Security Tips with Captain Security

14Jan

Devices such as firewall’s routers and switches typically do not integrate with directory services and have a single password. From a security standpoint this is not a good idea. The device password should only be known by a limited amount of users. Having a single password is also bad if someone leaves. You have to do a fire drill of a massive password change. A better approach is to integrate the password with directory services. This will allow you to assign each user rights to these devices and they can be controlled by a group. It also allows you the ability to disable a user without a password change. This is a very easy thing to do and is highly recommended.

07Jan

Security of technical systems and devices used in the office environment is an issue that is important to many companies. Businesses often go to great lengths to ensure that their systems are secure from external threats, yet often fail to take into account inner threats. One of the most common inner security threats is that employees have too much access to systems.

According to the survey, conducted by Viewfinity, 68% of the 600 IT professionals surveyed don’t know who has administrative access to computers in their office. While this survey looks at the numbers from the IT viewpoint, it’s highly likely that many managers don’t know who has what access rights to computers.

The survey also found that 20% of all respondents noted that between 15% and 30% of users in their company had administrative rights. Is this a bad thing? Yes and no. Some users need to have full access to their systems, especially if they manage other systems, while others don’t.

Admin access to systems can be dangerous. If you browse the web from a server or critical system, it can be a way to pick up a worm or a virus. Having admin access can greatly increase the risk of a system compromise. Be careful before handing out admin access.

31Dec

Did you know that advertisers can use ads to track you? Have you noticed that if you are searching for a new car or shopping for an item, it has a habit of showing up in your ads? Why, you are being tracked with cookies. Be careful of what cookies you accept and watch this video that describes how they track you. http://live.wsj.com/video/how-advertisers-use-internet-cookies-to-track-you/92E525EB-9E4A-4399-817D-8C4E6EF68F93.html#!92E525EB-9E4A-4399-817D-8C4E6EF68F93

24Dec

Recently, I received a call from a client, they were infected with a virus. This virus had modified the network share and hide folders. It then created folders that where executable. This client had current virus definitions, but it was a new variant of an existing virus. How could have this been prevented? This virus spread with USB drives and also with email attachments. All email attachments need to run through a virus scanner and emails with zip or exe attachments really should be blocked. With file sharing sites, it is an easier way to share files. Also USB drives should be limited in use. Unless someone has a need to move files around, USB drives should really be restricted and blocked.

17Dec

With the numerous websites that require passwords, it is tempting to use the same password, don’t. An editor for wired magazine recently had his account compromised, once the hacker figure out his password, he was able to attack additional accounts. What I recommend is to have different passwords that are strong for banking, brokerage and ecommerce sites. For social media sites have another password that you are changing at least every 90 days. Finally for sites you don’t care that much about have another password. Linkedin was compromised this year and the hackers put the passwords out for anyone to find, if you used the same password, you could have been easily compromised.

10Dec

I might have mentioned this before, but I will do it again. OpenDns has a service you can sign up for that will filter out bad websites. If you are at home, you can use it to help protect your children and also to protect your computers from spyware and malware. If you are on the corporate network, they provide another layer of defense against malware and spyware. It is very easy to use, you create an account and point your DNS servers or computers at their DNS servers. You then select want you want to filter and call it a day. It is very easy to use.

03Dec

How much does it cost to infect 1,000 machines with malware? Russian services will do it for as little as $12.

Distributed denial of service (DDoS) attacks, which overwhelm a website with traffic, can be purchased for as little as $10 for a 1-hour attack, Trend Micro says. A one-day attack costs $30 to $70.

A global mix of malware downloads, for example, costs as little as $12 per 1,000 downloads. U.S. downloads are slightly more expensive, priced at $100 to $150 per 1,000 downloads.

Make sure you have a firewall that can scan for these type of threats at the gateway. Also make sure that you are not running admin rights on your machine and you can prevent this.

26Nov

Privileged accounts have emerged as the primary target for attackers — if you examine some of the most spectacular breaches of the past few years, they all have a privileged connection. Once inside, they elevate privileges to gain access to additional servers, databases, and other high-value systems.

Make sure you are assigning the least amount of privileges to service accounts and accounts used in database connections, this will help you build your roadblock.

19Nov

When is the last time you checked who had administrative rights on your domain? This is something I get called in to review, someone was added to the Domain Admins account who should not have and caused issues. My recommendation is to review this group once a month to ensure that people are not in that group who should not be.

12Nov

You might think it is cool to post that you are on vacation to Social networking sites, but it is a bad idea. Crooks are looking at social networking and hitting houses when you are gone. Even if you post you are at the mall, it gives them the opportunity to steal from you. If you are on vacation, do not announce it on Facebook until you get back.