Helping you Piece IT Together

 

Home Previous About Us Our Services Whitepapers Resources Newsletter Links News Contact Us Search
 

Visit Our Blog

 


 

 

Issue June 2007

Welcome to the June edition of BH Consulting's Security Watch Newsletter.   In this month's issue we provide some updates to what has been going on in BH Consulting, discuss how to integrate Linux and Windows based machines, highlight how to control remote access to your IIS based server, focus on server virtualisation issues and also provide you with some background on how to prevent zero day attacks against your Microsoft Office applications.

 

About BH Consulting
BH Consulting was founded in answer to demands for an independent consulting firm to assist clients gain a competitive edge by achieving IT Operational excellence in deploying, managing and securing their IT infrastructure. With over 20 year’s experience, we provide you with access to in-depth expertise, experience and technical know-how. Backed with our quality processes and commitment to deliver, BH Consulting provides clients with quality solutions at cost effective rates.

 Focus IrelandSupport Focus Ireland
If you have found any items in our Security Watch Newsletter to be of use to you we ask that you make a donation to Focus Ireland who work tirelessly supporting the homeless throughout Ireland.  Focus Ireland aims to advance the right of people-out-of-home to live in a place they call home through quality services, research, and advocacy.  The objectives of Focus Ireland are to respond to the needs of people out-of-home and those at risk of becoming homeless, through a range of appropriate high quality services, to provide emergency transitional and long-term accommodation for people out-of-home, to  campaign and lobby for the rights of people out-of-home and the prevention of homelessness.  No sum is too small and all is put to excellent use.

BH CONSULTING NEWS

BH Consulting Published in Running Your Business Magazine.
The recent issue of the Small Firm's Association's magazine, Running Your Business, contains an article written by our Senior Consultant, Brian Honan.  Brian advised the readers of Running Your Business about the potential risks posed to their businesses by email and how best to manage and mitigate those risks.  

Brian Honan Invited to Write for CSI Communications Magazine
The Computer Society of India has invited Brian Honan to write an article for the August edition of their CSI Communications magazine.  Brian has been asked to write on the topic of best practises for information security incident response.  The magazine is circulated to over 30,000 Information Technology professionals throughout India and highlights BH Consulting's reputation as experts in the field of incident response.

Global Security Week 2007.
This year Global Security Week runs from September the 3rd to the 9th.  The topic for this year's event is "Privacy in the 21st Century".  We are delighted to say that BH Consulting will be once again heavily involved with this year's event and plan to host a seminar on "Privacy in the 21st Century" during Global Security Week.  We will keep you updated of the developments and events that will occur during Global Security Week.  If you want to get involved then please do not hesitate to contact us.

"Managing Information Security with ISO 27001" Training Course Scheduled for September 2007
Due to the demand and interest generated in the above training course another date to host the event is being scheduled for September of this year. 

BH Consulting and the Centre for Software Engineering are hosting a two day course “Managing Information Security with the ISO 27001 Information Security Standard”. This course provides a framework that will enable those responsible for securing sensitive information assets using a quality based approach to identify key assets and how best to manage the associate threats and risks.

The subjects covered include:

  • Overview of information security
  • Introduction to the ISO 27001 Information Security Standard
  • Identifying key information assets
  • Identifying risks
  • Strategies for mitigating and managing risk
  • Implementing appropriate security controls
  • Monitoring the effectiveness of security controls

Anyone interested in the above course can contact us or find more information available on the Centre For Software Engineering’s website

BH CONSULTING WEBSITE UPDATE
 We strive at BH Consulting to provide information that is relevant and useful in securing and running your business. To this end we provide a range of free whitepapers available for download free from our white papers page.

LATEST THREAT LEVELS
Get more information on the latest updates on current threats at our online resources page;

FEATURES

CERT Polska Launches ARAKIS
CERT Polska have provided the information security community with an interesting resource called ARAKIS.  ARAKIS is an early warning system that takes data from various sources such as firewalls, honey-pots and anti-virus systems to try and detect and alert on new threats.

It is a well laid out site with numerous interesting sections such as the Top 10 HoneyPot changes in activity, the Top 10 Firewall changes in activity and the 5 most commonly seen viruses in the past 24 hours.

New Microsoft Tool Strips Exploits Out Of Office Documents
Microsoft released its new Microsoft Office Isolated Conversion Environment (MOICE), which uses Microsoft Office's system converters to convert Office 2003's binary format files into the Office Open XML format used by Office 2007. The purpose of MOICE is to help strip out potentially dangerous code that attackers might have inserted in Office files. MOICE works with .doc, .ppt, .pot, .pps, .xls, .xlt, and .xla file formats...  Click Here for more

Talking the Talk; Windows, Linux and B2B
Conversations about Windows and Linux integration aren’t all that uncommon these days, but typically they revolve around shared network resources and user accounts. However, that’s only a small part of integration: What’s also critical is that enterprise applications across platforms must be able to seamlessly, reliably, and securely communicate. This is an important aspect of integration because enterprises run mission-critical applications and services on Windows, Linux, UNIX, and mainframes. It’s simply not possible for an enterprise IT department to do things “one way...  Click Here for more.

Configure IIS to Require Client Certificates From Users
Q: Our company has implemented a secure, Web-based extranet to share information with remote employees, contractors, and clients. However, we want to control which PCs are used to access the site. For example, we don't want the site to be accessible from public PCs such as Internet cafe PCs. We'd like to avoid making significant modifications to the extranet application but are willing to purchase tokens...  Click Here for more.

Windows Server 2008 Yes; Virtualisation No
I've been beating the drum for Windows Server "Longhorn" for quite some time now: This next Windows Server version features an incredible roles-based installation and management model, sweeping new functionality, heightened security, and a slew of other features that I think will make this the most rapidly adopted Microsoft server product ever. But last week at its Windows Hardware Engineering Conference (WinHEC) 2007 trade show, Microsoft took the wraps off what is arguably Longhorn's most important feature of all: its name... Click Here for more.

Virtualizing SQL Server
Virtualization is a rapidly changing technology that’s useful for server consolidation, testing and deployment, training, and disaster recovery. Stay current with this hot technology by reviewing these best practices for running SQL Server in a virtual environment... Click Here for more.

FREE SECURITY SCAN
 In partnership with Qualys, BH Consulting are offering a for a free Network Security Scan so you can check how healthy your network is. To find out more about what this service can do for you, visit our free Network Security Scan

Alternatively contact us or visit our website to get more details on our risk assessment service.

This issue of Security Watch is being brought to you by BH Consulting.  If you have found this issue to be of use please support our drive to raise funds for Focus Ireland.

Each Security Watch eNewsletter, and the special Security Alert issues, are produced independently by the Windows IT Pro Custom Media Group and is distributed by various Microsoft security partners. Each eNewsletter contains up-to-date information about security strategies, technologies, and alerts. Each Security Alert contains the latest information about security threats.

Additional news courtesy of Silicon Republic, Cnet, Silicon and Zdnet

To update your subscription to our newsletter click here.  To unsubscribe click here

Home | About Us | Our Services | Useful Resources | Contact Us | Corporate Responsibility | Disclaimer | Privacy | Blog
Copyright © 2005 BH IT Consulting Ltd.