PDF = Pretty Dangerous Format? The Rising Trend of PDF Attacks | Channel Insider 06/08/2010
Posted by thaadsma in design, security, user interfaces, web, web services.add a comment
Once upon a time, there was a real need for PDFs. And as a lowest common denominator kind of thing, PDFs still work as a quick & dirty way to “freeze” a document, print it, and/or email it off. But Adobe’s Portable Document Format (PDF) monopoly is quickly becoming a security liability, as this slide show points out:
“Once considered one of the safest attachments around, the PDF format is becoming a fan favorite among cybercriminals lookingto spread their malcode, infect machines and beef up their botnets. We take a look new data that shows just how dangerous the PDF format has become, how hackers are using malicious PDFs to perpetrate attacks and what you can do to protect against them.”
And for a web geek’s perspective, click over to Jakob Nielsen’s PDF: Unfit for Human Consumption .
via Pretty Dangerous Format: The Rising Trend of PDF Attacks – Security news from Channel Insider.
HTG recognizes outstanding peer group | i3 05/05/2010
Posted by Connie Swanson in SaaS, government, healthcare, ibm, infrastructure, managed services, microsoft, security, web services.add a comment
i3 Business Solutions, LLC participates in an international peer group called Heartland Technology Group. Heartland Technology Group (HTG) is recognized as a leading peer group in the information technology industry. It is composed of 250 companies focused on small to mid-size business support. Ideas on management of people, process, performance and practice are the foundation for this industry initiative.
Kathy Labozzetta of i3 Business Solutions with HTG 5 Team
Our peer group, HTG5 was awarded member group of the year out of the 22 peer groups at this year’s conference. Participation in this collaborative effort enables us to quickly compare ourselves to others in the industry, validate our strategy and decision making and go to market quickly with leading solutions and best practices that are proven and reliable.
These solutions include:
- Virtualization
- Managed Service IT Support Offerings
- Backup and Recovery
- Storage Solutions
- Web Applications
- Microsoft Solutions
- Technology and Service Delivery Tools
- Product Offerings
- Input and Support from Key Industry Vendors
HTG differentiates itself from other industry groups by having a very open “Go Giver” philosophy for sharing of business ideas including open financials, sales, marketing and operational methodologies with common business financial benchmarks & metrics. Open discussion and action plans for development of people and work/life balance are also a focus.
Top Database Threat? Legit Users & Sloppy Company Policies! | bMighty.com 11/04/2009
Posted by thaadsma in security, web.add a comment
A report from Dark Reading, Protecting Your Database From Careless End-Users pins the data vulnerability tag on a handful of common problems and weaknesses:
User Ignorance: Employees who have access to company data may not have had security training; yet when employees are trained in basic IT security practices, serious security breaches decline.
Poor Password Management: Another familiar tune, password policies so strict that users write their passwords on a Post-It and post it on the back of their monitor (or, in tighter security environments, on the bottom of their keyboard) where it’s easily found; or policies so lame that passwords are easily cracked or even guessed. Password policy is balancing act,and many if not most companies are off-balance.
Rampant Account sharing: Data access accounts and log-ins get shared, sometimes widely and sometimes wildly, with everyone in the company, it seems, knowing how to access the sensitive stuff.
Unrestricted Access: The only people who require access to sensitive data are the ones who work with the sensitive data. And that tends to be a far smaller number of people than the number who can access the confidential files.
Excessive Data Portability: The amount of storage employees carry for personal, much less business purposes, has become staggering. High capacity thumb drives, iPods, phones, you name it and it has the potential to become a vehicle for transporting sensitive data out of the supposedly protected environment. Yet database activity monitoring and access controls and other security tools remain sparsely implemented.
UPDATE: Here’s a nice little eWeek checklist, 10 Essential Things Companies Should Teach Employees About Security.
In Case Of Disaster, Turn To Cloud | bMighty.com: Blogs For Small Business and Mid-Sized Business 11/03/2009
Posted by thaadsma in SaaS, infrastructure, managed services, security.add a comment
Still using tapes for backup? There’s a far better way to protect your data assets. At i3 Business Solutions we’ve been working with customers over the last 12 months to move away from unreliable tape to the the reliability of offsite backup and disaster recovery.
The bMighty blog has a nice summary of a Forrester report and what this means for you:
”How The Cloud Will Transform Disaster Recovery Services identifies a gap between old-school recovery from tape, which is affordable but doesn’t offer much in the way of continuity protection because it takes so long to restore; and very expensive, enterprise-targeted high-end recovery services.
Forrester foresees existing online backup providers plus new entrants into the market starting to leverage cloud storage to offer reasonably priced options with reasonably quick recovery times that might entice SMBs away from their tape backups.”
via In Case Of Disaster, Turn To Cloud | bMighty.com: Blogs For Small Business and Mid-Sized Business.
