60 experts on data storage and information management. Visiting Storage Expo at the National Hall Olympia London from 15th - 16th October 2008 will help organisations discover their most effective tools and methods to meet your storage, information and content management needs.

A survey by Storage Expo has found the top data storage challenges facing organisations are:

  • How to implement the right disaster recovery strategies (48%)
  • The management of increasing volumes of data (48%)
  • Ensuring data security of the business (46%)
  • How to store data cost effectively and justify ROI (42%)
  • Ensuring compliance with the latest legislation (32%)
  • How to centralise data access (29%)
  • Achieving interoperability across existing storage solutions (17%)
At Storage Expo there will be a number of Key Speakers who will cover these issues, with case studies and discussions of how to solve them.

Education Programme Overview:

Storage practice has traditionally been driven by the push of legislation rather than the pull of sound business practice; but increasingly business efficiency, utilization of intelligence, process management and productivity benefits are pulling storage strategy. The Storage Expo 2008 keynote programme looks at the latest business advantages that sound application of storage protocols can deliver for your organisation. The Keynote speakers will include senior executives and storage experts from the government, banks, Formula one team teams and industry analysts. Issues they will be discussing include Efficiency, Data Classification, Virtualisation, De-duplication, Thin Provisioning, Email Management and Archive, Back-up Strategies and Clustered Storage.

For further information on Storage Expo, please visit www.storage-expo.com

Anyone for a Free Beer?

By Calum Macleod, European Director of Cyber-Ark – The Digital Vaulting specialists

What would you consider the value of your company’s data to be? Consider your organisation’s research and develop data, marketing strategies, client database, and all your financial data. What would it be worth to you to have that data returned if you discovered that the only up to date copy had “left the building”? Would you consider offering a public reward to anyone who could supply any information relating to apprehending the people responsible for the theft of every piece of valuable and confidential data that your organisation possess? Would you actually still have a job? Would you know if it happened? The reality is that in many organisations senior management are totally oblivious to the extent to which sensitive information is being leaked outside.

Would you know if your head of finance is so paranoid that he or she keeps all the company’s financial data on his company notebook just to be sure that no one can access it? And yet recently a multi-national, publicly traded company discovered this to be the case when the hard disk crashed on the notebook!

The reality is that most of you are sitting on a ticking bomb and are totally oblivious to the risks being taken with your business by your employees, and frequently it is those in the most responsible positions that represent the biggest risk.

The area that represents one of the major risks to your well being is your IT department. Everything that your organisation does today will use IT in one way or another. In fact the operation of your business is effectively in the hands of your IT department, and in some cases in the hands of staff working for some company to whom you outsourced your IT services. Outsourcing has become a very popular approach because it allows you to reduce your costs and in many cases reduce head count by moving your IT staff to your outsourcer. Attractive as this might be, it frequently is resented by staff who are forced to move and these same staff undoubtedly are still doing the same job as they were when they were your employees, with the same access to your confidential information. Investigations over the past year by a number of independent bodies have identified that as much as 90% of business sabotage is perpetrated by IT staff.

Who Is Looking After Your Infrastructure?

Behind every successful use of your PC or connection to your email, or access to some application that gives you critical data about the state of your business there’s an IT person who is making it all possible. And to make it possible it means that they can access any of your systems, including your PC at any time and look at anything that might be on that system. In fact not so long ago I met with a company where a director was exposed for using his notebook to visit porn websites after one of the IT staff connected to the director’s PC during the day without the user’s knowledge. After all in order to do his job, the IT administrator had the administration password for every PC in the company! Unless there are proper controls such as Privileged Password Management, everything you have on your PC including your email, saved passwords in your browser, and even files that you have opened in your PC are fair game to the person with the Administrator account – and this is while you’re working and you wouldn’t even know it was happening!

Every system and application has at least one privileged account. And these accounts are shared by many people. The privileged account, in the form of administrator accounts and operator accounts are a requirement for every system and application, and this is what makes it possible to keep your systems running. And it is the privileged account that provides the largest exploit opportunity in today’s enterprises. A compromise of the right privileged account, or set of accounts, may create an unknown “puppetmaster” atmosphere where a third party has total control over a computing environment – unfettered access to programs, services, and data. And you can’t just “turn off” privileged accounts because they perform critical functions. Deleting or disabling a privileged account would lead to computers running themselves (or not running) with no human control and no possibility of management. A complete rebuild of these systems becomes a likely consequence.

