Data Back-Up Strategies for Your Business

/0 Comments/in /by

Do you backup data? One would hope you do, and can’t imagine you don’t, but sad to say, many find data backup overwhelming and tedious so they nix it. One of the problems with getting a small businesses to secure data is they think they need to load up thumbdrives, DVDs or tape devices manually. This is in fact tedious and overwhelming.

I’ve got news for you, data backup is easy. With onsite software/hardware and offsite cloud based servers, business data backupis a complete no brainer.

There are many databackup options. New PCs often come bundled with backup options. Microsoft Windows 7 comes with “Windows Restore/Back Up” accessible via the Control Panel, and Macs offer a data protection option called Time Machine. You can buy an external hard drive to copy your files too, or invest in a remote backup service.

I suggest backing up twice on local drives and once in the cloud.

Cloud backup options include Mozy, and Carbonite among others.

Mozy online backup costs $6 per month to back up 50 gigabytes of data on one computer, or $110.00 a year for 125 gigabytes on up to three computers. Mozy offers an easy to use interface and quick, effortless backups of every file type, including files on external drives. If you have over 110 gigabytes, though, it gets pricey.

Carbonite online backup offers unlimited storage from one computer for under $5 per month. Carbonite is inexpensive with an easy-to-use interface that allows you to access your data via an iPhone app, which is very cool. Unfortunately, Carbonite won’t back up external drives, backing up certain media, like videos, is slow, and you have to manually check your folders to make sure everything has successfully been backed up. Also, certain files like software programs with a variety of unusual file extensions, have to be zipped beforehand, since Carbonite won’t back up the individual files with odd extensions.

Local drives: For many small businesses 1-2 TB is all the backup you need. Install a secondary 2TB drive and for $20 install Goodsync. Goodsync automatically backs up your data locally from an internal drive to many external drives.

Goodsync automatically syncs my internal E: drive and external F: drive every two hours. I do this because, while all my data is stored in the cloud, if my internal drive does crash, downloading it all would be a chore, plus, I’d need a drive to download it anyway.

The cloud is ideal for mitigating major data losscatastrophes, but not practical for accessing data on a daily basis.

Robert Siciliano personal and small business security specialist toADT Small Business Security discussingADT Pulse on Fox News. Disclosures

How will NFC change the mobile wallet?

/0 Comments/in /by

NFC is an acronym for near field communication, a wireless technology that allows devices to talk to each other. In the case of a mobile wallet application, those devices would be a mobile phone and a point of sale device at a checkout counter.

USA Today reports that the number of NFC handsets is set to increase from about 34 million this year to about 80 million next year. Gartner estimates that growth in handsets will exceed 100 million in 2012, and that that 50% of smartphones will have NFC capability by 2015.

The short list of big players, which includes Google, Citibank, MasterCard, Gemalto, First Data, VeriFone, Samsung, Sprint, AT&T, T-Mobile, Verizon and  Isis, are all deploying some version of a mobile wallet. Isis’s website promises, “Mobile wallet will eliminate the need to carry cash, credit and debit cards, reward cards, coupons, tickets, and transit passes, fundamentally changing how you shop, pay, and save. All with your phone.” And all powered by NFC.

NFC can also be used to connect online gamers. Within social networking websites, NFC can facilitate the distribution of coupons that can be scanned at in-store terminals.

Soon, we will see online retailers embrace the potential benefits of NFC in order to create effective loyalty programs, supported by online advertising and social media campaigns

With full deployment, near field communication will make every day transactions incredibly convenient. If you think your cell phone is your everything today, wait until you see what’s coming next!

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures

5 Must Have Small Business Security Tools

/0 Comments/in /by

Security Alarm System: No matter what kind of business you are in, there is something of value within your facility that a criminal will fence for drugs. Everything from products you sell, to warehouse items, maintenance tools, phone systems, office furniture, computers and the company safe.