Clash of the clouds | The Economist 11/02/2009
Posted by thaadsma in Linux, broadband, ibm, infrastructure, managed services, microsoft, security, web, web services.add a comment
Cloud computing generates a lot of heated discussion, and through all the technical arguments, issues of security and trust, and battles over control, one topic keeps getting overlooked: cost.
Reducing business cost is what’s really driving us toward cloud computing.
We will all eventually adopt cloud computing, simply because the current model of scaling servers up and down is very expensive. IT departments try to buy as many servers as they think they’ll need for computing power during estimated peak capacity. But we don’t need that capacity most of the time– so lots of servers sit idle.
Cloud computing can reduce costs, becauses it provides more capacity during the peak times, so we simply pay for it on-demand. When the peaks are over and less capacity is needed, the cost then goes down. From a business perspective, this allows a company to move much of its infrastructure costs from being a capital expenditure (CAPEX) to an operating expenditure (OPEX).
The Economist published an excellent overview of how industry giants are reacting to this massive trend:
Clash of the Titans
“The rise of cloud computing is not just shifting Microsoft’s centre of gravity. It is changing the nature of competition within the computer industry. Technological developments have hitherto pushed computing power away from central hubs: first from mainframes to minicomputers, and then to PCs. Now a combination of ever cheaper and more powerful processors, and ever faster and more ubiquitous networks, is pushing power back to the centre in some respects, and even further away in others. The cloud’s data centres are, in effect, outsize public mainframes. At the same time, the PC is being pushed aside by a host of smaller, often wireless devices, such as smart-phones, netbooks (small laptops) and, perhaps soon, tablets (touch-screen computers the size of books).
Although Windows still runs 90% of PCs, the fading importance of the PC means that Microsoft is no longer an all-powerful monopolist. Others are also building big clouds, including Google, a giant of the internet, and Apple, renowned as a maker of hardware, with a market capitalisation that now exceeds those of both Google and IBM, its original arch-rival (see chart above).
Granted, there are hundreds if not thousands of firms offering cloud services—web-based applications living in data centres, such as music sites or social networks. But Microsoft, Google and Apple play in a different league. Each has its own global network of data centres. They intend to offer not just one or two services, but whole suites of them, with services including e-mail, address books, storage, collaboration tools and business applications. They are also vying to dominate the periphery, either by developing software for smart-phones and other small devices or by making such devices themselves.”
Read the whole thing, of course… Cloud computing: Clash of the clouds | The Economist.
A special report: Medicine goes digital | The Economist 05/07/2009
Posted by thaadsma in development, healthcare, security, web.add a comment
Well worth reading is this ‘Big Picture’ series of articles from the Economist. An excerpt:
“If these obstacles can be overcome, then the biggest winner will be the patient. In the past medicine has taken a paternalistic stance, with the all-knowing physician dispensing wisdom from on high, but that is becoming increasingly untenable. Digitisation promises to connect doctors not only to everything they need to know about their patients but also to other doctors who have treated similar disorders.
The coming convergence of biology and engineering will be led by information technologies, which in medicine means the digitisation of medical records and the establishment of an intelligent network for sharing those records. That essential reform will enable many other big technological changes to be introduced.”
Read it all
via A special report on health care and technology: Medicine goes digital | The Economist.
10 reasons to purchase new hardware during a recession | 10 Things | TechRepublic.com 04/30/2009
Posted by thaadsma in business intelligence, government, healthcare, ibm, infrastructure, managed services, microsoft, security.add a comment
In tough times like these, it’s tempting to put off urgent IT hardware purchases. But you can shoot yourself in the foot by doing so, for a number of reasons–
10 reasons, to be precise.
I really think one of the most important is that your best people may be less productive, and productivity and results are the name for the game right now. Reason #2 from the list at TR:
“When PCs, displays, or network switches fail, it may be tempting to visit an old parts closet to dig out replacements. Old, entry-level Celeron- or Pentium-powered PCs with 256MB of RAM and rattling power supplies won’t help managers (now often responsible for production tasks, too, due to departmental layoffs) efficiently complete expanded task lists. Nor will such machines enable overworked colleagues to run QuickBooks, CRM applications, or proprietary programs smoothly. Nor will a 15″ CRT enable productivity gains when replacing a 22″ widescreen monitor used to display customer information alongside order entry software.
The same is true for network equipment. Outdated hubs and routers were decommissioned for a reason. They were either too slow, failed to operate properly, or didn’t meet the organization’s needs. They certainly won’t improve productivity now, when staff sizes are smaller, remaining employees must absorb the workload of laid-off staff, and stress levels climb ever higher. The subsequent delays and inefficiencies translate to lost opportunities, poor customer experiences, and less revenue.”
We’re working with our i3 Business Soultions customers every day who realize the only way to recovery and success is making good deals now for critical business systems.
Read all 10 business reasons at the TechRepublic blog:
via 10 reasons to purchase new hardware during a recession | 10 Things | TechRepublic.com.
