MY PROFILE | PRIVACY 
Vol. 16, #31 - August 8, 2011 - Issue #840

Career Advice? One Word. Are You Listening? Cybersecurity

  1. Editor's Corner    
    • Career Advice? One Word. Are You Listening? Cybersecurity.
    • Create A Security Culture
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without:
  3. Webinars & Seminars
    • VIPRE Antivirus Business Product Demonstration
    • Free Desktop Virtualization Seminar
  4. Tech Briefing
    • 10 Ways to Give Your System Administrators a Break
    • Windows XP Finally Falls Below 50 Percent 
    • iPad Users Opening The Enterprise To Risk Via Email
    • Spike In Mobile Malware Doubles Android Chances Of Infection
  5. Windows Server News
    • Are You Properly Protecting Your Windows Servers Against Malware?
    • Tools For Managing The Data Center Components Behind VDI
    • Enterprise Cloud By Definition Demands A Custom Fit
    • Finding The Value In Server Application Virtualization
  6. Third Party News
    • VIPRE Server Release Announcement
    • From The GFI NTSysadmin List
  7. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  8. WServerNews - Product of the Week
    • myPassword - Securing your business, one password at a time   

myPassword – Securing your business, one password at a time

Does your self-service password reset solution include methods for detecting, deterring and blocking potential malicious activity?  myPassword’s smart user authentication system includes inactivity timeouts, progressive challenge/response protocols and customizable authentication failure policies.  If a potential intrusion is detected, myPassword blocks the IP address or account and sends alerts via email. If you’re looking for essential reports such as password expirations, recently modified passwords and more, check out joBot, the perfect companion to myPassword. Get more info here.

 

Editor's Corner

Career Advice? One Word. Are You Listening? Cybersecurity

The CSO (Chief Security Officer) magazine website has an article that I could not agree with more. "Advice on what a young person should choose for a future is as old as civilization. In the United States the classic satirical take on such advice was in the 1967 movie "The Graduate", when Dustin Hoffman playing an overwhelmed teenager, is nabbed at his high school graduation party by a well-meaning adult.

"I just want to say one word to you," the adult says. "One word. Are you listening?" After pausing for dramatic effect he blurts out the secret to the kid’s future: "Plastics!" The advice might not have been completely off the mark, as plenty of plastic came out of the 1960s, 1970s, and beyond. But, on a more serious note, the one-word advice I’d give to someone starting out today—or to someone re-starting their career today—would be: "Cybersecurity!"

There is a severe shortage of cybersecurity professionals as per a report of the Center for Strategic and International Studies (CSIS): http://www.wservernews.com/go/1312535332656. CSIS sees the demand as being perhaps 30 times greater than supply. Wow. I have started studying for my CISSP, it's a very comprehensive curriculum and I'm learning quite a bit despite my 30+ years in the IT business. Here is the original article: http://www.wservernews.com/go/1312535346203

And of course the brand new news that dozens of sites have been hacked for 5+ years, and petabytes of information been siphoned out only makes the point even more clear. This week, McAfee released a paper in which they reveal what probably is the most massive computer intrusion known, perpetrated likely by China, that dates back to mid-2006 or earlier. This advanced persistent threat, or APT, resulted in the pilfering of government and military secrets and corporate intellectual property: http://www.wservernews.com/go/1312535365343

Create A Security Culture

Your company’s name and brand can take years to build and only minutes to destroy. You do not want your company name on the front page as the next one that lost a database with confidential information. Regardless of your company’s size, data security is critical. Your organization needs Policy and Procedure IN PLACE to help you reduce the risk of security breaches.

If you experience a security breach, 20 percent of your affected customer base will no longer do business with you, 40 percent will consider ending the relationship, and 5 percent will be hiring lawyers. When it comes to cleaning up this mess, companies on average spend 1,600 work hours per incident at a cost of $40,000 to $92,000 per victim." Source: CIO Mag, The Coming Pandemic, Michael Freidenberg, May 15th, 2006.

The FTC Assistant Director stated: "We will act against businesses that fail to protect their customer data. Periodic training emphasizes the importance you place on meaningful data security practices. A well-trained workforce is the best defense against identity theft and data breaches. Create a 'culture of security' by implementing a regular schedule of employee training and if employees don’t attend, consider blocking their access to the network."

