The best way to survive an accident

In life and in business I truly believe there are no accidents, just bad choices. This reminds me of a Lexus commercial I saw a while back that touted how safe their vehicle was. The announcer said "The best way to survive an accident is to avoid it in the first place."

Regardless of what you believe about accidents, we do have to look at information security this way. Such avoidance means being proactive and putting forth the effort to do what's right rather than wait until something goes awry. Funny how so many things outside of the security realm can be tied back to security.

While we're on the subject, here are a few bits I've written about computer security incident response in case you're interested.

Read More

Windows and Linux management tips and tricks

From Windows to Linux - desktops to mobile devices - here are some recent pieces I've written for TechTarget that you may be interested in:

Devise a Windows XP end-of-life strategy before migrating to Windows 7

Troubleshooting Windows 7 with built-in tools and online resources

Securing the new desktop: enterprise mobile devices

Common Linux Security policy management gaps

Read More

Stop all Wi-Fi deployments!

A study in the Netherlands has found that Wi-Fi radiation will eventually result in the death of parts of tree leaves. Yep, take those access points and put them 20 inches from trees and let the killing being. Seriously!?

Who's putting their access points that close to trees? Why are people even studying something like this? Apparently the "global warming" crowd is up to it again...I'm just glad those were Dutch tax dollars and not mine. :)

Read More

Just how much control are we willing to have forced upon us?

It's been an interesting and truly scary news week in the "good old" U.S. of A. Think about this stuff folks:

• A Democrat congressman in charge of the House Ways and Means Committee with jurisdiction over taxes gets reprimanded for not paying taxes
• A judge is busted for buying drugs to use with a stripper
• San Francisco banning circumcision and toys in Happy Meals
  

And, of course, TSA minions doing things like giving three year olds invasive searches (at the same time our own enemies are allowed through because profiling is "insensitive") ...I suppose these government employees don't care...after all, they have very little to lose in their work because TSA agents are apparently immune from prosecution.

...and now, this: The US Secretary of Transportaion Ray LaHood wants wants cars to include scrambling technology that would disable cell phone use by drivers and perhaps passengers. Wow...when it the control going to end! ?

What is the United States coming to!? I think most people know the answer. Unfortunately our priorities aren't straight because of one tremendous flaw in how we think and live.

When are we going to stand up as a country and tell our government not just no, but Hell No! on everything they're trying to push on us? Enough is enough...

Here's a good piece from a man who really understood what's going to sum this all up:
All tyranny needs to gain a foothold is for people of good conscience to remain silent. -Thomas Jefferson

Read More

Becoming a more refined Web security expert

Here are some recent pieces I've written on Web application security and testing that you may be interested in. From getting started in your career to cloud security to doing Web application security testing the right way...check 'em out:

The secrets to getting started in your software testing career

Four skills that will make you a better web security professional

Building solid security requirements

Security oversights in the cloud: Asking the tough questions

Why current application security measures fail

Read More

Internet Password Breaker - yet another reason to encrypt your laptops

Elcomsoft just released their new version of Elcomsoft Internet Password Breaker which now supports Chrome, Opera, Safari and Firefox. In essence the program can recover passwords, sensitive form data and so on that users have conveniently stored in their browsers for the past, oh, several years. Furthermore, the tool can now instantly recover Microsoft Outlook, Outlook Express, Windows Mail and Windows Live Mail account info, user IDs, passwords and cached forms.

Here's a screenshot of the new version 2.0:





















Using the tool is as simple as loading it up, selecting which browser or other type of account you want to recover sensitive information from and you're off. It's that easy.

Looking at this from a malicious user's perspective, imagine the damage that can be done when just one seemingly benign laptop is lost or stolen and happens to be completely exposed because its hard drive is not encrypted. Ugly stuff folks.

Looking at it from the opposite perspective, Elcomsoft Internet Password Breaker can really get you out of a bind when you make some sort of bonehead move like I've done before (like "accidentally" deleting your browser history) and need to recover your own information.

Either way, it's a good tool to have in your security or forensics toolbox.

Read More

The fundamental flaw of information security in SMBs

Here's a good piece that Entrepreneur Magazine put together for SMBs to ensure they have a secure information systems environment. I don't disagree with any of the recommendations. What I do find interesting is that there's no mention of "determine where you're weak".

Be it in the beginning before you put all of the recommended controls in place (and potentially saving yourself a lot of time/money if it's determined you don't need certain types of controls) or after everything is established - you absolutely have to assess where things stand.

You know my feelings on this: You cannot secure what you don't acknowledge. Building out a supposed secure infrastructure is only one piece of the puzzle. Basic controls are just the beginning.

That's the fundamental flaw with information security today - especially within SMBs...Owners and managers of SMBs read these recommendations, put their strong firewalls and passwords in place, and leave it at that. Months or years go by and then something bad happens: an employee breach, external hack, malware attack , you name it. All along these very people had no real sense of how secure or unsecure their systems really were. Don't follow their lead.

