Helping you Piece IT Together

Issue October 2006

About BH Consulting
BH Consulting was founded in answer to demands for an independent consulting firm to assist clients gain a competitive edge by achieving IT Operational excellence in deploying, managing and securing their IT infrastructure. With over 20 year’s experience, we provide you with access to in-depth expertise, experience and technical know-how. Backed with our quality processes and commitment to deliver, BH Consulting provides clients with quality solutions at cost effective rates.

Support Focus Ireland
If you have found any items in our Security Watch Newsletter to be of use to you we ask that you make a donation to Focus Ireland who work tirelessly supporting the homeless throughout Ireland.  Focus Ireland aims to advance the right of people-out-of-home to live in a place they call home through quality services, research, and advocacy.  The objectives of Focus Ireland are to respond to the needs of people out-of-home and those at risk of becoming homeless, through a range of appropriate high quality services, to provide emergency transitional and long-term accommodation for people out-of-home, to  campaign and lobby for the rights of people out-of-home and the prevention of homelessness.  No sum is too small and all is put to excellent use.

BH CONSULTING NEWS
BH Consulting To Address NITEs Seminar
This year the 5th annual National IT & eSecurity Summit takes place at the IMI Conference Centre on the 8th and 9th of November.  Brian Honan will be giving a talk on "Improving Security - Incident Response".  Further details of the conference is available here.

Security Watch Blog Launching in November.
Through Brian Honan's work as European Editor for the SANS Institutes NewsBites newsletter there are many interesting stories and issues that we come across and feel may be of interest to our readers.  However, due to the timing of our newsletter some of these stories are outdated or may not make the monthly newsletter.  To this end BH Consulting will be launching BH Consulting's Security Watch Blog over the coming weeks.  This will enable us to keep you more regularly informed with what is happening with BH Consulting, the area of information security within Ireland and indeed the rest of the world.  It will also allow you to provide us with more timely feedback on the topics and areas of most interest to you.  Keep an eye on our website to see when the Blog is launched.

Brian Honan Attended ENISA Workshop on CERTs.
Through his work with the Department of Communications in researching how best Ireland should establish a Computer Emergency Response Team, Brian Honan recently attended an "invitation only" seminar hosted by ENISA in Brussels.  The focus of the seminar was on establishing and running a Computer Emergency Response Team and proved to be very beneficial.  It is hoped the information gathered will assist in the further development of a Computer Emergency Response Team here in Ireland.

Brian Honan Published in InfoSecurity Today Magazine
Brian Honan has recently had an article printed in the prestigious and well regarded InfoSecurity Today magazine.  For the latest edition Brian wrote an article discussing whether information security has become the latest "dot com" type opportunity for the IT industry.

BH CONSULTING WEBSITE UPDATE
We strive at BH Consulting to provide information that is relevant and useful in securing and running your business. To this end we provide a range of whitepapers available for download free from our white papers page.

The latest addition to our whitepapers is a presentation relating to Corporate ID Theft.

LATEST THREAT LEVELS
Get more information on the latest updates on current threats at our online resources page;

FEATURES

Irish Cyber Crime Forum and Survey
The second Irish Cyber Crime Forum, hosted by ISSA Ireland and University College Dublin, was held in University College Dublin on the 26t of October.  Aside from the interesting speakers, the main topic of interest was the launch of the first survey to focus on cyber crime within Ireland.  Most cyber crime surveys are focused on the United States or if based on international research are too high level to be relevant to Ireland.  This means we have very little solid facts and figures for which we as individuals, companies and indeed as a nation, can rely on to help us best focus our resources in relation to information security.  This survey will help address the gap and we at BH Consulting would urge you to respond to the survey as best you can.  All responses are anonymous and confidential.  Details of the survey can be found at the ISSA Ireland website.

New Irish Biometric Passport Launched.
In line with the United States visa waiver program the new Irish Biometric passport was launched.  All new Irish passports will now be issued with an RFID chip implanted into it which will contain an electronic version of the information held within the passport.  The information from this RFID chip can then be read by a scanner at the customs' desk.  It is claimed this chip will make it harder to forge passports.  However, there are some concerns as to whether the information on the RFID is fully secure and whether is can be scanned remotely by those with more nefarious means.  Both the Silicon Republic and The Register cover the story.  Also in case you are interested there are passport cases that claim to prevent the RFID chip from being read remotely already available.

PABX Hack Costs AUS$9,000 in one Week
ZDNet Australia covered a story regarding a small Sydney based company who in one week ran up a phone bill of over AUS$9,000 due to their phone system being remotely hacked and used by criminals to make long distance phone calls.  The interesting point about this story is it highlights an area many companies overlook as part of their information security, the phone system or PABX.  If you have a PABX in place how confident are you that it is secure?  If you are thinking about implementing VOIP, have you thought about security?

A Worm in your Apple?
Two stories to remind you to ensure you have the proper controls in place to manage what devices can be attached to your network.  Recently Apple admitted to shipping some of their video iPods preloaded with a Windows worm, while McDonalds in Japan recalled 10,000 MP3 players pre-infected with the QQPass Trojan.  A number of lessons need to be taken from these stories, apart from the risk of corporate data being copied onto these type of devices, they can also quite easily introduce a virus into your network and no matter what the source always scan for viruses.

FREE SECURITY SCAN
In partnership with Qualys, BH Consulting are offering a for a free Network Security Scan so you can check how healthy your network is. To find out more about what this service can do for you, visit our free Network Security Scan. 

Alternatively contact us or visit our website to get more details on our risk assessment service.

This issue of Security Watch is being brought to you by BH Consulting.  If you have found this issue to be of use please support our drive to raise funds for Focus Ireland.

Each Security Watch eNewsletter, and the special Security Alert issues, are produced independently by the Windows IT Pro Custom Media Group and is distributed by various Microsoft security partners. Each eNewsletter contains up-to-date information about security strategies, technologies, and alerts. Each Security Alert contains the latest information about security threats.

Additional news courtesy of Silicon Republic, Cnet, Silicon and Zdnet

To update your subscription to our newsletter click here.  To unsubscribe click here

Home | About Us | Our Services | Useful Resources | Contact Us | Corporate Responsibility | Disclaimer | Privacy | Blog
Copyright © 2005 BH IT Consulting Ltd.