Articles of interest related to tech topics, including articles from and about our friends in the technology business.
Articles of interest related to tech topics, including articles from and about our friends in the technology business.
The news of the death of Steve Jobs came as a bit of a surprise until I thought about it for a minute or two. Only a few weeks before he had stepped down as the day to day leader of Apple. I guess he knew his time was growing short.
It has been interesting to read about his life and how he and Woz built Apple, how he was down and how he came back and brought Apple back with a vengeance. His perfectionism but also knowing when to say, “OK it’s as good as it can be and we need to sell some”.
He taught me to be a better presenter, to rehearse, rehearse, rehearse and to use simple bold slides. Thankfully he’ll live on for us on YouTube. His persistance was impressive, he knew what was right and he insisted on it.
Thanks Steve, mostly for your products – I’m an Apple devotee – but also for your style, flair and persistance, sorry to see you go.Vic Rollins – from the far side of Bangkok
Network Consulting International is hosting an executive workshop on computer network security on Monday 7th November at Bangkok’s Pacific City Club. Registration is at 1:30PM and the event will begin at 2:00PM.
Network Box founding partner and Managing Director, Michael Gazeley will be our featured presenter. Other experts will be on hand to demonstrate Network Box features and discuss security in your organization.
The workshop is appropriate for owners and managers responsible for protecting the digital assets of the organization network. C-suite executives, owners, IT managers and other high level management will be made aware of threats and how they can protect their networks from them.
Attendance is free but space is limited. Please send email to email@example.com to request an invitation.
Please help us better tailor the workshop to your needs and take a couple minutes to fill out our survey. Here or at the bottom of the page. Click here.
Thank you and we look forward to seeing you!
Michael’s bio– Michael Gazeley is Network Box’s Chairman and Managing Director. Along with Mark Webb-Johnson, he co-founded Network Box in 2000. For 10 years, Michael’s obsession with getting things ‘right’ has driven the company to the standards of excellence it has become known for. If Mark is the technical genius (which he is), Michael is the business genius. It is Michael who has thought over and over about what customers need and for the most part, he is spot on. His thinking about security solutions is what gives Network Box its edge.
In 2007, Michael was recognized by The International Information Systems Security Certification Consortium, Inc. with the First Asia-Pacific Information Security Leadership achievement award
Create your free online surveys with SurveyMonkey, the world’s leading questionnaire tool.
In response to recent hacking attempts on the Hong Kong stock market web sites, CNBC’s Bernie Lo interviews Network Box founder and Managing Director, Michael Gazeley. Some very good information about the current state of internet security but also a very good commercial for Network Box managed security services.
NCI is proud to have been chosen by Interpac Data Management of Hong Kong to represent and provide technical support in Thailand for their popular Teltrac call accounting package. NCI has added Thai speaking technical staff specifically for Teltrac.
Teltrac is a feature packed suite of software that brings accountability to all aspects of organization telecommunications. Teltrac allows a company to make employees accountable for personal calls. Increases productivity by reducing unneeded calls and unnecessarily long calls. Keep your telco honest by comparing bills to actual calls made. And accurately allocate costs to divisions, departments and locations.
Interpac is a 25 year old company based in Hong Kong. The software is engineered in Asia for Asian markets. It is not a transplanted software from the US and back-engineered for Asia. Teltrac handles multiple currencies and any carrier. It was designed to allow multinational companies to track calls across all locations. It works with every major PBX.
This week we have been in Manila training with Teltrac engineers learning all technical aspects of the program and its modules, basic architecture and functions, site assessment, installation/configuration and troubleshooting. We’re now looking forward to getting home and starting to market this powerful product in Bankok. We will be looking to form partnerships with top PBX distributors in Thailand. If you are interested or can refer a company to us, please contact us.
