Helping you Piece IT Together

Home Previous About Us Our Services Whitepapers Resources Newsletter Links News Contact Us Search

Visit Our
Blog

Issue April 2006

In this month's issue of our Security Watch Newsletter, we highlight some interesting news stories from around the globe and nearer to home, update you on the latest happenings in BH Consulting, provide advice on how to use your computer safely,  outline what identity means in the context of computer security, discuss the effect of the increasing number of computer security breaches on people's privacy, provide details on how to securely remove your password and finally discuss that often overlooked threat to computer security, your employees!

 

About BH Consulting
BH Consulting was founded in answer to demands for an independent consulting firm to assist clients gain a competitive edge by achieving IT Operational excellence in deploying, managing and securing their IT infrastructure. With over 20 year’s experience, we provide you with access to in-depth expertise, experience and technical know-how. Backed with our quality processes and commitment to deliver, BH Consulting provides clients with quality solutions at cost effective rates.

 Focus IrelandSupport Focus Ireland
If you have found any items in our Security Watch Newsletter to be of use to you we ask that you make a donation to Focus Ireland who work tirelessly supporting the homeless throughout Ireland.  Focus Ireland aims to advance the right of people-out-of-home to live in a place they call home through quality services, research, and advocacy.  The objectives of Focus Ireland are to respond to the needs of people out-of-home and those at risk of becoming homeless, through a range of appropriate high quality services, to provide emergency transitional and long-term accommodation for people out-of-home, to  campaign and lobby for the rights of people out-of-home and the prevention of homelessness.  No sum is too small and all is put to excellent use.

NEWS
BH Consulting in the Press.
There is often a lot of confusion and discussion over what security solutions should be put in place to protect important information assets.  The Irish Independent recently ran an article on hype regarding IT security.  Our very own Brian Honan contributed to the article.  Click here to read the online version of the article on the SiliconRepublic.com web site and see what Brian has to say on this heated topic.

Brian Honan has also been selected as an editor to the highly regarded SANS Institute NewsBites electronic newsletter.  The SANS NewsBites electronic newsletter is published twice a week to over 150,000 subscribers worldwide and provides an executive summary and expert insights into the important news articles relating to computer security.

Coverage of news relating to BH Consulting can be found on our news page.

Securing Wireless Networks.
The freedom and ease of use of wireless networks is making them more and more popular both for personal and business use.  However, as with all technologies it is important to ensure that they are deployed correctly and securely.  If you are looking a guide in how to secure your wireless network or those of friends, business colleagues, then the following may prove useful;

An online tutorial from GetNetWise on how to secure your wireless network with video tutorials as to how to configure wireless routers from Linksys, Netgear and Apple.

Also another useful online tutorial from the Washington Post newspaper with a series of video guides on how to secure and protect your PC.

The following online movie gives a good overview of an "Anatomy of a Hack".  While the video promotes Fiberlink's products it demonstrates how a hacker can quickly exploit a vulnerability on a machine that is not properly protected. 

Survey shows Internet Abuse is on the Rise.
The UK's Department of Trade and industry's 2006 Security Breaches Survey shows that most companies in the UK suffered from staff misusing Internet and email resources.   The survey shows that more companies have implemented acceptable usage policies, 63% compared to 43% the previous year, however the amount of abuse also grew from 8% to 17%.  While policy development is an important step it is equally important to ensure the policies are managed, monitored and enforced.  It would be worthwhile for you to examine your own policies and see if and how well they are being managed, monitored and enforced. 

Report on "Why Phishing Works"
Most of us have received an email purporting to be from a bank, eBAy, PayPal or some other organisation trying to get us to disclose our personal financial details.  Very often these emails contain a link to a site that to all intents and purpose looks real.  While most of us may be able to ignore such emails or indeed spot the fake website, this survey from professors at the US universities of Harvard and Berkeley shows that 90% of people could not distinguish between a fake and a real website.  This may have serious implications for online commerce and e-business.  If your customers do not know whether or not your website is genuine, how can they trust your site to do business with you?  If you have not done so yet, you should look at updating your company's Anti-Fraud Policies to deal with the threat posed by Phishing and also update your Incident Response Plan to incorporate how to deal with a Phishing attack.