For Your Eyes Only

It may be for “your eyes only” but if it’s on a company computer system then you can be sure that there are others who are able to use their IT privileged status to have a look. In the banking world, payment files are usually exposed to system administrators. And since these files are used between applications they are not secured. So as a result a systems administrator can easily access a payment file, make a “slight adjustment” and you’d probably never know until the postcard arrives from Paraguay!

The day to day needs of information transfer with users who are not part of the enterprise are growing. Distributing data from back-end systems to customers, or sharing information with partners and other 3rd parties - these types of communications are becoming vital for e-Business.

Financial reports need to be distributed to business customers; legal and financial information needs to be shared with lawyers or board members who are located out side of the enterprise; highly-sensitive Clinical trial information is shared among research laboratories, medical professionals and federal institutions. Payment or salary wire-transactions are also examples of day-to-day file transfer needs, as well as contracts, patents and other types of sensitive information that is exchanged or shared on a regular basis with external entities.

It could also affect the party with whom this information is concerned, and damage the organization's reputation. For example, imagine the results of an M&A agreement exposed before the deal is closed, or a sensitive design file shared with a manufacturer or supplier that has leaked. Other than the implications on the organization itself, there are also regulation issues of personal liability for mismanaging sensitive information.

You can use digital vaulting to eliminate this risk using a unified solution to secure both privileged access and highly sensitive data. It means you can put all your sensitive documents under a virtual lock and key, only making the information accessible to those who have permission to access that information. It’s a product the auditors and IT security people love because you know exactly who has access to the information and when. It also means that the IT department no longer have total control over every person’s computer systems! So unless you’re like Croucher Brewing Company in New Zealand that is offering Free Beer for Life for the return on their corporate secrets, then its time to take control otherwise the monkey will continue to be the organ grinder!

www.cyber-ark.com

Open Source Operating Systems – Fighting the MS Monopoly

No, this is not board game of selling streets and houses...

by Michael Smith (Veshengro)

Linux and other Open Source Operating Systems offer the only legal way for poor countries and poor people and the latter not only in poor countries to use and utilize computers and the Internet.

Microsoft is also a prohibiter of recycling and reusing older PCs, which no longer work with the latest versions of Windows, as their very obsolescence is indeed caused by the demands the new Microsoft Windows versions make on computer hardware, e.g. memory size, hard drive size, etc.

Only the use of OS operating systems and Open Source software makes it possible to – legally – use secondhand PCs properly and efficiently and to save them from the “slaughterhouse” and waste.

Most so-called “obsolete” PCs are nothing of the sort, except that they are no longer “powerful” and “capable” enough to run certain new Microsoft operating system. Vista here is the prime example and culprit, as it requires new hardware left, right and center.

The greatest barrier against the uptake of Open Source software as operating systems and fpr PC applications is the very fact that even many government sites, even e-government sites, are not (fully) accessible (if at all) by Open Source operating system and other Open Source software.

Microsoft does rather have a severe stranglehold on enterprise and especially in government when it comes to computers and software.

While the European Union, and its bodies, is going up against Microsoft as regards to a number of things and in some aspects it, the EU, itself, has websites, for instance, that citizens using only non-proprietary software and Open Source operating systems cannot (fully) access and make use of.

However, the only way forward to free computing and a free Internet can be Open Source software rather than proprietary software, especially in the field of operating systems.

Free Libre Open Source Software (FLOSS) and especially FLOSS operating systems is the only way to stop premature (no, not what you think) obsolescence of computers and the only way for the poor to join the computer age.

PCs and Laptops, as far as hardware goes and is concerned, are relatively cheap, comparatively; it is the forced upon MS operating system that makes a computer expensive.

In addition to that, Microsoft, basically, forces you to buy an individual copy of the operating system for every individual computer that you wish to install it upon (OK, I know you can install it on three, theoretically, but then you have used up the three lives that you get for the OS). Not so with Open Source software, such as Linux (and the same holds true for applications as well).

In the latter case most, if not indeed all, versions are free to download (if you want them on disc and want support with it in the form of 24/7 help then you have to pay) and free to use and your are also free to install the operating system and other Open Source software on one PC/Laptop or on thousands; this is entirely up to you. No license fee. All is free.

I know where I put my money...

© M Smith (Veshengro), May 2008

Backup, Backup, Backup

Backup, backup and backup again must be the definite rule for safety in data retention, including your browser bookmarks.

by Michael Smith (Veshengro)

I am speaking here rather from bitter experience having recently had a crash of Firefox – during the installation of the latest update/new version, e.g. 2.0.0.14 – where none of the settings were retained and all bookmarks therefore were wiped. Please no one ask me how and why this happened and what happened. But, each and every single bookmark of mine was lost when Firefox restarted. It was like if this Firefox was a complete new and clean installation and in fact it behaved just like such.

