Reinforcing Your Doors Security (Part 3 of 3)

Frightening Statistics:

1 of every 5 homes will experience a break-in or violent home invasion.

80% of break-ins occur forcibly through a locked door.

burglary occurs every 15 seconds in the United States.

This is why installing multiple layers of protection including a home security alarm, door reinforcement and numerous other methods are fundamental to your homes security.

In a recent post I discussed 5 different kinds of door reinforcement devices and then focused on door frame reinforcement. Here I’m reviewing door brace options. Door braces are usually floor mounted alloy metal devices that come in two parts. One is the horizontal floor plate screwed right in the floor and the other is a vertical plate that inserts in the floor plate tightly fit up against the door.

I called Mr. Jordan Frankel known as The Security Sensei of ShatterGARD Glass Protection, Inc. A Division of Global Security Experts to review the OnGARD Security Door Brace. Jordan is a passionate inventor and well sought after expert in home security worldwide. In our conversations he was flying between Saudi Arabia, China and somewhere stateside. He’s like the Thomas Edison of home security.

I’ve known of door braces for some time now. Usually they are a “door bar jammer” which are installed under the doorknob and pitch to a 45 degree angle to the floor. The OnGARD Security Door Brace is in a another league.

What I like most about this device is simply how difficult it becomes for a 250 pound man to kick in your door. The device installs on the floor with four heavy screws and you’re done. It works best when you are home as this device essentially (for lack of a better tem) barricades you in. I asked Jordan how else this would work if I wanted to keep it installed when I leave the home and he suggested if you have a garage door then enter and exit through the garage, which makes perfect sense. The OnGard is less than a foot wide and 4 inches tall but is a beast. I like a door brace in combination with door frame reinforcement to add 2 effective layers of door reinforcement security.

I’m sleeping even better these days.

Robert Siciliano personal and home security specialist to Home Security Source discussing burglar proofing your home on Fox Boston. Disclosures.


Reinforcing Your Doors Security (Part 2 of 3)

In a recent post I discussed 5 different kinds of door reinforcement devices. In this post I’m going to review a door frame reinforcement device by Door Devil. I reached out to other manufacturers of door frame reinforcement and only Nick Fairless from Door Devil was kind enough to respond and send out a device to test.

The Door Devil Anti Kick Door Jamb Security Kit is made of a 1/16“ heavy steel and is 4 feet in length and is installed on the door jamb center, right over the exiting strike plates. Standard door security is comprised of (2-4) small screws through 1-2 small strike plates attached to a thin door frame. A strong kick focuses on this single weak point and easily blows apart the door frame. That’s why kick-ins are (by far) the #1 tactic for home invaders.

|Door Jamb fortified with Door Devil™ provides additional security with:

1) 48″ steel door jamb reinforcement replaces 3″ brass strike plate

2) Force is diffused across 4 feet of the door frame

3) 3.5″ heavy screws drive into 2×4 studs behind door frame

4) 3″ screws reinforce hinges – provide extra door security

What I like most about the door frame reinforcement technology is that it’s always there. Meaning there are no moving/additional parts, it requires no effort other than an initial install and then locking your doors. By itself the Door Devil is one layer of security in addition to a home security alarm and cameras and does a great job. Keep in mind that after about a minute of kicking and shouldering a door, most burglars would give up.

There is one more layer of door security I’d recommend in the category of “door brace” discussed in post 3.

Robert Siciliano personal and home security specialist to Home Security Source discussing ADT Pulse on Fox News. Disclosures


Searching for Hotties Leads to Hacked PCs

Five or ten years ago, it was relatively easy for scammers to trick people into opening email attachments that would launch malicious programs on victims’ PCs. Nowadays, most email providers won’t permit .exe attachments, so viruses may be saved as compressed files, or hidden behind links that appear to lead to PDFs or word documents.

Scammers have been very productive in creating spoofed or infected websites, which are designed to infect your web browser with viruses. More than three million of these websites were born in 2010 alone.

