The "absolutely necessary" actions that a small business should take to protect its information, systems, and networks.
These practices must be done to provide basic information security for your information, computers, and networks.
For the next ten posts by me I will cover the necessary actions mentioned above.
Install, use (in "real-time" mode, if available), and keep regularly updated anti-virus and anti-spyware software on every computer used in your business.
Many commercial software vendors provide adequate protection at a reasonable price and some for free. An internet search for anti-virus and anti-spyware products will show many of these organizations. Most vendors now offer subscriptions to "security service" applications, which provides multiple layers of protection (in addition to anti-virus and anti-spyware protection).
You should be able to set the antivirus software to automatically check for updates at some scheduled time during the night (12 Midnight, for example) and then set it to do a scan soon afterwards (12:30am, for example). Schedule the anti-spyware software to check for updates at 2:30am and to do a full system scan at 3:00am. This assumes that you have an always-on, high-speed connection to the Internet. Regardless of the actual scheduled times for the above updates/scans, schedule them so that only one activity is taking place at any given time.
It is a good idea to obtain copies of your business anti-virus software for your and your employees’ home computers. Most people do business work at home now and then. You want their home systems to be protected, too.
Monday, August 31, 2009
Tuesday, August 25, 2009
Discover the Region Celebrates 1st Birthday
Celebrating Our 1st Birthday
2008-2009 has been a year full of FIRST achievements. We have beaten the odds, and DTR is growing strong. Our achievements are a direct result of the support we receive from all of you, Cities, Coalitions, Large and Small business, personal relationships and of course our families.
Let's count the FIRST's
Creating and operating a business
DTR.com becomes an LLC (Limited Liability Corp)
Radio show guest spot
2 million organic hits to the website
3 Updates to create a business directory that sets the standard
TV feature for a non-profit group
Showing up on the front of a newspaper
Creating and editing a monthly e-newsletter
Recruiting Expert Bloggers to share their wisdom, Thank you Dr. Bret, Dr. Peggy, Becky, Art, Cindy, Kas, Peters and Brown, Gail & Sharon.
Writing published articles
Showing up to work day after day with anticipation of what the day ‘s events will bring
Being involved in a community opportunity that rescued, delivered and fed hundreds of families fresh produce
DTR has been instrumental in helping many business market, brand and grow in a tough economy.
DTR has learned so many things, about so many industries, from so many people, especially my mentors Eve Georgiou and Steve Feaster
Creating a website from a basic idea with the guidance and patience of my web-Guru Rick Rome
Managing Data, content, building increased awareness of Discover The Region, our Business partners & Clients
Becoming a Social Networking Butterfly....Tweeting, Face booking, Linked-in among my Favs.
These are just a few things that DTR can say have been goals accomplished. DTR new goals can be summed up as “The sky is the limit and driven by you”. This celebration is not possible without each and every person who has participated with the 6th issue of Discover the Dayton Region magazine, and the inaugural issues of Northeast Ohio and Phoenix West Valley, as well as DiscoverTheRegion.com.
Thank you from all of us to all of you. DTR is excited to STEP up, (create the buzz), SHOW up (Participate), and Celebrate (people, places and business that make this journey so great).
2008-2009 has been a year full of FIRST achievements. We have beaten the odds, and DTR is growing strong. Our achievements are a direct result of the support we receive from all of you, Cities, Coalitions, Large and Small business, personal relationships and of course our families.
Let's count the FIRST's
Creating and operating a business
DTR.com becomes an LLC (Limited Liability Corp)
Radio show guest spot
2 million organic hits to the website
3 Updates to create a business directory that sets the standard
TV feature for a non-profit group
Showing up on the front of a newspaper
Creating and editing a monthly e-newsletter
Recruiting Expert Bloggers to share their wisdom, Thank you Dr. Bret, Dr. Peggy, Becky, Art, Cindy, Kas, Peters and Brown, Gail & Sharon.
Writing published articles
Showing up to work day after day with anticipation of what the day ‘s events will bring
Being involved in a community opportunity that rescued, delivered and fed hundreds of families fresh produce
DTR has been instrumental in helping many business market, brand and grow in a tough economy.
DTR has learned so many things, about so many industries, from so many people, especially my mentors Eve Georgiou and Steve Feaster
Creating a website from a basic idea with the guidance and patience of my web-Guru Rick Rome
Managing Data, content, building increased awareness of Discover The Region, our Business partners & Clients
Becoming a Social Networking Butterfly....Tweeting, Face booking, Linked-in among my Favs.