And no, before you now all ask, I had not exported the bookmarks, as I indeed used to do some years ago. Why not? Because, I must have thought that nothing would happen and it also was one of those “I'll do that later” things. The “later” never happened.

Suffice to say, and you all will have guessed that by now, that I was not a happy bunny when I found out what had happened. The sad fact is that I lost thousands of website links, amongst those many that I used to visit and to a degree have to visit on a regular, even daily, basis. Now I must slowly rebuild those most important ones before I can even begin to think about finding the others again that I lost. Some, in fact, will be irretrievably lost as I cannot even remember what they were.

One of the most annoying parts of this story is that I have yahoo My Web 2.0 and Yahoo Bookmarks where I have a great number of pages stored, but none of those important ones that I lost in the “crash”, though a lot of the pages that are store online were also on my browser on the PC. So, some little restoration is possible that way.

I had always intended to put all my bookmarks for online access onto Yahoo Bookmarks but never have gotten around to it. Why I never did it beats me as many others were saves to My Web 2.0 on a regular basis.

While this is a hard and painful lesson to learn this incident has more than definitely taught me the importance of back up my data but not just all documents, photos; that is to say, all general work, which I keep stored off the main drive of the PC and on a secondary USB network drive in case of a PC crash, but every bit of data including all my browser bookmarks. I do not want to lose those ever again.

Your settings are not as important as the like of important links, you address book (this reminds me that I have not backed that one up for a while either) and your work.

Settings can be relatively simple and easily be rebuilt in a few minutes to maybe an hour or so at the maximum but the rest can take a lot, lot longer to restore and reestablish and some stuff may never be gotten back.

I feel utterly devastated – or at least felt thus – having lost all my web links, some of which were very important indeed in business terms and are a loss that cannot even be estimated. But there is nothing that can be done ofter such an even except making sure that it cannot happen again, that is to say that backups are being kept, off-line and online, if possible.

The most annoying part, as I have indicated already is that (1) I have bookmarks, for instance, stored online with Yahoo Bookmarks where all could have been and which can so easily be exported and then reinstalled into the browser and (2) that with Firefox it is so simple to do regular exports of bookmarks that can be saved on the hard disk.

Lesson learned, however. So, take heed and always back up your data, including your bookmarks.

© M Smith (Veshengro), May 2008

MASON HAYES+CURRAN INTRODUCES SOLSEARCH

Another top 10 Irish law firm, Mason Hayes+Curran, has appointed Solcara to provide an integrated search solution across its business, bringing together all primary legal resources in the Irish, UK and EU jurisdictions, as well as Interwoven’s document management system.

Mason Hayes+Curran has implemented SolSearch to search internal and online legal content. SolSearch reduces the time to find information and improves productivity across the firm. The SolSearch integrated search solution is a favourite in Ireland, used by four of the top five legal firms.

Tony Burke, a Senior Partner at Mason Hayes+Curran said:

“Fast and effective access to the right information is critical to delivering a high quality and consistent service to our clients. With this in mind we reviewed the options for effective searching across both internal and online information resources and selected Solcara SolSearch. The feedback since implementing SolSearch has been excellent. Our lawyers can now search across nearly 40 internal and external sources simultaneously. Solcara’s reputation in the legal market, the fact that they are already integrated with essential Irish and UK content providers and their solutions have been successfully deployed in other leading law firms made them the obvious choice for Mason Hayes+Curran.”

Solcara’s Managing Director, Rob Martin said:

“We are delighted to be working with Mason Hayes+Curran and this new partnership reflects what we are seeing in the market - legal firms who are keen to take advantage of new technology and software to improve their service delivery to clients, and to develop wider capabilities, to be able to make swift business decisions based on readily available information. SolSearch gives legal firms unprecedented abilities to search resources in real time and offers clear benefits to firms wishing to have the best tools available to service their clients.”

Open Source Forum 2008

by Michael Smith (Veshengro)

London, Wednesday, May 14, 2008

The most interesting, to me at least, part of the seminar was – no, not the food, though that was great as well – more than anything, the presentation by Graham Taylor of Open Forum Europe.

