Sensitive data on your computers? Get it encrypted… NOW!

Security PadlockThe Spartanburg Regional Healthcare System notebook that was stolen from an employee’s car this year has caused concern for many individuals who’s records were contained on that device. (Story Here)

What can you do to protect your data from prying eyes in the event your notebook or even a desktop computer is stolen?  Easy, you can utilize disk or file encryption…  In many cases, it is available to you absolutely free of charge.

One form of encryption that you may already have, if you are using Windows Vista or 7 Ultimate or Enterprise (or Server 2008 or Server 2008 R2) is to use BitLocker drive encryption. This is built into those operating system versions and gives you the choice of three different authentication mechanisms, including a mode that requires a USB key to be in place before the data can be accessed.

Some people have opted for TrueCrypt, an open source encryption package that works with Microsoft Windows 7, Windows Vista and Windows XP, as well as Mac OS X and Linux.  It has the capability to create a virtual encrypted disk that resides inside a file on the hard drive, which it mounts as a normal system disk, or to encrypt an entire partition or hard drive, including the Windows boot partition.

There are countless methods to protect your data, from the two listed above, to a plethora of commercial products in software and even hardware form. Some would argue that a “free” tool such as TrueCrypt could not be as robust as XYZ commercial offering, and while that argument has some validity, one thing is for certain; A system protected with *any* type of encryption is 100% more secure than an unprotected system.

Should you wish to talk to someone about options available to you or your business, please call us and arrange for a free, no obligation consultation here in the Greenville / Upstate, SC area.  864.990.4748 or info@homelandsecureit.com

Happy birthday to our son, Brett! #sweet16

I just wanted to give everyone fair warning… If you will be driving in the Easley/Greenville, SC area, please keep your eyes open for a bright yellow Jeep Wrangler….

Our son, Brett, turned 16 today and as so many do, took his driving test and somehow managed to pass it. He said they told him he had a perfect score, which kind of worries me. Maybe they were so afraid they just passed him so they would never have to ride with him again…

If you see the yellow Wrangler in your path, it is advised to get off the road immediately and seek shelter.

I will attempt to post a schedule of where he will be, so you can plan accordingly.

Seriously though – Happy Birthday Brett…   😎

 

IP Surveillance System Adoption Destined to Overcome Standard / Analog CCTV in 2012

D-Link Sales SpecialistAcording to the IMS, by 2012 more network cameras will be sold in the Americas than analog cameras… And the growth rate continues to climb dramatically after that….

This should come as no surprise to anyone who is familiar with the two technologies.

IP Surveillance Systems offer a multitude of advantages over analog, including return on investment, ease of deployment, enhanced feature set and an owner experience and satisfaction.

Homeland Secure IT is happy to be a partner with D-Link, a world leader in IP Surveillance. Though we offer many others brands, a growing number of businesses and organizations are turning to D-Link’s products. If you would like more information about what IP Surveillance can do to give you peace of mind and security, call us at 864.990.4748 or email info@homelandsecureit.com

We are always happy to give a demonstration in the Greenville / Upstate area, at your office or ours. We can even meet for coffee and demonstrate the remote viewing and management capabilities using an Android, iPad or notebook computer.

Stop wondering what is happening at your business when you are away. Be notified of movement in sensitive areas on your smartphone.

Put an end to the unasked or unanswered questions about personnel attendance or actions.

Watch that blind spot in your store where product has vanished in the past.

Who’s using all the office supplies? You’ll know.

Watch the parking lot, know what is going on outside your walls.

All that and more is possible!

 

Secure IT Alert: Windows Critical Updates Address Wireless Bluetooth Attack & More

Secure IT Alert Header

Homeland Secure IT Alert

Homeland Secure IT Alert for Tuesday, July 12, 2011

If you are running any current version of Windows, then Microsoft has something you want, and need.

Today’s “Patch Tuesday” brings a correction to a Bluetooth vulnerability that would permit an attacker to gain complete control over your machine.

Here’s the rundown from the Watchguard Security Center:

Severity: High

12 July, 2011

Summary:

  • These vulnerabilities affect: All current versions of Windows and components that ship with it
  • How an attacker exploits them: Multiple vectors of attack, including sending specially crafted wireless Bluetooth traffic
  • Impact: An attacker can gain complete control of your Windows computer
  • What to do: Install the appropriate Microsoft patches immediately, or let Windows Automatic Update do it for you.

Exposure:

Today, Microsoft released three security bulletins describing 21 vulnerabilities that affect Windows and components that ship with it. Each vulnerability affects different versions of Windows to varying degrees. However, a remote attacker could wirelessly exploit the worst of these flaws to gain complete control of your Windows PC. The summary below lists the vulnerabilities, in order from highest to lowest severity (according to Microsoft’s summary).