From Teltrac offices in Manila – Vic Rollins
You would think that everyone out there is answering that question with big fat “no”‘s and quite a few “hell no”’s. But that isn’t what is happening in the real world. Many companies buy a marginal firewall, subscribe to an anti-virus program that updates every day or so. They allow USB’s, and all manner of portable media, they don’t enforce policy to keep pirate and unlicensed software out and generally think, “it won’t happen to us.” Then when it does happen, they say, “Well, we did all this, why?”
New viruses are introduced to the internet today at a staggering rate. Zero day malware peaked recently at over 60,000 in one day. Daily average of zero day malware over the last several months is consistently well over 30,000 per day. Those numbers equate to needing a new malware signature every couple of seconds 24 hours a day. How does a network manager keep up with that?
“Oh, by the way Khun IT guy, “my printer doesn’t print and accounting said their software wasn’t working and I’m downloading this file and it’s taking all day and you need to move Somchai’s computers to his new office and Bob, the new guy needs an email address and…”. You get the picture.
Well, if Khun IT guy really did keep up with security on a network of even 50 or 100 computers, he would need at least one more staff dedicated to nothing but monitoring attacks, updating signatures and flagging spam. And that’s around the clock, so either cut your network off the internet after business hours or you hire two more people to cover the night and graveyard shifts. Don’t forget your anti-virus, anti-spam and intrusion detection engines and signature databases have to be state of the art and constantly updated. (There are something like 7 million virus and 19 million spam signatures floating around the internet, ask your anti-virus company how many they can identify AND block.)
Now, you say, “We can automate all that stuff, can’t we?”. You can – to a degree, but where can you get anti-malware engines that have been tested and proved to block 100% of the current WildList™ viruses, trojans and worms? How capable are your IT people with internet security? And is someone watching your network 24/7/365?
The question really comes down to your data. Is your data worth 100% security or is “good enough – good enough”? Only you as a company manager can determine if losing a day or a week of email is worth the risk. Think about the most important files stored on your computers, contracts, design files, customer lists, quotations, bank information, AR reports, financial reports, employee data, pricing data – what is the impact on your business if you lose any of these? Or if any fell into your competitor’s hands? Your customer’s hands? Regulators hands? But, you will save a few hundred baht every month, won’t you?
There is a solution – 100% virus catch, intrusion protection, data leakage protection, VPN’s, regulatory compliance and about a fifteen more things that Khun IT guy can’t do even on his best day.
If your data is worth protecting to 100% give us a call. If it’s only worth 80%, 90% or even 99%, stick with what you’ve got. Call us after you lose some, we’ll be here and help to pick up the pieces.
From the somewhere in Manila, Philippines – Vic Rollins
12 months ago a group of IT managers when surveyed about how important data leakage protection was to their organization, 16% said it was “very important”. When surveyed again this month, over 90% of them said it was very important. Why such a massive swing in interest?
Probably a lot has to do with what’s in the news, Wikileaks for example. Additionally the technology to block transmission of confidential files is becoming available and more reliable. Plus almost anyone who has ever used a computer in business has accidentally sent a wrong file to someone so we can all identify with the need to protect sensitive files. DLP protects against deliberate as well as accidental transmission of confidential files.
The Network Box information paper available for downloading, DLP Overview; details how any Network Box can help any customer define organizational rules that what can go out of the network. The technology – using an advanced OCR process even prevents photographs of restricted documents from leaving the network. Even a rubber stamp on a scanned document can be flagged and stopped.
If keeping your confidential documents confidential is important to your organization, let us show you how Network Box can protect them all threats – even accidental ones.
Siam Commercial Bank customers are targets of a phishing site that just popped up. WARNING: If you click on the link – do NOT enter any personal information!! You have been warned. The web site is spoofing a Siam Commercial Bank site, phishing for your personal banking information, here. DON’T enter any personal data!!
If you are playing it safe, here are two screen shots of the main pages of the site in English and Thai. These could fool anyone. If you click around to some of the links the site asks you to register by inputting your ATM/Debit Card number AND your PIN. Nice try but that should be the tip off for anyone who sees this. But then again, these guys wouldn’t do it if they didn’t get results.
