|
|
|
Creating Your Own Employment Security
"Well, it's happening. My employer, the County Health and Welfare System, is buying me out. I leave in April, 2002. Seems like a long time from now, but I know it's really just around the corner. So how do I evaluate my skills? And how do I begin a...
Is A Stay At Home Business Right For You?
Your dream is to have your own home business and to tell the boss "Good-Bye". An excellent dream to have, a little exciting and a little scary at the same time. Before taking that big step, take a long hard realistic look at yourself and...
Offshore Outsourcing Best Practices Increase Your Profit Margin
When your company is forming long-term offshore outsourcing relationships with another company, the foundation of the success of this venture should be laid during the negotiation period itself.
The centerpiece of this negotiation...
Organize Your Office and Improve Productivity
Are you frustrated with your office space? Do you hunt for a pen
every time you put one down? Is the search for documents a
half-day event? Is your paper filed chronologically - working
your way down the pile to 'one week ago' and unable to pull...
You CAN do it!
”All the day you sit in front of the computer!” ”You’ll never make it. Stop dreaming!” ”Get real. You can’t get money from the Internet.” ”Haven’t you done ANYTHING??” (and you’ve been working hours on the Internet..) For a beginner Entrepreneur...
|
|
| |
|
|
|
|
|
|
Steal This Email!
Ample media attention has been focused on security issues such
as viruses, phishing attacks and theft of sensitive customer
information from large databases. The proliferation of Spyware
and Malware (malicious software) has also garnered media
attention. Another major, yet seldom discussed threat which goes
on largely ignored outside the IT community is the theft and
redistribution of email.
To make a product which best addresses the quiet rise in email
thuggery, sometimes we have to think like a criminal or
mal-doer. How would these digital thugs hunt for Personal
Identifying Information (PII), company assets or secret email
conversations intended to be read ONLY by the recipient?
Consider this article a security instructional on how-to get
inside the mindset of those "bad guys."
Your occupation influences the number and type of emails you
create and send each day. Most of the email you send contains
harmless, benign material that you wouldn't mind anyone else
reading or sharing with others. However, there are portions of
your online communiqué each day that probably shouldn't be
forwarded. These messages and attachments contain information
that if stolen and/or re-distributed could harm yourself and/or
your business. The following are just some ways a thief could
intercept your email.
Interception of your wireless signal - If you use an
unencrypted wireless to log-on the internet or your local
server, you are running a high risk of having your information
stolen. The majority of wireless networks are completely
unsecured.
Although it only requires a click to enable wireless security,
most users do not encrypt their wireless transmissions.
Intercepting these unsecured messages is trivial, making it easy
for hackers to gain access to email as well your files stored on
your laptop.
Be cautious of local hotspot café. Hotspot hijackers may also
utilize wireless networks to insert viruses, spy-ware, or
malware on the computers of those who connect unsecured to the
hotspot network.
Access to your email account is stolen - Once and
outsider has gained access to your email account, they not only
have access to all of your messages (and potentially your
on-line passwords) but can also use it to distribute spam,
viruses and other harmful information that appears to come from
you. Three methods are typically used by outsiders to gain
access to your email account:
1.) Theft via interception
2.) Password cracking
3.) Key loggers
Your email password and username can easily be intercepted if
you log-in via an unsecured connection. To ensure that you are
logging-in securely, look for the https: prefix on the web
address. Doing so will greatly reduce the possibilities for
password interception.
If you use a simple password consisting of a single word that
exists in the dictionary, your email can be easily hijacked. If
they you're your information bad enough, motivated hackers can
either guess it or crack it by using software tool to try every
word in the dictionary until access is gained.
The best way to prevent password cracking from happening is to
choose a strong password which is a combines different cases,
letters, numerals and symbols such as "4JeIw#Tr&2".
Diligent email hackers can also gain access to your email by
installing key-logging software on your computer. Key-logging
software silently records all of your key strokes and sends them
to an interested individual or group. Your usernames and
passwords can be parsed and then used to steal your on-line
access to your email, credit card, bank information, shopping
accounts or any other means of PII (Personal Identifying
Information). The best means to thwarting key-login is to use
anti-spyware and firewall protection and always keeping them up
to date.
Insider leaks and Redistributing Sensitive Content -
Employees are the leading cause of corporate security breaches.
According to a 2005 study by the FBI and CSI.(1) Insider abuse
accounts for approximately 50% of all security breaches. You may
only have to look out across your SMB's office to see a digital
thief among you.
The Ponemon Institute's "Survey on Data Security Breaches"
reveals that 69% of all serious data leaks occur as a result of
employee activities, whether intentional or unintentional (2).
