Disaster Recovery, IT Service Management, IT Job Description, Sarbanes Oxley, and IT Salary
Full news feed

 The first record of e-mail spam dates back as far as 1978 and, although spam began in earnest in 1994, the recent history of the spam "problem" actually began about 2002. In early 2002, spam represented about 16% of all e-mail sent over the Internet; by early 2008, spam represents between 87% and 95% of all e-mail.

Clearly, the key to stopping spam will be technology-based solutions, not legislation or legal prosecution of spammers. However, not all anti-spam technologies are created equal. Some are better than others either in spam capture efficiency and/or in generating a minimal number of false positives. While conventional spam-filtering technologies can stop a large proportion of spam, spammers continue to battle against even the cutting edge of these technologies, necessitating newer and better techniques to stop the problem.

•   Understand all applications in use. Many remote sites have legacy applications that have not been brought into the office.
• Understand Bandwidth requirement. Before deploying any technology to remote offices that will increase the WAN load, understand each sites traffic profiles.
• Create disaster plans for each site. What will each site do if they lose their primary line or phone connectivity?
• Understand remote sites data silos. Critical information often ends up stored on local servers or, worse, on local machines, because of convenience or ignorance.
• Do not dictate from on high. Bringing remote sites into the mix and listening to feedback and concerns helps to focus priorities and set the foundation for collaborative technologies.
  

The lawsuit was inspired by some two dozen cases, 15 of which involved searches of cellphones, laptops, MP3 players and other electronics. Almost all involved travelers of Muslim, Middle Eastern or South Asian background, many of whomÂ… said they are concerned they were singled out because of racial or religious profiling.

While these are rudimentary numbers, the relative risk scores are reasonable and discernable. It is also worth noting that the business partner numbers rose over the duration of the study, making partner crime the leading factor in breaches. This is likely due to the ever increasing number of partner connections businesses are establishing, while doing little to nothing to increase their ability to monitor or control their partner's security posture.

Data breaches and network intrusions occur because the personal information compromised includes data elements useful to identity thieves, such as Social Security numbers, account numbers, and driver's license numbers. Some breaches do not expose such sensitive information; however, they still expose individuals to identity theft and business to a compromise of their electronic assets and that must be disclosed under Sarbanes-Oxley and various state laws.

According to Verizon, nearly nine in 10 corporate data breaches could have been prevented had reasonable security measures been in place.

 The Verizon "2008 Data Breach Investigations Report" spans four years and more than 500 forensic investigations involving 230 million records, and analyzes hundreds of corporate breaches including three of the five largest ones ever reported.

They found that 73 percent of breaches resulted from external sources versus 18 percent from insider threats, and most breaches resulted from a combination of events rather than a single hack or intrusion.

Recommendations for Enterprises

Simple actions, when done diligently and continually, can reap big benefits, the study notes. Key recommendations include:

• Align process with policy. In 59 percent of data breaches, the organization had security policies and procedures established for the system, but these measures were never implemented. Implement, implement, implement.
• Create a data retention plan. With 66 percent of all breaches involving data that a company did not even know was on their system, itÂ’s critical that an organization knows were data flows and where it resides. Identify data and prioritize its risk to the organization.
• Control data with transaction zones. Investigators concluded that network segmentation can help prevent, or at least partially mitigate, an attack. In other words, wall off data when and where appropriate.
• Monitor event logs. Evidence of events leading up to 82 percent of data breaches was available to the organization prior to actual compromise. Data logs should be continually and systemically monitored and responded to when events are discovered.
• Create an incident response plan. If and when a breach is suspected, the organization must be ready to respond, not only to stop the data compromise but to collect evidence that enables the business to pursue prosecution when necessary.
• Increase awareness. Only 14 percent of data breaches were discovered by employees of the victimized organization, even though employees are the first line of defense in safeguarding data. Educate them to be aware.
• Engage in mock-incident testing: Making sure employees are well-trained to respond to a breach. Run drills and test peopleÂ’s abilities, judgements and actions during a mock crisis.

A complete copy of the "2008 Data Breach Investigations Report" is available at http://www.verizonbusiness.com/resources/security/databreachreport.pdf.

They enjoyed an luxurious life style that included trips to the Caribbean, Hawaii, and Europe.  In a very brief period they stole over $115,000 and were in process of trying to steal over $120,000 when they were arrested.

They used simple techniques like breaking into apartment to get information on neighbors, dumpster diving, and getting mail box keys for their apartment complex. They applied for credit cards and then intercepting the cards when they arrived via the mail.  They also had fake driverÂ’s licenses and an industrial machine that made identity cards.

The winner of the 25Mhz piece of spectrum in the 2155MHz band would be required to deliver free wifi Internet access. The operator could choose to use any technology, but in that range, WiMax or many of the mobile technologies would make sense.

The FCC believes this is a good idea and demonstrates the FCC's commitment to supporting initiatives that have a positive impact on the next phase of broadband innovation. This will give consumers greater choices to access the Internet said a FCC spokesperson.

The FCC has developed the plan based on proposals from several companies. In 2006 one company proposed that the FCC give the company the spectrum so that it could offer free wireless Internet access to users. The company planned to fund the network through advertising and said that it would give the FCC 5 percent of its gross revenue. The FCC's current proposal would simply auction the spectrum to the highest bidder and require the free services.

The current proposal also includes a requirement for a content filter that would aim to prevent minors from accessing adult content over the free network. The final plan could also include specified data rates for the free service.

Janco has defined a set of tools which enterprises of all sizes can use to be prepared to protect against breaches and intrusion, know when it occurs, and provides the ability to respond quickly when it does happen.

The Data Breach and Network Intrusion Detection Tools  are the tools that are needed and contain:

• Security Manual Template

• Security Audit Program

• Network Event Viewer

• Smart Disk Monitor

• Text Log Monitor

• Internet Service Monitor