Why Proper Change Management is Crucial!
35,000 passengers on the San Francisco Bay Area Rapid Transport (BART) system got an unwelcome lesson in how not to do change management when they were stranded during Wednesday's (26/03/06) rush hour.  Computer engineers attempting to resolve an ongoing software problem on the systems that control the Bay Area Rapid Transit (BART) trains, instead crippled the network causing all systems to shut down.  The story is good example as to why you should thoroughly test all systems and their dependencies before implementing any changes and that you have a rapid plan to roll back the change in the event of any issues.

Data Commissioner Publishes report for 2005
Billy Hawkes, the Data Protection Commissioner, has published the seventeenth annual report of the Data Protection Commissioner for 2005.  The report contains some interesting case studies for review, especially if you are intend deploying biometrics in the workplace or use CCTV cameras.  SiliconRepublic.com also provides good coverage of the report.

BH CONSULTING WEBSITE UPDATE
 We strive at BH Consulting to provide information that is relevant and useful in securing and running your business. To this end we have updated our range of whitepapers and the following is now available for download free from our white papers page;

"Everything You wanted to know about SPAM" (66 KB)

Also on our website you will find a new page outline our Security Assessment Service which enables you to determine what areas of your computer network security needs to be strengthened.  Our brochure for this service is available for download here "BH Consulting Security Assessment Brochure" (84 KB)

LATEST THREAT LEVELS
Get more information on the latest updates on current threats at our online resources page;

FEATURES

Improving Your Computer Usage Safety
The amount of malicious software on the Web has increased greatly recently. Here are some guidelines to help protect yourself: Practice Safe Browsing. Avoid unfamiliar or untrusted Web sites, especially Web sites that advertise... ...  Click Here for more info

Its Me, and Here's My Proof
No matter what kinds of technological or procedural advancements occur, certain principles of computer science will remain—especially those concerning information security. Among all the competing claims of security vendors that their latest... Click Here for more info

Data Security -- It's a Storage Problem
2005 was a rough year for people worried about the security of their personal information. In compliance with California's law mandating that companies reveal "unauthorized acquisition of [data] that compromises the security, confidentiality, or... ... Click Here for more info

Cleaning Up After Mass Password Changes
After you've performed mass password changes, don't leave password strings lying around in plaintext. You might use strong encryption to encrypt the data, or better yet, you might remove the passwords from your system completely. To do that... Click Here for more info

Your Worst Security Risk May Work For You
When it comes to information security, your biggest vulnerability is not necessarily your computers. It’s your users. Every day, employees make glaring errors such as posting their passwords where others can see them, downloading and opening... ... Click Here for more info

FREE SECURITY SCAN
 In partnership with Qualys, BH Consulting are offering a for a free Network Security Scan so you can check how healthy your network is. To find out more about what this service can do for you, visit our free Network Security Scan

Alternatively contact us or visit our website to get more details on our risk assessment service.

This issue of Security Watch is being brought to you by BH Consulting.  If you have found this issue to be of use please support drive to raise funds for Focus Ireland.

Each Security Watch eNewsletter, and the special Security Alert issues, are produced independently by the Windows IT Pro Custom Media Group and is distributed by various Microsoft security partners. Each eNewsletter contains up-to-date information about security strategies, technologies, and alerts. Each Security Alert contains the latest information about security threats.

Additional news courtesy of Silicon Republic, Cnet, Silicon and Zdnet

To update your subscription to our newsletter click here.  To unsubscribe click here

Home | About Us | Our Services | Useful Resources | Contact Us | Corporate Responsibility | Disclaimer | Privacy | Blog
Copyright © 2005 BH IT Consulting Ltd.