High Tech Alarm Systems Are Much More Than Home Alarms

/in , /by

So I have the new ADT Pulse system. It’s pretty amazing. I’ve had a “plain old” system for the past 15 years, which has been upgraded 3 times. The standard home alarm system covers monitoring, doors, windows, motion and glass.

This system has all that plus wireless cameras inside, remote controlled thermostats, remote controlled/timed light controls, flood sensors in the mechanical room and laundry, full web access to the cameras, an iPad looking touchpad that controls it, an iPhone app to control/monitor its cameras/stat it from anywhere, and a web dashboard that lets you control every single aspect of each control to inform you of activity or to set up a “reaction” to an incident.

This home alarm system is very simple and easy to program and once you dive into the system it give you a tremendous amount of “awareness” of the goings on in and around your home and it does it automatically.

I haven’t spent a lot of time on the programming just yet, but just by default the basic settings will alert you via text and email whenever anything happens. You also have the ability to turn all these same alerts off.

It has no less than 5 ways to turn it on and off including a wired keypad, iPhone app, Touch pad, computer and remote control on the keychain for deactivating before the garage door goes up. The Touch pads sit in bedrooms/office/kitchen and has a live video feed tuned into kids rooms or the entrance way. There’s also a big green or red icon on the touch pad letting you know if it’s set or not. Mine is mostly red because it’s set while we are home. The touchpad definitely give you more control with, than without. It allows very simple setting of the home alarm so it’s mostly always on and you know it which reduces false alarms.

What I like most is the inside cameras. I have one in the little people’s room who are too little to tell me they don’t want them there. There’s also one in the kitchen, family room, office, entrance way, mechanical room and basement/garage. All of these spaces have a light switch in the room that I can control remotely to turn on so I can see what’s going on at night.

More visibility, more notification, more functionality, easier controls means more security. I LOVE THAT!!!!!!!!!

Oh, and when ADT installed this thing, the sales peeps and installers couldn’t have been more courteous and more professional. They weren’t run of the mill-off of craigslist-contractors, these were employees of the largest alarm company on the planet and it showed they do serious quality control over who their employees are. You don’t see that so much anymore.

It was a very impressive parade of professionalism.

I’m going to do a few posts regarding my experience with ADT Pulse as I dig deeper, so stay tuned.

Robert Siciliano personal and home security specialist to Home Security Source discussing Home Security on NBC Boston.

Data Leakage is a Correctable and Solvable Problem

/in /by

WNYT.com reports “the Social Security Administration in New York City says that 15,000 Social Security numbers were stolen by a subcontractor who was working in Office of Temporary Disability Assistance making computer infrastructure upgrades.”

In this case the culprit is a subcontractor and succeeded either because he had the contractor’s credentials/passwords and/or the files containing the SSN info weren’t encrypted.

The problem with protecting only with userid/passwords is well understood. Passwords are generally 123456 or otherwise easily cracked. Even if the password is a good one, chances are it is used on dozens of other sites that don’t do a good job of protecting it.

In this case the password gave a “good guy” access and he went rougue.

Some organizations think that deploying Full Disk Encryption (FDE) or File and Folder Encryption (FFE) provides them the desired security level. The point often missed is that even with Full Disk Encryption or File and Folder Encryption in place, users with correct credentials can access, copy, transfer/download to USB sensitive data without any problem.

I’ve said this before and I’ll say it again: Zafesoft can prevent such incidents from both of the above. Company administrators can remove access for a suspected malicious insider at any time and even if they have the physical file with them, it’ll be in encrypted format which they won’t be able to open.

Secondly, the Zafe technology travels with the information so they wouldn’t have been able to open the files even they were a legitimate user unless they were also using an approved laptop that has been registered and authorized with the company.

Moreover the moment they copied the data and tried to open it on a non-authorized laptop an alert would have gone to Company administrators alerting them of a possible theft and they could have prevented the incident from happening.

