Are you sticking to that new year’s resolution to backup your computer or server data?

 

You were lucky enough to make it through 2011 without a catastrophic failure of a hard drive, data corruption, loss of a notebook computer, etc, but will 2012 be so kind?

If you are like so many people and businesses we work with, you are NOT backing up your data. Maybe it is too much trouble, or too expensive.

Just remember, the most expensive backup is the one you didn’t perform….

Let us help you plan a backup strategy for your company, or even your personal data. Whether it is a single notebook, or a fleet of them, a single server, or 50 virtualized servers, we have a solution for you that will fit in your budget, be easy to maintain and more importantly, easy to recover in the event you do lose data.

We have physical backup systems, such as tape based, removable disk cartridge (RDX), disk based and network based, including full backup servers which can mirror your mission critical data. We also provide multiple cloud based offsite storage solutions which we highly recommend, even if you already have on location, physical backups. Servosity, a local offering and MozyPro.

In addition, we are a Symantec partner and work closely with businesses who rely on Symantec’s Backup Exec and deduplication systems.

Using tape or removable disk storage and need a secure offsite storage provider who will help create a rotation? We can help with that. Our local partner provides a climate and magnetic controlled vault and delivery/pickup services.

End of life for tape or disk media? We partner with another local company, ShredDisk who will dispose of that media in a guaranteed unrecoverable manner.

Call us today at 864.990.4748 or email info@homelandsecureit.com and we will help you with your data situation!

SECURE IT ALERT: Something new for 2012 for Apple Mac OS X users – SECURITY UPDATES! Yippeee!

Secure IT Alert Header

Homeland Secure IT Alert

Secure IT Alert for Thursday, February 2, 2012

If you are running a current version of Apple Mac OS X, 10.6.x or OS X 10.7.x  (Snow Leopard & Lion respectively), then you are vulnerable to exploits that these patches correct.

These security flaws could potentially allow an attacker to execute code on your computer after you visit a malicious web site or download/view affected documents or files, or allow Denial of Service (DoS) or even elevation of privileges.

How do you fix this? Apple has released OS X Security Update 2012-001 and OS X 10.7.3 to fix these security problems – UPDATE ASAP.

The 52 security vulnerabilities affect 27 components that are part of OS X and OS X server.  Some of the affected software includes: Apache, OpenGL, PHP, QuickTime and Time Machine.

A few examples:

Buffer overflow vulnerability in ImageIO – View a malicious image and it could result in a crash of an application, or code to be executed on your computer. The upside is, it would only execute with your privileges.

Buffer overflow vulnerability in CoreAudio – Play a malicious audio file and experience a crash of your system, or execute code with your privileges.

QuickTime vulnerabilities – Six of these babies could mean that if you open a malicious image or video in QT, code could be executed with your privileges.

The full update information can be found at http://support.apple.com/kb/HT5130

Should you require assistance in applying these updates, do not hesitate to call us in the Greenville or Upstate SC area at 864.990.4748 or email info@homelandsecureit.com

Homeland Secure IT Alert Footer

Homeland Secure IT Alert

20

Homeland Secure IT’s #LeapIntoIT Kindle Fire Giveaway will let one of our Upstate, SC friends get a new toy!

#LeapIntoIT Kindle Fire Giveaway

#LeapIntoIT Kindle Fire Giveaway

It’s that time again!  Time for us to have some fun, and help one of our Upstate, SC friends get something cool to play with.

We’ve given away stuff before, like Trend Micro anti-virus, a wireless IP security camera, a Cisco Flip Mino HD video camera, Microsoft Office 2010, and even a Microsoft X-BOX 360, but this is likely the most exciting thing yet, or at least the 2nd most exciting!

We decided that since it is a Leap Year, we will help one person leap into the tablet computer revolution by giving them one of the hottest little tablets out… The Amazon Kindle Fire!  It is far more than just an eBook Reader, it’s a smokin’ hot tablet too!  So hot, it’s on FIRE! =)

Let’s call it the “Leap Into IT” giveaway!  #LeapIntoIT

Who is eligible?