Of those leaks, 14 % involved intellectual property including
software source code. Other findings by the Ponemon institute
cross into business-client best practices area and are as
follows:
* 39 % involved confidential business information.
* 27 % involved personal information about customers
* 10 % involved personal information about employees
Dissemination of sensitive information can happen all too
easily. An accidental click of the "Forward" or "Reply All"
button can send proprietary information to unwanted parties.
Interception on Your Company's Network - Many companies
do not have security protocols in place to prevent the
interception of interoffice email. Before email is transferred
to the internet it typically travels through the corporate
intranet first. If your local network is not secure, it is a
trivial matter for an employee with packet sniffer software to
intercept all of your intra-network communications.
Company Scanning of Outbound and Inbound Email Content -
According to a 2004 survey by the American Management
Association and ePolicy Institute (Workplace E-Mail and Instant
Messaging Survey,) 60 % of American
Companies use software to
monitor the content of inbound and outbound email messages (3).
Email containing everything from inappropriate language, file
types and other data are often flagged by a company's IT
Department. While monitoring employee email can reduce a company
from liability, this policy can have a different, malevolent
result. In a worst case scenario, unscrupulous IT insiders may
be tempted to gain access to a company's email logs, thereby
compromising executive and other departmental communication.
Interception at the ISP Server - While most Internet
Service Providers (ISPs) have very sound security policies
regarding access to their servers, it is possible for an ISP
insider to get a hold of your email and attachments. Your email
is stored in a queue for a split second while being transferred
from server to sever on its way to your recipient's inbox. In
most cases your emails are deleted as soon as they arrive at the
next stop. As in the previously mention "Company Scanning"
scenario it is just as plausible that your email could be
hijacked by a malicious ISP employee who decides to mirror all
of the ISP's contents on his or her own server. This may be of
particular concern when sending email to countries that do not
enforce individual privacy protection policies.
Cross-Border Interception - When emailing
internationally there are few legal safeguards to keep your
email and attachments from being stolen. In many developing
nations your proprietary information could provide a financial
windfall for the employees of the local ISP. Your email will
likely reach your recipient but it have also have been copied,
sold or sent elsewhere. Without added security measures, neither
you nor your company will have knowledge of the ill-effect until
the damage has been done.
If foreign laws do not allow your recipients to install
encryption software, find another way to transfer your important
information.
Diligency About Your Online Safety Pays - Hackers,
digital thieves, thugs and general internet mal-doers strive to
intercept your email with the goal of financial gain or to cause
havoc. Avoiding them will inevitably save your company's assets.
Staying abreast of the newest ways to steal your PII and paying
attention to Security and Technology news in general is key to a
best practices business policy.
SMBs (Small and Medium Businesses) in the technology sector are
seeing security and encryption as the forefront of their IT
priorities. In July 2005, Forrester Research released its SMB
findings after surveying nearly 800 technology decision-makers
on their IT services priorities. Among Forrester's findings, 71
percent of SMBs will buy security software, similar to the 75%
that said they would invest in 2004 (4).
Isn't SBRM (Small Business Rights Management) Expensive? -
Compliance as it concerns digital data is finally catching
up to the widening commercial sector which is highly impacted by
the success of small businesses. Small firms dealing with
compliance issues can turn to specific SBRM solutions to bridge
the gap between staying current with industry regulations and
staying in business. ERM (enterprise rights management) software
has itself has begun to slim down in price in acknowledgement of
the budgetary constraints of small businesses. Current SBRM
software can be as vastly robust as common ERM solutions, but as
they are specified for the needs of smaller business entities,
are more affordable too.
Using encryption will ensure secure transmission when sending
email. However, the best way to prevent your email and
attachments from being intercepted and redistributed is to use
Digital Rights Management (DRM) software, which is often
described within the business sector as Enterprise Rights
Management (ERM). DRM for the Enterprise and Small Business
sectors gives content authors the power to determine how
recipients may use their email and documents. For example,
senders can prevent unauthorized distribution (no forwarding,
printing) and prevent unauthorized editing (no cut, copy, paste)
of content, i.e. copy prevention.
When taken into account, the countless hours put into building
your company, protecting your company assets from online thugs
is a necessary tool to ensure your business survives from this
year to the next.
- - - - - - - - - -
End Notes:
1.) Gordon, Lawrence A., Martin P. Loeb, William Lucyshyn and
Robert Richardson, "CSI/FBI Computer Crime and Security Survey"
http://www.cpppe.umd.edu/. July 2005, 13.