Robert Siciliano is a Personal Security and Identity Theft Expert. See him discussing another databreach on Good Morning America. (Disclosures)

Blue Cross Blue Shield Applications Found in Trash

/in /by

Ever apply for insurance of any kind? There is always a litany of paperwork and the process is always frustrating and somewhat demeaning. Insurer’s applications feel invasive and ask questions that require information that you may not even tell your mom.

What’s worse is they have to be given to another person who you often do not know. What’s even worse than that is you really have no control over what that agent will do with the information.

Private investigator William Cobra Staubs, was doing some dumpster diving conducting some “research” this week and happened upon a big box of discarded medical files and applications tossed there by what appears to be a Blue Cross Blue Shield agent who didn’t need them any longer. He found over 30 documents and approximately 50 Social Security numbers.

“Cobra”, as he is known is no stranger to controversy himself as a one-time Haleigh Cummings case investigator who accepted a plea deal in charges against him concerning his apprehension of a registered sex offender. He has also had intimate dealings in the OJ Simpson case. This is a guy to know.

Cobra determined who the agent was by finding a page from the agents “day planner”.

Personal identifying information is often collected by businesses and stored in various formats, both digital and traditional paper. With identity theft a growing problem in the country, many states have passed laws that require entities to destroy, dispose, or otherwise make personal information unreadable or undecipherable, in order to protect an individual’s privacy. At least 29 states, listed HERE, provide laws that govern the disposal of personal data held by businesses and/or government.  See also Security Breach Notification Laws and Identify Theft Statutes.

Robert Siciliano is an Identity Theft Expert. See him discussing Social Security numbers on Fox News.

Yahoo News Search Results “Robert Siciliano”

/in /by

This is seriously braggadocios.  But it’s a nice way to end 2010 on a highnote.

  • Fox News – Dec 20
  • The Huffington Post – Dec 16
  • US News & World Report – Dec 14
  • MSNBC – Dec 04
  • ABC News – Nov 29


2010 was a great year. 2011 will be great-er. Thanks to all.

Thank you McAfee, ADT, Gemalto, Intelius, Knowem, RSA, and all my dynamite clients!

Happy New Year!



test AY6AJMUJJUHE

/in /by

test AY6AJMUJJUHE

How to Recover a Lost iPhone

/in , /by

You may be one of the millions and millions who own and love your iPhone. What I love about mine is the ability to work from anywhere and I can also view my home security cameras through an iPhone application.  ADT Pulse provides customers with anywhere, anytime access to their home via smart phones or personal computers, including an iPhone application.

But what if you lost your iPhone? Certainly you can just get another one, but what if you are within the timeframe that you can’t get a subsidized phone upgrade? You may have to spend hundreds and hundreds on an unsubsidized iPhone. Fortunately, you have a great option to recover a lost iPhone that works with your iPhone’s GPS

It’s easy. Activate Find My iPhone. This is a subscription based service ($99 annually) if your iPhone is a 3G or 3Gs. Find My iPhone is FREE if you have an iPhone 4.

Just enable Find My iPhone in the MobileMe settings on your iPhone or iPad. Then sign in to me.com from any computer or using the Find My iPhone app on another iPhone, iPad, or iPod touch to display its approximate location on a full-screen map.

When I did this the process was a little buggy because of my inability to connect my phone to the Me/Find My iPhone Account.  Once you log into Me.com with your Apple credentials, the same credentials you use to download an App on your iPhone, the phone should connect.

Find My iPhone locates your phone via a map and tells you an approximate location. It also allows you to send a message to who may have found the phone (like a number they should call to return it) and it overrides your vibrate setting and emits an alarm if you send a signal and are in range to listen for it. If all else fails Find My iPhone can wipe all your phones data remotely to help prevent identity theft.

Robert Siciliano personal security expert to Home Security Source discussing mobile phone spyware on Good Morning America.