  • MS11-053: Bluetooth Stack Code Execution Vulnerability

Bluetooth is an open wireless technology and standard for transmiting data over short distances.  The Bluetooth stack that ships with more recent versions of Windows suffers from a code execution vulnerability involving how it accesses memory that hasn’t been deleted or initialized. By wirelessly sending a series of specially crafted Bluetooth packets, an attacker could leverage this flaw to gain complete control of your vulnerable computers. However, an attacker would need to remain in Bluetooth range to carry out this attack. The average range of Bluetooth varies from 5 to 100 meters. However, using special gear, Bluetooth “Snipers” have extended the range up to a Kilometer. This flaw only affects Windows Vista and 7. 
Microsoft rating: Critical

  • MS11-054  15 Kernel-Mode Driver Elevation of Privilege Flaws

The kernel is the core component of any computer operating system. Windows also ships with a kernel-mode device driver (win32k.sys) which handles many kernel-level devices. This kernel-mode driver suffers from 15 elevation of privilege (EoP) vulnerabilities. The flaws all differ technically, but generally share the same scope and impact. By running a specially crafted program, a local attacker could leverage these flaws to gain complete control of your Windows computers. However, the attacker would first need to gain local access to your Windows computers using valid credentials. This factor significantly reduces the risk of this flaw.
Microsoft rating: Important

  • MS11-056: CSRSS Local Elevation of Privilege Vulnerability

The Client/Server Run-time SubSystem (CSRSS) is an essential Windows component responsible for console windows and creating and deleting threads. It suffers from five technically different, but functionally similar, Elevation of Privilege (EoP) vulnerabilities. Like the Kernel-Mode Driver flaw above, by running a specially crafted program, an authenticated attacker could leverage these flaws to gain complete, SYSTEM-level  control of your Windows computers. However, like before, the attacker would first need to gain local access to your Windows computers using valid credentials, which somewhat reduces the risk of these flaws.

  • Microsoft rating: Important

Solution Path:

Microsoft has released patches for Windows which correct all of these vulnerabilities. You should download, test, and deploy the appropriate patches throughout your network immediately. If you choose, you can also let Windows Update automatically download and install these for you.

MS11-053:

* Note: Windows Vista SP1 is only affected if you install the optional Feature Pack for Wireless

MS11-054:

MS11-056:

For All WatchGuard Users:

Attackers exploit these flaws either locally, or via Bluetooth Wireless transmitions. WatchGuard’s wired and 802.11 wireless appliances do not protect these vectors. Therefore, installing Microsoft’s updates is your most secure course of action.

Status:

Microsoft has released patches correcting these issues.

References:

This alert was researched and written by Corey Nachreiner, CISSP.

 

Normally, Watchguard would have a way to protect at the firewall, but unfortunately in this situation, this is all computer level….  We suggestion apply these patches ASAP, or optionally, disable Bluetooth until it is resolved.

There is also a MS Visio issue that is resolved today which could result in opening a malicious Visio 2003 document and having code executed, or complete control of your machine given to a remote user!

If you require assistance with these or any other patches in the Greenville or Upstate, SC area, please call 864.990.4748 or email info@homelandsecureit.com

 

Homeland Secure IT Alert Footer

Homeland Secure IT Alert

Have you received a letter or email from the RIAA? Unsecured access points could cause this…

A friend of our was near tears recently when they received the following email:

From: abuse@charter.net <abuse@charter.net>
Subject: [xxxxxxxx xxxxxxx] Notice of Copyright Infringement
To: user@someaddy.com
Date: Saturday, July 22, 2011, 5:51 PM
Dear Charter Internet Subscriber:

Charter Communications (“Charter”) has been notified by a copyright owner, or its authorized agent, that your Internet account may have been involved in the exchange of unauthorized copies of copyrighted material (e.g., music, movies, or software).  We are enclosing a copy of the Digital Millennium Copyright Act (DMCA) notice that Charter received from the copyright holder which includes the specific allegation.

Under the DMCA, copyright owners have the right to notify Charter’s register agent if they believe that a Charter customer has infringed on their work(s).  When Charter receives a complaint notice from a copyright owner, Charter will notify the identifiable customer of the alleged infringement by providing them a copy of the submitted DMCA notice.  As required by law, Charter may determine that the customer is a repeat copyright infringer and reserves the right to suspend or terminate the accounts of repeat copyright infringers.