The bait that lures victims to these infected websites may be the latest Twitter trend, a breaking news story, significant world event, ringtone downloads, pornography, or celebrity pictures.

Cybercriminals often use the names of popular celebrities to tempt viewers to visit websites that are actually laden with malicious software. Anyone looking for the latest videos or pictures could end up with a malware-ridden computer instead of the trendy content they were expecting.Hot stuff model/television host/Seal’s wife Heidi Klum is this year’s “Most Dangerous Celebrity.” Heidi herself may be sweet as pie, but the allure of her looks has captured scammers’ attention, leading them to exploit her fame to draw in victims.

McAfee found that searching for the latest Heidi Klum pictures and downloads yields more than a 9% chance of landing on a website that has tested positive for online threats, such as spyware, adware, spam, phishing, viruses, and other malware.

McAfee security experts urge consumers to surf safely by using McAfee Total Protection security software, a security suite that offers consumers antivirus, anti-spyware, identity, and firewall protection, plus a feature called SiteAdvisor, which displays red, yellow, or green web safety ratings within Internet search results pages. It also blocks risky websites, adds anti-phishing protection, and helps users surf, shop, and bank more safely.

Robert Siciliano is an Online Security and Safety Evangelist to McAfee and Identity Theft Expert.(Disclosures)


Should You Store Passwords In The Cloud?

It seems that almost every site on the web requires a password. At least twice a week, I get an email from someone who wants me to join yet another network, which requires yet another username and password. You can cop out and use the same username and password combination, but that’s just asking for trouble.

The key to surviving password management going forward is to make a small investment in a password management service that stores your passwords in the cloud and also on your computer. The best thing about a password manager is that you ultimately have just the one master password to remember, which gets you access to all the different passwords for each site.

What to look for:

  • A password generator tool that makes strong passwords that cannot be cracked, and that you never really need to remember, because they are all stored in the password manager.
  • One that works across multiple browsers and can sync multiple PCs.
  • Smartphone application syncing with the cloud.
  • Security of password managers is pretty much a nonissue at this point, since most have levels of encryption that can’t be easily cracked.

The real security vulnerability is with your own computer and any existing or future malware that can log your keystrokes or take screenshots. Run virus scans and the most updated version of your antivirus software to prevent any infections.

Another layer of protection is to add your computer’s built-in onscreen keyboard to your task bar and use it to enter your master password.

Cloud-based password managers:

RoboForm is my favorite. It’s $9.95 for the first year and $19.95 every year after that.

Install RoboForm on as many computers and mobile devices as you wish, all with the same license. Seamlessly keep your passwords and other data in sync. Always have a backup copy of your passwords and other information. It’s also extremely secure and easy to use.

Keepass is free. This is a free open-source password manager, which helps to securely manage your passwords. You can store all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish). For more information, see their features page.

For $39.35, 1Password can create strong, unique passwords, remember them, and restore them, all directly in your web browser.

LastPass is also another good free option.

Using a password management tool like those listed above is easier: never forget a password again and log into your sites with a single mouse click.

It’s everywhere: the program automatically synchronizes your password data, so you can access it from anywhere at anytime.

It’s safer: protect yourself from phishing scams, online fraud, and malware.

It’s secure: all of your data is encrypted locally on your PC, so only you can unlock it.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures


Bought a Car Recently? Watch Your Identity Information

Over the past 15 years, we have watched hackers’ evolution from “phreaking” phone systems, to hacking government agencies like NASA, and eventually creating viruses that take down networks. In the beginning, their primary motivations were fun, fame, and amusement. Over the past ten years, the game changed dramatically, from fun and fame to financial gain. Hackers targeted government agencies, then colleges, banks, retailers, credit card processors, hotels, and eventually, major multinational corporations.

Who are they hacking now? Well, everyone. And as journalist Brian Krebs has pointed out on his blog, Krebs On Security, they are targeting auto dealerships in a big way. Why? Because auto dealerships’ records include lots of Social Security numbers, which identity thieves can use to apply for credit cards in their victims’ names.