Security Cameras: Whether you are protecting the perimeter of the property from vandals or thieves or protecting the inventory from theft, or even the cash register from sweethearting or robbery, security cameras are an essential component to any small business security system.

Business Continuity: Having a data backup locally is essential. Having a data backup in the cloud is fundamental. And having a backup for all your network operations either at a remote facility or accessible in the cloud is an insurance policy no small business should do without.

Secure Information Technology: A comprehensive information security plan that involves encrypting all sensitive data, ongoing critical security patches, antivirus protection, antispyware, firewalls (both software and hardware) and a secure Internet gateway are critical to preventing costly data breaches.

Secure Mobile Fleet: Managing digital devices such as mobile phones, tablets, thumbdrives and any other portable device that stores or communicates data can be the equivalent of herding cats if not done right. IT managers must have security policies in place to deal with and manage devices attached to the network in some way. Many security vendors provide comprehensive solutions to keep track of, lock down, and secure devices.

Robert Siciliano personal and small business security specialist toADT Small Business Security discussingADT Pulse on Fox News. Disclosures

Organized Crime Drives Increasing Auto Insurance Costs

/0 Comments/in /by

All over the world, insurance fraud equates to a multi-billion dollar issue. The Guardian reports that in the United Kingdom, “insurance fraud [has] been on the rise since the recession began. Figures to be published by the Association of British Insurers (ABI) are expected to show that these are still on the rise. As it is, the ABI puts the total cost to the industry of undetected general insurance claims fraud at £2bn per year. This adds around £40 a year to the insurance premiums paid by all policyholders.”

Much of this increase is said to be due to the involvement of organized criminals. The most common fraud technique is known as a “crash for cash” scam, in which criminals slam on their brakes in order to cause an accident with the car behind them, leaving the victim’s insurance on the hook for the cost of damages.

One way of minimizing fraud is to stop organized criminals from transacting with a business over the Internet. Online insurance, retail, gaming, and even dating sites can weed out risky accounts based on devices’ reputations using iovation’s device identification service. When PCs, Macs, tablets, or smartphones collude, a pattern can be detected and fraud can be prevented.

By utilizing iovation’s fraud detection service, insurance companies can not only recognize high-risk devices responsible for creating fraudulent online policies, but also avoid paying for frequent “crash for cash” scams and help to reduce the rise in premiums for honest policyholders.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses identity theft  in front of the National Speakers Association. (Disclosures)

Spotlight on RSA: Latest Security Threats

/0 Comments/in /by

2012’s RSA Conference kicks off February 27th. Executive Chairman, RSA, Security Division of EMC Arthur Coviello, Jr. will present a program focused on the fact that in the past 18 months, organizations throughout the world have been under attack by nation-states, “hacktivists,” and cyber criminals.

PBS NewsHour Senior Correspondent Jeffrey Brown will address “hacktivism”—the use of computers and computer networks to protest or promote a political agenda or ideology—which Brown will argue has reached a tipping point, requiring an adjustment in our approach toward enterprise security.

And Stuart McClure, Chief Technology Officer at McAfee, will discuss the rapid evolution of the threat environment, and how what was once considered theoretical has become reality.

No one is immune, whether you are a soccer mom, small business, major corporation, the federal government, or the president of Syria, whose email account (password: “12345”) was hacked by a collective known as Anonymous, who were able to access hundreds of private email messages. Anyone who attracts the attention of a criminal hacker is a target.

“Hacktivists” are activists who use computer hacking as a weapon against anyone they deem oppressive. There may be hundreds of thousands of hackers operating based on this justification for their hacking, with little to no oversight or guidelines beyond their individual impulses determining their next victim. In some cases, hackers are motivated simply by petty dislike or disagreement.

Protecting your networks starts with a few basics, including:

  • Total, “all-access” protection, including antivirus, anti-phishing, and anti-spyware
  • Full disk encryption
  • Firewall security appliances
  • WPA2 wireless security
  • Up-to-date operating system and software critical security patches

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures

Prevent Someone From Slipping You a Micky

/0 Comments/in /by

Some call it a Mickey or a roofie but technically they are known as Rohypnoll, Ketamine or GHB. These are drugsdesigned in specific quantities that when taken can cause temporary loss of memory and in some cases cause a person to black out.