It’s getting dangerous out there on the wild wooly world wide web!
“Let’s be careful out there.” – Sgt. Phil Esterhaus, Hill Street Blues, 1981-1987
From the far side of Bangkok – Vic Rollins
I recently had occasion to hear a presentation by Home Pro, Thailand’s home improvement store chain. Surprisingly, over 70% of their sales at are not do it yourselfers – DIY’s – but to BIY’s, buy it yourselfers. BIY’s, buy the items and then hire someone to do the installation. Then I did some research and that number is only slightly lower in the US – where I thought the number of people who did their own work would be much, much higher.
So what does this have to do with computer network security? Well, it has to do with time, focus and expertise. People are not much different with their homes than they are with their businesses. Some do everything themselves, why? Maybe they are good at what they do. Maybe they like to do their own home improvements. Maybe they have the time. They probably have the right tools. Many probably try to save money. Others do their homework, pick the colors, materials and all the trim – then hire experts to install and make it just so.
Your computer network security isn’t different either. You can do it all in-house because you have good experienced people, they have plenty of time to devote to security everyday, you bought all the right equipment, you bought the best firewall, anti-virus and content filter software and finally you are confident your people will do the best job. OR – you can do a little homework, learn your needs and then hire the best experts to do the installation, configurations and make everything just so – and then keep it running just so for you every day.
Here are a few points from both sides, for DIY computer network security and some of the things to consider on the down side.
Pros – of outsourcing –
Cons – of outsourcing –
Some more things to consider when thinking of computer network security…
If you have questions about your security, please contact us. Our goal we want to work with you to identify needs and then offer solutions – even if those solutions are not from our company. Network Box and our other products are not a fit for every company or organization and we’ll be glad to point you in other directions if we’re not right.
From the far side of Bangkok – Vic Rollins
Most everyone has heard about computer viruses and most may have heard the terms, “worm” or “phishing” or “trojan” when it comes to computers but I’ll venture that most do not really know what these things mean and how they can threaten not only your computer but also you, your bank account and your privacy! Not to mention how they threaten organizations (computer networks).
The following article about all these threats is so good, I have shamelessly copied it from the place I found it – http://www.internet-story.com/dangers.htm – and re-posted it here. Thank you to the original author – to whom I would gladly give credit – had she/he taken credit for compiling this piece in the first place.
In general spam can be defined as any unsolicited e-mail, usually in the form of advertising for a product or service. Spam wastes an enormous amount of people’s time. Even though you may think an e-mail is spam, you often have to read the first sentence to be sure before deleting it. If you get dozens a day, the time wasted rapidly mounts up. Unfortunately there seem to enough people falling for the offers to make sending spam worthwhile.
In addition to lost time, spam also uses up considerable bandwidth on the Internet. Despite bans, because the Internet is public it’s almost impossible to prevent spam. There are organisations which try to fight spam using various techniques, and filters are available which recognize some spam algorithmically, for example by the subject line or sender. But spammers know all the tricks and are often ahead of the game.
The story goes that the word spam comes from the Monty Python song: “Spam spam spam spam, spam spam spam spam, lovely spam, wonderful spam…” A sort of endless nonsense, which continually repeats itself. The song featured in a skit in a restaurant, in which every dish included some spam, a trade name for luncheon meat.
Wherever the word came from, spam is invasive – you don’t want it, but you get it anyway. And the worst thing you can do is click on the button saying you don’t want it, or send an e-mail complaint back. Then they, whoever “they” are, know that their spam is reaching you. And you will get more…
This is a general term meaning malicious software such as viruses, worms, Trojans, spyware, adware, etc.
In the early 1980s, experiments were carried out on computer security and 1983 saw the emergence of the first virus. Fred Cohen, at that time a student at the University of Southern California, had the idea of introducing self-reproducing software, which could spread by infiltrating existing programmes, thus attacking the security of multi-user computing systems. Len Adleman, Cohen’s thesis adviser suggested that this was similar to a biological virus, which uses the resources of the cell it attacks to reproduce itself. The term “computer virus” was born.