Krebs states, “Recent hacker break-ins at a half-dozen car dealerships nationwide are a reminder of just how easily one’s personal and financial information can be jeopardized by poor security at any of tens of thousands of organizations that have access to that data.”

This results in “new account fraud.” This is a form of financial identity theft in which victims’ personal identifying information and good credit standing are used to create new accounts, which are then used to obtain products and services. Stolen Social Security numbers are frequently used to commit new account fraud.

Get a credit freeze. Go to and follow the steps for your particular state. This is a necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name.  And when you are actively seeking credit, as Experian points out, “You should plan ahead and lift a freeze, either completely if you are shopping around, or specifically for a certain creditor, a few days before actually applying for new credit.”

Device reputation leader, iovation Inc., helps credit issuers spot new account fraud through the device intelligence that it provides back in real time. iovation alerts issuers to the computers or mobile devices that are applying for multiple credit accounts with different identity information, or masking its location while applying for credit, along with other highly-suspicious behavior.  The credit issuer simply sets up their own unique business rules and iovation runs those rules while the applicant is on the site, and returns back and Allow, Deny or Review response for the transaction along with the reasons why.

By identifying new account fraud in real time, credit issuers can save millions of dollars per year from fraud losses.  In one case, a Fortune 100 credit issuer using iovation identified 43,000 fraudulent credit applications saving them $8 million dollars from fraud loss over two years.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses identity theft  in front of the National Speakers Association. (Disclosures)

Reinforcing Your Doors Security (Part 1 of 3)

This question often comes up in my seminars “How can I completely burglar proof my home?” And the answer is tricky. There is no such thing as 100 percent security which “burglar proofing” suggests.

However burglar proofing can conceivably be achieved if you consider that most burglars don’t have the necessary wherewithal or tools to compromise some heavy duty layers of installed protection like shatter proof glass, heavy doors, security cameras, monitored home alarm system and good strong locks. And you can certainly do lots of other creative things to reduce risk.

One weakness that almost everyone has is their doors. Even with good locks, kicking in a door isn’t all that difficult. All that separates a burglar or home invader is about ¾ inch pine and the stock strike plate with ½ inch screws that comes with the deadbolt and doorknob. It’s pretty scary when you actually take a look at some of the videos these companies produce showing how easy it is to kick in a door.

There are basically 5 different kinds of door reinforcement devices:

Door knob/dead bolt wraps. These are devices that are installed on the door itself strengthening the area around the locks.

Door braces. These are usually floor mounted alloy metal devices that come in two parts. One is the horizontal floor plate screwed right in the floor and the other is a vertical plate that inserts in the floor plate tightly fit up against the door.

Door bar jammers. These are bars that fit under the doorknob and pitch to a 45 degree angle to the floor.

Strike plates. These are generally no more than 3-4 inches long and are thicker than a regular strike plate.

Door frame reinforcement: These are often made of steel and are up to 4 feet in length and are installed on the door jamb center, right over the exiting strike plates.

I’ve recently had the privilege of talking to two different companies that offer door reinforcement devices. Each has a different style brace for a different application, and both are designed to keep the bad guy out. More on those in parts 2 and 3.

Robert Siciliano personal and home security specialist to Home Security Source discussing ADT Pulse on Fox News. Disclosures

Javelin Study Shows Increased Credit Card Fraud Risk

Consumers, businesses, retailers, and even the media are becoming numb to news about data breaches. Not a week goes by when we don’t hear of another major breach affecting thousands or even millions of customer accounts.

Criminal hackers are getting smarter and savvier all the time, and they often have better technology than the banks and retailers tasked with protecting your data.