 

Anyone who can walk into the Homeland Secure IT office at 104 Mauldin Rd, STE E in Greenville, SC to retrieve the tablet in person. We will NOT SHIP IT. Also, you must not be prohibited by law from participating in any giveaway, and all that legal mumbo-jumbo. Let’s put an age restriction on it too.  You must not be older than, no wait, you must be at least 18 to participate.

Employees of Homeland Secure IT cannot play this silly game because they would never get any work done.

Past winners of Homeland Secure IT giveaways ARE eligible (Andrea, James, Hal, etc)

How do you get involved in this?

 

There is NO purchase necessary, but there are some things that you will want to do…

  • Pass through our initiation process – This is where you tattoo your forehead with the Homeland Secure IT logo. Okay, this is optional.
  • Sign up to this blog by hitting the SUBSCRIBE BUTTON over in the right-hand column. You can receive the daily blog posts in email first thing in the morning this way. And you can opt out later (after the contest is over) when you get tired of my yammering…
  • Sign up for our SUPER LOW traffic mailing lists HERE … We rarely send anything out, so you won’t be too annoyed. You can unsubscribe from either or both at anytime, AFTER the contest end date.
  • Go to our home page at www.HomelandSecureIT.com and hit the Google +1 button & Facebook “like” while you are there.
  • Go to our Google business places page and leave a review and rating (hopefully a good one)
  • Go to Merchant Circle and leave a review/rating
  • Go to Yelp and leave a review/rating
  • Go to Yahoo! and leave a review/rating
  • LIKE us on facebook HERE …     Follow us on Twitter HERE …
Please note: If leaving reviews or ratings somewhere, please only do so if you actually know something about us, we’ve done business together,  interact with us on social media, or personally know us.

 

Here is a list of ways to connect:  

http://www.homelandsecureit.com/connect.html

If you connect in a different manner and you feel it is important, email me, or tag me in a post so I can see what you have done and count that as well!

In review, it is up to you to determine how much, or how little you wish to get involved. The more ways you connect, the more chances to get this darn Kindle Fire!

How is the selection made?

 

Good question! We lay out a grid, with your each name written in it in the parking lot, and we then shoot a gerbil straight into the air, and in whatever grid the gerbil falls into, that’s our winner.

Okay, (maybe) it isn’t like that at all.  No, in fact it is not.

On February 29th, 2012, I’ll take every name/email address from our mailing lists, all the names of those who have reviewed us on Yelp, Google Places, Yahoo! & Merchant Circle, all the mentions on Facebook, Twitter, Linked-In, all the Likes and Follows on Twitter, Facebook, Linked-In, all the Google Plus +1s, and dump them into a spread sheet. Next I go to www.Random.Org and put the number of lines in my spreadsheet as the max number and generate a random number.

Whoever matches that number in the spreadsheet is contacted.

If they are out of the area and cannot get it in person, another number will be selected and the process repeated until we have a winner!

So, with that said… Let’s do this!   Leap Into IT!!!!

Handy List of Star Codes for Cisco SPA525G2 phones #VoIP #Cisco

Cisco SPA 525G2 with Sidecar

Cisco SPA525G2 with 32 button sidecar

One of the best selling phones for the small and medium business (SMB) market is the Cisco SPA525G2 phone. The entire series of SPA phones are affordable, reliable and well suited to SMB use, but the 525 G2 is the current big daddy with its color display, ability to play MP3s from a memory stick, sync to your cell phone via bluetooth, built-in bluetooth for wireless headset usage and so much more.

On every system we sell that includes the SPA 525, we get a few questions like, ‘How do you answer another extension?”, and of course we answer it, but, with such a long list of these “star codes”, I can’t remember them myself.

