Tonight’s forecast…cloudy with a chance of compromise!

DropboxIncident_SQOver the past few weeks we have seen data on cloud storage services being compromised. Celebrities’ personal photos were stolen from Apple’s iCloud service. Then Snapchat was compromised, with both photos and videos were stolen. Now, Dropbox is reacting to what they say is a compromise of another service’s credentials store that is being used to compromise Dropbox accounts of users who use the same username and password on multiple services.

A common theme across all of these is clear… cloud services are being compromised. Does this mean you should not trust cloud services? Pull all your data back down to local storage and cancel your Internet connection? Go off the grid and return to the trees? Of course not! Cloud services are a major component of our connected lives, and it is not at all true that they are inherently unsafe or vulnerable. They are, however, accessible from literally anywhere in the world, so most people should take more precautions with their data than they may be accustomed to.
Continue reading

How much do you trust technology?

TrustTech-Oct_SQIt sometimes seems as if we’re abdicating more and more of the control over our everyday lives and handing it over to computers. Machines are analyzing the data and making many of the decisions that used to be the province of human beings. In some cases, this has had very positive results; in others, not so much.

A study conducted by Oxford University about a year ago said that almost half of the jobs currently occupied by people in the U.S. could be performed by computers. The combination of computers and robotics has already infiltrated many fields, with technology taking the place of pharmacists, legal researchers and document reviewers, reporters and more.
Continue reading

5 Reasons Behind Data Breaches and Cybercrime

JP Morgan, Home Depot,Target, Kaiser Health,Adobe All Big Data Breaches

My day job is a partner of GFI Software, Each day I speak to IT admins form very small to very large companies in North America, My focus is on Patch Management, Network Vulnerability Scanning,Windows Event Log Management, Securing network endpoints, W3C log management, as well as web security and email security.
Continue reading

October Advance Notification: Time for nine

PatchTueAdvNot-Oct_SQLast month, we got a bit of a break as Microsoft issued only four security bulletins and unlike the July and August patches, none of the September patches resulted in widespread problems (those with long memories might recall that the company wasn’t so lucky the previous year, when the September 2013 patches caused numerous reports of problems.

October is traditionally the month for fans of horror stories, so we’re crossing our fingers and hoping this month’s updates won’t bring any Halloween-like surprises. We have a medium-sized slate of patches: nine in all, three of which have been given a severity rating of critical; all of those are remote code execution issues – as are the vast majority of critical patches. One is rated moderate, and the remaining five are classified as important.
Continue reading

20 things that could happen when there’s no web monitoring software

WorstThatCouldHappen_SQNobody wants to be the Internet Police. We’re probably all very happy with unrestricted Internet access, and it’s none of our business what other people do online.

That all changes in a business environment. Since the company’s PCs are company assets, the company pays for bandwidth, and there are all sorts of threats out there even for users who are doing the right things, companies need Internet monitoring and filtering. It has nothing to do with policing the Internet but it has everything to do with safeguarding your network, assets, investment and reputation.
Continue reading

Block harmful websites or else…

BlockHarmfulWebsites_SQMost companies these days provide Internet access to their employees. Most employees consider Internet access like coffee service – something that they take for granted. While this is a great thing for both employers and employees to have, when that Internet access is completely unrestricted, bad things can happen with alarming frequency. Companies’ IT or security teams need to implement technical protections to block harmful websites, or employees can quickly find their workstations compromised by malware. Let’s first discuss why you would want to block harmful websites, and then how. Continue reading

Improving productivity with Internet monitoring software

InternetMonitoring_SQThe Internet is one of the best and most powerful information tools but it can be an enormous time sink if employees in the company have unrestricted Internet access. When those constantly on Facebook, Tumblr, Reddit and the rest are on the clock, that’s time and money they are taking away from the business! Providing users unrestricted Internet access is great, but not when it causes productivity issues. One way to deal with the problem is to manage and monitor access to the Internet so that you are efficiently using bandwidth, maintaining productivity and keeping employees happy.
Continue reading

The top 24 facepalm moments in information security

24FacePalmMoments_SQIn case you missed it, there’s a newly discovered vulnerability in the BASH shell that impacts not only Unix and Linux systems, but Apple’s OS, F5s, Cisco hardware, access points, and practically every other device on the Internet that has an operating system or firmware that is based on Linux and an interface that parses remote data. It’s called ShellShock, but it’s not the wide ranging implications of every device other than Windows systems that deserves the facepalm, but that the vulnerability has apparently been around since 1992. Yes, that’s right. There are college grads in the IT workforce today who are younger than this vulnerability!
Continue reading

To split or not to split? That is the question

This is the video and text from my recent GFI FaxMaker case study. In this video, I share a bit about my background, and my experience with GFI FaxMaker 2015.

I was a chief information officer for a mortgage company in Indianapolis we were looking to build a fax server and doing my research I came across GFI. The product was GFI FaxMaker and that’s where I began my relationship with GFI.

The primary value of FaxMaker is the ability to bridge older technologies such as stand-alone fax machines with newer technologies such as email, That’s really where that value comes from. As far as the easy use for the product as well. One of the cool things about FaxMaker is it works with really any email server as for SMTP, so it doesn’t really require any type of special integration work it works with all of them just fine.

Compliance is really huge. A lot of organisations have to comply with what’s called PCI DSS, for credit card security and HIPAA for medical records and there are certain documents you cannot send securely unless you send it with fax. Faxing also allows you to get an accurate record of when the document was sent and received. When personal faxes, email and file-sharing have reduced that a lot but organizations still really require faxing, especially manufacturing the medical industry, legal finance etc… There are certain documents that have to be sent and received securely.

The flexibility of FaxMaker allows it to be virtualized for example, it allows us to work with the old analog phone lines, digital circuits, hosted communications as well. Those technical benefits alone make FaxMaker a winner for just about any type of installation. The whole dynamics of the software, the flexibility of FaxMaker, the ability to scale it from a smallest install to multi-site operations. The ability to offer FaxMaker both hosted, on-premise and a hybrid solution as well. If there’s really anybody that needs a fax solution I can help.

With the economic benefit of FaxMaker is that it saves companies time because people aren’t having to run back and forth to fax machines. It saves them on things like fax machines and consumables, toner and paper. It saves them on having all these fax machines sitting around the office and the ability to print and fax from your desktop saves a lot of employees time.