It is possible that this activity has occurred without your permission or knowledge by an unauthorized user, a minor who may not fully understand the copyright laws, or even as a result of a computer virus.  However, as the named subscriber on the account, you may be held responsible for any misuse of your account.  Please be aware that using Charter’s service to engage in any form of copyright infringement is expressly prohibited by Charter’s Acceptable Use Policy and that repeat copyright infringement, or violations of any other Charter policy, may result in the suspension or termination of your service.  You may view Charter’s rules and policies, including Charter’s Acceptable Use Policy, under the policies section of charter.com.

We ask that you take immediate action to stop the exchange of any infringing material. For additional information regarding copyright infringement and for a list of frequently asked questions, please visit charter.com/dmca.

If you have questions about this letter, you may contact us at 1-866-229-7286.  Representatives will be available to take your call Monday through Friday 8am – 8pm, Saturday and Sunday 8am – 5pm (CST).

Sincerely,

Charter Communications Security Resolution Team
http://www.charter.com/security

— The following material was provided to us as evidence —

Following that was a list of music that was downloaded…   And below that was the following attachment:

I am contacting you on behalf of the Recording Industry Association of America (RIAA) — the trade association whose member music companies create, manufacture, and distribute approximately 85% of all legitimate music sold in the United States.
If you are an Internet Service Provider (ISP), you have received this letter because we have identified a user on your network reproducing or distributing an unauthorized copy of a copyrighted sound recording.  This letter constitutes notice to you that this user may be liable for infringing activity occurring on your network.

If you are an Internet subscriber (user), you have received this letter because your Internet account was used to illegally copy and/or distribute copyrighted music over the Internet through a peer to peer application.

Distributing copyrighted works on a peer to peer system is a public activity visible by other users on that network, including the RIAA.  An historic 2005 U.S. Supreme Court decision affirmed that uploading and downloading copyrighted works without the copyright owner’s permission is clearly illegal.  You may be liable for the illegal activity occurring on your computer.

To avoid legal consequences, a user should immediately delete and disable access to the unauthorized music on your computer.  Learn how at the “About Music Copyright Notices” section of www.riaa.com.  That section also contains practical information about:

– How you were identified and why illegal downloading is not anonymous
– What next steps to take
– Where to get legal music online

We encourage Internet subscribers to visit the website www.musicunited.org, which contains valuable information about what is legal and what is not when it comes to copying music.  It also links to some of the more popular online music services where fans can go to listen to and/or purchase their favorite songs.

We have attached below the details of the illegal file-sharing, including the time, date, and a sampling of the music shared.  We assert that the information in this notice is accurate, based upon the data available to us.  We have a good faith belief that this activity is not authorized by the copyright owner, its agent, or the law.  Under penalty of perjury, we submit that the RIAA is authorized to act on behalf of its member companies in matters involving the infringement of their sound recordings, including enforcing their copyrights and common law rights on the Internet.  This letter does not constitute a waiver of any of our member’s rights, and all such rights are expressly reserved.

Thank you in advance for your cooperation.  If you have any questions, please visit the “About Music Copyright Notices” section of www.riaa.com.

Sincerely,
Jeremy Landis
Recording Industry Association of America
1025 F Street, NW, 10th Floor

 

This type of letter is not uncommon at all!

We have been contacted by friends and clients over the past several years who received similar letters and emails. They get much worse. One client was told that they owed thousands of dollars for a list of songs they had supposedly illegally downloaded (60 year olds normally don’t download boy band songs, but none-the-less)…

In just about ever case, a quick assessment of the situation revealed what was really going on. An unsecured access point in the home/business was being used by persons unknown to do this dirty deed.

If you get a letter or email that says similar to the above, here is what I would suggest:

  • Make sure you have no illegal / unlicensed music or movies on your systems. If particular works are noted as “evidence”, search your computers for those and make sure you OWN the original hard copy of that song or movie.
  • Check for any unsecured access points. Sometimes a person will buy an inexpensive router/access point, never intending on using the access point, however that AP may have come enabled and unprotected by default, which was the norm up until a couple years ago. Disable it, or secure it!
  • Check computers for any P2P software which could be installed, perhaps by rogue apps, intentionally by children, or if you happened to purchase a used computer, it may have come loaded on it. Uninstall it. Kazaa and Limewire were installed automatically with some software bundles and though they did not automatically start downloading songs, if ever your computers were searched, it may come off looking as if you at one time may have intended to or actually engaged in illegal file share.  Bit Torrent apps need to go away too.  Yes, I realize there are legitimate uses for them, but try explaining that to the media cops.
  • Check your machines to insure they are not exploited by various malware / root kits (it may be worth hiring a professional to do this)… We have seen machines exploited and then used as file sharing hubs, where the unknowing owner has 1000s of songs they never downloaded sitting on their computer.
  • Talk to your children and explain that saving $1.00 for a music download could end up costing much more!
  • If you are downloading or have been downloading music that you have not been paying for, then chances are, you know it is wrong. Nothing is free in this world. You don’t get the latest Gaga tunes for free, no matter what the magic application you downloaded says.