Web Presentations & Video Conversation Protocol 06/13/2008
Posted by mritsema in multimedia, security, web, web services.add a comment
- Plan ahead – rehearse – prepare
- Confirm technology – connections – camera angles …
- Turn off IM, Office calendar, cell & office phones and other distractions
- Dress appropriately
- Be careful with mute and music on hold – both may fail or cause distractions for the entire online meeting.
Read the article for some entertaining stories about online gaffes we can all learn from.
Michael Ritsema
Head in the Clouds | CIO Insight 03/26/2008
Posted by thaadsma in Amazon, Linux, SaaS, google, ibm, microsoft, security, web, web services.add a comment
The Forecast for Cloud Computing
A couple of good takeaways from a solid article:
“Like all technological advances, cloud computing isn’t without risk. For instance, there are security risks related to commingling your data with that of other companies. And reliability concerns arise whenever you depend on a third party’s systems to be up and running 24/7, as companies that rely on Amazon.com’s fledgling Simple Storage Service, or S3, learned when the service went down for two hours last month.
“Still, IT folks seem willing to put up with the glitches in exchange for the potential benefits, as indicated by one online poster who chimed in on the Wall Street Journal Web site after reading of the Amazon outage. “Cloud computing may be new and may not be at telephone reliability,” wrote the S3 user, “but Internet hosting as a utility is a trend that’s well on its way.” “
… and of course:
“Marc Benioff, the CEO of Salesforce.com who built his company on the slogan “No software,” says the distress over the perceived lack of security of the “multitenant” model—in which multiple companies’ application instances are stored on the same servers—is overblown. Granted, Benioff has reason to promote such a mindset, but the analogy he uses, comparing cloud computing service providers to the banking industry, has merit.
“If you met a CFO who insisted on keeping the company treasury in a safe in the basement, you’d think that he or she were nuts.”
China Herald: "The People’s Daily proudly announce… 04/13/2005
Posted by thaadsma in security, tangents, web.add a comment
China Herald: “The People’s Daily proudly announced today that in an online CNN-poll 94 percent of the voters stated they did not want Japan to get a permanent seat in the US Security Council. There is a bit of backgrounds to reveal about the almost one million voters in this poll.
The so-called chatroom warriors, China’s underground internet forces who jump on anything that might raise the temperature on the already often heated debates at the internet, have been campaigning extensive to get Chinese voters to join the poll. For those who were unable to read English, instructions were give to find the exact spot on the page, so they would not by accident vote ‘yes’.
As far as I know it is the first time the chatroom warriors take on a ‘foreign’ poll direct in this way. Not knew is the way how the central authorities make use of the sentiment at the internet for their own purposes, without mention this useful background.”
Will Microsoft’s Spyware Buy Cast a ‘Giant’ Shadow… 12/16/2004
Posted by thaadsma in microsoft, security.add a comment
Will Microsoft’s Spyware Buy Cast a ‘Giant’ Shadow?:
“Roger Thompson, director of content research security management at Computer Associates, described the Giant acquisition as ‘confirmation that the spyware industry cannot be ignored.’
‘This confirms what we’ve been saying all along. You can’t expect anti-virus products to adequately handle spyware. You simply can’t make it work. It has to be done with a dedicated anti-spyware product, and clearly Microsoft recognizes this,’ Thompson said.”
BBC NEWS | Magazine | How your face could open doo… 11/28/2004
Posted by thaadsma in security, user interfaces.add a comment
BBC NEWS | Magazine | How your face could open doors:
“As companies become more security conscious, the process of having our faces scanned is set to become more commonplace. And new technology which can produce this in a more accurate 3D form could accelerate this trend.”
Hacking–do the pros now rule? | Newsmakers | CNET 10/28/2004
Posted by thaadsma in security.add a comment
Hacking–do the pros now rule? | Newsmakers | CNET News.com:
“Hackers are now far more coordinated, and they no longer merely rely on copycat tools and random attacks. What’s more, Graham detects a dangerous intent to profit financially from hacking. He recently spoke with CNETAsia about this evolving security challenge.”
SANS Top 20 Vulnerabilities | The Experts Consensus 10/09/2004
Posted by thaadsma in security, web.add a comment
SANS Top 20 Vulnerabilities | The Experts Consensus:
“The SANS Top 20 Internet Security Vulnerabilities
The vast majority of worms and other successful cyber attacks are made possible by vulnerabilities in a small number of common operating system services. Attackers are opportunistic. They take the easiest and most convenient route and exploit the best-known flaws with the most effective and widely available attack tools. They count on organizations not fixing the problems, and they often attack indiscriminately, scanning the Internet for any vulnerable systems. The easy and destructive spread of worms, such as Blaster, Slammer, and Code Red, can be traced directly to exploitation of unpatched vulnerabilities.”
