Security Tips with Captain Security

27Aug

If you have network ports that are not in use on your network, you should disable them. While it makes it easy for anyone to connect, it also makes it easy for anyone from the outside to gain access also. It is much easier to walk into an office and plug in and gain access than to hack a firewall. Most remote offices are not monitored very well and provide an easy target for hackers.

If that is a problem you can also invest in a solution called network access control or NAC.

20Aug

Firewall’s routers and other devices need to be updated, just like a windows PC. Don’t think you can just put a security device such as a firewall and router into production and expect never to touch it again. These devices have firmware that includes feature enhancements to protect you and also contain fixes. Sometimes the fixes are not made public knowledge. Get in the habit of updating the firmware on your security devices; it will keep you better protected.

13Aug

I am amazed at how many firewalls’ I see that allows everything out to the Internet. Most people do not need to allow every port and every service to the Internet. In fact it might be a good way to allow a remote control program or some malware to communicate home. Most malware will crawl to find an open port. If you have URL filtering enabled, it might crawl and find another available port.

You also have a better idea of what applications and services are leaving your network, allowing you to have a better handle of what your firewall is doing. It will take a bit of time and a bit of pain, but it is worth it in the end.

06Aug

A recent survey of more than 600 IT security professionals, conducted by privilege management provider Viewfinity, found that the majority of respondents — 68 percent — do not know who in their organizations has local administrator rights.

Following the 68 percent who did not know who had local administrator rights, 20 percent said that between 15-30 percent of their user base still had administrator rights on their Windows-based endpoints. “Admin rights” can be used by malware to install malicious software on local computers through the administrator account.

You need to know who has admin rights and limit those who have admin rights. If you are doing server administration, you need to setup a separate account for administering servers from your everyday user account. But not knowing who has admin rights is just plain wrong.

30Jul

This is something most do not think about, but it is very important. You should shred important documents. If you have documents that contain sensitive information such as passwords or even a network diagram, you need to shred it. Why, hackers and people up to no good will look at trash and attempt to find information to use to attack you. This could be an easy way to obtain sensitive information. Do not just get a cheap shredder; get one that makes confetti out of the paper.

23Jul

Most people feel that they need to have administrator privileges to run their computer, you do not.

I have been dealing with cleaning up spyware and malware from some computers lately. These users had administrative privileges.

You can run your computer as an everyday user and if you need to install something, most modern computers will prompt you’re for the administrator’s password. By doing this, you prevent the easy installation of spyware and malware on your machine. You can also prevent a worm or some other type of malware from using your computer as a jumping of point to hack other machines.

So, do not use your computer as administrator for everyday use. It is not needed and it will make your computer much safer.

16Jul

The number of IPAD’s I have seen in use has exploded. Being security minded, I wonder, how secure is your IPAD?

The first and foremost security tip is to make sure you set a passcode on your IPAD. This is very important. This will prevent someone from just picking up your IPAD and browsing the apps or data in those apps. With IOS 5.1, you can have a longer passcode, which is more secure.

Along with the passcode, you should set up your IPAD to erase after 6 passcodes fails. This will prevent someone from trying to attack your IPAD and will protect any sensitive data on it.

If you enable the passcode, you should backup your IPAD. With ICLOUD you get 5 GB of data for free, you can schedule an automatic backup to the ICLOUD.

Finally, the IPAD has a “Find my IPAD”. This allows you to remotely lock or wipe your IPAD. You can also even attempt to locate your IPAD.

09Jul

You shop online, you want to make sure that you are using a credit card instead of a debit card to protect your bank account from online attacks and scammers.

The advantage your credit card has over your debit card is you only have a $50 loss if it is stolen and most times your insurance or credit card company will cover it. With a debt card the funds come directly out of your bank account. You might have trouble disputing the charges or recoverying the money if you are unhappy with the service. If your card is stolen, you could have your bank account drained before you know it.

To read more about how to secure yourself, click here http://tbjconsulting.com/2012/05/may-2012/#article5

02Jul

Most people have some sort of account online linked to a financial account. The question is having you thought about security when you access the account?

The first and foremost item is to have a strong password. Do not use a password that is based on the dictionary. Also stay away from anniversary and children’s birthdates.

The second item you want to do is use a separate password for each online financial account. Why? If a password is compromised you will not have to worry about the thief accessing your other accounts.

Never access your bank accounts from a public computer; you never know what is installed on that computer. A key logger could be installed on it. The same goes with public WIFI. Someone could be listening to the traffic and compromise your account.

If you have computers at home, setup a computer that is only for online banking. You can do this using a Virtual machine. If you want to do online banking, you use that computer or virtual image.

You should also disable scripting in your web browser. Client side scripting is a something that has been highly exploitable. It basically allows code to run on your local machine and you don’t even know what is running.

25Jun

With most phones and tablets having a camera built into it, taking photos and posting them to the Internet is easy, but it does pose a risk.

Most devices have a GPS built into them and can embed the GPS location of the photo.

Images often contain a bundle of information and various traces left by digital cameras or photo manipulation software.

This data, called Exchangeable Image File Format (EXIF), is a key tool for many professionals. It can detail whether the photographer used a flash, which digital effects were applied to a picture and when the photo was taken.

Most gadgets ignore the geotagging component of EXIF because relatively few cameras contain the GPS chips needed to tag them. However, many smartphones, such as those from Apple and Google’s Android system, let users employ this feature.

If you are using one of these devices, make sure you disable the GEO tagging. It could make it very easy for a criminal to find your house or to track where you are….