These are just a few things that DTR can say have been goals accomplished. DTR new goals can be summed up as “The sky is the limit and driven by you”. This celebration is not possible without each and every person who has participated with the 6th issue of Discover the Dayton Region magazine, and the inaugural issues of Northeast Ohio and Phoenix West Valley, as well as DiscoverTheRegion.com.
Thank you from all of us to all of you. DTR is excited to STEP up, (create the buzz), SHOW up (Participate), and Celebrate (people, places and business that make this journey so great).
Thursday, August 20, 2009
Security Tip 08-20
--Mozilla Issues Firefox Update
(August 4, 2009)
On Monday, August 3, Mozilla issued an update for Firefox to address a number of critical security flaws. One of the vulnerabilities allows attackers to spoof SSL certificates. Users are urged to upgrade to Firefox 3.5.2 as soon as possible. Other vulnerabilities addressed in the update include a memory corruption flaw, a heap overflow flaw and a privilege escalation flaw. The SSL flaw also affects Mozilla's Thunderbird, SeaMonkey and NSS products; fixes for those products are likely to be available soon.
http://www.theregister.co.uk/2009/08/04/firefox_critical_update/
http://www.h-online.com/security/Firefox-3-5-2-and-3-0-13-fix-security-vulnerabilities--/news/113922
http://blog.mozilla.com/blog/2009/08/03/firefox-3-5-2-and-3-0-13-security-updates-now-available-for-download/
MALWARE
--Blue Screen of Death Scareware
(August 4 & 5, 2009)
A new scareware variant exploits the pit-of-the-stomach feeling that accompanies the Windows Blue Screen of Death. The malware displays what appears to be the blue screen indicative of a Windows system crash along with an alert window urging users to download software to fix the alleged problem. The phony antivirus package is called SystemSecurity.
http://blogs.zdnet.com/security/?p=3912
http://www.theregister.co.uk/2009/08/04/bsod_scareware/
(August 4, 2009)
On Monday, August 3, Mozilla issued an update for Firefox to address a number of critical security flaws. One of the vulnerabilities allows attackers to spoof SSL certificates. Users are urged to upgrade to Firefox 3.5.2 as soon as possible. Other vulnerabilities addressed in the update include a memory corruption flaw, a heap overflow flaw and a privilege escalation flaw. The SSL flaw also affects Mozilla's Thunderbird, SeaMonkey and NSS products; fixes for those products are likely to be available soon.
http://www.theregister.co.uk/2009/08/04/firefox_critical_update/
http://www.h-online.com/security/Firefox-3-5-2-and-3-0-13-fix-security-vulnerabilities--/news/113922
http://blog.mozilla.com/blog/2009/08/03/firefox-3-5-2-and-3-0-13-security-updates-now-available-for-download/
MALWARE
--Blue Screen of Death Scareware
(August 4 & 5, 2009)
A new scareware variant exploits the pit-of-the-stomach feeling that accompanies the Windows Blue Screen of Death. The malware displays what appears to be the blue screen indicative of a Windows system crash along with an alert window urging users to download software to fix the alleged problem. The phony antivirus package is called SystemSecurity.
http://blogs.zdnet.com/security/?p=3912
http://www.theregister.co.uk/2009/08/04/bsod_scareware/
Tuesday, August 11, 2009
Computer Tip of the Day "08-11"
Managing E-mail while out of the Office.
Even when you're away from the office for a vacation, your e-mail doesn't take a break. If you don't have a strategy for handling these incoming messages, people may be expecting you to respond, which could be a problem. Fortunately, several easy strategies can help you handle e-mail when you're away.
Jim Boyce, author of Microsoft Office Outlook 2003 Inside Out by Microsoft Press, offers several ways to tame e-mail while you're away. If it's important to stay connected to the office while you're out, you can use several methods to access your inbox remotely. This makes it easy to respond to or manage e-mail messages when you're away from your computer at work.
Jim Boyce also explains how to set up your e-mail to respond to senders automatically with a reply message that you create. This keeps your colleagues from wondering why you haven't responded, and lets them know who to contact in your absence. Learn how to use the Out of Office Assistant in Microsoft Office Outlook 2003. Also, see how to create a custom rule that turns the Out of Office Assistant on or off at your convenience.
Using the information that follows, you can learn to manage e-mail while you're away, instead of letting it manage you.
