Is Spending Extra for Smartphone Protection a Smart Move?

broken smartphoneSmartphones benefit companies because they improve productivity. Providing protective cases to employees with Smartphones reduces liability to replace damaged devices.

Many businesses all over the world issue Smartphones to their employees. While they can seem expensive for many small to medium-sized business owners, with the greater amount of work done at a faster pace, Smartphones are an ideal business solution.

However, since Smartphones are lightweight and portable they are carried around everywhere, making them very prone to accidental drops. Despite the advances in technology, some Smartphones are more prone to damage than others. Touchscreens are generally more susceptible to damage because they usually don’t have an extra layer of plastic on their screens. And when these devices are damaged, not only do you incur the cost of repair or replacement, you also risk losing valuable data that’s stored in them. (more…)

Thinking about Security in the Cloud

cloudAs we begin to store more and more of our data on the Internet and in the “Cloud,” the threat of that data being accessed and used by someone or something outside of our knowledge or control becomes very real. Data such as credit card information, banking transactions, work history, private addresses and numbers, email and much more are now stored and searchable in everything from Facebook, Google, Twitter, and a host of other applications.

In a June report titled “Assessing the Security Risks of Cloud Computing“, analyst firm Gartner recommends that businesses work closely with their IT department or trusted IT services provider and consultant to understand the risks of storing data in the cloud.

Not stopping there, Microsoft has called for even greater government oversight. Recently, Microsoft General Counsel Brad Smith travelled to Washington to urge the US Congress to enact legislation that would protect information that’s stored in the cloud.

Microsoft is proposing legislation that would call for:

  • Reforming the Electronic Communications Privacy Act
  • Modernizing the Computer Fraud and Abuse Act
  • Helping consumers and businesses manage how their information is collected and shared
  • Addressing data access issues globally

The move coincides with Microsoft’s recent efforts to offer cloud-based services not only for its consumer and corporate customers, but the government as well.

Is your business ready for the cloud? What security and privacy policies do you have in place regarding your employees’ use of cloud-based services? Not sure? Contact us today to find out how we can help.

Related links:

Published with permission from TechAdvisory.org. Source.

How to Handle Suspicious E-mail

mailingPhishing, pronounced “fishing,” is a type of online identity theft that uses e-mail and fraudulent Web sites that are designed to steal your personal data or information such as credit card numbers, passwords, account data, or other information. Follow these guidelines to help protect yourself from phishing scams sent through e-mail.

Read more

Published with permission from TechAdvisory.org. Source.

Threat Alert: Pictures and Videos Pose a Threat to Quicktime for Windows and Mac

Severity: Medium

Summary:

  • These vulnerabilities affect: Quicktime 7.6.8 and earlier for Windows and Mac
  • How an attacker exploits them:  by enticing you into viewing a maliciously crafted movie or image file
  • Impact: An attacker could execute code on your computer, potentially gaining control of it
  • What to do: Download and install QuickTime 7.6.9 as quickly as possible, or let Apple’s Software Update do it for you

 

Exposure:
Late Yesterday, Apple released a security update to fix 15 media handling vulnerabilities that affect both the Windows and Mac version of QuickTime, their popular media player.

The flaws vary quite a bit technically, but most of them share the same general scope and impact. If an attacker can lure one of your users into viewing malicious media, such as an image or video file, he can exploit many of these vulnerabilities to execute code on that user’s computer, with that user’s privileges. Since most Windows users have local administrative privileges, attackers could often leverage this flaw to gain complete control of Windows machines. Macs, on the other hand, separate your user privileges from the superuser account. So an attacker could only leverage these flaws to gain limited privileges on a Mac (though still enough privilege to do significant damage).

If you use Quicktime within your network, we highly recommend you download and install Apple’s update as quickly as you can. 

Solution Path:
Apple has released QuickTime 7.6.9 to fix this security issue. Administrators who allow QuickTime in their network should download, test, and deploy the updated version at their earliest convenience. By default, Apple’s download bundles iTunes with QuickTime, but because iTunes often has security issues of its own, we recommend that you select the option of downloading QuickTime alone (unless you need iTunes). If you like, you can also let Apple’s Software Update tool download and install the update for you.

If you have any questions regarding this information, or if you need assistance mitigating these threats for your company’s network, feel free to contact our technical support team by calling (800) 481-4369 or by emailing support@teamaccent.com.

Provided by WatchGuard LiveSecurity Service

References: Apple’s December 2010 QuickTime Advisory

This alert was researched and written by Corey Nachreiner, CISSP.

