Back to College Campus Security

/in /by

Whether getting out of high school and entering college, or if you’re a veteran starting another year of college, there are 2 absolutes remain true: 1. You will more than likely get into a situation where your security will be at risk and 2. You aren’t fully prepared to react or respond to the situation.

Why? First, life can be hard and a hard life makes people a little nutty and they do bad things to other people. Second, your mom and dad really didn’t get a formal education on personal security so they sent you off into the world with the limited information they had. Most people regardless of age aren’t prepared. Throw lots of alcohol into the mix and it gets even dicey-er.

September is National Campus Safety Awareness Month. The Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act (20 USC § 1092(f)) is the landmark federal law, originally known as the Campus Security Act, that requires colleges and universities across the United States to disclose information about crime on and around their campuses.

Do your research into the crime climate of the learning institution you plan on attending.

Don’t sit idly back and hope everything will be OK.

Educational institutions aren’t meant to be secure fortresses, which makes them vulnerable to predators

Directly call the institutions security office and get statistics for on and off campus crimes. You want to know exactly what has taken place in the last 3-5 years.

If you go to the campus have an onsite meeting with the security office. It is in your best interest, and required by law for colleges to offer personal security training for their students.

Determine what campus security personnel and technology systems are in place to head off danger.

 

Whether living on or off campus invest in your personal security. Wireless home alarms and portable home security systems are cost effective and add an additional layer of protection. Security cameras are inexpensive and can greatly enhance your security too.

 

Robert Siciliano personal and home security specialist to Home Security Source discussingADT Pulse on Fox News. Disclosures

In Hurricane Season Get the Facts

/in /by

Hurricane Irene killed over 40 people, did millions to billions of dollars in damage and left millions without power for over a week.

I live on the east coast, right on the coast, and battened down in anticipation of getting whacked. Well that day never came because the storm missed us.

The local and national news channels continued to spout out information that devastation was on the way even though NOAA kept telling me the storm was downgraded to a tropical storm. I’ve had 75 mile an hour winds here and that’s not devastation. But it definitely means you need to remove anything from your porches and yard that can be flung through a glass window.

Anyway, in the days after the event many people locally complained to me that the media exaggerates things and in the future they will not pay any attention to the boy who cried wolf.

I repeat: Hurricane Irene killed over 40 people, did millions to billions in damage and left millions without power for over a week. While the media definitely sensationalizes things it is better to be over prepared than underprepared. Further it is even better to get the FACTs from NOAA and get a local perspective with a grain of salt when watching what’s going on in the news.

The Red Cross along with NOAA have great tips on how to prepare.

Robert Siciliano personal and home security specialist to Home Security Source discussing home security and identity theft on TBS Movie and a Makeover. Disclosures.

Psychic and Fortune Tellers Are Scammers

/in /by

A quick break here from security and security solutions to include you in on a little secret.

People all over the world, in addition to people I know and love spend money (sometimes mine) on “readings” thinking they are getting inside information on something such as an unforeseen life event or drummed up answers to questions about the past.

Mostly, the motivations behind a “normal” person going to a fortune teller or psychic are purely for fun. I have been to a few in the past, often pulled in while walking a boardwalk at a touristy event or when someone brings a psychic to a party to bring the party up a notch.

Generally the psychic provides a degree of information that when told, gets the listeners attention because the “inside info” couldn’t possibly be known otherwise.

But that inside information is often generic, or standard. Meaning chances are “there is a family member you are having a very difficult time with” and “you love them and have tried to patch things up but can’t” and “they just don’t understand you”

WHO ISN’T IN THAT SITUATION???!!!

One psychic told me she saw “red blood” in my future “from a type of accident”. I was wearing a leather vest with a long leave shirt that said “Harley Davidson” and carrying a helmet. She was insightful.

So when people get sucked into this they will often get rolled into spending more money to get more information so the fortune teller can solve all their problems.

Recent news of an educational foundation of sorts offered up a million dollar challenge to anyone who could prove they are a psychic. Nobody has taken the bait. Know why? Because anyone who takes the challenge would be discredited on a national stage.