Cisco Star Codes for SPA525G2 Phones:

  • Call Return (*69)—Calls the last caller, regardless which extension.
  • Blind Transfer (*98)—Allows the user to transfer a call to another number  without waiting for the other party to pick up.
  • Call Back Act (*66)—Periodically redials the last busy number (every 30  seconds by default) until it rings or until the attempt expires (30 min by default), regardless which extension. Only one call back operation can be ordered at a time. A new order automatically cancels the previous order.
  • Call Back Deact (*86)—Cancels the last call back operation.
  • Call Forward All Act (*72)—Call forwards all inbound calls. Applies to primary extension only.
  • Call Forward All Deact (*73)—Cancels call forward all. Applies to primary extension only.
  • Call Forward Busy Act (*90)—Call forwards on busy. Applies to primary extension only.
  • Call Forward Busy Deact (*91)—Cancels call forward on busy. Applies to primary extension only.
  • Call Forward No Answer Act (*92)—Call forwards if no answer. Applies to primary extension only.
  • Call Forward No Answer Deact (*93)—Cancels call forward no answer. Applies to primary extension only.
  • CW Act (*56)—Enables call waiting. For example, if call waiting is turned off globally, this star code will turn on call waiting until the CW Deact code is entered.
  • CW Deact (*57)—Deactivates call waiting. For example, if call waiting is turned on globally, this star code deactivates call waiting until the CW Act code is entered.
  • CW Per Call Act (*71)—Enables call waiting for a single call. For example, if  call waiting is turned off globally, this star code will turn on call waiting for that call.
  • CW Per Call Deact (*70)—Deactivates call waiting for a single call. For example, if call waiting is turned on globally, this star code deactivates call waiting for that call.
  • Block CID Act (*67)—Blocks caller ID on all outbound calls. Applies to all extensions.
  • Block CID Deact (*68)—Deactivates caller ID blocking on outbound calls. Applies to all extensions.
  • Block CID Per Call (*81)—Blocks caller ID on the next outbound call (on the current call appearance only).
  • Block CID Per Call Deact (*82)—Deactivates caller ID blocking on the next outbound call (on the current call appearance only).
  • Block ANC Act—Blocks anonymous calls. Applies to all extensions.
  • Block ANC Deact—Deactivates anonymous call blocking. Applies to all  extensions.
  • DND Act (*78)—Activates Do Not Disturb. Applies to all extensions.
  • DND Deact (*79)—Deactivates Do Not Disturb. Applies to all extensions.
  • Secure All Call Act (*16)—Defaults to prefer to use encrypted media (voice codecs).
  • Secure No Call Act (*17)—Defaults to prefer to use unencrypted media for all outbound calls. Applies to all extensions.
  • Secure One Call Act (*18)—Prefers to use encrypted media for the outbound call (on this call appearance only).
  • Secure One Call Deact (*19)—Prefers to use unencrypted media for the outbound call (on this call appearance only).
  • Paging (*96)—Pages the number called.
  • Call Park (*38)—Parks a call on an entered line number.
  • Call UnPark Code (*39)—Retrieves a call from an entered line number.
  • Call Pickup (*36)—Picks up a call at an entered extension.
  • Group Call Pickup (*37)—Picks up a ringing call at a group of extensions.
  • Media Loopback Code (*03)—A service provider can set up a test call from an IP media loopback server (the source) to a subscriber’s VoIP device (the mirror). The test call provides statistical reporting on network performance  and audio quality.

Depending on the source’s capabilities, the SP can see packet jitter, loss, and delay (although Media Loopback cannot identify an offending hop). This helps the SP identify an offending hop that could be causing issues in VoIP calls to a subscriber. The test results can also provide audio quality scoring, which lets a SP better understand the subscriber’s experience.

Referral Services Codes—One or more * codes can be configured into this parameter, such as *98, or *97|*98|*123, and so on. The maximum total length is 79 characters.
This parameter applies when the user places the current call on hold (by Hook Flash) and is listening to second dial tone. Each * code (and the following valid target number according to current dial plan) entered on the second dial-tone triggers the Cisco IP phone to perform a blind transfer to a target number that is prepended by the service * code. For example:
a. After the user dials *98, the Cisco IP phone plays a special prompt tone while waiting for the user the enter a target number (which is validated according to the dial plan as in normal dialing).
b. When a complete number is entered, the Cisco IP phone sends a blind REFER  to the holding party with the Refer-To target equals to *98 target_number. This  feature allows the Cisco IP phone to hand off a call to an application server to perform further processing, such as call park. The * codes should not conflict with any of the other vertical service codes internally processed by the Cisco IP phone. You can delete any * code that you do  not want the call server to process.