I might add that you simply could opt for a rule that puts any employee in non-compliance of training requirements on unpaid leave until they have done their training. That should get the message across! To illustrate the need for this, here is a slide show that puts some hard numbers to the headline. Corporate cybercrime costs skyrocket: http://www.wservernews.com/go/1312535465359

McAfee users: Click here http://www.wservernews.com/go/1312806462246 for a short survey and a chance to win a $100 Amazon.com gift certificate.

Security Quotes of the Week

"Distrust and caution are the parents of security." -- Benjamin Franklin

"I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We've created life in our own image." -- Stephen Hawking

"Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." -- Gene Spafford

"Amateurs hack systems, professionals hack people." -- Bruce Schneier

Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/go/1307096257843

Stu Sjouwerman
email me: [email protected]

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Simplify your life with mPowerTools – new GPO reporting tools - 100+ reports - tackle AD chores in bulk -– no scripting AND NO third party databases!
http://www.wservernews.com/go/1312806174667

The Windows Sysinternals Administrator's Reference is the official book on the Sysinternals tools, written by Sysinternals cofounder Mark Russinovich:
http://www.wservernews.com/go/1312535603171

Subscribe to the latest hot e-zine: CyberheistNews: 'Arming you with the facts'. Gets you ammo twice a month to defend your network against cybercrime:
http://www.wservernews.com/go/1312535631921

Frustrated with gullible end-users causing malware infections? Find out who the culprits are in 10 minutes. Do the Free Phishing Security Test on your users!:
http://www.wservernews.com/go/1312535641562

Webinars & Seminars

VIPRE Antivirus Business Product Demonstration

Looking for a security solution that doesn't slow you down? VIPRE Antivirus Business combines antivirus and anti-spyware technologies into one powerful security solution for total protection with low resource usage. New VIPRE features include scalable multisite tiering and role-based access control. Join us as we demonstrate the many features of VIPRE Antivirus Business -- Register today!

Date: Tue, Aug 9, 2011 - 2:00 PM ET
http://www.wservernews.com/go/1312535757765

Free Desktop Virtualization Seminar

Coming to 12 cities throughout the remainder of the year, independent expert and desktop virtualization guru Brian Madden will update you on where the desktop virtualization market is in 2011, focusing on what’s real and what’s not. Spend just a few hours out of the office to take advantage of a live Q&A, peer networking opportunities and tons of valuable information.

Register today!
http://www.wservernews.com/go/1312535781703 

Tech Briefing

10 Ways to Give Your System Administrators a Break

This is a fun slide show over at eWEEK: "System administrators have a difficult job. They have to keep track of what users are doing, what applications are running and what information is leaving and coming into the corporate network:
http://www.wservernews.com/go/1312535832453

Windows XP Finally Falls Below 50 Percent

July 2011 may well go down in the history books as the month Windows XP finally started to succumb to the inevitable. Also worth noting: Windows usage in general continues to fall. Read More:
http://www.wservernews.com/go/1312535876375

iPad Users Opening The Enterprise To Risk Via Email

"Apple gets serious about iPad security, but is it enough? As enterprise adoption rates for the iPad skyrocket, Apple has been forced to adjust its security thinking to placate its new business customers. Story at InfoWorld: http://www.wservernews.com/go/1312535931593

Spike In Mobile Malware Doubles Android Chances Of Infection

Computerworld reported this week that "an explosion in mobile malware during the last six months has more than doubled the chance that a user's Android smartphone will become infected, a security researcher said today.

"According to Lookout Security, which develops anti-malware software for Android but not for Apple's iPhone, the likelihood of an Android owner encountering malware has jumped by two-and-a-half times since January.

By June, between 1% and 5% of Android users -- the number varies by country -- had been infected by mobile malware, said Kevin Mahaffey, co-founder and CTO of San Francisco-based Lookout.

Mahaffey blamed a dramatic spike in malware targeting Android for improving hackers' odds. "In January, we saw only 80 unique pieces of Android malware, but by the end of June we tracked over 400," said Mahaffey.