So what is a virus? A virus is a programme with the ability to reproduce and spread rapidly. It is often difficult to eliminate. A virus infiltrates a file and is spread as that file is copied and forwarded to other computers. At the very least a virus can cause problems by taking up storage capacity and memory and slowing general computer performance. However some viruses can destroy files, reformat hard drives or cause other damage.
At one time viruses were spread mainly through the interchange of floppy disks but the Internet now provides a much better and quicker distribution system. Viruses attached to today’s essential business tool – e-mail – can spread a virus throughout a company like wildfire and cost many millions in lost data, lost productivity and high fees for re-establishing crashed computer systems. Tens of thousands of viruses have already been identified and it is estimated that about 400 new viruses are created every month. Anyone with basic programming knowledge and a desire to cause computer damage can create a virus. A non-damaging virus will spread and “just” take up storage space. With damaging viruses, the spread usually takes place over a long period before the virus is actually activated. The activation may be tied to a particular date or particular computer command. Once a virus is discovered, details are sent to the ICSA (International Computer Security Association) in Washington, D.C. They in turn distribute details to anti-virus software developers who modify their software to detect the new virus. Depending on the virus, this can take months. As new software is installed and updates made, the virus threat is finally reduced to a level where it is no longer a major threat.
Normally spread through e-mails, a virus hoax is usually a false warning of a non-existent computer virus. As such, they cause no harm to computer systems other than slowing mail servers down if spread in large numbers. In addition to the hoax itself, unsuspecting recipients then send out e-mails to all their contacts warning them of the supposed virus threat, creating even more network traffic. However, some hoaxes go further, with a message giving directions to remove specific files from your system to get rid of the virus. This form is then no longer a hoax but is in itself a virus, because it leads you to remove some vital file which may cause your computer to malfunction. Before reacting to any virus warning, even ones that appear genuine, check with one of the online anti-virus programme providers who list hoaxes and real viruses.
Worms differ from viruses in that they don’t reproduce by infiltrating files but by infiltrating systems. For example, a network worm spreads by reproducing itself throughout a network system. An Internet worm sends copies of itself through the Internet system via poorly protected computers. An e-mail worm sends copies of itself via the e-mail system.
The name is derived from the Trojan Horse of Helen of Troy fame. It is a particular type of malware used to infiltrate a computer without the user’s knowledge. Trojans may install a so-called “keystroke logger”, which can record all the keystrokes entered on a computer keyboard. This provides information on all computer activity including passwords used. This information is then passed on to fraudsters via the Internet. A typical method used is to send out random e-mails which appear genuine, encouraging computer users to click on a link from the e-mail to enter a malicious website, which in turn exploits a web browsers vulnerability to install a Trojan.
Another form of Trojan allows infected computers to be targeted for a “denial of service” attack. The aim is to deny the victim access to a particular service. Such an attack can effectively disable your computer or network – with possible disastrous consequences depending on the type of organization. Unlike viruses, Trojans cannot reproduce.
First identified in 1996, phishing is the practice whereby fraudsters acting as legitimate organisations such as banks, online payment services etc., send misleading e-mails requesting personal and financial details from unsuspecting recipients. In other words – fishing for information useful to the fraudster in order to transfer money into the fraudster’s account or make online purchases on someone else’s account. Typically, a message requests the recipient to “update” or “validate” his account information by clicking on a link with the threat that failure to do may lead to suspension of the user’s account, etc. To avoid having his account suspended, the user follows the e-mail instructions and the trap is sprung. The link to which the unsuspecting victims are directed opens a “copycat” website of the institution named in the e-mail and looks official. Thousands of such e-mails are sent out in the hope of catching out a few of the unwary. The information “phished” for includes numbers for bank accounts, credit cards, security codes, social security and phone numbers, login names and passwords and names and addresses.
