Vol. 16, #17 - May 2, 2011 - Issue #826

How To Shake Loose More IT Security Budget

  1. Editor's Corner
  2. Admin Toolbox
  3. Webinars & Seminars
  4. Tech Briefing
  5. Windows Server News
  6. Third Party News
  7. WServerNews FAVE Links
  8. WServerNews - Product of the Week
Get The Fast And Easy Antivirus Protection You Deserve

You need an antivirus solution that makes your world simpler and your employees safer. VIPRE Antivirus Business provides exactly that. Fast installation and system performance. Easy management and updates. But don't take our word for it. Try VIPRE today and see for yourself. For a limited time, get VIPRE Business for just $10 per seat:
http://www.wservernews.com/110502-VIPRE-Antivirus-Business


Editor's Corner

How To Shake Loose More IT Security Budget

Here are a few tips to get Executive Management more generous with IT security budget.
  1. First of all, I just did a survey and 86% of business owners do feel security is 'more important' (57%) or 'much more important' (29%) than all other IT initiatives. Remind your execs this is the case, when you tell them that organized cyber crime has gone highly professional.
  2. Second, compare your IT security spending and metrics to others in your industry. If you turn out to spend less money than your peers, that's good ammo. The Center for Internet Security is a place to start researching. Risk tolerance is different for each organization, but there are some similarities within each industry that could prove helpful. Link:
    http://www.wservernews.com/110502-Risk-Tolerance
  3. Third, find out of your company needs to be compliant with any kind of regulation. We are talking PCI, HIPAA, SARBOX, GLBA, FISMA and many others. You might be surprised, so check carefully for this. Quite often organizations you do business with have requirements that their suppliers are also compliant with the same regulations. If so, you have great ammo to twist some arms for more money. After all... "it's required by law".
  4. Fourth, compare your existing endpoint security on the AV industry's insider website to the other solutions out there, this graph shows the real performance of these tools, and many are not up to snuff. Check out CA and McAfee for instance. VIPRE is up there in the top right corner, but isn't a performance hog like most of the others:
    http://www.wservernews.com/110502-VB100
  5. Fifth, last but definitely not least, it is imperative you need to increase the awareness level. Many people in executive management are blissfully unaware about the cyber crime risks, and thus do not want to spend the money. So, find case studies of hacked companies in your industry, point to articles that describe the increased sophistication of the attacks, and tell them that the cost of a successful hack runs in the hundreds of thousands for small biz, and millions for larger ones. Or, you can just give them a copy of my new book! LOL. Read on. :-)


My New Book Is Out: CYBERHEIST

Hi All, I'm very excited to announce my new book: CYBERHEIST. (Keep on reading for the special WServerNews subscriber offer at the end of this item)

Why I wrote it? To increase executive level awareness that the bad guys have moved from simple identity theft to full fledged robbery of corporate bank accounts (non-profits are targets too), using phishing and social engineering.

Most business owners, C-level executives and people in HR functions simply do not know this yet, but cyberheists are happening right now as we speak. Organized cyber crime has developed into a very well funded, sophisticated and technically skilled operation, and their results are very damaging. Unfortunately, management still has a false sense of security. With the rapid proliferation of social media and mobile computing, people are the new perimeter!

The threat is there, and getting worse. Just have a look at this Google map overlaid with cases, and that is only the tip of the iceberg, there are hundreds more unreported cyberheist cases:
http://www.wservernews.com/110502-Cyberheist

So, do you need some ammo to get more budget for your IT security? You need state-of the art endpoint protection, and I strongly recommend VIPRE for that, combined with end-user security awareness training. Please either forward this link to management and tell them to buy a copy. Or better yet, if you really want to make sure they get the message, get a copy yourself and give it to them. It's enlightening, and written for both IT and non-IT people. Everything is explained in normal terms to make sure we don't put anyone to sleep.

Please do me a favor and tell all your friends? Thanks so much in advance! Oh, and check out the reviews written by your peers. (Thanks for your kind words, you know who you are!)

Here is the paperback with the reviews:
http://www.wservernews.com/110502-Amazon-Reviews

This is the Kindle Version:
http://www.wservernews.com/110502-Kindle

BUT...I have saved the best for last! Subscribers of WServerNews are eligible for a free copy of the e-book in PDF format. This is not just one chapter as a teaser. This is the whole darn book! Yes, you have to register, and you will receive CyberheistNews twice a month, but this is a complete no-brainer. GET IT NOW. This offer goes away very soon:
http://www.wservernews.com/110502-Cyberheist-eBook


Help GFI Develop A New (mobile) Product

We're working on an exciting new product for smartphones and would really appreciate your feedback. This is a brand new survey with some very interesting questions. And, US residents will automatically get entered to win a $100 gift certificate to Amazon.com! Click here:
http://www.wservernews.com/110502-Smartphone-Survey


Quotes of the Week

"My theory is that if you look confident you can pull off anything - even if you have no clue what you're doing." -- Jessica Alba. (Sure Jess)

"A fool thinks himself to be wise, but a wise man knows himself to be a fool." - William Shakespeare, born this week in 1564.