Most often the drugs are in pill form but can be ground into a powder that is tasteless and odorless however Rohypnoll has been redesigned to turn blue when in contact with fluids and GHB may be salty to the taste.

When the drugs are dropped in someone’s drink whether it be water or a cocktail they won’t taste it going down. They’re fast acting drugs that in the right quantity will send a person to another dimension within an hour.

The ease in which it is to drop a powder into a drink coupled with the control that a bad person can have over another is what makes this such an attractive crime to many evil doers.  I did a segment on the Tyra Banks show where we set up an actor in a bar who “hit” on 3 different woman we west up to go to a bar. Our actor approached all three of these woman who made it very easy for our actor to either slip them a roofie and or get them to his car where he had duct tape, ropes and other tools to restrain.

The most effective ways to prevent yourself from getting drugged include common sense tactics such as:

Get your own drink: Never let anyone get you a drink. Even if they insist.They can buy you a drink, but you need to get if from the bartender.

Cover your drink with your hand: This means never putting it down and walking away. It also means being somewhat obsessed with having your hand over the opening of the glass or the mouth of a bottle.

Invest in drink detection tools or devices that prevent a Mickey from being inserted here.

Robert Siciliano personal and home security specialist to Home Security Source discussing ADT Pulse on Fox News.

Beware of Ghost Brokers

/0 Comments/in /by

The insurance industry is thoroughly regulated, with numerous checks and balances. In the United Kingdom, however, scammers are able to pose as insurance brokers—or “Ghost Brokers”—offering significantly cheaper insurance than legitimate insurance firms.

The Telegraph reports, “The multi-million pound scam is operated by fraudsters who target drivers who are economising and looking for cheaper motor insurance deals. These motorists are likely to be vulnerable pensioners, young drivers struggling with soaring premiums and those living within communities where English is a second language.”

The scary part of this scam is that when unsuspecting victims purchase policies, they get certificates of insurance that are essentially worthless. In the event of an accident, they will not be covered.

In some cases, the ghosts will contact legitimate insurance brokers and broker deals for insurance policies that they then pay for using stolen credit cards. The victim gets a real certificate of insurance, but it’s been paid for with stolen money. When the fraud is discovered, the policy is cancelled.

These rogue brokers engage in guerilla marketing campaigns involving windshield flyers, classified ads, and professional-looking websites.

Major insurance companies would fare better if they could identify ghost brokers and stop them in their tracks. One anti-fraud service that’s been garnering attention for delivering fast and effective results is iovation’s ReputationManager 360. This SaaS-based fraud prevention solution incorporates device identification, device reputation, and real-time risk profiling. It is used by hundreds of online businesses to prevent fraud and abuse in real time by analyzing the computers, smartphones, and tablets being used to connect to websites. iovation’s service can recognize devices that have been involved in scams and help insurance companies stop fraudsters upfront.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses identity theft  in front of the National Speakers Association. (Disclosures)

5 Tips To Secure Online Shopping This President’s Day

/0 Comments/in /by

Making a purchase online around Presidents day? Keep in mind criminals are working hard to intercept your credit card numbers in various way.

#1 SCAM: Black-Hat SEO: Criminals create fake websites and then use the same techniques as legitimate online businesses regarding search engine optimization, marketing, and online advertising via Google AdWords. They use keywords to boost rankings on Internet searches, causing their spoofed websites to appear alongside legitimate websites. These same processes are also used to infect unsuspecting users with malware.

SOLUTION: Do business with known sites. Use the exiting e-tailers you’ve done business with. Otherwise install a “SiteAdvisor” that scans websites looking for malware.

#2 SCAM Phishing: emails offering high-end products for low prices. The same applies to any offers received through tweets, or messages sent within social media.

