BH Consulting Security Watch Newsletter

Helping you Piece IT Together

Issue July 2006

In this month's issue of our Security Watch Newsletter, we provide feedback from the FBI on how to protect your systems, outline how even small business websites can become targets for hackers, provide an overview of a "Vishing" and advise you on how best to prevent hackers from attacking you system. We also highlight some interesting news stories from around the globe and update you on the latest happenings in BH Consulting

About BH Consulting
BH Consulting was founded in answer to demands for an independent consulting firm to assist clients gain a competitive edge by achieving IT Operational excellence in deploying, managing and securing their IT infrastructure. With over 20 year’s experience, we provide you with access to in-depth expertise, experience and technical know-how. Backed with our quality processes and commitment to deliver, BH Consulting provides clients with quality solutions at cost effective rates.

Support Focus Ireland
If you have found any items in our Security Watch Newsletter to be of use to you we ask that you make a donation to Focus Ireland who work tirelessly supporting the homeless throughout Ireland. Focus Ireland aims to advance the right of people-out-of-home to live in a place they call home through quality services, research, and advocacy. The objectives of Focus Ireland are to respond to the needs of people out-of-home and those at risk of becoming homeless, through a range of appropriate high quality services, to provide emergency transitional and long-term accommodation for people out-of-home, to campaign and lobby for the rights of people out-of-home and the prevention of homelessness. No sum is too small and all is put to excellent use.

NEWS
Focus Ireland Golf Tournament.
BH Consulting were delighted to enter a team into this year's Focus Ireland Golf Tournament held at Carton House. As we decided to enter a team that extolled in the true Olympic spirit we did not manage to win any prizes, however a great day was held by all. On behalf of BH Consulting I would like to sincerely thank the members of the team who took the time from their busy schedules to take part and made the day a very enjoyable event. My thanks also to our kind sponsors for the day who provided the team with various golf paraphernalia and the much appreciated supply of spare golf balls!! Finally a very sincere thank you to our hosts for the day, Focus Ireland, who provided an excellent day and venue for the event. Hopefully next year we can enter at least one team, if not more.

Identity Theft Seminar as part of Global Security WeeK
BH Consulting, in partnership with Vigitrust, are sponsoring a free seminar on Identity Theft as part of this year's Global Security Week. The seminar will take place at 2 p.m. in the Burlington Hotel on Thursday the 7th of September. Identity Theft is becoming the fastest growing crime and this afternoon seminar will highlight to individuals and companies alike the threat posed to their identity by this crime. There will be speakers on this topic from the Garda Computer Crime Unit, ENISA (the European Network and Information Security Agency) and also from the Companies Registration Office to talk about company identity theft. SiliconRepublic.com have posted details on the event on their site. More details of Global Security Week can be found here.

If you wish to book a place at this event please do not hesitate to contact us.

Rules changing for Online Merchants.
if your organisation provides the facility to process credit card details via your website, then you should be aware that Visa and Mastercard intend to make a number of changes to the Payment Card Industry data security standard over the coming weeks. The proposed changes will further bolster the standard in an attempt to ensure that customer data is protected properly from unauthorised access. Organisations who claim they are compliant with the Payment Card Industry data security standard can suffer large penalties if they subsequently suffer a security breach. Details of the proposed requirements can be found here and more information on the new changes can be found here.

BH Consulting in partnership with Qualys can provide you with a vulnerability management service to assist you in complying with the Payment Card Industry data security standard. More details of the Payment Card Industry data security standard and Qualys' vulnerability management service is available here or you can contact BH Consulting directly.

1 in 5 Irish Internet Users do not Trust Online Transactions
A recent interesting survey indicating the lack of confidence Irish online consumers have in conducting online transactions. Apparently 1 in 5 Internet users do not trust their personal details with online merchants. The Register and SiliconRepublic.Com provide good details on the story. This survey certainly shows that awareness of Identity Theft is quite high amongst Irish web surfers and also that our Identity Theft Seminar as part of Global Security Week is well timed.

BH CONSULTING WEBSITE UPDATE
We strive at BH Consulting to provide information that is relevant and useful in securing and running your business. To this end we provide a range of whitepapers available for download free from our white papers page;

LATEST THREAT LEVELS
Get more information on the latest updates on current threats at our online resources page;

FEATURES

What little old me?
Too often many companies think that hackers will not be interested in them because they are too small or don't have anything that would be of interest to a hacker. These companies fail to realise that today's hacker is solely interested in one thing each company has, computers. This story shows how the web site of a small company was hacked to most likely be a launch pad for an attack against another company, in this case the ISP hosting the site.... Click Here for more info

Deterring Hackers
How best to prevent your systems becoming a victim of an attack is a constantly challenging goal. This article provides a comprehensive tutorial on how to better protect your network against attack... Click Here for more info

How to Avoid being a Cyber Crime Victim
An interesting question and answer session with several special agents of the United States' FBI on their experiences in dealing with companies that became victims of cyber crime. the agents also provide some helpful advice on how to prevent your company becoming another victim ...Click Here for more info

Gone Vishing
No, our spell checker has not been playing up. A new attack has recently been discovered called Vishing whereby fraudsters are using Voice Over IP systems to imitate the phone systems of banks. Victims are lured by an email encouraging them to surrender their personal details via telephone rather than email ... Click Here for more info

FREE SECURITY SCAN
In partnership with Qualys, BH Consulting are offering a for a free Network Security Scan so you can check how healthy your network is. To find out more about what this service can do for you, visit our free Network Security Scan.

Alternatively contact us or visit our website to get more details on our risk assessment service.

This issue of Security Watch is being brought to you by BH Consulting. If you have found this issue to be of use please support our drive to raise funds for Focus Ireland.

Each Security Watch eNewsletter, and the special Security Alert issues, are produced independently by the Windows IT Pro Custom Media Group and is distributed by various Microsoft security partners. Each eNewsletter contains up-to-date information about security strategies, technologies, and alerts. Each Security Alert contains the latest information about security threats.

Additional news courtesy of Silicon Republic, Cnet, Silicon and Zdnet

To update your subscription to our newsletter click here. To unsubscribe click here