Adware and Spyware
Short for advertising-supported software, adware is a software application in which advertising is displayed while the programme is running. This may take the form of pop-ups or banners which appear on the computer monitor. Advertisers pay for the service and help to recover some of the costs of software development, thus keeping the price low or even free, whilst the programmer still makes a profit. Adware may run on a computer without the users knowledge, having been included in shareware or freeware downloaded from the Internet. Most adware affects the various Windows operating systems and may be noticeable by the presence of more pop-ups on the web browser and a possible reduction in computer performance.
Some adware programmes include codes used for tracking and collecting information about users, their computers, websites visited and so on. This is then called Spyware.
Combating Adware and Spyware is fairly easy with programmes such as Ad-Aware or Spybot, which can be downloaded free of charge from the Internet and regularly updated. There are also commercial packages for sale.
When we think of identity theft, we usually think of credit card details. However, ID thieves are also interested in other information, including credit reports, social insurance numbers, driving license numbers, phone cards, mortgage details, birth dates, passwords and PINs, addresses and phone numbers. ID loss is not just about money.
ID loss may mean losing much more. Credit rating may be lost and until this is restored, you may find difficulty in getting a job, a mortgage or even a passport.
Today’s cunning bank robbers only rob databanks. Computer criminals have realized the potential of the power of information and computer crime is the fastest growing form of crime. If operating remotely, ID thieves run little risk of being caught and even if they themselves don’t use the information, it can be sold on to fraudsters who use it to impersonate others. How is this done?
As individuals, most of us have become accustomed to caution, to being extra careful with credit card and personal information. But criminals go where information is collected. Regrettably not all companies protect your records adequately in their databank. Some institutions hold records of millions of people and big break-ins can lead to loss of our personal secrets. One U.S. security firm discovered that passwords from 50 banks, eBay and PayPal login details and also credit card numbers had been stolen from a server by a Trojan virus. Another discovered that hackers had accessed a credit card system holding 40 million various credit card numbers. And data has been lost in far simpler ways: in the U.S., a shipment of bank customer data tapes disappeared in transit. In Singapore, bank customers records disappeared during shipment between two offices. A Japanese bank inadvertently threw out CDs containing copies of the financial records of its customers. And there was the Australian bank manager who, by using clients IDs, stole $17 million to feed his gambling addiction.
Figures published in 2005, showed that in the U.S. alone about 53 billion US$ per year is lost through ID theft. 90% is paid by retailers and businesses – ultimately of course at the expense of the consumer.
Some simple safeguards:
And never think “It can’t happen to me!” It can!
ed- In the immortal words of Sgt. Phil Esterhaus – “Let’s be careful out there.”
From the far side of Bangkok – Vic
One of the most misunderstood things about Network Box Managed Security Service is that it is a piece of hardware. Prospective clients often try to compare “our nuts and bolts” with “their nuts and bolts”. First and foremost Network Box is a front to back, top to bottom service, and… “Oh, by the way we add this box into your network to make things work.”
That is where Security3 or “Security-cubed” comes in. Some companies sell you a box, you plug it in, you configure it, you manage it, you pay for it if it breaks, you buy a new one when you outgrow it. You bought it you own it.
At Network Box we are right with you from before day one. We analyze your needs and advise options. We choose the right equipment for your network, we configure and install the service. And finally we are there 24/7 to keep things running smoothly. Equipment failure – we replace or repair – you don’t. Network down – we will know before you do and tell you about it, probable causes and most likely fixes. Your needs change – you tell us – we change it.
What this means to you is that your IT department is freed up to do the things they do best; keeping the physical assets of your network fine tuned and running smoothly without worrying about who “out there” is trying to get in to ruin your day. To boot, you have a team of world class, award winning security experts who do nothing but watch out for your network.
You get painless, worry free network security for little more than the price of your average UTM.
Give Network Box a test drive today – contact us for a free no-obligation security analysis of your computer network.