via The Baby\’s Blog: Fortress of Solitude.

via The Baby\’s Blog.

With every year, the level of Security on your network goes up, yet the threats become more prevalent.  It seems like the new measures we took in 2009 were designed to defend against the threats of 2008.  Those same threats are still there, but now there are new tactics taken by cybercriminals in 2010.  Make no mistake, no matter how small your business is, no matter how expensive you security software is, and no matter how many memos you send to your staff regarding security, you will be attacked, your network will go down, information will be lost, and someone will be blamed.

Luckily, there are measures you can take.  The first thing you have to do is take an initial assessment of your current level of security.  Run your scans to make sure there is nothing suspicious on your network.  Make sure you know what is allowed in and out of your firewall.  Know which ports are open, and close any that should not be open.  Make sure that all your AV is running and up to date on every node in the network.  Assure that all patches and updates have been installed.  Make sure there is no malicious software or malicious code hiding within legitimate software.  If you do not have a Security Policy for your company, make one!  Then, enforce it!

Now that your network is running perfectly, and there are no current threats, how do we keep things from going downhill?  This is where we need to send out the troops to not only secure our perimeter, but make sure that all security measures within the perimeter are being followed.  Let’s face it, when the attack happens, you want to make sure all your warriors are ready to defend the gates.

Now the biggest threat to your network is the moron end-user who decides to disable automatic updates because he thinks it slows down his machine, or ignore updates to his AV program because he does not have the time to press “ok”.  These are the people who spend have their day on Facebook, a website that is going to be a fan favorite of cybercriminals in 2010.  Twitter is another website that lacks the security measures needed to protect against today’s advanced cyber-terrorists.

The only way to enforce your security policy on your end-user is to find a monitoring tool, such as Clear Blue Security’s Endpoint Security Monitoring Tool, to help make sure the rules are being followed.  Software such as the one mentioned above, (www.clearbluesecurity.com) can be very expensive, but tools like these are becoming more widely available to the SMB market.  This particular one has a free version of their software that works great!  The Clear Blue Security SaaS based software sends you alerts of missing patches and updates, if anti-virus is not running or up to date, if your overall Security Policy is not being followed, if unapproved software is being installed, if a port is open that should not be, etc.

Software like Clear Blue Security allows you to be proactive about security.  Tools like this are a new weapon in this ongoing war.  Reactive Security has been the norm for far too long.  It is time we put up a defense that works.  We need a defense that fights by searching for vulnerabilities, rather than searching for a virus that already exists.  Let’s not react after an attack has taken place, but before the attacker has ever thought about bringing the war to our network.



Today, during my usual, let me take a break from work, (the type of break I am taking right now to write this Blog), and do a little Facebooking (no it is not a word, but it should be), I came across a post from a friend who felt the need to announce that she had just received the H1N1 Flu Shot.  This simple post created a debate on whether or not the H1N1 vaccine was harmful.  The first post came from a pretentious girl who in her bitchiest voice (that is the way I read it), stated the following “Dude, do you know what’s in that nasty shot? One that comes to mind: thimerasol (mercury based preservative) which is very toxic and has been linked to cardiovascular disease, autism, seizures, mental retardation, hyperactivity, dyslexia and more.”

As someone who is extremely conscious of the toxicity of the products I use, and how harmful most products are, I am confident that the levels of Thimerasol used for a flu vaccine will not harm you.  In fact, many have been trying to prove that the levels used will cause all of the diseases mentioned, and nobody has been able to conclusively do so.  Furthermore, the nasal sprays do not contain it, nor do the single dose vials.

Things are going way to far when you cannot get the preventive medications recommended by your doctor.  There are actually people out there who do not vaccinate their kids because they are convinced the vaccinations are harmful.  Of course, these people should be put in jail for child abuse, but that is another topic.

In today’s society, we are starting to learn that many of the products we use are harmful to us.  We know that most shampoos and conditioners contain toxic ingredients, as well as lotions, cleaning supplies, detergents, etc.  As a lover of food, I have learned a great deal about the harmful chemicals found in processed foods, meat and dairy products.  It is because of this recent education that I have started eating more natural products and organic meats and vegetables.  The thing we cannot do is take these healthy truths about many of the types of products mentioned, and decide that anything that is not 100% good for you will kill you.

The truth is, in small enough doses, a little mercury won’t kill you, nor will the harmful chemicals found in many of the products previously mentioned.  If we had to take the flu shot everyday, then I might worry, but I am not going to ignore my doctor’s wishes because some lunatic thinks anything that does not grow out of the ground is bad for you.

Whether you are talking about food, medication, or alcohol, too much can hurt, but a little may make you feel pretty damn good.

In today’s world, it blows my mind that our reaction to security threats is to close down the network.  Everyday I talk to people who limit access to the Internet, email, remote access, and even the use of USB devices.  Really?  I cannot work at night because I am not granted access to our precious network?  The problem is that the network IS precious, or should I say, the data on the network is precious.  Every system has a database of information that would be valuable to others, but by limiting the freedom of your workers, you are cutting productivity and profits.

Instead of shutting everything down, the network needs to be monitored and protected.  I look at it the same way I look at the security system in my house.  I need to be able to come and go as I please, but I do not want everyone to have that freedom.  I have a checklist of things I need to do to keep the house secure: lock the doors, set the alarm, put lights on a timer, etc.  For the network, I want everyone who is authorized to have the freedom to come and go as they please.  Software like Clear Blue Security monitors your network at the endpoint level.  It makes sure that your security checklist is constantly being followed.  For example, do all the endpoints have up to date anti-virus?  Are there unnecessary open ports?  Is there suspicious traffic on the network?  How many admins can log into a server or endpoint?  What programs and software is on my network that might be harmful.  The  list goes on, and an individual “security best practices” needs to be created for a company’s specific needs.

My company, Clear Blue Security, offers a 100% free SaaS based Endpoint Security Monitoring tool that allows business to take back control of their network with out limiting access.  It is time to break through the walls that have oppressed endusers;  it is time to give freedom back to the enduser; it is time for a prison break!  To start using Clear Blue Security for free (no ads, no upsells), go to www.clearbluesecurity.com and click on the free tab.