Access your mailbox remotely (Article)Outlook expert Jim Boyce explains the different ways to access e-mail when you're away from your computer at work.
Manage e-mail from outside the office with Outlook (Article)Jim Boyce provides different strategies for using Outlook to handle your incoming e-mail messages while you're away.
Automatically reply to incoming messages while out of the office (Article)Learn how to activate the Out of Office Assistant in Outlook.
About managing your Inbox automatically while out of the office (Article)See how you can use rules to customize the way that Outlook handles e-mail messages while you're out of the office.
Turn an Out of Office Assistant rule on or off (Article)Control the rules you apply to the Out of Office Assistant.
Even when you're away from the office for a vacation, your e-mail doesn't take a break. If you don't have a strategy for handling these incoming messages, people may be expecting you to respond, which could be a problem. Fortunately, several easy strategies can help you handle e-mail when you're away.
Jim Boyce, author of Microsoft Office Outlook 2003 Inside Out by Microsoft Press, offers several ways to tame e-mail while you're away. If it's important to stay connected to the office while you're out, you can use several methods to access your inbox remotely. This makes it easy to respond to or manage e-mail messages when you're away from your computer at work.
Jim Boyce also explains how to set up your e-mail to respond to senders automatically with a reply message that you create. This keeps your colleagues from wondering why you haven't responded, and lets them know who to contact in your absence. Learn how to use the Out of Office Assistant in Microsoft Office Outlook 2003. Also, see how to create a custom rule that turns the Out of Office Assistant on or off at your convenience.
Using the information that follows, you can learn to manage e-mail while you're away, instead of letting it manage you.
Access your mailbox remotely (Article)Outlook expert Jim Boyce explains the different ways to access e-mail when you're away from your computer at work.
Manage e-mail from outside the office with Outlook (Article)Jim Boyce provides different strategies for using Outlook to handle your incoming e-mail messages while you're away.
Automatically reply to incoming messages while out of the office (Article)Learn how to activate the Out of Office Assistant in Outlook.
About managing your Inbox automatically while out of the office (Article)See how you can use rules to customize the way that Outlook handles e-mail messages while you're out of the office.
Turn an Out of Office Assistant rule on or off (Article)Control the rules you apply to the Out of Office Assistant.
Thursday, August 6, 2009
Computer Tip of the Day "08-06"
- - Information-Stealing Phishing Email Targets Chase Customers. The Consumer Protection Board (CPB) of New York State has issued a warning to Chase Bank customers that they could be attacked by a phishing scam involving emails that seek personal information on the pretext of upholding new security measures. Customers receive a phony email that asks them to fill in a form with details including personal identifiable information. Citing fresh security measures ostensibly launched by Chase, the fake email explains that it is important that recipients complete the form. Additionally, it displays a web-link and asks the recipients to click on the link. However, the link leads to a fake website where personal information is stolen from the consumers.
More information:http://www.consumer.state.ny.us/pressreleases/2009/july012009.htm
- - Work-At-Home Scams Make Their Way to Twitter Through tweets, email and websites. Job hunters are being told that they can make lots of money from the comfort of home using Twitter, and falling prey to Twitter-based job scams. The Better Business Bureau warns that although the large print for such offers may promise big returns, the fine print can cost them every month.
More information:
http://www.sanantonio.bbb.org/article/work-at-home-scams-make-their-way-to-twitter-11445
More information:http://www.consumer.state.ny.us/pressreleases/2009/july012009.htm
- - Work-At-Home Scams Make Their Way to Twitter Through tweets, email and websites. Job hunters are being told that they can make lots of money from the comfort of home using Twitter, and falling prey to Twitter-based job scams. The Better Business Bureau warns that although the large print for such offers may promise big returns, the fine print can cost them every month.
More information:
http://www.sanantonio.bbb.org/article/work-at-home-scams-make-their-way-to-twitter-11445
Wednesday, August 5, 2009
Computer Tip of the Day "08-05"
Tips for Wi-Fi Security at Home
Many people rush through setting up wireless home networks to get their Internet connectivity working as quickly as possible. While this is understandable, it is also risky because unless properly secured, wireless networks are a security problem waiting to happen. Today's Wi-Fi networking products don't always help the situation either. Their security features are complicated and can be time-consuming to set up correctly. You may wish to retain the services of a qualified technician to help you be sure the job gets done right. Here are some tips for how you can improve the security of your home wireless network. Next month we'll provide tips for improving Wi-Fi security while on the road.
