There was no sensitive data on the iPad, just in case something like this ever happened. Security features are enabled anyway.

When I arrived hours later the receptionist said they hadn’t heard anything about any missing devices. I checked and now Find my iPhone showed the device’s location to be about 30 miles away, complete with an address and a satellite view of a residence.

I asked if they had any idea why my iPad would be at such and such address. The helpful person at the desk said, “Can you wait a moment? I need to call the owner of my company.”

I was told that the address was that of an employee whom they’d had other problems with before. They informed me that, after the phone call, the owner had actually driven to the home, recovered the iPad, and terminated the person on the spot. Hopefully the owner isn’t the kind of terminator that Arnold Schwarzenegger portrayed in the Sci-Fi movie. I told them not to fire the guy—maybe he is just trying to feed his family and losing his job wouldn’t help him. It was just nice to know I’d have the iPad back soon.

Your device can tell you, “I’ll be back!” with that thick German accent, “Ahl be bock!”

Turn on a locating service for your device today.

Please post your comments on this blog.

The post Be sure to enable device tracking on your mobile devices appeared first on Foster Institute.

Expecting Microsoft to be the top performer in personal devices and/or expecting Apple to rein in the business networks of the world is, in my opinion, unreasonable. Yes, before Apple fans get their feathers all ruffled, there are exceptions to Apple working in business—especially for individual users connected to the corporate network. Additionally, new managed services can help solve the problems some people notice associated with centrally maintaining several Apple devices on the same network.

Apple is, in my estimation, working hard to get the iPad accepted and implemented in offices. To that end, Apple has adopted some security and business integration measures. For security in particular, refer to this informational PDF.

In summary, security features include:

• Support for WPA2 for Wi-Fi security (both PSK and Enterprise)
• Support for VPNs
• Password support including options for complexity, length, forced changes, lockout, etc.
• Integration with Exchange
• Ability for the IT department to enforce policies
• Remote data wipe
• PKI support including code signing requirements

Many of our clients are integrating the iPad into their organizations.

Will you or have you already used the iPad and/or another slate device on your corporate network?

Please post your comments on this blog.

The post Are iPads welcome in your office? appeared first on Foster Institute.

They drop this in the trash and nobody really notices. Even when they come back to retrieve the goods from the trash, nobody pays much attention then either.

Watch the garbage practices at your organization!

Please post your comment on this blog.

The post A surprising way employees steal from you appeared first on Foster Institute.

Physical security even includes examining how prepared you are from major weather incidents to becoming prepared if someone comes into your organization with a gun. Locks are examined, practices of your team members, security policies, security alarm response time, and the effectiveness of video security CCTV cameras. Even the lighting around your building at night is important to have examined. Physical security auditors frequently have more than 200 checkpoints to examine so you can feel more confident that you are prepared.

The more prepared you are, including both IT and physical security, the better you will survive, and hopefully protect against, a breach of some kind. Not only that, you may be required by regulations to be audited for physical security.

Please post your comments on this blog.

The post The importance of physical security audits appeared first on Foster Institute.

One effective way to disable USB ports is to fill them with epoxy glue—although this ruins the port. New ports can be purchased and added in the future unless the machine is a laptop.

Or, your qualified IT professional may be able to disable the USB ports in the system BIOS of the computer and then set a password for the BIOS so the user cannot re-enable the ports.

Using Windows, it is fairly simple in Group Policy Objects (GPO) to disable the “autoplay / autorun” feature. If you want to stop the USB from working completely, your qualified IT professional will use GPO settings to disable USB devices already installed and prevent users from installing more. For more information your qualified IT professional can visit  http://support.microsoft.com/kb/823732

Also, many anti-virus suites and even VPN clients offer some form of endpoint security that include the ability to lock down your USB ports. Your anti-virus or VPN solution may have that capability.

There are also third party tools that allow you to control USB devices such as Device Lock or ScriptLogic Desktop Authority.

Another method is using shared published desktops, application virtualization and streaming, or virtual desktops to deploy applications and then users cannot access the drives while using the applications you provide. Combined with GPO’s, your qualified IT professional can really lock users down.

Then, to allow users to use USB and reduce the chances of a lasting infection, and especially for public access terminals, these tools can reset the computer back to “square one” every time it is rebooted: Microsoft Steady State can be difficult to set up but it is free. There is also Returnil, which is free for some users, and Faronics Deep Freeze.

Please post your comments on this blog.

The post Disable USB ports appeared first on Foster Institute.

This is a concern for identity theft and also a source for other private information falling into the wrong hands. Organizations that fall under HIPAA compliance, Gramm-Leach-Bliley Act, PCI-DSS, and other regulations are sometimes more sure of the risk.

Earlier this month while I was performing an audit on a client’s network, he explained that he refuses to allow his staff to “outsource” making copies even to their CPA firm. He does this in order to “isolate” the area he needs to protect. He has a strict policy that documents can only be copied using copy machines in their office.

One of my readers is in contact with an organization that processes used copiers and they make sure to erase the hard drives before the copiers go to new owners.