SOLUTION: Common sense says that whenever you receive an unsolicited email offer, you ought to automatically be suspicious. Delete.

# 3. SCAM: Domain squatting: When what looks like a trusted website sends you an email looking like a familiar domain, beware of cybersquatting and typosquatting, in which the address only resembles the legitimate domain, but is a trap.

SOLUTION: Make sure you’ve been taken to the correct URL for the retailer.

#4 SCAM: Unsecured sites. Scammers generally don’t take the time to create secure websites.

SOLUTION: When placing an order online, always look for “https://” in the address bar, signifying that a page is secure. Note that an image of a closed padlock also indicates that a website is secure.

5. SCAM: eBay email scammers. It’s difficult to tell a real eBay email offer from a fake one.

SOLUTION: If you are seeking deals on eBay, go directly to the site itself, and don’t bother responding to emails. If a deal in an email is legitimate, you can find it by searching eBay.

Robert Siciliano personal and home security specialist toHome Security Source discussing home security and identity theft on TBS Movie and a Makeover.

Almost 5% of Smartphones Lost Every Year

/0 Comments/in /by

McAfee and Ponemon Institute recently released “The Lost Smartphone Problem,” a study that attempts to determine how many employees’ smartphones are lost or stolen, and the consequences of these lost cell phones on various organizations. Among the 439 sample organizations, the number of missing smartphones is significant: 142,708 in one year.

Approximately 62% of smartphones are company owned devices assigned to employees for business use. 38% are personally owned and are used for business. Roughly 4.3% of these employee smartphones are lost or stolen each year. Of the 142,706 smartphones reported missing by the 439 businesses surveyed, only 9,298—7%—were recovered. 13% of the missing smartphones were lost in the workplace, 29% were lost while traveling, and 47% were lost while employees were working away from the office, either at home or hotel rooms. Employees were unsure where the remaining 11% were lost. And despite the fact that 60% of missing smartphones are believed to contain sensitive and confidential information, 57% were not protected with available security features.

The industries reporting the highest rate of smartphone loss were health and pharmaceuticals, education and research, and public sector organizations.

Based on the costly consequences of lost data assets, it makes sense to allocate the necessary resources to invest in anti-theft and data protection solutions in order to secure smartphones and the sensitive and confidential information they contain.

Robert Siciliano is an Online Security Evangelist to McAfee. See him discussing identity theft on YouTube.(Disclosures)

Hey, Psst, Wanna Buy A Lifetime of Toilet Paper?

/0 Comments/in /by

I’ve seen lots and lots of scams over the years and many of them involve penny stocks, contractor scams, cash gifting, investment scams, black money and the list goes on. And with each scam you see the question is always asked “How is it that someone could fall for that?” And with some scams it is actually feasible that there is many potential victims for said scam.

A “Toilet paper” scam, well, I guess, could target everyone? Right?

In this particular scam the targets were those who own septic tanks. The ruse was that the federal government is now requiring by law that if you own a septic tank that you need to buy a special toilet paper.

The Miami Herald reported “In phone pitches, salespeople claimed the company was affiliated with the Environmental Protection Agency, the U.S. Food and Drug Administration and the U.S. Department of Agriculture. One product, the $199 Septic Remedy treatment, would eliminate the need to have their tanks pumped, the company claimed.

Victims were also told that they needed special soap, detergent and toilet paper or their septic tanks would not pass federal inspection. But the EPA does not regulate septic tank products, according to the U.S. Attorney’s Office.”

This scam isn’t entirely impossible to believe. And the fact is there are house hold products such as special soap, detergent and toilet paper that is in fact better for the environment and without doing the research probably better for a septic, I can see how these scammer could make a mint on the sales of these products.

Anytime anyone ever calls you, sends an email, snail mail or knocks on your door, do your research. Don’t just automatically believe what someone says, especially if there is money involved.

Robert Siciliano personal and home security specialist to Home Security Source discussing identity theft on YouTube.