- - Replace that old access point. If your access point is older than 2 or 3 years, it probably doesn't include the latest security protocols.
At a cost of $75 or less, an up-to-date access point is cheap insurance against having your computers broken into.
- - Change the default passwords on your wireless access point. The default passwords are simple, often posted on the manufacturer's website, and well-known to hackers. Change them immediately, and use strong passwords.
- - Use WPA2 security. Older wireless access points offer WEP and WPA security which provide only weak and unreliable security. Verify that your wireless access point supports WPA2 (Wi-Fi Protected Access, version 2). If it does not have WPA2, don't use it. Get another one that does.
- - Change the default SSID. Wireless access points use a network name called the SSID (service set identifier). Manufacturers ship their products with the same SSID. While knowing the SSID does not by itself allow a hacker to break into your network, it is a start. More importantly, operating your access point with the default SSID suggests that security has not been handled well, and that encourages hacking.
- - Do not Auto-Connect to open Wi-Fi networks. Connecting to an open Wi-Fi network, such as a free, public wireless hotspot or your neighbor's wireless access point, exposes your computer to security risks. Most computers have a setting which will allow these connections to happen automatically without notifying you. Make sure auto-connect is shut off.
- - Enable the hardware firewall on your wireless access point. If your access point does not have a hardware firewall, don't use it. Get another one that does.
- - Position your access point carefully. It is normal for Wi-Fi signals to leak out through walls of your home. While a small amount of signal leakage is not a problem, the further the signal spills out into the neighborhood, the easier it is for others to pick it up. That is the first step toward someone gaining access to your wireless access point without your permission. Position your access point near the center of your home, rather than near a window or an outside wall.
- - Turn off your access point if you aren't using it. If it's not turned on, hackers can't break in.
- - If you don't feel confident about the security of your wireless access point, don't use it. Get advice and answers to your questions from a computer consultant knowledgeable about wireless security.
More information:
http://arstechnica.com/security/news/2008/04/wireless-security.ars
Many people rush through setting up wireless home networks to get their Internet connectivity working as quickly as possible. While this is understandable, it is also risky because unless properly secured, wireless networks are a security problem waiting to happen. Today's Wi-Fi networking products don't always help the situation either. Their security features are complicated and can be time-consuming to set up correctly. You may wish to retain the services of a qualified technician to help you be sure the job gets done right. Here are some tips for how you can improve the security of your home wireless network. Next month we'll provide tips for improving Wi-Fi security while on the road.
- - Replace that old access point. If your access point is older than 2 or 3 years, it probably doesn't include the latest security protocols.
At a cost of $75 or less, an up-to-date access point is cheap insurance against having your computers broken into.
- - Change the default passwords on your wireless access point. The default passwords are simple, often posted on the manufacturer's website, and well-known to hackers. Change them immediately, and use strong passwords.
- - Use WPA2 security. Older wireless access points offer WEP and WPA security which provide only weak and unreliable security. Verify that your wireless access point supports WPA2 (Wi-Fi Protected Access, version 2). If it does not have WPA2, don't use it. Get another one that does.
- - Change the default SSID. Wireless access points use a network name called the SSID (service set identifier). Manufacturers ship their products with the same SSID. While knowing the SSID does not by itself allow a hacker to break into your network, it is a start. More importantly, operating your access point with the default SSID suggests that security has not been handled well, and that encourages hacking.
- - Do not Auto-Connect to open Wi-Fi networks. Connecting to an open Wi-Fi network, such as a free, public wireless hotspot or your neighbor's wireless access point, exposes your computer to security risks. Most computers have a setting which will allow these connections to happen automatically without notifying you. Make sure auto-connect is shut off.
- - Enable the hardware firewall on your wireless access point. If your access point does not have a hardware firewall, don't use it. Get another one that does.
- - Position your access point carefully. It is normal for Wi-Fi signals to leak out through walls of your home. While a small amount of signal leakage is not a problem, the further the signal spills out into the neighborhood, the easier it is for others to pick it up. That is the first step toward someone gaining access to your wireless access point without your permission. Position your access point near the center of your home, rather than near a window or an outside wall.
- - Turn off your access point if you aren't using it. If it's not turned on, hackers can't break in.
- - If you don't feel confident about the security of your wireless access point, don't use it. Get advice and answers to your questions from a computer consultant knowledgeable about wireless security.
More information:
http://arstechnica.com/security/news/2008/04/wireless-security.ars
Subscribe to:
Posts (Atom)