61% of small companies don’t consider information security
March 26, 2008
According to a Business Week article last month,
“About 57% of small companies don’t think they need a formal plan to secure their data, and 61% say they never sought information on properly protecting their files, according to a March, 2007, survey by the National Federation of Independent Business and Visa USA.”
If you’re in Ottawa, I’m speaking to small business owners on managing information security risks next week, and I’m told there is still some space. Event information is here.
Securing your Wireless Network
January 15, 2008
ExtremeTech has a nice article today on securing your wireless network at home. If you find yourself accidentally connecting to your neighbour’s access point, you might want to sent this URL to them as well.
Security for your conversation AND your eyes
January 4, 2008
I’ve been a long-time proponent of encrypting instant messenger traffic and I have SimpLite for MSN Messenger on most of my machines. That way, my MSN traffic to/from anyone else who installs SimpLite (which is free for personal use) will be automatically protected.
Earlier today a friend contacted me through MSN and I found her text very difficult to read. Being far sighed and having a pair of year-old Samsung SyncMaster monitors on my desk about 18 inches from my face, that’s not a problem that I’m used to. Since everything else on my desktop was crisp, the problem was obviously my friend’s choice of font and colour. The lines forming the letters were an inconsistent weight, on a bit of a slant (although not quite italicized), and small.
Now it is certainly possible that my friend has a different version of the font installed on her computer and that it might look fine there. It’s possible that Microsoft released a different font with Vista, and that it therefore may look different on my system. It’s also possible that my friend’s monitor is smaller, runs at a different resolution, has a smaller dynamic range, or her PC is set to larger font sizes. But I just have to ask why, in a real-time communications tool, Microsoft even allows the other person to choose the font that appears on my screen. I’m all for expressing one’s individuality, but the font on my screen should be what I want to read.Â
But what’s more interesting is that my friend insisted that she hadn’t changed anything in quite some time, and I didn’t recall ever finding her text hard to read before.
Now you might be thinking I should visit an optometrist or that something is wrong with my montor, and my friend suggested both. In fact, I even went as far as to check that I was still running at native resolution (1280×1024), 32-bit, a fast refresh rate, I quickly pulled up a photo test image, etc. Absolutely nothing wrong with my system.
So I switched to another computer and the text was still red, but the font was normal and easy to read! What was different? That machine had SimpLite on it. Then the proverbial light went on.
SimpLite, by default, changes the font colour to tell you if the communication is secured or not. Apparently, when it does so, it also causes MSN to use the default font. In other words, it no longer allows the other person to determine what font appears on your screen. Security for your conversation and your eyes.
Kudos to the folks at Secway — I’ll be buying your “Pro” package for $25 shortly to say thanks for protecting me from evesdropping, application developers that don’t think, and friends who make bad font choices.
Secure USB Flash Drives
December 9, 2007
My Monitor Magazine column this month is on two new secure USB flash drives, the Corsair Flash Padlock and the Stealth MXP from MXI Security.  Those of you who can’t pick up a copy from the stand can find a pdf of the article here.
Why Privacy Matters
March 8, 2007
As an information security (infosec) guy I don’t blog about work. To put it mildly, customers would not appreciate it. So when I do blog about security, it’s about more general issues and events.
Here’s a good one on privacy. You might think it’ seems far fetched, but allow companies to combine information from the right databases, and it’s actually quite easy. It also could be profitable…
http://www.aclu.org/pizza/images/screen.swf
The number one security problem
June 14, 2006
As a security professional, I often find myself recommending that clients establish a basic security awareness program. Here’s a good example of why:
http://www.darkreading.com/document.asp?doc_id=95556&print=true