Feature Dial Services Codes: Tells the Cisco IP phone what to do when the user is  listening to the first or second dial tone.
You can configure one or more * codes into this parameter, such as *72, or *72|*74|*67|*82, and so on. The maximum total length is 79 characters. When the user has a dial tone (first or second dial tone), they can enter a * code (and the  following target number according to current dial plan) to trigger the Cisco IP phone to call the target number prepended by the * code. For example:
a. After the user dials *72, the Cisco IP phone plays a special prompt tone while waiting for the user the enter a target number (which is validated according to the dial plan as in normal dialing).
b. When a complete number is entered, the Cisco IP phone sends an INVITE to *72 target_number as in a normal call. This feature allows the proxy to process features such as call forward (*72) or BLock Caller ID (*67).
You can add a parameter to each * code in Features Dial Services Codes to indicate what tone to play after the * code is entered, such as *72‘c‘|*67‘p‘.

Following is a list of allowed dial tone parameters (note the use of back quotes surrounding the parameter without spaces).

  •  ‘c‘ = Cfwd dial tone
  •  ‘d‘ = Dial tone
  •  ‘m‘ = MWI dial tone
  •  ‘o‘ = Outside dial tone
  •  ‘p‘ = Prompt dial tone
  •  ‘s‘ = Second dial tone
  •  ‘x‘ = No tones are place, x is any digit not used above

If no tone parameter is specified, the Cisco IP phone plays the prompt tone by default.
If the * code is not to be followed by a phone number, such as *73 to cancel call forwarding, do not include it in this parameter. In that case, add that * code in the dial plan.

 

Homeland Secure IT is happy to be a Cisco SMB Select Partner! If we can provide your business VoIP support in the Greenville / Upstate, SC area, please call upon us at 864.990.4748 or email info@homelandsecureit.com

Are you using pcAnywhere? Symantec says to cut that out… #vulnerbilities #hax0rz

If you are using pcAnywhere to remotely access your computer, you probably want to go read the “pcAnywhere Security Recommendations” posted by Symantec.

http://www.symantec.com/connect/sites/default/files/pcAnywhere%20Security%20Recommendations%20WP_01_23_Final.pdf

The danger is that someone so inclined could potentially access your computer through vulnerabilities exposed from old source code, and gain full access to your computer, files and your network.

To sum it up, disabling pcAnywhere is a surefire way to protect yourself and your company.

If you have questions about this or any other security issue in the Greenville or Upstate SC area, please call upon Homeland Secure IT, we can help set your mind at ease.  864.990.4748

The Dockside Band is going to be at Rendezvous on Saturday Jan-28-2012 @DocksideBand #LiveMusic #Greenville

Whatcha doing this Saturday evening? If you say anything other than, “Going out, having a great time”, then you need to consider heading over to Rendezvous on Pelham Rd, near I85 and check out The Dockside Band!

In addition to performing all your favorites, we’re going to be premiering two new songs, “Carolina Girl” and “Standing in the Dark” which will be on our forthcoming album, due out June 8, 2012.

If you would, please visit our facebook page at http://facebook.com/DocksideBand and “like” us!!!!!!

US-CERT Technical Cyber Security Alert TA12-024A warns of Anonymous DDoS attacks

Anonymous has made the news lately with their attacks on many sites, with the most prominent being government sites. US-CERT released this info yesterday:

 

National Cyber Alert System

Technical Cyber Security Alert TA12-024A

“Anonymous” DDoS Activity

Original release date: January 24, 2012

Last revised: —

Source: US-CERT

Overview

US-CERT has received information from multiple sources about

coordinated distributed denial-of-service (DDoS) attacks with

targets that included U.S. government agency and entertainment

industry websites. The loosely affiliated collective “Anonymous”

allegedly promoted the attacks in response to the shutdown of the

file hosting site MegaUpload and in protest of proposed U.S.

legislation concerning online trafficking in copyrighted

intellectual property and counterfeit goods (Stop Online Piracy

Act, or SOPA, and Preventing Real Online Threats to Economic

Creativity and Theft of Intellectual Property Act, or PIPA).