Read More

Some things you need to know about Windows Firewall & Microsoft Security Essentials

Here are a couple more pieces I wrote for SearchEnterpriseDesktop.com where I ponder the utility of Windows Firewall as well as a few things you may not have thought about regarding Microsoft Security Essentials:

Weighing Windows Firewall for enterprise desktop protection

Microsoft Security Essentials may protect non-enterprise users in your business

Microsoft Security Essentials – when it may not be a good fit

Read More

My (belated) thoughts on Intel's purchase of McAfee

I've been so busy working that I've failed to post some timely pieces I wrote over the summer...here's one of them:

Intel's McAfee buy marks a turning point for security

I truly believe we cannot even fathom how this acquisition will impact us long term.

Read More

Windows 7 security tools & password weaknesses

Here are some recent SearchEnterpriseDesktop.com pieces I wrote regarding Windows 7 security...enjoy!

Using Windows 7's built-in features to keep your desktops secure

Windows 7 doesn’t end the need to monitor passwords

Read More

Interesting findings from Venafi on encryption management

Information security vendor Venafi released a survey at the October Gartner show that has some interesting findings related to encryption management:

• Organizations anticipate a 27% year-over-year certificate and key inventory growth rate
• 85% of organizations manage encryption certificates and private keys manually via spreadsheet and reminder notes
  
• 78% of organizations have experienced system downtime due to encryption failures in the past 12 months
  

Given what I see in my information security assessments - how many in IT often struggle to find newer ways of managing and securing their environment - none of this surprises me. It's often home-grown solutions sticking around, the general perception that policies can be enforced and processes can be followed without the right technologies in place and a general lack of leadership in/around IT.

Still interesting insight from the survey nonetheless...apparently there's still some room for improvement - even with something as niche (given the big picture) as encryption management.

Apparently Venafi is conducting an extended encryption management survey to dig even deeper on this data. Might be worth checking out to see how your organization compares

Read More

Using GFI LANguard to find open network shares

Have you see what your users are sharing up on your network? What about your server shares - are they divulging too much PII and intellectual property to any Joe Blow on the network?

Outside of mobile security (smartphone weaknesses, lack of laptop encryption, etc.) the problem of unstructured information scattered about the network is a very predictable high priority finding in any given security assessment.

The reality is you cannot secure what you don't acknowledge. How do you know what's in your environment just sitting there for the taking? You could very well have experienced an internal data breach and not know anything about it.

Enter GFI LANguard.






















I've used LANguard for years to uncover open shares on networks and it works just dandy for this purpose.

Do yourself a favor and download the trial version of LANguard and run the share finder tool in your environment to see just what's being shared out - and exposed. It's as simple as the following:

1. Select Launch Custom Scan
2. Select Network & Software Audit
3. Select the Share Finder profile
4. Select Scan a range of computers or Scan a domain or workgroup and enter your network information
5. Enter the login credentials of a basic user representative of most domain users in your environment
6. Select Scan and let the tool do it's thing
   
7. Once complete, select Analyze scan results
8. Select Results Filtering (upper left)
9. Select Open Shares (middle left)
10. Scroll down and look* for shares with permissions granted to BUILTIN\Users or Everyone
11. Login to the network with the basic user credentials from above and see what you can see. I've found both FileLocator Pro and Identity Finder to work very well for rooting out sensitive information. I also recommend manual browsing for files/content/context that automated tools may have trouble uncovering.
    

That's it!

I cannot stress enough that sensitive files readily-accessible on open shares is one of the greatest risks on your network. It's screaming for your attention right now. So track down your open shares, set permissions on a need to know basis or remove the shares altogether, and get your arms around this beast before it grows even larger.

*I wish LANguard had the ability to filter down into open shares even further by only showing shares that are open to specific groups or users that you specify. It's a hassle to have to manually sort through things... Hint, hint. :)

Read More

Let the smoke (and mirrors) clear

Finally, some hope and change we can believe in!

But not so fast...a quick note to all the Republicans out there: you didn't get voted in because people are embracing you...people are just tired of seeing the Democrats' lack of principles and leadership- not to mention their taking money (by force) from the people who earn it and giving it to those who don't deserve it - undermining and effectively destroying what our country is all about.

I still go back to the Margaret Mead quote I posted yesterday: "It may be necessary temporarily to accept a lesser evil, but one must never label a necessary evil as good."

The next two years will certainly be interesting...

Read More

Today is the day

Today is the day we get a chance to vote for more government or less government.

Today is the day those of us in America can begin to stop the bleeding we've been experiencing since January 20, 2009. Technically, for decades.

Today is the day we're empowered to remind the career politicians around our country that we the people are in charge. Not them.

Today is the day we stop giving up little liberties to gain a little security...otherwise, as Benjamin Franklin said: we'll "deserve neither and lose both".

We can't stop today, though...Otherwise we'll continue with the mess that power-hungry politicians (Democrats and Republicans) have left us with to this point. Like Margaret Mead said "It may be necessary temporarily to accept a lesser evil, but one must never label a necessary evil as good." Remember that today and in 2012.

Something has to change long term if we're going to continue to thrive in America as intended by our Founding Fathers. As you go out and vote today, remember what George Orwell once said: "If liberty means anything at all, it means the right to tell people what they do not want to hear."

Read More