Time to get and test the beta of VIPRE MOBILE. I am running it and I like it a lot. There is no noticeable performance degradation on my HTC sprint phone with VIPRE running:
http://www.wservernews.com/go/1312535999390

Windows Server News

Are You Properly Protecting Your Windows Servers Against Malware?

How are you protecting your Windows servers against malware? Whether we're talking about Active Directory domain controllers, Exchange or SQL Server-based systems, file servers or even systems serving up basic VPN access or terminal services, what you’re doing may be inadequate at best. Here is a guide to help you build a malware protection plan before it's too late:
http://www.wservernews.com/go/1312536056296

Tools For Managing The Data Center Components Behind VDI

VDI incorporates many different parts of the data center, but the management consoles provided with VDI software don't give IT pros a way to see or manage the cogs behind the wheel -- the servers, storage and the network. Here are some VDI monitoring tools available that give granular views into issues with back-end components: http://www.wservernews.com/go/1312536104218

Enterprise Cloud By Definition Demands A Custom Fit

When it comes to cloud computing, enterprises need individual, complex solutions. Cloud-in-a-box or everything-on AWS attitudes simply won't work. Learn more in this exclusive article:
http://www.wservernews.com/go/1312536152093

Finding The Value In Server Application Virtualization

With the potential to ease application installation and mobility, products that can abstract applications from server operating systems have emerged in the server virtualization market. But right now, "potential" is the operative word. Check out this featured article for more insight:
http://www.wservernews.com/go/1312536194765

Third Party News

VIPRE Server Release Announcement

Date: July 28, 2011.
Products affected: VIPRE Enterprise, VIPRE Enterprise Premium, CounterSpy Enterprise Software version: 4.0.4551

GFI is very pleased to announce the release of VIPRE Enterprise, VIPRE Enterprise Premium, and CounterSpy Enterprise server/management console version 4.0.4551. This release resolves problems in management console versions 4.0.4545 and 4.0.4547 related to email notifications and an unhandled exception error that could occur.

Enhancements and Bug Fixes:

  • A bug was fixed that previously resulted in email alerts not being generated for deep scans.
  • A bug was fixed that previously resulted in email alerts not being generated for quick scans.
  • A bug was fixed that previously resulted in email alerts not being generated for custom (manual) scans.
  • A bug was fixed that could cause the management console to generate an unhandled exception error.

How to Obtain this Update:

This update can be obtained via either of the following:

IMPORTANT NOTE: If you are upgrading from server/console version 4.0.4360 or prior, please be advised that you will also receive agent software version 4.0.4205. To learn more, please see the July 19, 2011 release announcement via http://www.wservernews.com/go/1312536362640

From The GFI NTSysadmin List

Hi list,

I'm pleased to have something new to share that I think a lot of you will find useful; having been frustrated by the slow speed of EventCombMT and the ponderous behavior of the Event Log MMC snap-in when trying to do everyday things like diagnose account lockouts and AD object changes, I knew there had to be a better way... If you're on a Server 2008+ [*] environment and don't mind breaking out a command shell window, here is that better way:
http://www.wservernews.com/go/1312536450765

As a sample use case, the command "ZeShell -e delete,after=20-july-2011" will scan all of your domain's read-write domain controllers, in parallel, for AD object deletions since July 20. Or you can give it a list of event IDs in the familiar "1,2,3,5-10" format. Just type "ZeShell -?" for details.

You'll need to be in the "Event Log Readers" group (or have Admin or DA access) for each machine you want to query. Please try it out, kick the tires, let me know what you think! I promise you will find this to be *much* faster than the built-in log viewer. We're absolutely open to ideas and suggestions too. Thanks, Steve

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

WServerNews - Product of the Week

myPassword – Securing your business, one password at a time

Does your self-service password reset solution include methods for detecting, deterring and blocking potential malicious activity?  myPassword’s smart user authentication system includes inactivity timeouts, progressive challenge/response protocols and customizable authentication failure policies.  If a potential intrusion is detected, myPassword blocks the IP address or account and sends alerts via email. If you’re looking for essential reports such as password expirations, recently modified passwords and more, check out joBot, the perfect companion to myPassword. Get more info here.