This past Saturday, I open the Washington Post and discovered what I have always thought was the case in an article title “Cyberspace the fragile frontier” written by Brobert O’Harrow Jr. You may wonder what I meant by “the case”? In this age of connectivity, networktivity (yes I made that word up) where we are all connected by devices, network, social-media, and other systems connected to each other. It begs the question- what if one system (device) gets compromised? What happen to the rest of us carrying these devices around in our hands, pocket, and bags?

OK, still wondering what I am talking about? It’s the devices we all have this days, cell phones, smartphones, iPods, iPads, small mobile computing devices and as I stated in the opening is the case is a case of compromised devices or hacked into. The report in the Washington Post reported a successful hacking of the iPhone, apparently up till now the makers of iPhone considered their OS difficult to hack or break in.

Last week, I hope you also heard of the cyber threat in cyberspace. If not at least you must have heard of stuxnet, botnet and all the other nets. The most recent attack in cyber space “Flame” is even more sophisticated than the previous ones. So why I am posting this on my blog? Why should this concern you, my small and mid-size business owner audience? Well it concerns you because most small business owners that I speak to often tells me “We are not a big company”, “We have nothing the bad guys wants” and I tell them the dynamite fishing story that was told from Comptia Security conference 2011 on cyber security.

 

As a small business Owner, Government Contractors here are three (3) tips you can use to keep your systems secure from this cyber criminals and threats.

• Make sure your systems desktop, server, mobile devices) are patch as fast as possible (avoid ZERO DAY vulnerability)
• Don’t share USB devices without securing your USB, and implement scanning upon inserting USB to your computer or devices. (this will prevent 90% of the trouble)
• Educate and inform your employee (users) of this cyber security threats.

The article that I mentioned above revealed the ZERO DAY security vulnerability and defined as the time between which securities vulnerably are discovery and the release of a patch fix to these vulnerabilities. Hackers explore this time to do their damage, compromise and steal information or even use compromised systems to launch other attack on others and nations included.

To learn more about securing your network, servers, desktops or even your mobile devices, call us at Smarthost Design Technologies – 301-576-1122 ext 101

It doesn't matter how solid your security system is –any hacker or online thief can figure out a weak password in a couple of hours through trial and error. Don't risk being a victim of a security breach and data theft. Avoid these passwords that are especially easy to crack.

If you think using 'password' as your password is no big deal, then it's time to rethink.

Security experts have recently compiled a list of the worst passwords users can choose, and 'password' is at the very top of the list. Weak passwords make your information more vulnerable simply because hackers can guess them. It may be easier to pick a password that you don't have to think about, but it's a choice that you may come to regret.

To help you avoid common password choice mistakes that users make, management application provider SplashData has compiled a list of the 25 worst passwords to use:

1. password
2. 123456
3. 12345678
4. qwerty
5. abc123
6. monkey
7. 1234567
8. letmein
9. trustno1
10. dragon
11. baseball
12. 111111
13. iloveyou
14. master
15. sunshine
16. ashley
17. bailey
18. passw0rd
19. shadow
20. 123123
21. 654321
22. superman
23. qazwsx
24. michael
25. football

Make a smart password choice Experts advise using a combination of letters and numbers when creating your passwords, and to avoid things that anyone might be able to guess, such as birthdays and anniversary dates. Passwords with eight characters or more are safer and it's best to use different passwords for different accounts and websites. Use a password manager to help you keep track of all of your passwords if you're finding it difficult to remember them all..

No matter how sophisticated your security system is, a weak password gives hackers and online thieves an advantage. Helping all the users in your organization understand the importance of password strength will help you secure the IT systems in your organization.

If you're interested in learning more, please contact us so we can develop a comprehensive and custom security blueprint that meets your specific needs.

Reference: Worst Internet Passwords

In an unprecedented move against online fraudsters and hackers, the United States Federal Bureau of Investigation (FBI) and authorities in Estonia, aided by information from security firm Trend Micro, recently conducted a raid that brought down an enormous bot network made up of at least 4 million bots.

Four million is a big number – which makes four million bots, in security terms, a staggering and frightening number as well.

It is a good thing, then, that four million is also the number of bots taken down in a recent bust by the United States Federal Bureau of Investigation, the Estonian Police, and security firm Trend Micro. Data centers in New York City, Chicago, and Estonia were raided by authorities, shutting down hundreds of servers used to create a network of bots that spanned some 100 countries.

The said bust, dubbed “Operation Ghost Click”, is one of – if not THE – largest cybercriminal bust in history, putting to sleep a sophisticated scamming operation that victimized 4 to 5 million users and was said to have generated at least $14 million in illegal revenue.

The scam mainly involved hijacking Domain Name Server (DNS) settings in infected computers, which can be used not only to introduce more malware into an IT system, but also to hijack search results and replace advertisements loaded on websites visited through an infected computer.

While this bust does bode well for all IT users everywhere in the world, it also illustrates the scope of influence and level of organization behind security threats. Since this is probably not the only scam / fraud / botnet operation in the world, it is always best to have a comprehensive security policy for your IT infrastructure to minimize the risk of compromising your company’s data and information.

For more details on the bust, check out Trend Micro’s blog post here.

 

Hello Everyone,

Please pay attention to this if you are a business owner or manager of a business. I just received this e-mail say that my company has won/received 2011 Best of <city> award in this case city is Beltsville and it looks very compelling and almost got me “the expert”. That is why I am posting this out.

After doing a brief research on the company https://www.uscaaward.com/Claim.aspx?cc=DBC-MM8B-ZDHH, I discovered that it was a scam. I Google them and found out that the Better Business Bureau (BBB) has posted this warning http://spokane.bbb.org/article/all-that-glitters-us-commerce-association-awards-to-biz-may-not-be-what-they-seem-11397

So the please and please don’t waste your hard earned dollars on scam that does not benefit your local community as they claimed.

Happy networking from yours truly

Computer consulting guru, See us on Facebook

Femi Dada

Smarthost Design Technologies LLC

Employees using their own mobile devices for work may seem like a good idea at first – it's less expense for you, the employer, and they can also make employees more productive. However, it also means that you are allowing potentially unsecure devices to access your company's data. The solution? An effective IT security policy that balances personal freedom to use these devices and your need to secure important business information.

As technology continues to become more affordable and accessible to consumers, it's an inevitable fact that employers will see more and more of their employees using their own personal devices such as laptops and mobile phones to access the company's IT system.

This can be a dangerous thing. Since these devices aren't company owned and regulated, you have limited access and control over how they are used. Employees could download all sorts of malware and viruses on their devices and pass the infection along to your IT system when they access it.

The solution: a comprehensive IT security policy. It's important that you find a compromise between the freedom of the employee to use the device as desired and your need to keep your IT system safe from viruses and other threats to your data's security. Steps such as having employees run mobile device management (MDM) software on their devices is one of many actions you can take to lessen the risk of security breaches. You may also want to implement applications and software that check and screen for malware, both for laptops and mobile devices. And don't forget that while Android seems to have a bigger problem with malicious software, Apple isn't exactly virus-free, either.

Employees have a right to use their personal devices as they see fit, but not at the expense of important company information stored in your IT system. Running a tight ship in terms of security is an effective way to protect your business interests and your sensitive company data. If you are interested in knowing more about developing a concrete and effective IT security policy for personal device use as well as general system access, please don't hesitate to give us a call so we can sit down with you and discuss a custom security blueprint that's just right for you.