Helping you Piece IT Together

 

Home Previous About Us Our Services Whitepapers Resources Newsletter Links News Contact Us Search
 

Visit Our Blog

 


 

 

Issue April 2007

Welcome to the April edition of BH Consulting's Security Watch Newsletter.   In this month's issue we provide some updates to what has been going on in BH Consulting, highlight some interesting news stories, discuss using nMap to audit your anti-virus security, give an overview on Microsoft Exchange Continuous Data Protection, discuss the area of password resets and provide a number of useful tips.

 

About BH Consulting
BH Consulting was founded in answer to demands for an independent consulting firm to assist clients gain a competitive edge by achieving IT Operational excellence in deploying, managing and securing their IT infrastructure. With over 20 year’s experience, we provide you with access to in-depth expertise, experience and technical know-how. Backed with our quality processes and commitment to deliver, BH Consulting provides clients with quality solutions at cost effective rates.

 Focus IrelandSupport Focus Ireland
If you have found any items in our Security Watch Newsletter to be of use to you we ask that you make a donation to Focus Ireland who work tirelessly supporting the homeless throughout Ireland.  Focus Ireland aims to advance the right of people-out-of-home to live in a place they call home through quality services, research, and advocacy.  The objectives of Focus Ireland are to respond to the needs of people out-of-home and those at risk of becoming homeless, through a range of appropriate high quality services, to provide emergency transitional and long-term accommodation for people out-of-home, to  campaign and lobby for the rights of people out-of-home and the prevention of homelessness.  No sum is too small and all is put to excellent use.

BH CONSULTING NEWS
Black Hat Europe 2007.
One of the best security conferences available are the Black Hat series of seminars.  The content at these seminars can be quite interesting with many speakers revealing new security exploits, techniques or threats.  This year's Black Hat Europe conference held in Amsterdam was no different.  Our own senior consultant, Brian Honan, attended the conference and noted a number of new technologies being introduced without the underlying security being considered.  Brian blogged about this issue at our Security Watch Blog.  In particular those companies looking at implementing RFID technology should visit the RFIDIOT website of Adam Laurie, CSO for The Bunker, or review Adam's presentation to get a better understanding of the issues.

Brian Honan Addresses SANS Dublin Community Night
Over 110 people from around the world attended the SANS Dublin training event in April and SANS hosted their Community Night as part of the event.  Brian Honan presented to the attendees on the numerous resources available from SANS in securing their systems and in tackling cyber crime.  Paul Gillen, Head of the Garda Computer Crime Unit, talked to the community on current trends in cyber crime in Ireland, while Mike Poor spoke about "Network Early Warning Systems" and Arrigo Triulzi talked about the "Time To Live of a Website."

Global Security Week 2007
The theme for Global Security Week is “Privacy in the 21st Century” and will take place from the 3rd until the 9th of September.

Last year’s highly successful theme was “Identity Theft” and the above theme is a nice continuation of that topic. Given the increasing amount of personal data belonging to each individual held online and the rapidly increasing number of privacy breaches, the theme “Privacy in the 21st Century” is one we believe is very topical.

Here in Ireland we will host a number of events during the week to help promote awareness of this issue. Other events will be held worldwide by the volunteers on the project. All events relating to the week will be posted on the Global Security Week website.

If you are interested in getting involved please contact us.

Countering Militant Islamist Radicalisation on the Internet
The Institute of European Affairs are publishing a book titled "Countering Militant Islamist Radicalisation on the Internet" on May the 8th 2007. This book examines some of the ways to counter the threat posed by the growing rise in militant Islamist radicalisation on the Internet. Our Senior Consultant, Brian Honan, was one of the information security experts interviewed by the Institute on this subject. The book is available directly from the Institute of European Affairs.

Brian Honan to Address the Information Technology Association Galway.
The Information Technology Association of Galway (ITAG) has invited Brian Honan to address their May meeting on the subject of "Incident Response - Preparing for the Inevitable".  ITAG was established in 2000 representing international and indigenous IT companies based in Galway with the aim to promote, strengthen and grow the information Technology industry in Galway.  