Here it was especially interesting to learn that, while the EU and the European Parliament, etc., claim to be open and all that, citizens wishing to – properly – interact and communicate with their MEPs are “forced”, by designs, to have to have computers running a particular operating system and also a particular piece of software from the same provider as the operating system, that is to say that the computers MUST be MS Windows and run Internet Explorer and Windows Media Player. Other operating systems, especially here Open Source Software and Operating Systems, do not work in that field. This is interesting to learn but, at the same time scary to some extent, realizing how much influence a certain software giant has over everything and that Europe and its institutions has locked itself so tightly into Microsoft and other proprietary software.

No, I am not Windows bashing – that would leave too many shards – and neither was the Open Source Forum really. Many Open Source Software can be run happily on Windows.

The other seminar sessions that I attended too were most interesting and informative and I would be happy to repeat such experience any day if the opportunity would present itself.

Unfortunately I had to leave straight after lunch needing to return home urgently for personal reasons. Therefore I also had to forego the other seminars sessions, especially the cases studies. I was particularly interested in the study of the use of Open Source Software (OSS) with the Oyster Card. Alas, as they say, such is life.

Obviously, to a degree, the forum, though being kept “vendor agnostic”, nevertheless, as it was sponsored by Red Hat Enterprise, had a slight RHEL slant to it. This was fine, however, and anyone could learn a great deal as to OSS and as to where the OSS “movement”, for a movement it is, is headed.

The way Open Source Software (OSS) is going and the great quality of the products, more often than not superior to that of the proprietary software available for lots of money, from operating systems, whether Red Hat or Ubuntu, to applications, and everything else in between, we should be seeing a lot more Open Source Software in use and that not only by the geek, the home user and the SMB sector but in enterprise and especially in government.

The United Kingdom in both industry and especially in government as the great, if not the greatest, laggard when it comes to the uptake, implementation and use of OSS. Aside from the USA, the world leaders as far as the use of Open Source Software and Technology is concerned are France, Germany and Spain, and that not only as regards to being leaders in Europe in this field.

In Germany and France we are twice more likely to see the use of Open Office than in the UK.

It is true that the world still uses to over 60% Microsoft Office, followed immediately by Open Office with a share of 25%. All other systems are just about “also rans”.

Many people, and I am sure some of my readers are, or have been, among them, see Open Source Software, including the operating systems, even such easy ones as Ubuntu, as the domain of the geek or of those that are anti-Microsoft. This is, however, not so.

Many also think and try to make it look as if Open Source Software movement and FLOSS movement are all about Linux-v-Microsoft, but this is not the case. It is a lot more nowadays. It is primarily a case of freedom, freedom in many points.

© M Smith (Veshengro), May 2008

Anti-virus software is not the only computer security tool

The truth is that anti-virus software is but one of many computer security tools and the way things are going we seem to be needing ever more. This is a shame and could turn people off the Internet and such all together.

By Michael Smith (Veshengro)

When Mike Saign received an email - purportedly from an eBay auctioneer - accepting his rather low offer for a high-end golf club he reckoned there to be something fishy about it and smelled a rat.

The sender of the email claimed that his PayPal account was down and asked Saign to wire payment to him via Western Union. Instead, however, having his suspicions aroused, Saign, downloaded Iconix e-mail ID, a free tool that pegged the e-mail as a fake.

Then, having saved from being scammed, Saign disabled Iconix and hasn't used it since. Because, he says, he feels like the security software in a normal computer keeps you away from most bad things.

That, however, is not necessarily so and I am sure those of us in the know would rather disagree with him in that.

In fact fraudulent e-mails and tainted and “contaminated” websites are more prevalent than ever. Spam, much of it pitching fake drugs and financial scams, according Symantec, accounts for 80% of all e-mail. The number of new strains of malicious programs has increased fivefold in 2007 over 2006, and about 20,000 new malicious programs are unleashed on the Web each day, according to AV-Test Labs.

Most consumers are, however, in a real and serious fog about the array of security tools they can – and probably should – use to protect themselves.

Craig Spiezle, Microsoft's director of security and privacy, says his own wife couldn't tell anyone which security tools they really ought to be using. "The big challenge we're dealing with is the volume and velocity of new threats," says Spiezle.

The thing is, though, if Microsoft actually would configure their software in a better way – we know it can be done from the likes of Linux (a system that I use for work) – people would actually have no need for such an array of security software which, again, also slows down the performance of the computers often. Especially here the performance of the older models and those with a low memory.


Because we are basically in a pandemic situation as far as consumer PC infections go that (home) PC users are left to decipher for themselves what set of security products they ought to be using and how much protection they are actually getting. No one has, as yet, figured out a business model to cure that.

There are many tools in the armory of computer security, but each will only offer narrow protection,therefore, consumers need to try to understand what each of these tools actually tackles.

