August 30, 2008
Safe Computing Tips
Richard Kuper
The Kuper Report
http://TheKuperReport.com
********************************************************
NOTE:
This article was originally posted August 8, 2007 but is still relevant,
and so we are reposting it now.
********************************************************
If someone is truly determined to hack into your computer or your emails and they have the tools and knowhow, then they will probably succeed. But you can make it harder for them to do so. Unless it is the government. On Monday, President George W. Bush signed into law an expansion of the Foreign Intelligence Surveillance Act (FISA), giving government expanded rights to intercept phone calls and e-mails without warrants.
You can protect your computer by installing a suite of protection products. One such product, Grisoft's AVG Internet Security Suite has previously been reviewed. (See the original review here and the follow-up here.)
Such suites provide protection from spyware and viruses and a variety of other malware. That would be an excellent first step. And of course be sure to keep it up to date and proactive.
Be very careful what emails you choose to open, and set your email to hide graphics by default. If you are confident that a particular email is from a trusted source, you can always activate the graphics for that individual email as you are viewing it. Turning off graphics in email is a simple way to prevent a lot of the newer means of introducing malware to your computer that just might start capturing everything you do, including all your passwords.
Be very careful about clicking on links, especially in emails that look like they came from your financial institution. The safest way to deal with your financial institution online is to not click on links in emails, but instead go to their website by entering their web address directly into your browser. Otherwise you may end up at a very good copy that looks like your financial institution's website but is instead a rogue site that will collect all the information you type and then will use it to potentially steal your identity, or at least order lots of stuff in your name billed to you but shipped somewhere else.
When connecting to the internet, never do so from a computer id that has administrative rights except when absolutely necessary (e.g., to download and install new software that you purchase online from a reputable source). Being connected to the internet with administrative rights is akin to leaving your front door open while you are not at home and expecting no one will walk in andpotentially walk out with many of your valuables.
When creating passwords, try to use a combination of letters and numbers, and the longer the password the better. Of course, don't write it down and leave it by the computer or where someone could find it.
And if you really want secure communication in email, you need to be sending encrypted email. That's not as easy as all of the other suggestions above. It requires a means for encrypting by the sender and decrypting by the receiver, and the encryption/decryption codes can only be known by just those parties for it to truly be of value.
Does your cell phone have internet access? Then it can be hacked just as easily as your desktop or notebook computer.
One more thing. It does not matter what brand computer or cell phone you have. All are vulnerable.
* [Please post your job openings here] *
R.L. Kuper, Inc. - Management Consulting
The Kuper Report
http://TheKuperReport.com
********************************************************
NOTE:
This article was originally posted August 8, 2007 but is still relevant,
and so we are reposting it now.
********************************************************
If someone is truly determined to hack into your computer or your emails and they have the tools and knowhow, then they will probably succeed. But you can make it harder for them to do so. Unless it is the government. On Monday, President George W. Bush signed into law an expansion of the Foreign Intelligence Surveillance Act (FISA), giving government expanded rights to intercept phone calls and e-mails without warrants.
You can protect your computer by installing a suite of protection products. One such product, Grisoft's AVG Internet Security Suite has previously been reviewed. (See the original review here and the follow-up here.)
Such suites provide protection from spyware and viruses and a variety of other malware. That would be an excellent first step. And of course be sure to keep it up to date and proactive.
Be very careful what emails you choose to open, and set your email to hide graphics by default. If you are confident that a particular email is from a trusted source, you can always activate the graphics for that individual email as you are viewing it. Turning off graphics in email is a simple way to prevent a lot of the newer means of introducing malware to your computer that just might start capturing everything you do, including all your passwords.
Be very careful about clicking on links, especially in emails that look like they came from your financial institution. The safest way to deal with your financial institution online is to not click on links in emails, but instead go to their website by entering their web address directly into your browser. Otherwise you may end up at a very good copy that looks like your financial institution's website but is instead a rogue site that will collect all the information you type and then will use it to potentially steal your identity, or at least order lots of stuff in your name billed to you but shipped somewhere else.
When connecting to the internet, never do so from a computer id that has administrative rights except when absolutely necessary (e.g., to download and install new software that you purchase online from a reputable source). Being connected to the internet with administrative rights is akin to leaving your front door open while you are not at home and expecting no one will walk in andpotentially walk out with many of your valuables.
When creating passwords, try to use a combination of letters and numbers, and the longer the password the better. Of course, don't write it down and leave it by the computer or where someone could find it.
And if you really want secure communication in email, you need to be sending encrypted email. That's not as easy as all of the other suggestions above. It requires a means for encrypting by the sender and decrypting by the receiver, and the encryption/decryption codes can only be known by just those parties for it to truly be of value.
Does your cell phone have internet access? Then it can be hacked just as easily as your desktop or notebook computer.
One more thing. It does not matter what brand computer or cell phone you have. All are vulnerable.
Labels: cell, computer, Kuper, kuper report, phone, richard kuper, safe computing tips, security
| FindJobsPostJobs.com | CareerHotList.com |
September 24, 2007
Privacy and Security Watch: Are you giving away your personal or corporate data to thieves?