If your letter was the warning as you saw above, you likely need do anything other than what I have outlined. If you get a more threatening letter, then seeking legal advice may be the next step for you. You will need to look for someone who knows copyright law.

Should you find yourself in this situation and just want to talk to someone in the Upstate or Greenville area about what to do, or need help in securing your network or computers, please do not hesitate to call us at 864.990.4748 or email info@homelandsecureit.com

Hacking: The Good, the Bad and the Murky (From IEEE Spectrum)

IEEE Spectrum Hacking Graph

IEEE Spectrum Hacking Graph

Over on the IEEE Spectrum site is a neat article on “The Two Faces of Hacking” which was last updated on July 6, 2011 as of this writing and it shows a graph of hacks, which is interactive to allow you to select only the “Good”, “Bad” or “Murky” hacks or any combination.

The graph was created to outline the differences between different hacks and exploits, from StuxNet to RFID hacking, to LulzSec…   It shows the level of impact of each, and how simple or innovative they are.

Pretty interesting take on it… Go check it out and let them know your thoughts…

1

Toshiba Thrive Android 10.1″ Tablet – Another iPad stomping device…

Toshiba Thrive Android Tablet

Toshiba Thrive Android Tablet

If you are one of the many looking for an alternative to the iPad and can’t bring yourself to like Windows based tablets, Toshiba may have the device for you.

The Toshiba Thrive 16GB tablet is a brand new product featuring:

  • Android 3.1 Honeycomb (Yes, it has Flash!)
  • 16GB storage, 1GB DDR2 memory
  • 10.1″ Display with 1080p resolution (1280×800)
  • NVidia ULP GeForce graphics for fast graphics
  • Stereo speakers w/Toshiba sound enhancements SRS Premium Voice Suite
  • Dual cameras – 5megapixel on the back (720p capture) and 2megapixel front facing with microphone
  • Expansion ports! HDMI to allow connection to your big screen or a projector for presentations,  full size SD card slot, USB 2.0 (Both full sized and mini!), docking connector and a stereo headphone jack
  • 802.11b/g/n Wi-Fi and Bluetooth 3.0 + HS

It also has a rubberized finish that helps you keep your grip and a replaceable battery!

There are a growing number of Android based tablets, but this one could very well be the best of the bunch (so far)…

To purchase this tablet, call us at 864.990.4748 or email info@homelandsecureit.com – We are a Toshiba partner here in Greenville / Upstate, SC.

If you would like to discuss how this product or any other tablet may work within your business, please call us…

Homeland Secure IT Giveaway Coming Soon!

Yes, we’re going to do it again….

We’re going to give away something!  Watch here for more info.

To be eligible, you will have to subscribe to this blog, our mailing list or our FB page *AND* be able to pick up whatever trinket it is in person…   We’re not shipping it out =)   (So it would be best if you were in the Upstate or Greenville SC area…

 

Happy Birthday America!

Happy Birthday America!

Thank you to our servicemen and women, both present and past, and especially to those who made the ultimate sacrifice!

We hope everyone has had a fantastic holiday weekend!!!!  We took today (Monday) off to be with our families and to celebrate the freedoms we have this country!

Microsoft Office 365 Cloud Computing Arrives With Little Fanfare

As a Microsoft Partner, we keep abreast of all the offerings that MS has that may be of interest to our clients.  One area of interest has been The Cloud as momentum in Cloud Computing / Cloud Services has been building slowly but steadily as businesses search for ways to save money and reduce personnel & IT costs.

Google Apps and Microsoft BPOS (Business Productivity Online Services) have really taken off as a way to possibly avoid having a mail server onsite and to save money on the purchase of office suite software, since the mail client is web based (or you can combine it with your out client, such as Outlook).

Earlier this week, Microsoft unveiled their Office 365 product, which is designed to attract those who hate the idea of purchasing a product, and would prefer to license a service or product.

In theory it is good… You are renting the software and it is cloud based. In practice, it may not be realistic for your business if you have lousy internet connectivity.

A ZD Net article the other day also claims that lack of bandwidth will be the downfall to these types of services. Find it here:

http://www.zdnet.com/blog/networking/office-365-8217s-potential-fatal-flaw-not-enough-internet-bandwidth/1204

If you have a business in the Greenville / Upstate, SC area and would like to know whether a cloud solution such as Office 365 can work for you, please call us and let’s talk! 864.990.4748 or email info@homelandsecureit.com – We are Microsoft Specialists!