2.) Ponemon Institute - as cited by DRM Review), "Leading Cause
of Data Security Breaches Are Due to Insiders, Not Outsiders"
DRM Review February 10, 2005
http://www.dmreview.com/article_sub.cfm?articleID=1019828
December 1, 2005.
3.) Virginia Business Magazine Online "Email Snooping" May 2005
Issue, Virginia Business Magazine, December 1, 2005,
http://www.virginiabusiness.com
4.) Michael Speyer, and Liz Herbert, "Software And Services in
the SMB Market - Business Technographics," Forrester Research.
http://www.forrester.com
About the author:
Ms. Veniegas joined the Marketing team at Essential Security Software, Inc. in 2005,
she also serves as an editor for "I Want My
ESS!" a stolen work site and business resource. Mr. Price, a
co-founder and organizing shareholder of ESS, where he serves as
the company's Product Marketing Manager.
|
|
|
|
|
| Online Organizing.com |
| Welcome to OnlineOrganizing.com!. Get Organized! Find the best organizing products, free tips on taming your clutter, an online newsletter, ... |
| www.onlineorganizing.com |
|
| organizetips.com - organized, time management, planners,tips,Tips ... |
| Get Organized,Organizing ideas, Tips, daily,chore lists,planners. |
| www.organizetips.com |
|
| At Home : Organizing : Take This Stuff and Store It! : Home ... |
| Our guide to the simple life, where everything has its place. |
| www.hgtv.com |
|
| Home Organizing Tips - Bathroom, Bedroom & Garage Organizing ... |
| Learn about home organizing tips for bathroom, bedroom, and garages from Home & Garden Television. |
| www.hgtv.com |
|
| Christmas Organizing | Creating J.O.Y. for Christmas |
| Offers a community of resources and support to help people get organized for Christmas throughout the entire year by creating and organizing a Christmas ... |
| www.christmasorganizing.com |
|
| Organizing - HUD |
| Organizing. [Vea la versión en español de esta página] · [Display the text version of this page] ... Organizing · Economic development. Working with HUD ... |
| www.hud.gov |
|
| Get Organized - Organizing Tips and Ideas to help you get ... |
| Free tips, ideas and articles to help you get organized. |
| www.getorganizednow.com |
|
| Management Function of Organizing: Overview of Methods |
| Organizing can be viewed as the activities to collect and configure resources in ... The following are some of the major types of organizing required in a ... |
| www.managementhelp.org |
|
| Organizing - Wikipedia, the free encyclopedia |
| In that sense, organizing can also be defined as the act to place different ... Organizing, in companies point of view, is the management function that ... |
| en.wikipedia.org |
|
| Amazon.com: Organizing from the Inside Out: Books: Julie Morgenstern |
| Amazon.com: Organizing from the Inside Out: Books: Julie Morgenstern by Julie Morgenstern. |
| www.amazon.com |
|
| Organized-Living.com - Get organized, Professional Organizer tips ... |
| Articles and tips to help individuals organize their home or work life better. |
| www.organized-living.com |
|
| How to organize your home and office, organizing tips, articles on ... |
| LifeOrganizers.com is a rich resource of office and home organizing articles, tips, and fresh, easy ideas on how to get rid of clutter from every part of ... |
| www.lifeorganizers.com |
|
| The Virginia Organizing Project |
| VOP, racism, social justice, community organizing, leadership development, living wage, grassroots organizing, sexual orientation . |
| www.virginia-organizing.org |
|
| Center for Third World Organizing |
| A training and resource center dedicated to building a social justice movement led by people of color. |
| www.ctwo.org |
|
| Welfare Rights Organizing Coalition |
| WROC of Olympia, Washington, organizes groups of women and men who are current or former TANF recipients to watch how welfare and family policy is ... |
| www.wroc.org |
|
| Self-Organizing Systems FAQ for Usenet newsgroup comp.theory.self ... |
| Frequently Asked Questions about self-organized systems. |
| www.calresco.org |
|
| Beyond Bookmarks: Schemes for Organizing the Web |
| Beyond Bookmarks: Schemes for Organizing the Web is a clearinghouse of World Wide Web sites that have applied or adopted standard classification schemes or ... |
| www.public.iastate.edu |
|
| Organizing Institute |
| Program by the AFL-CIO to train union organizers and put them in the field. |
| www.aflcio.org |
|
| SouthWest Organizing Project |
| A statewide multi-racial, multi-issue, community based membership organization. Includes information on history, campaigns, and volunteer opportunities. |
| www.swop.net |
|
| Farm Labor Organizing Committee |
| The historic contract in North Carolina opens up a new chapter in the FLOC struggle for justice and ushers in a new era in farmworker organizing. ... |
| www.floc.com |
|
|