Just this week in Florida a family of multi million dollar fortune tellers were arrested for using magic tricks claiming they were talking to the dead, and curing disease. Victims were giving up luxury cars, cash and gold coins to have the scammers fix all their problems.

There is a scam for everyone. Everyone is a mark, it’s just a matter of finding that persons scam spot.

PS, there is no such thing as UFO’s or ghosts either. Since billions of people now carry smartphones that record pictures and videos we have yet to see a ghost or UFO on camera.

Robert Siciliano personal and home security specialist to Home Security Source discussing scammers and thieves on The Big Idea with Donnie Deutsch. Disclosures.

Username and Passwords Are Facilitating Fraud

/in /by

In 2005, the Federal Financial Institutions Examination Council stated:

“The agencies consider single-factor authentication, as the only control mechanism, to be inadequate for high-risk transactions involving access to customer information or the movement of funds to other parties. Account fraud and identity theft are frequently the result of single-factor (e.g., ID/password) authentication exploitation.  Where risk assessments indicate that the use of single-factor authentication is inadequate, financial institutions should implement multifactor authentication, layered security, or other controls reasonably calculated to mitigate those risks.”

Here we are in 2011, six years later, and well over half a billion records have been breached. And while it is true that not all of the compromised records were held by financial institutions, or were accounts considered “high-risk transactions,” many of those breached accounts have resulted in financial fraud or account takeover.

Back in 2005, you might have had two to five accounts that required you to create a username and password in order to log in. Today, you may have 20 to 30. Personally, I have over 700.

The biggest problem today is people most often use the same username and password combination for all 20 to 30 accounts. So if your username is name@emailaddress.com, and your password is abc123 for one website that ends up getting hacked, it will be easy enough for the bad guy to try those login credentials at other popular websites, just to see if the key fits.

The quick and simple solution is to use a different username and password combination for each account. The long-term solution is for website operators to require multifactor identification, which may include an ever-changing password generated by a text message, or a unique biometric identification.

Until that time, the three best tips to create an easy to remember but hard to guess string password are as follows:

Strong passwords are easy to remember but hard to guess. “Iam:)2b29!” consists of ten characters and says, “I am happy to be 29!” (I wish).

Use the keyboard as a palette to create shapes. “%tgbHU8*” forms a V if you look at the placement of the keys on your keyboard. To periodically refresh this password, you can move the V across the keyboard, or try a W if you’re feeling crazy.

Have fun with known short codes or sentences or phrases. “2B-or-Not_2b?” says, “To be or not to be?”

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures

What Apple’s iCloud Means for All of Us

/in /by

If you use Gmail, Hotmail or Yahoo, you know your email is accessible from any computer or smartphone. That’s because your messages are stored “in the cloud.”

What is iCloud? Apple puts it like this: “iCloud stores your music, photos, apps, calendars, documents, and more. And wirelessly pushes them to all your devices — automatically. It’s the easiest way to manage your content. Because now you don’t have to.”

If you take a picture on your iPhone, it appears on your Mac. If you write a document on your iPad, it appears on your iPhone. If you buy a song on iTunes, it becomes available on all your devices.

The cloud isn’t new, but when Apple pushes out a product, they often find a new and improved way to utilize existing technology.

iCloud was designed with three things in mind: convenience, portability, and consolidation. It allows you to keep your devices in sync, to access your data from anywhere, and do it all within a single, central hub. That last design feature gives Apple a certain degree of control over the user base.

Apple’s iCloud and its consumerization of centralized, cloud-based data and services will undoubtedly result in even more consumers connecting to even more devices.

Better yet, iCloud will spur even more innovation among Apple’s partners and competitors. Soon, we will see more products and services consolidated in “the sky,” which other cloud services will connect to. Consumers will also have more options for creating their own personal clouds, in the form of smarter home-based servers, making it easier to manage all of their devices and keep them secure.

And for all you PC lovers, there will surely be many more offerings to keep your digital life in sync, because, well, not everybody likes apples.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures

 

Hackers Target Small Business

/in /by

Big companies and big government get big press when their data is breached. And when a big company is hit, those whose accounts have been compromised are often notified. With smaller businesses, however, victims are often left in the dark, regardless of the various state laws requiring notification.

