Archive for January, 2010

IT Security-The Best Defense is a Good Defense

January 21, 2010

That’s right; there is really no way to stay on the offensive when it comes to cyber security.  Let’s face it; security is rarely the top priority of companies until after an attack has taken place.  In today’s business world, IT Security professionals spend most of their time waiting around for something to happen.  If the network goes down, they fix it.  If a Virus is found, they quarantine and destroy it.  If data is stolen, they replace it.  We are in a war where the troops are only deployed when an attack has already taken place.  Guess what?  That is far too late.  We are at War, and it is time we start thinking of it as such.  This war is happening on our turf; it is happening in our companies, on our servers, in our networks, on our endpoints.  How do we make a good offense with only defense?  How do we protect our networks when we do not even know who or what the next threat is going to be?  We make sure we have a defense that is strong and MAINTAINED.

With every year, the level of Security on your network goes up, yet the threats become more prevalent.  It seems like the new measures we took in 2009 were designed to defend against the threats of 2008.  Those same threats are still there, but now there are new tactics taken by cybercriminals in 2010.  Make no mistake, no matter how small your business is, no matter how expensive you security software is, and no matter how many memos you send to your staff regarding security, you will be attacked, your network will go down, information will be lost, and someone will be blamed.

Luckily, there are measures you can take.  The first thing you have to do is take an initial assessment of your current level of security.  Run your scans to make sure there is nothing suspicious on your network.  Make sure you know what is allowed in and out of your firewall.  Know which ports are open, and close any that should not be open.  Make sure that all your AV is running and up to date on every node in the network.  Assure that all patches and updates have been installed.  Make sure there is no malicious software or malicious code hiding within legitimate software.  If you do not have a Security Policy for your company, make one!  Then, enforce it!

Now that your network is running perfectly, and there are no current threats, how do we keep things from going downhill?  This is where we need to send out the troops to not only secure our perimeter, but make sure that all security measures within the perimeter are being followed.  Let’s face it, when the attack happens, you want to make sure all your warriors are ready to defend the gates.

Now the biggest threat to your network is the moron end-user who decides to disable automatic updates because he thinks it slows down his machine, or ignore updates to his AV program because he does not have the time to press “ok”.  These are the people who spend have their day on Facebook, a website that is going to be a fan favorite of cybercriminals in 2010.  Twitter is another website that lacks the security measures needed to protect against today’s advanced cyber-terrorists.

The only way to enforce your security policy on your end-user is to find a monitoring tool, such as Clear Blue Security’s Endpoint Security Monitoring Tool, to help make sure the rules are being followed.  Software such as the one mentioned above, ( can be very expensive, but tools like these are becoming more widely available to the SMB market.  This particular one has a free version of their software that works great!  The Clear Blue Security SaaS based software sends you alerts of missing patches and updates, if anti-virus is not running or up to date, if your overall Security Policy is not being followed, if unapproved software is being installed, if a port is open that should not be, etc.

Software like Clear Blue Security allows you to be proactive about security.  Tools like this are a new weapon in this ongoing war.  Reactive Security has been the norm for far too long.  It is time we put up a defense that works.  We need a defense that fights by searching for vulnerabilities, rather than searching for a virus that already exists.  Let’s not react after an attack has taken place, but before the attacker has ever thought about bringing the war to our network.


H1N1 is more Toxic than the Vaccine

January 7, 2010

As many of you may or may not know, my wife runs a company that sells non-toxic and environmentally friendly products.  It is because of this, that I have been inundated with facts and rumors regarding the environment, as well as, the toxicity of everyday products such as shampoos, lotions, all purpose cleaners, etc.

Today, during my usual, let me take a break from work, (the type of break I am taking right now to write this Blog), and do a little Facebooking (no it is not a word, but it should be), I came across a post from a friend who felt the need to announce that she had just received the H1N1 Flu Shot.  This simple post created a debate on whether or not the H1N1 vaccine was harmful.  The first post came from a pretentious girl who in her bitchiest voice (that is the way I read it), stated the following “Dude, do you know what’s in that nasty shot? One that comes to mind: thimerasol (mercury based preservative) which is very toxic and has been linked to cardiovascular disease, autism, seizures, mental retardation, hyperactivity, dyslexia and more.”

As someone who is extremely conscious of the toxicity of the products I use, and how harmful most products are, I am confident that the levels of Thimerasol used for a flu vaccine will not harm you.  In fact, many have been trying to prove that the levels used will cause all of the diseases mentioned, and nobody has been able to conclusively do so.  Furthermore, the nasal sprays do not contain it, nor do the single dose vials.

Things are going way to far when you cannot get the preventive medications recommended by your doctor.  There are actually people out there who do not vaccinate their kids because they are convinced the vaccinations are harmful.  Of course, these people should be put in jail for child abuse, but that is another topic.

In today’s society, we are starting to learn that many of the products we use are harmful to us.  We know that most shampoos and conditioners contain toxic ingredients, as well as lotions, cleaning supplies, detergents, etc.  As a lover of food, I have learned a great deal about the harmful chemicals found in processed foods, meat and dairy products.  It is because of this recent education that I have started eating more natural products and organic meats and vegetables.  The thing we cannot do is take these healthy truths about many of the types of products mentioned, and decide that anything that is not 100% good for you will kill you.

The truth is, in small enough doses, a little mercury won’t kill you, nor will the harmful chemicals found in many of the products previously mentioned.  If we had to take the flu shot everyday, then I might worry, but I am not going to ignore my doctor’s wishes because some lunatic thinks anything that does not grow out of the ground is bad for you.

Whether you are talking about food, medication, or alcohol, too much can hurt, but a little may make you feel pretty damn good.