Anti-virus programs fail to catch every malicious program. So keeping anti-virus subscriptions current isn't enough, though it does a great deal. Consumers must also get in the habit of quickly installing all software program updates from Microsoft (With caution, I would add there. Always do a “manual” install and choose what you want to install), Apple, Adobe, Mozilla and Java, because many contain the latest security patches.

Beyond that, consumers should consider using:

Certified e-mail: Iconix and Goodmail each sell services to businesses that assure the authenticity of e-mails sent to customers.

Iconix recently launched e-mail ID as a free program consumers can install in their Web browser. The program verifies e-mail sent from 500 companies, including eBay, PayPal, Citibank, Amazon.com and Expedia.

However, the Iconix program can also be a pain the the backside, I am afraid to say, and sometimes takes quite a while to deal with the emails. It also does not work, I have found, with email clients other that Outlook, and with only some of the Web-based services.

The best way, in most cases, as far as untrustworthy emails, phishing emails and scams are concerned, is good old fashioned common sense. If something is too good to be true it more than likely is. If someone tells you you have won a lottery that you have no idea of ever entering then it is a scam, as simple as that. Bill Gates also does not give away any of his money to the likes of you and me. So, do not forward such scam emails. They clog up the Net.

Web page scanners: These tools use varying technologies to gauge the reputation of most Web pages. Programs such as AVG's LinkScanner, ScanSafe's Scandoo, Trend Micro's TrendProtect, McAfee's SiteAdvisor and Finjan's SecureBrowsing grade Web pages as safe, unsafe or questionable.

Web scanners aren't perfect. But they provide a layer of protection against what has become cybercrooks' favorite way to spread malicious programs: via the Web. "The more layers you have, the safer you are," says Roger Thompson, AVG chief research officer.

While, once upon a time, not so long ago, I have been one of the greatest advocate of AVG and would tell everyone to get it, anyone who has read my recent article on the AVG8 program will know why I have changed my tune.

Browser security tools. Microsoft's Internet Explorer 7 (anyone using IE7 must their head examined – I was forced by something from MS to install it but refuse to use it) and Mozilla's Firefox 2 (this is the browser that cannot be too highly recommended for security and safety), the most widely used Web browsers. Both those browsers offer anti-phishing filters that alert users if they try to click to bogus websites set up to fool them into typing passwords and other sensitive data. Microsoft, however, distributes IE7 with this feature disabled, so users must choose to turn it on, while in Firefox 2's anti-phishing filter is always on.

There are no 100% solutions in security as far as computers are concerned for you tell a hacker that a system is safe and the first thing he is going to do is set himself the task to crack it. This is the same with viruses. As soon as the virus writers realize that their virus is being caught they change the code and create a new one. Only the greatest of vigilance as to what sites we visit and what email we deal with can give us some measure of safety, combined with some good tools. But, common sense is also useful on the Internet; let's use some more of it.

© M Smith (Veshengro), May 2008

Bluetooth: A Danger to Privacy

Bluetooth leaves you open to intercept by anyone

by Michael Smith (Veshengro)

If you are concerned about your civil liberties and privacy then it may come as a shock to you to discover that you may have, unwittingly, been allowing your phone to signal your every move to the great wide world, including your communications.

Bluetooth, which is, as most will know, a wireless link built into many mobile telephones, makes our movements trackable by anyone equipped with a PC and an appropriate receiver. And this means ANYONE, not just the security services and the police, if that would not already be bad enough. Anyone, as the word says, can listen in and track where you are if they have the right equipment.

Vassilis Kostakos at the University of Bath in the UK placed four Bluetooth receivers in the city's centre. Over four months, his team tracked 10,000 Bluetooth phones and was able to "capture and analyse people's encounters" in pubs, streets and shops.

Bluetooth is now more of a privacy threat than the more frequently publicised RFID chips, Kostakos says. "If people are worried, they should turn off the Bluetooth function on their mobile phones."

Not everything, as we can, yet again see, that is supposedly good for us, is so.

“Oh, but without my 'Bluetooth' I cannot make phone calls on the move”, I hear some complain. “Can we not just make those things safer?”

Well, we probably could and could add encryption, if you, the consumer, is willing to pay the high costs then.

What is wrong with safely stopping your car, motorbike or your bicycle, to take or make that call? Also, no call is that important that it cannot wait until you get to a safe location where to return the call or make a call.

If you are concerned about your privacy, as said, turn the Bluetooth function off. While it may be something that can and does make life easier it also, yet again, is something that can be used to invade our privacy and to spy on us.