 

 

I. Description

 

US-CERT has evidence of two types of DDoS attacks: One using HTTP

GET requests and another using a simple UDP flood.

 

The Low Orbit Ion Cannon (LOIC) is a denial-of-service attack tool

associated with previous Anonymous activity. US-CERT has reviewed

at least two implementations of LOIC. One variant is written in

JavaScript and is designed to be used from a web browser. An

attacker can access this variant of LOIC on a website and select

targets, specify an optional message, throttle attack traffic, and

monitor attack progress. A binary variant of LOIC includes the

ability to join a botnet to allow nodes to be controlled via IRC or

RSS command channels (the “HiveMind” feature).

 

The following is a sample of LOIC traffic recorded in a web server

log:

 

“GET /?id=1327014400570&msg=We%20Are%20Legion! HTTP/1.1” 200

99406 “hxxp://pastehtml.com/view/blafp1ly1.html” “Mozilla/5.0

(Windows NT 6.1; WOW64; rv:9.0.1) Gecko/20100101 Firefox/9.0.1”

 

The following sites have been identified in HTTP referrer headers

of suspected LOIC traffic. This list may not be complete. Please do

not visit any of the links as they may still host functioning LOIC

or other malicious code.

 

“hxxp://3g.bamatea.com/loic.html”

“hxxp://anonymouse.org/cgi-bin/anon-www.cgi/”

“hxxp://chatimpacto.org/Loic/”

“hxxp://cybercrime.hostzi.com/Ym90bmV0/loic/”

“hxxp://event.seeho.co.kr/loic.html”

“hxxp://pastehtml.com/view/bl3weewxq.html”

“hxxp://pastehtml.com/view/bl7qhhp5c.html”

“hxxp://pastehtml.com/view/blafp1ly1.html”

“hxxp://pastehtml.com/view/blakyjwbi.html”

“hxxp://pastehtml.com/view/blal5t64j.html”

“hxxp://pastehtml.com/view/blaoyp0qs.html”

“hxxp://www.lcnongjipeijian.com/loic.html”

“hxxp://www.rotterproxy.info/browse.php/704521df/ccc21Oi8/

vY3liZXJ/jcmltZS5/ob3N0emk/uY29tL1l/tOTBibVY/wL2xvaWM/v/b5/

fnorefer”

“hxxp://www.tandycollection.co.kr/loic.html”

“hxxp://www.zgon.cn/loic.html”

“hxxp://zgon.cn/loic.html”

“hxxp://www.turbytoy.com.ar/admin/archivos/hive.html”

 

The following are the A records for the referrer sites as of

January, 20, 2012:

 

3g[.]bamatea[.]com                A    218[.]5[.]113[.]218

cybercrime[.]hostzi[.]com         A    31[.]170[.]161[.]36

event[.]seeho[.]co[.]kr           A    210[.]207[.]87[.]195

chatimpacto[.]org                 A    66[.]96[.]160[.]151

anonymouse[.]org                  A    193[.]200[.]150[.]125

pastehtml[.]com                   A    88[.]90[.]29[.]58

lcnongjipeijian[.]com             A    49[.]247[.]252[.]105

www[.]rotterproxy[.]info          A    208[.]94[.]245[.]131

www[.]tandycollection[.]co[.]kr   A    121[.]254[.]168[.]87

www[.]zgon[.]cn                   A    59[.]54[.]54[.]204

www[.]turbytoy[.]com[.]ar         A    190[.]228[.]29[.]84

 

The HTTP requests contained an “id” value based on UNIX time and

user-defined “msg” value, for example:

 

GET /?id=1327014189930&msg=%C2%A1%C2%A1NO%20NOS%20GUSTA%20LA%20

 

Other “msg” examples:

 

msg=%C2%A1%C2%A1NO%20NOS%20GUSTA%20LA%20

msg=:)

msg=:D

msg=Somos%20Legion!!!