If any of you are specifically seeking a copy machine security specialist, the CBS video interviews John Juntunen and it appears his web site is www.copiersecurity.com. The phone number on the web site is 530-672-9300 if you want to explore his services. The web site shows they offer a service that will remove your copier’s hard drive, destroy the drive, and replace the destroyed drive with a new drive formatted for use with that copier. They also offer anti-tampering kits to help you monitor your copiers to at least know if someone has accessed the data on the hard drives.

One point he made in the interview is how many companies do not seem to care about security until they have a breach—and then it is too late. I’ve felt the same frustration in the past. Security, be it in your computers, servers, or copy machines, is an important issue!

Please post any of your experiences or additional ideas about copy machine security here on this blog.

The post Copy machines store copies of your documents appeared first on Foster Institute.

Some IT professionals tell me that their “boss” came down and said, “Give company such and such access into our network to access our data files so they can provide such and such service.” If the IT professional was brave enough to object to the “order,” they often got shot down.

If your IT professional knows anything about security, they get some pretty sweaty palms when opening up access to other companies. Their nights of restful sleep are probably over at that point too. And so should the executives be terrified!

Please do NOT open up your network for access by third party companies. I run into this at four or five companies a month and it has to stop!  Do you realize that:

• If the other company catches a virus, you probably will too?
• If an employee at the other company wants to steal your data, destroy your information, and even store illegal information at your office, they can?
• If you have a security problem, the other company may come after you for damages you cause on their network?

Indeed, it is feasible to outsource some of your services and functions into the “cloud.” More and more organizations are doing this.

The important part is to connect to the other entity in a responsible way! Allowing them unfettered access into your network is often a reckless choice.

The post Executives – what vendor wants to connect? appeared first on Foster Institute.

First of all, read this short blog post about full disk encryption:
https://fosterinstitute.com/blog//laptop-data.html.

Next, if you haven’t already, notify at least one of these agencies:

• Equifax www.equifax.com 1-800-685-1111
• Experian www.experian.com 1-888-397-3742
• TransUnion www.transunion.com 1-800-916-8800

I’d suggest you consider signing up with one of them for their monitoring service such as Equifax ID Patrol or Experian ProtectMyID.

The other main step I would take is to log into your banking sites and set up “alerts” that send you a text message or e-mail you DAILY a message of all charges and other activity on the account. Some banks even allow alerts in real time as the activity occurs. That way you can keep a really close eye on things and, if anything looks out of the ordinary, call your bank ASAP.

If you are protecting any of your accounts with a “mother’s maiden name” as a secret word for when you phone in, change that code too—it is too easy to figure out.

The FTC offers even more detailed advice here:
http://www.ftc.gov/bcp/edu/pubs/consumer/idtheft/idt07.shtm.

The post What to do if someone steals your identity appeared first on Foster Institute.

When I use a tool that easy, it is so refreshing.

So much better than the usual, “What do you want? Enter. Are you sure? Are you sure you are sure?” etc. Additionally, think of recent changes Microsoft implemented in their interfaces. On the downside, many people are less than impressed with the new Microsoft Office ribbon menu system. On the upside, Windows 7’s interface has many features I find much more appealing than XP’s interface.

Many people rave at the engineering Apple puts into their products and almost everyone can see why. Xerox shipped the first mouse but Macintosh made it famous. The iPhone definitely made a permanent mark in personal IT history.

One of the next biggest advancement opportunities is voice recognition—and that’s better than you think already. I wonder what the next widely adopted user friendly interface change will be? If you want to, post your ideas and comments in this blog.

The post When will tech become truly user friendly? appeared first on Foster Institute.

Businesses focus on IT security, especially after they experience a breach.

Consumers also bombard me with questions after my presentations saying they want their home and family to be secure.

I built a not-for-profit web site (www.LearnToBeSafeOnline.com) with short instructional videos to help consumers be safe online. To date, only 500 visitors in 3 months have viewed videos on the site.

Maybe there is less traffic because the site does not answer their needs, the videos are confusing or boring, or is it just that our demanding lives in 2010 push IT security way down the list below other more pressing matters at home?

In my own family, we focus on school, homework, after school events, doctor appointments, the pets, and pretty much everything else we feel will provide the best possible upbringing for the family. And, yes, that includes weekly dates for my wife and me away from the kids.

IT security is a big priority at our household, although it is largely “hands off” since the processes are automated and the systems take care of themselves. Maybe that is the disconnect—many families don’t know where to start, fear they will be confused, so they decide, consciously or unconsciously, to deal with computer security “first thing tomorrow” and focus on more pressing issues instead.

If nothing else, I sleep better at night being able to send people to www.LearnToBeSafeOnline.com when they ask questions like, “How do I stay safe on Facebook?” or “How do I make my WiFi wireless networking secure at home?” I’m also happy to give you a place to send people who ask you the same questions.

If you want to, please respond on this blog with your ideas on how we can help consumers realize the importance of IT security before they experience a problem of some kind.

The post Online safety not a priority for families? appeared first on Foster Institute.