© M Smith (Veshengro), May 2008

BAILEY SOLUTIONS: LATEST RECRUIT TO SOLSEARCH

The library software provider of choice for legal and professional services firms, Bailey Solutions, has joined forces with Solcara to provide SolSearch for its clients.

Bailey Solutions and Solcara already have a number of mutual clients such as William Fry Ltd, A&L Goodbody and Lane and Partners. As part of the agreement, Bailey Solutions will resell SolSearch as its preferred search solution. The companies will also support each other in joint marketing and sales activities.

SolSearch was selected as it is the most widely used federated searching tool in the UK and is already integrated with all primary legal research in the UK and Ireland.

Solcara’s Managing Director, Rob Martin said:

“Having Bailey Solutions as our partner and reseller is another major step forward for the federated search technology SolSearch, now the premier search solution for legal and professional services firms. We very much value the help and assistance this new agreement offers and we are looking forward to working with Bailey Solutions”.

An initial heads of agreement was signed last year and commences this May 2008.

AVG 8.0 – What a Disaster

by Michael Smith (Veshengro)

For many years I have used Grisoft's AVG anti-virus software, the FREE editions, from about 5.something onwards. Until recently I have had AVG FREE version 7.5 on my computer and have had absolutely no problem with this software whatsoever. Every virus that circulated and somehow came my way AVG dealt with immediately and dealt with it well.

I have had heard rather negative reports about the latest version of the AVG anti-virus program from Grisoft, namely AVG 8.0, including in the pages of “Computer active” magazine, but have reluctant to believe them I have always been rather positive inclined towards AVG, as it has done a great job for me over the years. Every virus, as said already, that was in circulation on the Internet and cam my way, AVG always dealt with and killed them with, maybe one or two zero day attacks that I had to deal with in another way, but that was a number of years ago. But it is NOT any viruses that may have been let through in this instance.

The other day I was prompted to install the upgrade from AVG 7.5 FREE to AVG 8.0, as AVG is removing support from AVG 7.5 on May 31, 2008, and this is when the problems began.

Having followed the advice to upgrade to AVG 8.0 from AVG 7.5, due to the already mentioned fact that the company if removing support from the latter in the form of updated and we all know that without the virus updates any anti-virus software is useless – I did so downloaded AVG 8.0 (build 100) and installed it on my PC. This was, as I found out, a very bad move and idea indeed.

Why? Because nothing worked anymore. The PC kept freezing up and had to be crash-shut down again and again. I spent, literally, hours trying to get the PC to work with the AVG anti-virus. After about five or six attempts I then decided that enough was enough and that AVG 8 was/is useless and a problem I decided to uninstall AVG 8 and then to simply get another free anti-virus program.

You would think that uninstalling it should have been easy but do not be fooled. It took several attempt and working basically in safe mode to actually being able to get the darned thing off the PC again. Phew!!!

I shall think that I will never again, in my live, most likely, unless some serious improvements be made to the software, use and especially recommend AVG anti-virus and other security software to anyone and especially our readers, as I have done in the past.

So, now we have had a PC without protection against viruses and such. What to do?

I simply found the website of BitDefender and downloaded the latest version, BitDefender 10 and installed the same. The interface and all is a little bit a learning curve as it is not as intuitive as was AVG but the scanning options are much broader, especially the ability to predetermine scan times for a variety of scanning tasks. It has to be said though that a full in depth scan can take hours, literally.

On the other hand, during that deep scan, two viruses were located that AVG 7.5 never seems to have come across. They were, however, not in any dangerous location but simply in the Temporary Internet Files. One, a Trojan, BitDefender was unable to isolate but, as far as I know, should now have gone as I removed all files out of the Temporary Internet files. The only way to deal with those things.

So, in summing up I must say that what “Computer active” said about AVG 8.0 is probably right and they did not even mention the fact that it is difficult to get a PC to work with that software and that it is extremely difficult, to say the least, to get rid off AVG 8.0 again once it is on the PC.

I cannot, as yet, be the judge as regards to BitDefender, as I have not had it on the system long enough to see how it performs under attack.

I may just have had a strange experience with the latest AVG but I had the problem with a download and with a copy on a CD. So, as far as I am concerned the jury had returned and found the defendant guilty as charged. Be careful with the latest version of AVG unless you have a lot of resources, e.g. a RAM of 512MB or higher.