msg=Somos%20legi%C3%B3n!

msg=Stop%20S.O.P.A%20:)%20%E2%99%AB%E2%99%AB HTTP/1.1″ 200 99406

http://pastehtml.com/view/bl7qhhp5c.html

msg=We%20Are%20Legion!

msg=gh

msg=open%20megaupload

msg=que%20sepan%20los%20nacidos%20y%20los%20que%20van%20a%20nacer

%20que%20nacimos%20para%20vencer%20y%20no%20para%20ser%20vencidos

msg=stop%20SOPA!!

msg=We%20are%20Anonymous.%20We%20are%20Legion.%20We%20do%20not%20

forgive.%20We%20do%20not%20forget.%20Expect%20us!

 

The “msg” field can be arbitrarily set by the attacker.

 

As of January 20, 20012, US-CERT has observed another attack that

consists of UDP packets on ports 25 and 80. The packets contained a

message followed by variable amounts of padding, for example:

 

66:6c:6f:6f:64:00:00:00:00:00:00:00:00:00 | flood………

 

Target selection, timing, and other attack activity is often

coordinated through social media sites or online forums.

 

US-CERT is continuing research efforts and will provide additional

data as it becomes available.

 

 

II. Solution

 

There are a number of mitigation strategies available for dealing

with DDoS attacks, depending on the type of attack as well as the

target network infrastructure. In general, the best practice

defense for mitigating DDoS attacks involves advanced preparation.

 

* Develop a checklist or Standard Operating Procedure (SOP) to

follow in the event of a DDoS attack. One critical point in a

checklist or SOP is to have contact information for your ISP and

hosting providers. Identify who should be contacted during a

DDoS, what processes should be followed, what information is

needed, and what actions will be taken during the attack with

each entity.

* The ISP or hosting provider may provide DDoS mitigation services.

Ensure your staff is aware of the provisions of your service

level agreement (SLA).

* Maintain contact information for firewall teams, IDS teams,

network teams and ensure that it is current and readily available.

* Identify critical services that must be maintained during an

attack as well as their priority. Services should be prioritized

beforehand to identify what resources can be turned off or

blocked as needed to limit the effects of the attack. Also,

ensure that critical systems have sufficient capacity to

withstand a DDoS attack.

* Have current network diagrams, IT infrastructure details, and

asset inventories. This will assist in determining actions and

priorities as the attack progresses.

* Understand your current environment and have a baseline of daily

network traffic volume, type, and performance. This will allow

staff to better identify the type of attack, the point of attack,

and the attack vector used. Also, identify any existing

bottlenecks and remediation actions if required.

* Harden the configuration settings of your network, operating

systems, and applications by disabling services and applications

not required for a system to perform its intended function.

* Implement a bogon block list at the network boundary.

* Employ service screening on edge routers wherever possible in

order to decrease the load on stateful security devices such as

firewalls.

* Separate or compartmentalize critical services:

 

* Separate public and private services

* Separate intranet, extranet, and internet services

* Create single purpose servers for each service such as HTTP,

FTP, and DNS

* Review the US-CERT Cyber Security Tip Understanding

Denial-of-Service Attacks.

 

 

III. References

 

* Cyber Security Tip ST04-015 –

<http://www.us-cert.gov/cas/tips/ST04-015.html>

 

* Anonymous&apos;s response to the seizure of MegaUpload according to

CNN –

<http://money.cnn.com/2012/01/19/technology/megaupload_shutdown/index.htm>

 

* The Internet Strikes Back #OpMegaupload –

<http://anonops.blogspot.com/2012/01/internet-strikes-back-opmegaupload.html>

 

* Twitter Post from the author of the JavaScript based LOIC code –

<http://www.twitter.com/#!/mendes_rs>

 

* Anonymous Operations tweets on Twitter –

<http://twitter.com/#!/anonops>

 

* @Megaupload Tweets on Twitter –

<http://twitter.com/#!/search?q=%2523Megaupload>

 

* LOIC DDoS Analysis and Detection –

<http://blog.spiderlabs.com/2011/01/loic-ddos-analysis-and-detection.html>

 

