Wednesday, February 18, 2009
Even Deeper Patch Management
So you test and install the latest patches from Microsoft every month. You also ensure that everyone's virus protection is up-to-date and working correctly. You are protected right? Maybe not. Each of the software applications on your computer and others probably also need to be patched or updated. Everyday software makers issue secu
rity warnings about their software. Chances are that you do not have the time to keep up with all of these warnings.
Fortunately, Secunia has taken care of job for you with three different versions of vulnerability scanning.
The first two options are free. The third is geared towards business networks and runs on your server.
Once the scanner has scanned your computer it then not only lists unsecured applications, but it also lets you know which version you should install to protect yourself. Secunia does not cover every application in existence, but they do handle the most common computer applications.
rity warnings about their software. Chances are that you do not have the time to keep up with all of these warnings.Fortunately, Secunia has taken care of job for you with three different versions of vulnerability scanning.
- Online This online tool will scan your computer in 5 to 40 seconds using a small Java application.
- Personal Desktop This downloaded application installs on your home computer and monitors your software installations.
- Full Infrastructure This paid version scans your entire network of computers looking for vulnerabilities.
The first two options are free. The third is geared towards business networks and runs on your server.
Once the scanner has scanned your computer it then not only lists unsecured applications, but it also lets you know which version you should install to protect yourself. Secunia does not cover every application in existence, but they do handle the most common computer applications.
Labels: Patches, Secure Computing, security
Sunday, February 1, 2009
Safe Online Computing
As more of us use online software applications such as Yahoo mail or Google mail or Google Docs the questions and concerns about safety come up. This is a common discussion among not only IT people, but also among business and even casual users. Peter Nulty of Wells Fargo recently had an discussion about the subject and his first question was about security. There are three main concerns that come to mind.
Number of Minutes For Given Period
Day Week Month Year
1.44 10.08 43.2 525.6
This level of service could result in up to 8.76 hours of downtime per year. You could lose slightly more than a workday of service. On the plus side it is statistically impossible that your downtime would happen on a business day and encompass the entire time from 8:00 AM to 5:00 PM.
Security is more important than ever. Security of data and even data stored online is the responsibility of two parties. It is your providers and your responsibility. The provider should store your data in a hardened data center with around the clock monitored physical security. The stream of data should also be encrypted. Most studies of big name application and storage providers have demonstrated security measures that far outweigh the security found at even the largest enterprises.
Your responsibility falls in the areas of strong access controls, good password policy, and using secure networks. Be sure that each user as a separate login and password. This way you can more easily track data changes and more easily make personnel changes. You might also be able to set access rights based on each users identity. Also do not fall short in choosing passwords. Choose random strings of letters, numbers, and symbols that are at least eight characters long. Always consider the network that you are using to access your data. Try not to access sensitive data on public non-encrypted networks such as those found in coffee shops and etc.
In this economy it is more important than ever to have an exit strategy. It has been discussed that like many other types of businesses that not all online application providers will survive this economic downturn. You should be aware during the evaluation stage what mechanisms are in place to migrate your data to a different provider or even your own premises if necessary. Nothing would be chilling than the thought of going to the provider web site one day to find an apology about their recent closure.
- Accessibility - Will we always be able to access our data when we need it?
- Security - Will our data be protected from prying eyes?
- Exit Strategy - What if the provider goes out of business?
Number of Minutes For Given Period
Day Week Month Year
1.44 10.08 43.2 525.6
This level of service could result in up to 8.76 hours of downtime per year. You could lose slightly more than a workday of service. On the plus side it is statistically impossible that your downtime would happen on a business day and encompass the entire time from 8:00 AM to 5:00 PM.
Security is more important than ever. Security of data and even data stored online is the responsibility of two parties. It is your providers and your responsibility. The provider should store your data in a hardened data center with around the clock monitored physical security. The stream of data should also be encrypted. Most studies of big name application and storage providers have demonstrated security measures that far outweigh the security found at even the largest enterprises.
Your responsibility falls in the areas of strong access controls, good password policy, and using secure networks. Be sure that each user as a separate login and password. This way you can more easily track data changes and more easily make personnel changes. You might also be able to set access rights based on each users identity. Also do not fall short in choosing passwords. Choose random strings of letters, numbers, and symbols that are at least eight characters long. Always consider the network that you are using to access your data. Try not to access sensitive data on public non-encrypted networks such as those found in coffee shops and etc.
In this economy it is more important than ever to have an exit strategy. It has been discussed that like many other types of businesses that not all online application providers will survive this economic downturn. You should be aware during the evaluation stage what mechanisms are in place to migrate your data to a different provider or even your own premises if necessary. Nothing would be chilling than the thought of going to the provider web site one day to find an apology about their recent closure.
Labels: Cloud Computing, Google Docs, Remember The Milk, SaaS, thin client, zoho
Subscribe to Posts [Atom]