Time reported on a recent Javelin Strategy and Research survey in which Javelin analyzed 23 of the biggest credit card issuers’ online security practices. When companies were graded on a 100-point scale, the average result was just 59. Javelin head of security and risk analyst Phil Blank, who authored the study, explained, “The good news is issuers are doing a better job overall of resolution, but that’s the easiest thing to do. Prevention is the hardest to do but it’s got the biggest payback.”

The report also found that for a full year after your bank account information has been hacked, there is a strong chance that you will be a victim of credit card fraud. So even though you may be getting a little hardened to data breach warnings, you still need to watch your credit card statements closely. As long as you dispute unauthorized credit card charges within 60 days, federal laws limit liability to $50. Unauthorized debit card charges must be reported within two days, or liability jumps to $500.

One of the FFIEC’s recommendations for financial institutions involves using complex device identification. iovation, an Oregon-based security firm, offers an advanced device identification service that incorporates real-time risk assessments, the history of fraud on linked devices (such as chargebacks, identity theft and credit application fraud) and exposes fraudsters working together to steal from online businesses.

“Complex device identification” involves the creation of a digital fingerprint based on several characteristics of the device including hardware and software configuration, Internet protocol addresses, and geolocation. Unfortunately, complex device ID by itself only increases the strength of identification; it does little to increase the efficacy of an overall anti-fraud strategy.

“Device reputation” offers all of the security measures that complex device ID does, but it also strategically incorporates velocity, anomalies, proxy busting, webs of associations (linking devices and accounts), and fraud and abuse histories. Device reputation moves from a micro to a macro view of transactions which takes into account how particular devices behave or have behaved beyond its activities with a financial institution, its usage by a current user or other users, and/or its relationship to other devices.  This chart explains what is involved with each:

Leading financial institutions aren’t merely complying with the FFIEC’s security recommendations, but are going beyond it by incorporating device reputation and other authentication and anti-fraud tools into their layered security approach.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses credit and debit card fraud on CNBC. Disclosures

Top Six Free Cloud Storage Centers

“Free” is one of my favorite words  so when I have the option to get something for free, I will allocate a reasonable amount of time figuring out how I can apply that to my life before I determine if I should adopt it, or if it’s worth the extra few bucks for the paid version, or if it isn’t worth my time at all.

Backing up data is as important as securing your data, so I back up in multiple places, some of which are free and some that charge a fee.

Here are the freebies:

Google: For Windows, Mac, iOS. Up to 10 GB free space. Designed to store documents in Google Docs, photos in Picasa. Google storage is scattered. It’s only effective for documents and photos.

iCloud: For Mac, iOS, limited functions for Windows. 5 GB free space. Designed to automatically back up all your Apple devices wirelessly.

Amazon Cloud Drive: For Windows, all Adobe Flash enabled devices, not for iOS. 5 GB free space, then $1 per extra GB. Designed for manual upload and backing up media.

Windows Live: For Windows, Mac. 25 GB free space. Designed to store anything you want.

Dropbox: For Windows, Mac, iOS. 2 GB free space, then $2 per extra GB. Designed to store anything you want. It’s the only cloud storage that seamlessly and automatically syncs all your devices in one place.

YouSendIt: For Windows, Mac, iOS. 2 GB free space. Designed to store anything you want. Allows for sending links via email for downloading.

Each of the above cloud storage spaces fits a certain need based on the systems and devices you have. If all you need is a data dump, then Windows Live is it. If you need synchronicity across platforms, go for Dropbox. If you are all Apple, then iCloud is your service. YouSendit is the only one that allows for emailable links to download files, which I use a lot.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures

How to Use the Cloud to Reduce Expenses

Many people are looking to cut expenses. Personally, I’ve shaved at least a couple thousand dollars a month from my expenses by downsizing to one car, cutting out lots of monthly recurring fees, and looking closely at which services I can now shift to the cloud.

Software: Contact managers, office documents, media editing programs, you name it: if there is a software version, there is probably a cloud-based version, and often for free. Just search for the name of the software you use plus “free online.”