Protecting Yourself and Family During The Holidays

/in /by

Criminals share the same calendar as you and I. Their lives are no different than ours. They anticipate the holidays and feel the same pressures to provide.  But they “shop” in a different way than we do. I’m already seeing news reports of “Woman attacked while shopping” and “Teens jump man leaving jewelry store”

The only thing that separates us from them is the boundaries they have established. While you and I are civilized humans who feel sympathy, empathy and understand personal boundaries, the bad guys don’t.

It is an unfortunate fact that we must cope with this sub-species that views you and I as their natural prey. They look upon us as cattle to be herded and meat to be slaughtered. They think nothing of taking from us and committing violence to get what they want.

Having this knowledge and understanding what you are up against should empower you. By achieving this kind of awareness, you can anticipate and proactively prepare and prevent crime.

The following considerations need to be made as the holidays advance:

Every tip here revolves around “situational awareness”. The more aware you are of every situation, the safer and more secure you will be. Predators seek people who are unaware. By knowing what’s happening around the perimeter of your body you reduce the chances of being chosen by an attacker.

ATM: As you are getting cash look around you, cover the keypad with your other hand as you enter your PIN. If someone makes an attempt to accost you, toss the money and run.

Parking lots: Don’t park near windowless vans. Before you get out of the vehicle scan the area. Once you are on your way continually scan the area around you. If anyone suspicious or aggressive approaches scream and run.

Wallet/purse: Carry “chump change” which is enough dollars to toss in one direction while you run in the other. If they want your purse give it to them. Don’t fight over material items.

Self Defense: If your physical security is in jeopardy offering resistance has been proven more often to get you out of a dangerous situation. Run, fight, kick, scream, and do whatever a 2 pound cat would do to get away.

Leaving the Mall: It’s never good to be loaded down with bags. Get a carriage if possible. If you are shopping late at night get a security guard to walk you out or buddy up with someone leaving the mall.

Back to your car: Scan the area around your car. Look inside the car before getting in. Scan the area around the vehicle while putting your stuff in the trunk. Once inside lock your doors.

Robert Siciliano personal security expert to Home Security Source discussing self defense on Fox Boston.

Is “Enterprise Rent a Car” Insurance a Scam?

/in /by

I rent cars all the time. I travel and need to get around so I can teach people about how scams work and how to protect themselves. Yesterday I encountered what seems like a scam but is probably just very unethical behavior on the part of Enterprise Rent a Car.

Here is how it played out.

I head to the counter to rent my car. The Enterprise Rent a Car agent asks me, “Robert, would you like to purchase rental insurance for your car today”. I say “No, I have American Express and they take care of my rental car insurance”. Which they do. I’m Platinum on AMEX and AMEX ROCKS. Their card offers physical damage insurance but not liability. Liability insurance is paid via my personal policy.

The Enterprise Rent a Car agent responds “I’m sorry; we don’t have a contract with American Express.”

Her statement “I’m sorry, we don’t have a contract with American Express” more than likely was a statement that was provided to her in sales training by Enterprise Rent a Car to overcome objection.

That statement makes an American Express card holder doubt whether or not their American Express card covers rental car insurance.

So I respond to her again, “Well, I’m pretty sure my AMEX covers me” and she responds again, “Sir, I’m trying to tell you we don’t have a contract with American Express and you will have to go through them for that”. She is now reinforcing her original statement and trying to put further doubt in my mind. Then she says, “Sir, may I suggest to you that you purchase insurance, it is only $21.00 for the day and you will be protected”. This statement further suggests that my AMEX will not cover me.

The language she used was possibly engineered by someone whose motivation was to overcome objection in the insurance sales process. Enterprise Rent a Car agents and all other rental car agents hear the same statement in regards to AMEX every day. However in my experience when Hertz agents hear me say “No, I have American Express and they take care of my rental car insurance”, Hertz agents respond with “OK” and nothing more. Hertz has elected to take the high road and not try to scam me into paying for insurance I do not need.

However Enterprise Rent a Car, instead, pads their bottom line with unethical language meant to confuse the public and get them to pay for insurance they clearly do not need.

Shame on you Enterprise Rent a Car.

Robert Siciliano identity theft and personal security expert discussing scammers and thieves on The Big Idea with Donnie Deutsch.

