|
Issue
November 2007
Welcome to the November edition of BH
Consulting's Security Watch Newsletter. In this month's issue we
provide some updates to what has been going on in BH Consulting, alert you to an
interesting event in January 2008 and provide feedback on our recent ISO 27001
course. We also provide you with some links to information we think may be
of interest to you while also providing some insight into Microsoft's Unified
Communications solution and Microsoft Outlook's message classification feature.
About BH Consulting
BH Consulting was founded in answer to demands for an independent consulting
firm to assist clients gain a competitive edge by achieving IT Operational
excellence in deploying, managing and securing their IT infrastructure. With
over 20 year’s experience, we provide you with access to in-depth expertise,
experience and technical know-how. Backed with our quality processes and
commitment to deliver, BH Consulting provides clients with quality solutions at
cost effective rates.
 Support
Focus Ireland
If you have found any items in our
Security Watch Newsletter to be of use to you we ask that you
make a donation to
Focus Ireland who
work tirelessly supporting the homeless throughout Ireland. Focus Ireland
aims to advance the right of people-out-of-home to live in a place they call
home through quality services, research, and advocacy. The objectives of
Focus Ireland are to respond to the needs of people out-of-home and those at
risk of becoming homeless, through a range of appropriate high quality services,
to provide emergency transitional and long-term accommodation for people
out-of-home, to campaign and lobby for the rights of people out-of-home
and the prevention of homelessness. No sum is too small and all is
put to excellent use.
BH CONSULTING NEWS
Brian Honan Comments in the
Irish Times on the
UK Revenues Loss of 25 million data records
The
Irish Times published on Friday the 23rd of November contains an
article on the recent loss by the UK’s Revenue and Customers service of the
personal details of 25 million people. The details belong to all families in
the UK with children under 16 years of age and in receipt of child welfare
benefit.
The information, which was contained on two CDs
and subsequently lost in the HMRC’s internal post, includes the names,
addresses, national insurance number and where applicable bank account details
of those affected. Apart from the obvious concerns regarding identity fraud if
the information should fall into the wrong hands, this information includes
details on those children that are most vulnerable or at risk and would also be
useful to those that prey on young children.
John Collins from the
Irish Times
interviewed Brian for
this article and asked for his thoughts on what the HMRC could have done
better to prevent this from happening.
The Irish Independent
Speaks to Brian Honan On New Apple MAC Trojan
Further to the recent discovery of a new Trojan written by cyber criminals which
targets Apple MAC users, Brian Honan was interviewed for the Digital Ireland
supplement in the 29th of November issue of the
Irish
Independent. The article also appears on
SiliconRepublic.com’s website
Knowledge Ireland
Quotes Brian Honan
The recent edition of Knowledge Ireland contains a quote from Brian Honan
regarding the failure of compliance programmes to make organisations more
secure. Brian is quoted as saying ""Compliance also seems to be failing
us. We hoped that compliance would improve security but it seems the truth is
companies are more concerned about being compliant than being secure."
Upcoming Event on
Emerging Information Security Threats & Solutions
As part of Trigraph
Professional Services' IT Security Series, Brian Honan will speak at
the upcoming
"Emerging Information Security Threats & Solutions"
briefing event scheduled for January 28th 2008. This Briefing provides
managers and key decision-makers in organisations with an overview of the latest
threats posed to their organisation while also outlining ways to reduce these
threats against critical organisational assets. More details on the
briefing is available from Trigraph Professional Services'
website.
"Managing
Information Security with ISO 27001" Training Course
BH Consulting and the
Centre for Software Engineering recently hosted a
two day course
“Managing Information Security with the ISO 27001
Information Security Standard”. The course was very successful and
feedback from the attendees was very positive. We plan to schedule the
course again in the New Year. If you are interested in attending or
require more information you can
contact us or find details on the course
on the
Centre For Software Engineering’s website.
BH CONSULTING WEBSITE UPDATE
We strive at BH Consulting to provide information that is
relevant and useful in securing and running your business. To this end we
provide a range of free whitepapers available for download
free from our
white papers page.
LATEST THREAT LEVELS
Get more information on the latest updates on current threats at
our online resources page;
FEATURES
Free Security Awareness Video
Watchguard have produced a useful
security awareness video to help educate end
users on how to select secure passwords. It follows the travails of Bud as he
tries to select a secure password from the obvious and insecure one he already
has.
Bud Logs In is provided
free
by Watchguard for use within your own security awareness programmes.
Downloadable versions of the video are also available
Latest SANS Top 20 Released
The SANS
Institute recently released their latest
Top
20 Internet Security Risks. The launch was held in London and the
report highlights the continuing trend of increasing criminal involvement in
cyber attacks and the focus of attacks moving away from networks and operating
systems. Instead the main points of attack are application vulnerabilities,
especially in custom built applications, and users that are not security aware.
NIST Releases Three New Special Publications
The US
National Institute of Standards & Technology (NIST) recently released
three new special publications that can help improve the security of your data.
They are;
Inexpensive Unified Communications Deployment,
Part 1
The "It's Time to Deploy! Microsoft Unified Communications" roadshow series
sponsored by Microsoft and Windows IT Pro highlights the practical
considerations of deploying Microsoft's unified communications (UC)
technologies, including Exchange Server 2007 unified messaging (UM)... Click
Here for more
Using Exchange and Outlook's New Message-Classification
Feature
Microsoft Office Outlook 2007 and Microsoft Exchange Server 2007 support a
feature called message classification, which provides metadata about an email
message's intended audience, content, or use. To set up message classification,
you first install it, export the default classifications to an XML... Click
Here for more
FREE SECURITY SCAN
In partnership with
Qualys, BH Consulting
are offering a for a free Network Security Scan so you can check how healthy
your network is. To find out more about what this service can do for you, visit
our free
Network Security Scan.
Alternatively contact
us or visit our website to get more details on our
risk assessment service.
This issue of Security Watch is being brought to you by BH Consulting.
If you have found this issue to be of use please support our drive to raise funds
for
Focus Ireland.
Each
Security Watch eNewsletter, and the special Security Alert issues, are produced
independently by the Windows IT Pro Custom Media Group and is distributed by
various Microsoft security partners. Each eNewsletter contains up-to-date
information about security strategies, technologies, and alerts. Each Security
Alert contains the latest information about security threats.
Additional news courtesy of
Silicon Republic,
Cnet,
Silicon and
Zdnet
To update your subscription to our newsletter
click
here. To unsubscribe click
here
| 