© M Smith (Veshengro), May 2008

15 ways to lose your database

by Peter Mitteregger, European Vice President, CREDANT Technologies

Arguably an organisations most vital asset is its databases, often containing financial information, customer and employee data and intellectual property. There have been many articles written that examine the risks posed of data being exposed and the potential damage caused. In addition, external threats have long been recognised with billions of pounds spent strengthening defences to mitigate against them yet there is little acknowledgment of the very real threat from within. The statement ‘don’t leave your valuables on show’ is a simple principle so why is it often ignored by Corporate UK?


It is proven to be easier to bribe someone on the inside (or even implant them there) to gain access to sensitive data. Leaving this risk aside, how often has someone left your organisation taking company stationary with them? Do you know what else has been taken? Could they have sneaked out with sensitive material? What about a copy of the entire corporate database? Would you even know if they had?


Below, I’ve identified the most common techniques individuals will employ to copy sensitive data :


Legitimate Access Yet Inappropriate Use

Let’s be realistic, employees need to have access to corporate data in the normal course of their duties. Increasingly today, this need is 24 hours a day - 7 days a week and is not restricted to within the corporate walls or to company owned devices. It is this need that is opening up one of the biggest and growing weak points for Corporate UK as data is seeping out via unprotected end-points, a significant number of which the company is unaware exist, or they are simply outside the company’s domain, such as private USB sticks or iPods.


To illustrate, an employee in sales may need to legitimately access customer records whilst on or off site and during a normal day may do so up to 100 times, another employee in R&D may need access to the secret formula for a product that’s in development whereas another employee in the marketing department may need to access the marketing plans for this new product’s launch and email them to the various agencies tasked with delivering the plan. However, there is no viable reason for all of these different employees and departments to be able to access all of this information, in the same way, and do the same things with it. In many instances, the company may be legally obligated to limit access to information on a need-to-know basis.


Access must be restricted to just the records that are needed to perform the task, with control over which bits of each record can be viewed, combined with limiting what can be done with the record.


If there is no obvious explanation why an employee should need to be able to access confidential and sensitive data, whilst off site, then they shouldn’t be able to. It would be prudent to employ a solution that can detect devices trying to connect to the enterprise and sync up with corporate data. Additionally, if there is no reason why they should need to make an electronic copy of these records – be it to a corporate or personal endpoint such as a CD, a USB/Memory stick, an iPod or even a Blackberry, then they should not be able to do so. If there is a valid reason why they need to make a copy then it should be force encrypted with a solution that does not impede the system, regardless of the device it is stored to, to ensure the integrity of the data is protected once away from the safe corporate environment.


By the same token, if an employee does not need to print a copy of the data then they should not be able to do so and even if they do, this should be regulated as I’m positive that there can be no genuine reason for complete records to be printed. Perhaps an alarm bell should be sounded if someone does print the entire database and a means deployed to ensure that it is not removed from the premises.


Another way to identify if an employee is abusing their access rights is if their usual behaviour alters and they suddenly start accessing a greater number of records then usual for longer, or even shorter, periods of time. This could indicate that they are writing the records down in some format to bypass any security restrictions in place.


In the case of a disgruntled employee determined to cause mischief records could be altered, or even worse deleted, thereby damaging the reliability of the data.


Another danger is if an employee wishes to steal a copy of a database and may attach it to an email and send it out legitimately through the corporate gateway. A savvier employee, worried at leaving a trail, may try to bypass this by uploading the file to an external system, such as yahoo, hotmail or a hosted document storage and management solution.


There have been a few instances of people seeking employment to steal data to order or even for an employee persuaded to divulge corporate secrets for financial gain.


Opportunistic Access Is Still A Real Risk

There are some risks that aren’t hi-tech and therefore harder to detect and even harder to protect against. For example, the business case for a printed hard copy of sensitive records needs to be strong as an opportunistic may access this and make a photocopy of it, completely undetected!


Another increasingly recognised threat is the mobile employee, justifiably working while travelling; either on the train, in a service station or another location, with someone looking over their shoulder and making a note of material displayed on the screen.


One further, really obvious, risk is writing down and/or sharing passwords. This is a truly naïve practice, with no justification, yet it is still widely abused today.


Illegitimate Access So Of Course They’re Up To No Good

The easiest, yet inexcusable, way for data to be violated is by an ex-employee whose access rights have not been timely revoked accessing the network remotely, perhaps initially just to see if they can, and then tempted into taking liberties with this oversight.


Another potentially soft target is a portable endpoint; such as, but not limited to, a laptop, blackberry or USB/Memory stick, that is misplaced or stolen. Should the device be unprotected then any data stored on it is exposed. Additionally, in the case of a laptop or blackberry, it may prove to provide a back door to the corporate network.