Majority of firms struggle with security as new technologies are adopted

securityNew research from the Ponemom Institute and Lumension, shows that a majority of firms are struggling to secure data as users quickly adopt new and emerging technologies such as mobile, cloud computing, and collaborative Web 2.0 technologies. The study, which surveyed IT security and IT operations practitioners, shows that many (44 percent) feel that their IT network is less secure than a year ago or that their IT security policies are insufficient in addressing the growing threats arising from the use of new technologies. Budgets are also a limiting factor, with many feeling that IT security budgets still aren’t what they need to be to fully support business objectives and security priorities. Other findings from the report:

  • 56% said mobile devices are not secure, representing a risk to data security
  • 49% said data security is not a strategic initiative for their company
  • 48% said their companies have allocated insufficient resources to achieve effective data security and regulatory compliance
  • 47% cited a lack of strong CEO support for information security efforts as a reason for ineffective data security programs
  • 41% said there was a lack of proactive security risk management in their organization

Just as large companies worldwide struggle to keep up with security, many small businesses do so even more. If you need help understanding the security implications that new technologies bring to your organization, contact us so we can help.

Related articles:

Published with permission from TechAdvisory.org. Source.

Watch Out for “Dirty” Websites

watchout_dirty_websiteIn a previous post, we pointed out how just browsing the web these days can possibly infect your PC with malware. To show how dangerous surfing can become, Symantec recently released their list of the “Dirtiest Websites of Summer” – the top 100 infected sites on the Internet based on number of threats detected by their software as of August 2009. The list identifies websites that could compromise security with risks including phishing, malicious downloads, browser exploits, and links to unsafe external sites.

Some interesting findings from the study:

  • The average number of threats per site on the Dirtiest Websites list is roughly 18,000, compared to 23 threats per site for most sites
  • 40 of the Top 100 Dirtiest Sites have more than 20,000 threats per site
  • 48% of the Top 100 Dirtiest Web sites feature adult content
  • 3/4 of the Top 100 Dirtiest Web sites have distributed malware for more than 6 months
  • Viruses are the most common threat represented on the Dirtiest Websites list, followed by security risks and browser exploits

You can read more about this research at Symantec’s website. If you suspect your PCs are at risk, or if you want to ensure your website doesn’t get hijacked by cybercriminals, contact us. We can help.

Related articles:

Published with permission from TechAdvisory.org. Source.

Do Your PCs Host Dangerous Apps?

Research from security firm Secunia reveals that the average PC user has over a dozen insecure applications on his or her computer. They found that the typical user installs over 80 applications on his or her desktop, and around 15% are vulnerable to attack due to failure to patch the applications in a timely manner. Vendors normally release updates or patches to fix known vulnerabilities in their applications. This is an acute problem for software which connects to the Internet, especially if it hosts sensitive or private data. Only 2% of users make it a point regularly update their applications. For businesses, the problem could be greater with the need to manage multiple PCs. Protect your network today by letting us implement software patch management tools to manage and automate this process for you.

Related articles:

Published with permission from TechAdvisory.org. Source.

Survey Shows Insider Snooping on the Rise

Cyber-Ark Software, a security solutions company, released a survey showing that as much as 35 percent of people within an organization (that’s one out of three) admit to accessing corporate information without authorization. Furthermore, an alarming 74 percent claim they could circumvent the controls currently in place to prevent that access. The study polled over 400 IT administrators at the Infosecurity Europe 2009 and RSA USA 2009 conferences. While certainly a cause for concern, this is not surprising. Because of their technical knowledge and access to sensitive corporate information, internal IT staff are capable of circumventing internal policies and controls. If this is a cause for concern within your organization, don’t delay in giving us a call. We can help you secure your information and computing assets today.

Related articles:

Published with permission from TechAdvisory.org. Source.

Are you Safeguarding your Data?

With the continuous proliferation of data and its increasing importance to business, it has become critical to implement measures to safeguard it. One such measure is to make sure you have a data protection, backup, and recovery system in place. The threat of data loss from hardware failure, malware, or disaster is very real. A little proactive effort will go a long way in ensuring the integrity and continuous availability of your critical company data. Talk to your IT consultant to find out more.

Published with permission from TechAdvisory.org. Source.

Are You in Danger When Searching the Internet?

Research recently released by antivirus vendors Mcafee and Panda suggest that searching for certain key words onInternet search engines can prove dangerous.Hackers and malware authors have become adept at Search Engine Optimization and are using frequently searched key words to create sites that will rank favorably in search engines, but are a host for malware or phishing attacks.

According to the report, many popular search terms are targeted, such as: lyrics downloads, free downloads, swine flu, and rihanna. Users are urged to always protect themselves by using patched systems and updated protection tools such as antivirus software. We can help you make sure you’re protected when surfing the Internet – give us a call today.

Related articles:

    Published with permission from TechAdvisory.org. Source.