One reason for this is that smaller businesses tend not to keep customer names and contact information on file, and credit card companies discourage them from recording credit card data.

This is serious cause for concern. The Wall Street Journal reports that the majority of breaches impact small businesses:

“With limited budgets and few or no technical experts on staff, small businesses generally have weak security. Cyber criminals have taken notice. In 2010, the U.S. Secret Service and Verizon Communications Inc.’s forensic analysis unit, which investigates attacks, responded to a combined 761 data breaches, up from 141 in 2009. Of those, 482, or 63%, were at companies with 100 employees or fewer. Visa Inc. estimates about 95% of the credit-card data breaches it discovers are on its smallest business customers.”

If 95% of breaches affect small companies, it’s anyone’s guess how many times my or your credit card numbers have been compromised. I’ve received four new cards in the past three years as a result of major companies being breached. But I use credit cards at more than a hundred different retailers in a year. And it isn’t only credit card numbers that are stolen, but also usernames and passwords, Social Security numbers, email addresses, and more.

Check your credit card statements online weekly and refute any unauthorized charges. As long as you dispute charges within 60 days, federal laws limit your liability to $50. Unauthorized debit card charges must be reported within two days, or liability jumps to $500.

Change up your passwords at least once every six months. If a business is hacked, they may not know for years, and can’t possibly notify you until it’s much too late.

Robert Siciliano is a McAfee Consultant and Identity Theft Expert. See him discussing identity theft on YouTube. (Disclosures)

10 Things To Put In A Fire-Resistant Safe

/in /by

Your house isn’t going to catch on fire, right? Well, you hope not, so maybe you even fool yourself into believing it can’t happen. But I’ll bet you have fire insurance, and maybe a collapsible escape ladder, and a fire extinguisher or two. I have all this, and I also back up all my digital data in the cloud, including pictures and documents.

And I have a fire-resistant safe.

All this preparation is so that if there ever is a fire, I can reduce or eliminate any risks to lives and valuables.

Most documentation is replaceable, but certain things are not. Sometimes, when documentation is replaceable, getting duplicates can be a nightmare.

Mementos: Photos, love letters, children’s drawings, and so on. You probably have a box full of things that you like to browse through every ten years or so. Or photo albums on a shelf. If these items were incinerated, you’d be very unhappy.

Insurance papers: Home, auto, life, health, and business insurance papers should be protected.

Health related information: if you have health issues and multiple files, records, and prescriptions, they should be protected.

Financials: Documentation regarding investments, bank account numbers, stocks, bonds and coins should be protected.

Wallet: Photocopy everything in your wallet front and back and put the copy and extra credit cards and cash should be protected.

Identification: Birth certificates, passports, driver’s licenses, Social Security cards, insurance cards, and any other identifying documents should be protected.

Titles: Deeds, boat, and automobile titles should be protected.

Wills: Any and all documentation related to a will should be protected.

Jewelry: Most insurance providers require a safe in order to obtain insurance coverage.

Extras: I have an extra passport, extra credit cards, extras set of keys, extra emergency cash, and extra identification, all protected in my safe.

Robert Siciliano is a Personal and Home Security Expert for SentrySafe. See him Discussing burglar proofing your home on Fox Boston. Disclosures.

A Safe Alternative to Theft and Fire

/in /by

People steal. Therefore, safes exist. There has always been a need for a place to hide, store, and lock away valuables in order to protect them from thieves.

Hundreds or even thousands of years ago, safes were constructed from materials such as wood, granite, cement, brick, and even clay. Today, safes are made with some type of metal, combined with other materials. Safes have basically always incorporated a lock of some kind, and, to make things more difficult for criminals, have often been built to be either intentionally heavy or permanently installed.

Throughout the 19th century, as cities were developed and more and more houses were built, fires became an issue in overcrowded areas. Fire codes as we know them today didn’t exist. This created a need to protect valuables from more than thieves. New technologies were added to protect safes from fire damage. It wasn’t unusual for a safe to be lined with brick, asbestos, or plaster to slow down a fire.