"Although a soldier by profession, I have never felt any sort of fondness for war, and I have never advocated it, except as a means of peace." -- Ulysses S. Grant.

Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/110502-Subscribe

PS: Did you know this newsletter has a sister publication for XP users called WXPnews? You can subscribe here, and tell your friends:
http://www.wservernews.com/110502-WXPnews

PPS: And now we have our new Win7News! You can subscribe here, and tell your friends:
http://www.wservernews.com/110502-Win7News

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

My New Book Is Out: CYBERHEIST

Cyberheist was written for the owners and management of Small and Medium Enterprise, which includes non-profits, local and state government. Why? Eastern European organized cybercrime has evolved, and moved beyond simple identity theft. Attacks are rapidly getting more sophisticated. They are now going after your employees. They bypass your antivirus security software and 'social engineer' your employees to click on something. From that point forward they hack into your network and put keyloggers on accounting systems. You can guess the rest. A few days later the organization's bank accounts are empty. Another cyberheist victim. Buy and Read the Book!
http://www.wservernews.com/110502-Cyberheist-Site

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Subscribe to the latest hot e-zine: CyberheistNews: 'Arming you with the facts'. Gets you ammo twice a month to defend your network against cybercrime:
http://www.wservernews.com/110502-CyberheistNews

Frustrated with gullible end-users causing malware infections? Find out who the culprits are in 10 minutes. Do the Free Phishing Security Test on 100 users!:
http://www.wservernews.com/110502-Phishing-Security-Test


Webinars & Seminars

VIPRE Antivirus Business Product Demonstration - 5/3

Join us for a look at VIPRE Antivirus Business, powerful, high-performance endpoint malware protection, which combines antivirus and antispyware into a single agent. Plus take a deep dive into other new features including scalable multi-site tiering and role-based access control:
11:00AM EDT / 8:00AM PDT / 15:00 GMT

Date: Tue, May 3, 2011. This is an Internet based event. Register/More Info:
http://www.wservernews.com/110502-VIPRE-Demo-May-5


VIPRE Antivirus Business Product Demonstration - 5/10

Join us for a look at VIPRE Antivirus Business, powerful, high-performance endpoint malware protection, which combines antivirus and antispyware into a single agent. Plus take a deep dive into other new features including scalable multi-site tiering and role-based access control:
2:00PM EDT / 11:00AM PDT / 18:00 GMT

Date: Tue, May 10, 2011 This is an Internet based event. Register/More Info:
http://www.wservernews.com/110502-VIPRE-Demo-May-10


BriForum 2011: Register Today

The most advanced, technical, hands-on desktop virtualization event is returning to Europe this May and Chicago this July. Independent industry experts, led by Brian Madden, share the latest tips and strategies around desktop virtualization, VDI, application virtualization, and Remote Desktop Services. Register today:
http://www.wservernews.com/110502-BriForum-2011


Tech Briefing

IPv6 in the Enterprise May Happen Unexpectedly Fast

Jeff Doyle over at NetworkWorld sat in the Rocky Mountain IPv6 Summit and came to some very interesting conclusions that you should know about from a sysadmin perspective. Mainly the question that everyone wants to know is "How soon will IPv4 address depletion impact my business?". The article does not immediately answer that question, but still is a heads-up that this may be on our doorstep sooner than we think:
http://www.wservernews.com/110502-IPv6


FBI: $20M in Fraudulent Wire Transfers to China

Brian Krebs just reported: "The Federal Bureau of Investigation warned this week that cyber thieves have stolen approximately $20 million over the past year from small to mid-sized businesses, through a series of fraudulent wire transfers sent to Chinese economic and trade companies located near the country's border with Russia.

The FBI said that between March 2010 and April 2011, it identified twenty incidents in which small to mid-sized organizations had fraudulent wire transfers to China, and that the total losses from the fraud was about $11 million. The alert was sent out Tuesday, in cooperation with the Internet Crime Complaint Center and the Financial Services Information Sharing and Analysis Center (FS-ISAC), an industry consortium. More on his blog:
http://www.wservernews.com/110502-Fraudulent-Wire-Transfers


Feds To Remotely Uninstall Coreflood Bot From Some PCs

Federal authorities will remotely uninstall the Coreflood botnet Trojan from some infected Windows PCs over the next four weeks. Coreflood will be removed from infected computers only when the owners have been identified by the Department of Justice (DOJ) and they have submitted an authorization form to the FBI. The DOJ's plan to uninstall Coreflood is the latest step in a coordinated campaign to cripple the botnet, which controls more than 2 million compromised computers. More at NetworkWorld:
http://www.wservernews.com/110502-Coreflood-bot