* Impact of Operation Payback according to CNN –

<http://money.cnn.com/2010/12/08/news/companies/mastercard_wiki/index.htm>

 

* OperationPayback messages on YouTube –

<http://www.youtube.com/results?search_query=operationpayback>

 

* The Bogon Reference – Team Cymru –

<http://www.team-cymru.org/Services/Bogons/>

 

____________________________________________________________________

 

The most recent version of this document can be found at:

 

<http://www.us-cert.gov/cas/techalerts/TA12-024A.html>

____________________________________________________________________

 

Feedback can be directed to US-CERT Technical Staff. Please send

email to <cert@cert.org> with “TA12-024A Feedback INFO#919868” in

the subject.

____________________________________________________________________

 

For instructions on subscribing to or unsubscribing from this

mailing list, visit <http://www.us-cert.gov/cas/signup.html>.

____________________________________________________________________

 

Produced 2012 by US-CERT, a government organization.

 

Terms of use:

 

<http://www.us-cert.gov/legal.html>

____________________________________________________________________

 

Revision History

 

January 24, 2012: Initial release

 

If you require assistance with DDoS or any other security need for your Greenville or Upstate SC business, please call upon us at 864.990.4748 or email info@homelandsecureit.com

Could a judge order you to hand over the keys to your encrypted computer hard drive or flash drive?

COULD a judge order you to hand over the keys to your encrypted computer hard drive or flash drive?

Turns out the answer to this is a definitive “YES”.  And you can bet there is a major outcry by civil rights and privacy groups because a judge has ordered a person to provide an unencrypted hard drive as part of an investigation. The story is over on Wired.com and is titled “Judge orders defendant to decrypt laptop“.

What do you think? Is being forced to hand over your data a violation of your Fifth Amendment rights? What if it were a judge ordering a suspected terrorist to do the same?

Suddenly people cannot get to the internet at my business

So you have been cruising along at your business for years and all has been great, but now, out of the blue, people on your network are having trouble viewing websites.

You found that if you reboot that firewall (pull the plug on the thing since there is no power supply) that YOU get back online right away, but then later that day, someone else on the network is now having trouble accessing websites so you reboot the firewall and all is well, for a while.

What could it be? It MUST be the firewall going bad since that fixes it.

Before jumping to that conclusion and just replacing the device, think back. Has your company grown? Maybe you have added a few new employees, or, maybe you have added tablets or other connected devices.

What could be happening here is that you have added one too many devices to your network and exceeded the number of seats that your firewall appliance supports. When you originally purchased that device, a technician counted the number of computers, servers and connected devices and said “You need a 25 user firewall and it will cost $xxx.xx”, to which you agreed and promptly forgot about.

Now, flash forward to today and your 12 users and a server have grown to 15 users, two servers and many people have iPads or Android tablets or phones, taking you past the 25 user limit.  The last person to connect once you go over the limit will generally be denied access to websites by the firewall, as a warning that you have exceeded the license terms, and it probably won’t “reset” just by turning that computer off, you will have to reboot the firewall to free unused seats up.

So what are you going to do about it? I guess you could tell the employees to stop connecting their personal phones to your network, or you could replace the firewall with a cheap router that has no limitations.

Both will work, but are bad ideas.

The real solution is to correct the licensing issue. Determine how many connected devices you have within your network, and estimate how many you will need for the next year, then talk to a vendor who can provide the proper licenses and apply those for you. Don’t forget to include VoIP and security systems, even copiers and connected printers, as they may require a seat too.

If you are experiencing rapid growth, consider upgrading to an unlimited license.

Just a note – If you have an old device, say 4-5 years old, now may be the time to consider upgrading the entire device to the latest technology at the same time you correct the user limitation!

Should you require help with this, Homeland Secure IT offers sales and support of most major brands of firewalls. We partner with Cisco, WatchGuard, SonicWALL, TrendNet, D-Link, NetGear and more! Call us for more information in the Greenville / Upstate SC area – 864.990.4748 or email info@homelandsecureit.com