Once high-quality, fire-resistant metal safes were introduced, banks and wealthy people snapped them up. But it wasn’t until the early 1930’s that SentrySafe introduced and perfected the fire-resistant safe as an affordable alternative for average people’s home security needs. Today, millions of SentrySafes like the Big Bolt Fire Safe are being deployed in homes and small businesses worldwide. Having a safe is just smart. Go to SentrySafe to learn more.

Robert Siciliano is a Personal and Home Security Expert for SentrySafe discussing home security and identity theft on TBS Movie and a Makeover. Disclosures.

How the Cloud Will Change Technology

/in /by

You may have noticed that over the last decade, computers have grown faster and more powerful, with more RAM, bigger hard drives, and improved processors. This is made possible by the development of better, cheaper technology, coupled with a corresponding need on the part of consumers and corporations. It has also come in response to software developers, who have continued to introduce more complex and demanding programs.

Then, “the cloud” came along, and software such as office programs, contact managers, editing programs, and data storage went virtual, no longer requiring local computer space and speed.

As a result, old, slower PCs have a new life, and new devices like mobile phones, netbooks, e-readers, and tablets rely on the cloud to function as fully portable productivity tools and entertainment centers.

One of the cloud’s most significant impacts so far has been in music. Since the digitization of songs, we have seen dramatic changes in devices and hardware for music consumption, as well as in distribution mediums.

Last year, a Gartner report predicted that cloud-related spending would reach $258 billion by 2020. It accounted for $28 billion in 2010. This rapid increase should prompt investments in related technologies, applications, and services to account for 45% of all IT spending.

In the short term, as the cloud grows, more jobs will be created. In the long term, however, it is likely that many of the smaller administrative tasks that are currently performed on local PCs will take place in the cloud, managed by big companies along the lines of Amazon, Microsoft, Google, and even AT&T and Verizon.

The cloud will encourage the development of identification technologies designed to authenticate individuals online and via mobile and card technologies. The advantages and sheer connectedness facilitated by the cloud and our complimentary devices will ultimately allow for a more seamless and secure digital life.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures

How Is All This Hacking Affecting My Identity?

/in /by

Without question, 2011 is the year for hackers of all kinds to get their 15 minutes of fame. But it feels like it’s lasting a lot longer than 15 minutes. With so many different breeds of hackers, each with their own agenda and an endless supply of potential targets, the media has certainly been more than willing to give them all the attention they could possibly want.

Major publications, including The Wall Street Journal, The New York Times, and Forbes, seem to have journalists working fulltime to cover the hacker chronicles. Significant players and events like Wikileaks, HB Gary, Anonymous, Lulz, IMF, Sony, RSA, Epsilon, the News of The World voicemail hacking scandal in Britain, and so many others have helped bring data security and identity theft issues to the forefront of the public’s attention. Much of the coverage has been sensationalist, but the reality is that we are indeed hemorrhaging information all over the place.

Initially, hackers went after sensitive personal data like Social Security numbers. Then they moved on to credit card numbers and bank account numbers, and then usernames and passwords. Military records have been breached, corporate emails have been exposed, and there have been targeted attacks on government records. At one point last year, the total number of records breached hovered around half a billion. But if we were to broaden the definition of what counts as a breached record, I’d guess that number would have to quadruple, at least.

No matter how you slice it, your information is at risk, whether it’s on your own PC or some other computer or database somewhere. It isn’t a matter of if but when you’ll receive a letter from some company saying they were breached and you are at risk.

In security, as in sports, is the best defense is a good offense. The worst thing you can do now is nothing.

To ensure peace of mind, subscribe to an identity theft protection service, such as McAfee Identity Protection, which offers proactive identity surveillance and lost wallet protection. If your credit or debit cards are ever lost, stolen or misused without your authorization, you can call McAfee Identity Protection and they’ll help you cancel them and order new ones. If their product fails, you’ll be reimbursed for any stolen funds not covered by your bank or credit card company. (See Guarantee for details.) For additional tips, please visit CounterIdentityTheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss the Epsilon breach on Fox News. (Disclosures)