Data storage: Backing up your data is absolutely fundamental. And while you can buy a two terabyte hard drive for under $100 (and you should), you can also get free online backup all day long. But you won’t find anything free that includes more than 100 gigabytes, and most free services provide between two and 25 gigabytes. Search for “free online backup.” I need terabytes, so I pay.

Media: Are you still getting a newspaper delivered? Cutting out a newspaper can save $15 – $30 or more every month. Most newspapers offer an online equivalent for free or for a small fee. If your paper is now charging, like The Boston Globe and The New York Times, look to other dailies in your region that don’t.

Are you actually watching all that much cable television? If you break down your cable bill it’s at least $2 per day, and some people pay as much $7 – 9 per day! Cloud-based services like Hulu and Netflix cost less than a dollar a day and offer lots more customized entertainment.

Are you paying for satellite radio? Sirius? Are you serious? That’s over a $150 a year! Internet radio options such as Pandora offer free versions that keep you tuned in and entertained. They are also available on smartphones.

Telephone: Still paying for a landline? If you have a mobile, you may not  need a landline. But what’s even cheaper is cloud-based Skype. You can use your smartphone or PC to call any Skype user for free, or any number in the U.S. from anywhere in the world for $3 per month! Google Voice has a great product too, but Skype is still a little friendlier.

And are you even using a fax machine anymore? I do, so I have to have something in place to send or receive faxes. Scanning documents is easy with an all-in-one scanner, printer, and fax, so many documents can be emailed. But services like cost less than $10 per month and allow you to receive faxes through the cloud in your email.

Paper Statements: Look closely at all your bills. In the past five years, many companies have given consumers the option of going paperless, receiving statements via email, and viewing them in the cloud. They have also provided options for electronic funds transfers. Some are even charging extra to send paper statements and to process paper checks. By going all cloud-based, you could probably save a few bucks every month.

Shopping: I still drive to buy food, home hardware like nuts and bolts, and some clothes. Otherwise, electronics, appliances, shoes, and pretty much everything else can be bought online. Amazon, Zappos and many eBay sellers often provide unbeatable prices because they have much less overhead and free shipping to boot!

Saving money is fun when it’s done in the cloud. It’s smart and when it’s done right it’s more secure, too!

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures

Consumers Need to Rethink IT Security and Safety

Hackers and crackers and data breaches! Oh my! Confused? Overwhelmed? Don’t care? You should, and there’s help.

Few people are head first into gadgets, technology, the cloud and security as I. I have my devices, my wife’s, my kids, there’s Apple products, Microsoft Windows, smart phones, feature phones and tablets. It’s maddening.

Now instead of one PC per household, consumers are purchasing multiple devices . And with consumers able to access the digital world as easily from their smartphones and tablets as from their personal computer, PCs are no longer the main method of connecting to the Internet.

This wave of new devices and their ease of connectivity also means that consumers are now starting to think differently about their digital security.

Mobile Device Users

The threat of lost or stolen devices and the possibility of their personal information being used for fraudulent means a significant concern. In the United States 113 mobile phones are lost every minute  and more than half of smartphone users do not use any password protection to prevent unauthorized device access.

Mac UsersMac OS is not safe from viruses. As of late last year there were 5,000 malware versions targeting the Mac, a number that is growing by ten percent per month.

Child and Teen Users
Are your kids they being exposed to pornography? Will they be contacted by strangers through their social networking profiles?  Are they downloading age-appropriate music and movies? Having protection on the household PC is no longer enough. Parents need to know that their children are safe on all the devices they use, wherever they connect.

It is here and called McAfee All Access. Before consumers had to look for and download a hodge podge of security software from numerous vendors with multiple “keys” to activate. What McAfee knew consumers wanted was an “all in one” solution that for once and for all provides a dashboard to manage all your devices from one place regardless of if it is a PC, smartphones, tablets, netbooks, or Mac.

Robert Siciliano is an Online Security Evangelist to McAfee. See him discussing identity theft on YouTube. (Disclosures)