13 Cool Features Of Office 365

Microsoft has released the official beta version of Office 365, and InfoWorld has been playing with it for a while now. Here are 13 cool features of the cloud-based service that combines Office, SharePoint, Lync, and Exchange. Read More:
http://www.wservernews.com/110502-Office-365


Phishing Attacks Spiked In Late 2010

Phishing attacks spiked to 67,677 during the last half of 2010, up from 48,244 in the first half of last year, according to the "Global Phishing Survey 2H2010" report published today. The Anti-Phishing Working Group, which issues the bi-annual reports, says the increase is largely due to better information it now has about attacks on Chinese targets. That data was contributed by the China Internet Network Information Center (CNNIC), which operates the .CN domain registry, and is also the secretariat of the Anti-Phishing Alliance of China, with its 140 member institutions, such as Chinese banks, e-commerce sites, and domain registrars. Ellen Messmer at CSO Online has the story:
http://www.wservernews.com/110502-Phishing-Attacks


10 Tips To Turn Android Into A Business Phone

Android has shot up to be a very popular smartphone OS. So, even if your organization doesn't officially support Android, don't be surprised if your company's employees are finding workarounds and shortcuts to make their business data and apps available on their handset of choice. That said, Android's pedigree as a business-class phone is a short one. "BlackBerry and BlackBerry Enterprise Server [BES] are still the gold standard as far as the enterprise is concerned," says Christian Kane, an analyst with Forrester Research. "The early versions of Android didn't have the security features the enterprise requires, but that has changed. Each OS update raises the security bar and adds more features to appeal to the business community." Story and tips at:
http://www.wservernews.com/110502-Android-Business-Phone


Windows Server News

Using Windows Virtual Desktops In A Server Consolidation Project

To improve server consolidation ratios, server administrators often tweak virtual machine (VM) configuration and use advanced features such as Microsoft's Hyper-V Dynamic Memory. But another stone shouldn't go unturned: Windows virtual desktops. Learn more in this expert tip:
http://www.wservernews.com/110502-Virtual-Desktops


Three Tips For Moving Forward With Private Cloud

If you've already mastered the introductory steps to a private cloud implementation, dig a little deeper with these lessons on operating an internal cloud service:
http://www.wservernews.com/110502-Private-Cloud


Virtual Desktop Architect Shares Tips From The Trenches

In this featured article, a VDI architect offers words of wisdom he wished he knew about desktop virtualization, and offers IT pros seven tips to a successful desktop virtualization build-out:
http://www.wservernews.com/110502-VDI-Architech


Common Causes Of Windows Security Vulnerabilities

When it comes to Windows security most organizations are making the same mistakes, but there are ways to avoid these slip-ups. Find out how in this exclusive tip:
http://www.wservernews.com/110502-Windows-Security-Vulnerabilities


Third Party News

My Compliments to GFI / Sunbelt

We received this email:

"Could you please forward my email to your CEO as I am writing this email to compliment all of the Sunbelt / GFI personnel with whom I have had the pleasure of working with in the preceding months. Each and every time I have had any requests or software issues and contacted your company I have always spoken to an "American" and not some help desk person in a foreign country. This is VERY important to me and is what I tell my customers about the company. This is just one part of my compliment.

"The next item is that your technical support group is the very best I have ever encountered. Each time I have called they have been very patient, quickly understand the problem, have gone to lengths to help ME to understand the issue, and they know exactly how to fix it.

"The more I work with your company the more I come to know and understand the product(s). I feel confidence builder in recommending your products to my customers because I know they will do the job. For over 35 years I have sold computerized industrial equipment to manufacturers. Gaining the initial sale is tough, however selling additional products to the same customer is the job of CUSTOMER SERVICE. My customers are long term because I service what I sell hence my company name. I participate in all facets of the product (sales, installation, training and service). I have absolutely NO HESITATION promoting your products to my customer base.

"The more I work with your company the better I like it. Again, PLEASE pass this note along to your CEO as well as to your Technical Support Representatives, Bryon Patrick, Brian Ross with a big THANK YOU from me. I look forward to a long relationship with your company."
-- Sincerely, Barry

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff



WServerNews - Product of the Week

BOOK: CYBERHEIST - This Book Will Shake Loose IT Security Budget

Cyberheist was written for the owners and management of Small and Medium Enterprise, which includes non-profits, local and state government. Why? Eastern European organized cybercrime has evolved, and moved beyond simple identity theft. Attacks are rapidly getting more sophisticated. They are now going after your employees. They bypass your antivirus security software and 'social engineer' your employees to click on something. From that point forward they hack into your network and put keyloggers on accounting systems. You can guess the rest. A few days later the organization's bank accounts are empty. Another cyberheist victim. Buy and Read the Book!
http://www.wservernews.com/110502-Cyberheist-Book