|
The
Weakest Link: Social Engineering - "We've met the enemy, and it is
us." (Pogo) |
Epilogue: The Gumshoe Revealed
The
underlying point of the series
by Mark Robertson, Social Engineering Consultant and CTO
(Read the
earlier chapters)
Throughout
the gumshoe series, I received many letters. I appreciate them all — some of
you wrote encouraging words about the industry; some of you shared
gut-wrenching situations where security was compromised and lives were
threatened; and others spoke of overseeing security for huge networks all over
the world. One thing is certain, you all share a deep concern for the systems and
corporations you are in charge of protecting.
A couple
of you wrote, “Enjoyed the story, but what’s the point to all this?” Here is
the point: All the actual hacks, cracks and vulnerabilities described were
based on true accounts. And all the solutions given in the series are
precautions and ways to address situations so that your organization can stay
secure from here on out.
[ Read More ... ]
|
|
A Quick ’n Dirty Security Education
Just when you thought Chip and Elisa were no more, we sneak in
one more article. Some of you wrote, "Nice story, but what's the
point?"
The epilogue gives you the
security tips for each episode. You can find the complete story here.
Thanks to many of you for filling out the
quick 'n dirty feedback form. The security challenge readers mention most often
is how to educate users.
Get some answers here for that dilemma and try them
out. If you do give any of the suggestions
a shot, we'd love to hear how it turns out. Contact me at meryl@internetviz.com.
With all the natural and man-made disasters
happening in recent years, planning for disasters has become fashionable.
Unlike fashion, however, crisis plans are very important and must be tailored
for your company. Has your organization created a disaster recovery plan? Have
you already had to put it to work? We hope not, but if you have — it'd be a
great learning tool for others if you share your experiences, since such
situations are (we hope) rare. Again, we value your privacy, so you don't have
to disclose your name, company's name or any proprietary information.
Your input makes this newsletter
successful. We've implemented many of your great suggestions, turning them into
stories or questions for readers. As the world of IT is ever changing, we want
to ensure we stay on top of things.
Please submit your ideas to keep this
newsletter fresh and updated. As a thank you, we enter your name into a virtual
box for a drawing where you could win a 256 MB MP3 Player.
Best,
Meryl
K. Evans
Editor,
The Remediator Security Digest To
unsubscribe instantly or change your preferences, see links at the bottom
|
|
|
 |
Complete our 1-minute reader survey and you could win a
256 MB MP3 Player. |
|
Congratulations to this month's winner of
a 256MB MP3 Player:
Sheri Schulden-Rusk, network administrator, World Vision International |
|
|
|
Partners |
|
Shavlik drives patch management solutions for these companies: |
|  |
|
|
|
Free Whitepaper, Spyware and Patch Management:
An
Integrated Approach to Network Security.
The impact of spyware on your enterprise is
severe, Yet, nearly all anti-spyware solutions treat the symptom without
addressing the cause. This white paper explains how to combine enterprise
anti-spyware prevention tactics with regular system updates to keep your world
free of spyware, adware and malware for the long run.
|
 |
|
|
|
Download a Free Trial of Shavlik NetChk™
Protect,
Patch & Spyware Management in one
easy-to-use GUI.
Is your network safe from spyware? The first step
to securing your network is to remove spyware, adware and malware. Next, patch
your systems to stop re-infestation. Remediate Spyware and install Patches with
Shavlik NetChk™ Protect for a Complete Security Solution.
 |
to
download free software. |
|
 |
|
|
Last Issue's Security Dilemma:
Educating Rita and Roger about IT
policies and rules
In talking with others in our industry, I've learned many
of us have the same problem when it comes to IT security: user education —
managers included. We've attempted offering mandatory short courses, both
self-paced and classroom, but we continue to have challenges when our users do
not properly follow security policies and rules. We'd like to read about others' success stories in educating users. How do you educate users to follow
proper protocol?
— Carol, Desktop Support
Read the best advice from readers of The Remediator Digest
|
|
This Issue's Security Dilemma:
Preventing
Worst-case Scenarios
With 9/11, Hurricane Katrina and
Hurricane Rita proving companies aren't prepared for disasters, we're getting
busy trying to put a plan in place. However, we are having trouble figuring out
a workable disaster recovery plan. Our problem is we have one terabyte to back
up, and the data is spread throughout four locations. We would like to automate
the process from one location.
How did you go about creating a
disaster recovery plan and process?
— Howard, IS Manager
Can You Help?
|
|
Know how to get what you need:
Take charge of your career:
For a well-deserved breather:
| |