So What’s Corporate UK To Do

It may seem like a nightmare with so many trusted employees out to steal your most vital asset yet there are ways to mitigate against these risks :


  1. Restrict access to only those employees who need it and limit what they can see, and what they can do, with the records

  2. Appropriately monitor employees’ behaviour, ideally setting control mechanisms to flag any significant deviations from the norm

  3. Employ a solution that can detect devices trying to connect to the enterprise and sync up with corporate data and force encrypt information when it is removed, legitimately or illegitimately, from the safe environment of the corporate network

  4. Do not make unnecessary hardcopies of records or leave them unsecured

  5. Educate the mobile workforce to the risks posed by their activities and the devices that they use

  6. When an employee leaves, ensure all access rights are revoked immediately

  7. Never leave a written record of passwords

  8. Perform background checks on new employees, including contractors and any periodic workers. It may be prudent for these checks to be conducted at regular intervals to ensure that nothing has changed as is the case for those working with children via the criminal records bureau

  9. Never leave data security up to the end user. It is imperative that this is controlled and managed centrally which can also reduce TCO (total cost of ownership) as machines don’t need to be locked down or brought in to the office to update them

  10. Corporate Governance requires you now to have security and to be able to prove it. Use a solution that includes a central management console – that way every machine is protected and can be tracked.



Box Out : Quick Overview of 15 Ways to Lose Your Database :

  1. Employees able to access a database regardless of their need to do so, with sight of complete records including information that they do not necessarily need to see

  2. Unrestricted downloading of the database to removable media

  3. Employees able to print individual records, or even the full database, in hard copy format

  4. Employees able to access records, in undefined quantities or for unlimited periods of time, providing the opportunity to make a written copy

  5. Records, or even the entire database, altered or deleted

  6. The full database, or individual files, emailed as an attachment

  7. The full database, or individual files, uploaded to an external storage facility/website or a hosted document storage and management solution.

  8. Secure employment for the purpose of having unrestricted access to confidential data with criminal intent

  9. Existing employees being coerced into removing data for financial gain

  10. Ex-employees who have not had their access rights revoked

  11. Photocopy hard copies

  12. Over the shoulder screen theft from mobile workforce

  13. Writing down, or even sharing, passwords

  14. Loss of external or portable media (memory sticks, CDs, laptops, etc) that contain unencrypted information, often during travel.

  15. Misplaced, or stolen, devices (laptops, blackberries, etc) used as a back door to the corporate network


For more information contact www.credant.com


ThreatFire Free Version – Product Review

Review by Michael Smith (Veshengro)

At the recent Infosec 08 I was given a copy of the ThreatFire anti-e-threat tool, which is a FREE program (though a paid for version is available as well) and I decided to install and test it.

ThreatFire, by PC Tools Software, is a powerful PC security tool that, however, can be a little daunting with its many warning and alert pop-ups, of which there can be quite a number; at least to begin with until the program has been instructed as to what to ignore and allow and what to block. In this way it is a little bit like, say, Zonealarm Firewall.

My “problems” as to the amount of warnings and alerts may be due to the fact that I have set the security settings to the highest level. I like to run a tight ship, so to speak, and if leaks can be avoided the better.

If you, like me, run a software firewall – in my case Zonealarm – then you will have quite a number of pop-up alerts to content with as well, every time that ThreatFire, for instance, asks for Internet access to update and such, and so they can be quite a lot. Not really anything bad, I think, to ensure that one's PC is not infected and hacked. In the long run, as I have just said, for security and peace of mind, as fas as I am concerned, this is all well worth it.

The software could do with some intelligent programming, maybe, to understand from the beginning that the likes of Firefox, Internet Explorer, Outlook Express, etc. do go onto the Internet· Then again, firewalls do not come with that as standard either. The program itself, like firewalls, can be instructed to let programs through the next time round and therefore not really a problem, as said before.

Seeing all the threats that are about on the Internet presently, from the ordinary (if there ever is an ordinary one) virus, over Trojans and worms, etc. to outright malicious hacking, etc. and which are distributed via email but also just simply by some unsavory characters inserting malicious code on innocent websites where the then unsuspecting visitor gets his or her PC infected, the more security devices, in this case software applications, the better, as long as they do not clash with one another, and such practice can only be commended. Only one should never ever have more than one dedicated anti-virus program running on a PC. They do tend to clash and often can cause serious problems on a PC.

As far as I can see ThreatFire definitely is a great addition to ones anti-virus/anti-malware armory and considering that the basic version if free there is nothing that you can lose.

© M Smith (Veshengro), May 2008