BH Consulting presents "Managing Information Security with ISO 27001"
Information security is becoming more and more a business critical issue as executives and IT professionals are responsible for ensuring the safeguarding of client information, corporate data and compliance with various regulatory and legal requirements.

The ISO 27001 Information Security Standard enables those responsible for securing corporate information and associated assets to demonstrate they have taken a very powerful step in complying with internationally recognised best practices in information security.

BH Consulting and the Centre for Software Engineering are hosting a two day course “Managing Information Security with the ISO 27001 Information Security Standard”. This course provides a framework that will enable those responsible for securing sensitive information assets using a quality based approach to identify key assets and how best to manage the associate threats and risks.

The subjects covered include:

  • Overview of information security
  • Introduction to the ISO 27001 Information Security Standard
  • Identifying key information assets
  • Identifying risks
  • Strategies for mitigating and managing risk
  • Implementing appropriate security controls
  • Monitoring the effectiveness of security controls

More information is available from the Centre For Software Engineering’s website

BH CONSULTING WEBSITE UPDATE
 We strive at BH Consulting to provide information that is relevant and useful in securing and running your business. To this end we provide a range of whitepapers available for download free from our white papers page.

LATEST THREAT LEVELS
Get more information on the latest updates on current threats at our online resources page;

FEATURES

Using the nMap Port Scanner to Audit Your Antivirus Security
Port scanners provide a first step toward detecting and discovering the services and network applications listening on your network. When you’re faced with an unknown computer, programs such as the free Foundstone SuperScan 4.0 and the open-source port scanner Nmap show you ... Click Here for more.

Exchange CDP: Exchange 2007
Continuous data protection (CDP) systems have gotten a lot of attention in the Exchange Server world over the last year or two. After the devastation caused by Hurricanes Rita and Katrina, many organizations that had previously been satisfied with their disaster recovery arrangements started to look for better protection...Click Here for more

Security Annoyances: Password Resets
Resetting passwords for users who forget them is the bane of every administrator. A META Group survey indicates that this thankless task alone costs companies with 10,000 users well over half a million dollars a year...  Click Here for more.

Cool Exchange Tools You Might Have Missed
I try hard to keep up with the Exchange market, and as a contributing editor for Windows IT Pro, I get a steady stream of press releases from companies that offer Exchange-related solutions. However, sometimes I miss things, and maybe you do too, so I want to point out a few interesting products that might have escaped your notice..... Click Here for more.

Access Levels for Security Administrators
Q: I was recently hired as a security administrator responsible for overall information security, including log management and access review. Software that I’m testing to review user and group access requires that I have administrative access to run the discovery tasks, but I don’t. I have to ask someone who has administrative access to install and run the discoveries for me...... Click Here for more

FREE SECURITY SCAN
 In partnership with Qualys, BH Consulting are offering a for a free Network Security Scan so you can check how healthy your network is. To find out more about what this service can do for you, visit our free Network Security Scan

Alternatively contact us or visit our website to get more details on our risk assessment service.

This issue of Security Watch is being brought to you by BH Consulting.  If you have found this issue to be of use please support our drive to raise funds for Focus Ireland.

Each Security Watch eNewsletter, and the special Security Alert issues, are produced independently by the Windows IT Pro Custom Media Group and is distributed by various Microsoft security partners. Each eNewsletter contains up-to-date information about security strategies, technologies, and alerts. Each Security Alert contains the latest information about security threats.

Additional news courtesy of Silicon Republic, Cnet, Silicon and Zdnet

To update your subscription to our newsletter click here.  To unsubscribe click here

Home | About Us | Our Services | Useful Resources | Contact Us | Corporate Responsibility | Disclaimer | Privacy | Blog
Copyright © 2005 BH IT Consulting Ltd.