McAfee Reveals the Top Ten Most Dangerous Places to Leave Your Social Security Number

/in /by

Universities/Colleges are the Riskiest

Research conducted by Robert Siciliano, Identity Theft expert, on behalf of McAfee

Cases of identity theft are skyrocketing, and 32% of all ID theft victims had their social security number compromised according to Javelin’s 2010 Identity Fraud Survey Report.  In honor of National Identity Protection week, McAfee set out to reveal the most dangerous places to leave your social security number.

When your Social Security number is used to commit fraud, it feels very personal. It can take hundreds of hours and sometimes thousands of dollars to rectify this violation.

Criminals find these crucial nine digits on discarded files in dumpsters, inside an organizations’ file cabinets, in any of the hundreds of databases maintained by government, corporate, and educational institutions, or even in public records, which are freely accessible on the Internet.

Robert Siciliano, on behalf of McAfee,  analyzed data breaches published by the Identity Theft Resource CenterPrivacy Rights Clearinghouse and the Open Security Foundation that involved Social Security number breaches from January 2009 – October 2010 to reveal the riskiest places to lose your ID.

The top 10 most dangerous places to give out your Social Security number are:

#1 – Universities/Colleges (108)

#2 – Banking/Financial Institutions (96)

#3 – Hospitals (71)

#4 – State Governments (57)

#5 – Local Governments (44)

#6 – Federal Governments (33)

#7 – Medical Businesses (27) (Please note: These are businesses that concentrate on services and products for the medical field such as distributers of diabetes or dialysis supplies, medical billing services, pharmaceutical companies, etc.)

#8 – Non-Profit Organizations (23)

#9 – Technology Companies (22)

#10 (tied) – Medical Insurance and Medical Offices/Clinics (21)


Your Social Security Number is Your National ID

For the past 70 years, the Social Security number has become our de facto national ID. The numbers were first issued in the 1930s to track income for Social Security benefits. But functionality creep, which occurs when an item, process, or procedure ends up serving a purpose that it was never intended to perform, soon took effect.

Here we are, decades later, and the Social Security number has become the key to the kingdom. You’re forced to disclose your Social Security number regularly, and it appears in hundreds or even thousands of files, records, and databases, accessible to an untold number of people.

What’s the danger of it getting into the wrong hands? Anyone who does access your Social Security number can use it to impersonate you in a hospital, bank, or just about anywhere else.

Hackers are Getting the Key to your Credit

Any organization that extends any form of credit is going to need your name, address, date of birth, and Social Security number in order to verify your identity and run a credit check. This means hospitals, insurers, banks, credit card companies, car dealerships and other retailers, and even video rental stores.

Now more than ever, criminal hackers are hacking into databases that contain Social Security numbers and using the numbers to open new financial accounts. Criminals use stolen Social Security numbers to obtain mobile phones, credit cards, and even bank loans. Some victims whose Social Security numbers fell into the hands of identity thieves have even had their mortgages refinanced and their equity stripped.

When should you provide your Social Security number, and when should you refuse?

According to the Social Security Administration, you should:

1. Show your card to your employer when you start a job so your records are correct

2. Provide your Social Security number to your financial institution(s) for tax reporting purposes

3. Keep your card and any other document that shows your Social Security number on it in a safe place

4. DO NOT routinely carry your card or other documents that display your number

But beyond that they have no advice and frankly, no authority.

A federal law, 42 USC Chapter 7, Subchapter IV, Part D, Sec. 666(a)(13), enacted in 1996, determines when the numbers should be used. The law requires Social Security numbers to be recorded for “any applicant for a professional license, driver’s license, occupational license, recreational license or marriage license.” It can be used and recorded by creditors, the Department of Motor Vehicles, whenever a cash transaction exceeds $10,000, and in military matters.

What happens when you refuse to give out your Social Security number?

–  Many people refuse, and quickly discover that this creates a number of hurdles that must be overcome in order to obtain services. A demand may be made that you, the customer, jump through a series of inconvenient hoops.