Richard Kuper
The Kuper Report
http://TheKuperReport.com
I came across a couple of articles that continue to bring home the fact that many companies and individuals still do not have a handle on ensuring the privacy and security of data:
What's on your hard drive?
When businesses or individuals discard old computers, apparently many are not ensuring that personal or business data has been securely removed first. According to this article, from a sample of 350 hard drives acquired in online auctions, details about salary, company financial data, medical data, credit card numbers, visa applications, details of online purchases, and even online pornography were found.
There are many tools available today for corporate and individual use that can shred the data on your hard drives and other storage devices. They are not very expensive, especially for individual use. Simply reformatting the hard drive, for example, will not wipe the data from it.
Do you or your employees connect to a file-sharing network?
If you connect your computer to a file-sharing network, such as BearShare or LimeWire or the like, you are opening up your computer to anyone who cares to search it and copy stuff from it. According to this article, "Three spreadsheets containing more than 5,000 Social Security numbers and other personal details about customers of ABN Amro Mortgage Group were inadvertently leaked over an online file-sharing network by a former employee." In this case, the computer had the BearShare software installed.
A common search, by those seeking something other than a song, is to search on terms like "password" to find data on connected computers that will net usable information for identity theft and other crimes. In addition, it would seem that most users of file-sharing networks do not take the appropriate steps to limit what can be searched on their computer. Any time you allow your computer to be accessed by others whom you do not know and therefore have no known level of trust, you are looking for trouble.
Regarding the leaked spreadsheet with over 5,000 Social Security numbers and other personal customer details, according to a spokesperson for ABN parent company Citigroup Inc.: "Citi's information-security standards require that confidential information be stored on Citi-managed devices." In the case of the spreadsheet, it would seem the employee had it on his home pc.
* [Please post your job openings here] *
R.L. Kuper, Inc. - Management Consulting
The Kuper Report
http://TheKuperReport.com
I came across a couple of articles that continue to bring home the fact that many companies and individuals still do not have a handle on ensuring the privacy and security of data:
What's on your hard drive?
When businesses or individuals discard old computers, apparently many are not ensuring that personal or business data has been securely removed first. According to this article, from a sample of 350 hard drives acquired in online auctions, details about salary, company financial data, medical data, credit card numbers, visa applications, details of online purchases, and even online pornography were found.
There are many tools available today for corporate and individual use that can shred the data on your hard drives and other storage devices. They are not very expensive, especially for individual use. Simply reformatting the hard drive, for example, will not wipe the data from it.
Do you or your employees connect to a file-sharing network?
If you connect your computer to a file-sharing network, such as BearShare or LimeWire or the like, you are opening up your computer to anyone who cares to search it and copy stuff from it. According to this article, "Three spreadsheets containing more than 5,000 Social Security numbers and other personal details about customers of ABN Amro Mortgage Group were inadvertently leaked over an online file-sharing network by a former employee." In this case, the computer had the BearShare software installed.
A common search, by those seeking something other than a song, is to search on terms like "password" to find data on connected computers that will net usable information for identity theft and other crimes. In addition, it would seem that most users of file-sharing networks do not take the appropriate steps to limit what can be searched on their computer. Any time you allow your computer to be accessed by others whom you do not know and therefore have no known level of trust, you are looking for trouble.
Regarding the leaked spreadsheet with over 5,000 Social Security numbers and other personal customer details, according to a spokesperson for ABN parent company Citigroup Inc.: "Citi's information-security standards require that confidential information be stored on Citi-managed devices." In the case of the spreadsheet, it would seem the employee had it on his home pc.
Labels: abn, bearshare, citigroup, computer, credit, crime, data, disk, drive, file, id, identity, limewire, password, pc, privacy, security, sharing, stolen, theft
| FindJobsPostJobs.com | CareerHotList.com |
May 09, 2007
Court Permits Search of Personal Computer in Workplace
According to this article at findlaw.com, "a federal court has just held that an employee did not have a reasonable expectation of privacy in the personal computer he brought to work." It seems that because this employee and a co-worker otherwise had to share a common personal computer, this employee decided to bring in his own computer and connect it to his employer's system. The employer, in this case, was a city government. The employee made no effort to protect any information on his personal computer and left it on and in a public space -- even when he was not at his desk. This failure to password or otherwise protect and guard the personal information on his personal computer eventually led to the discovery of child pornography on his personal computer. That eventually led to the appellate court case that resulted in this decision.
As the article concludes, "if you want to maintain your privacy rights under the Constitution, you yourself must keep your private matters private."
Richard Kuper
The Kuper Report
http://TheKuperReport.com
* [Please post your job openings here] *
R.L. Kuper, Inc. - Management Consulting
As the article concludes, "if you want to maintain your privacy rights under the Constitution, you yourself must keep your private matters private."
Richard Kuper
The Kuper Report
http://TheKuperReport.com
Labels: barrows, computer, constitution, court, Fourth Amendment, Kuper, kuper report, law, oklahoma, privacy, richard kuper, rights, search, seizure
| FindJobsPostJobs.com | CareerHotList.com |
Who links to me?