– Most customers are denied the service altogether, and from what we can tell, this is perfectly legal.

– When faced with either option, most people give up, and hand-over their number.

These organizations often state the Social Security number requirement in their terms of service, which you must sign in order to do business with them. They acquire this data for their own protection, since by making a concerted effort to verify the identities of their customers, they establish a degree of accountability. Otherwise, anyone could pose as anyone else without consequence.

Although I’d rather not, I frequently provide my Social Security number. But I do take steps to protect myself, or at least to reduce my vulnerability.

Tips To Protect Yourself:

1. In honor of National Protect Your Identity Week (October 17-23, 2010)check your credit report this week using a reputable firm such as, Experian, and set reminders every three months to review it again.

2. You can refuse to provide your Social Security number.

3. Invest in an identity protection service. Because there are times you cannot withhold your Social Security number, an identity protection service can monitor your bank information and your personal ID.  McAfee® Identity Protection (CounterIdentityTheft.com) will alert you, help prevent loss of personal information, allows unlimited checks of your credit, credit monitoring, scanning of the internet and identity fraud resolution.

4. Securely dispose of mail. The standard advice is to thoroughly shred preapproved credit card offers and anything that includes any account information. While this is good advice and should be heeded, it’s not going to protect you when your bank or mortgage company or utility provider tosses your information in a dumpster that is subsequently raided by identity thieves.

5. Opt out of junk mail and preapproved credit card offers. This is good advice and can be done at OptOutPrescreen.com. However, even if you opt out of new offers, others will still arrive. It’s inevitable. You also need to get a locking mailbox, but that still won’t fully protect you.

6. Lock down your PC. McAfee Total Protection™ software is the most comprehensive security tool to protect your computers data.

Robert Siciliano is a McAfee Consultant and Identity Theft Expert. See him discussing Social Security Numbers as National IDs on Fox News. (Disclosures)

11 Ways To Prevent Home Invasions

/in , , , , , /by

Strangers and posers: You tell your children not to talk to strangers, so why do you open the door to a total stranger? And never talk to strangers via an open or screen door. Home-invaders pose as delivery people, law enforcement or  public workers.

Distress: If someone is in distress tell him or her you will call the police for them. Don’t open the door for them.

Make a call: Under no circumstances do you open the door unless you get phone numbers to call their superiors. Even if that means making them wait outside while you call 411.

Money, jewels and drugs : One simple reason your house is chosen is someone tipped off the home-invader that you have valuables. You may have done it via social media or your friends or children or baby sitter might have unintentionally bragged. In states where medical marijuana is legal that may be an additional consideration.

Peephole: Install peepholes, talk through the door.

Do not call the police!: If you live in a high crime area where law enforcement takes a while to respond, and if someone is trying to break into your house while you are in it, calling the fire department will sometimes get help to the scene quicker. Do this only if you are desperate. Firefighters are not equipped to handle violence. However squealing sirens can deter a criminal. And call the police!

Get armed: Having a non-lethal weapon in the form of a Taser or a Pepper spray in close proximity to your bed or front door can debilitate your attacker before they gain control. But realize these can be used against you.

Have your mobile handy: Consider a second line or a cell phone in your bedroom. Burglars sometimes cut phone lines and often remove a telephone from the receiver when they enter a home.

Get alarmed: An alarm system activated while you are sleeping will prevent a burglar from getting to far. And keep it on 24/7/365. With a home alarm system on, when someone knocks on the door, a conscious decision has to be made to turn off the alarm. Most people will keep it on.

Locks: Call a qualified locksmith to take a physical security survey to help you determine the most efficient way to lock up. Many products on the market are a false sense of security. A qualified locksmith should be a professional associated with well known manufacturers.

Cameras: Install a 24-hour camera surveillance system. Cameras are a great deterrent.  Have them pointed to every door and access point.

Robert Siciliano personal security expert to Home Security Source discussing Home Invasions on Montel Williams. Disclosures