Most companies these days provide Internet access to their employees. Most employees consider Internet access like coffee service – something that they take for granted. While this is a great thing for both employers and employees to have, when that Internet access is completely unrestricted, bad things can happen with alarming frequency. Companies’ IT or security teams need to implement technical protections to block harmful websites, or employees can quickly find their workstations compromised by malware. Let’s first discuss why you would want to block harmful websites, and then how.
Survey: Spam email disrupts two-thirds of businesses each year [Infographic]
For infographic based on the UK survey results click here.
A decade ago, unsolicited email aka spam, was a big problem. It filled inboxes with infected attachments, malicious links and claims of riches that required a simple reply (and your bank details).
Improving productivity with Internet monitoring software
The Internet is one of the best and most powerful information tools but it can be an enormous time sink if employees in the company have unrestricted Internet access. When those constantly on Facebook, Tumblr, Reddit and the rest are on the clock, that’s time and money they are taking away from the business! Providing users unrestricted Internet access is great, but not when it causes productivity issues. One way to deal with the problem is to manage and monitor access to the Internet so that you are efficiently using bandwidth, maintaining productivity and keeping employees happy.
The top 24 facepalm moments in information security
In case you missed it, there’s a newly discovered vulnerability in the BASH shell that impacts not only Unix and Linux systems, but Apple’s OS, F5s, Cisco hardware, access points, and practically every other device on the Internet that has an operating system or firmware that is based on Linux and an interface that parses remote data. It’s called ShellShock, but it’s not the wide ranging implications of every device other than Windows systems that deserves the facepalm, but that the vulnerability has apparently been around since 1992. Yes, that’s right. There are college grads in the IT workforce today who are younger than this vulnerability!
To split or not to split? That is the question
This is the video and text from my recent GFI FaxMaker case study. In this video, I share a bit about my background, and my experience with GFI FaxMaker 2015. I was a chief information officer for a mortgage company in Indianapolis we were looking to build a fax server and doing my research I came across…
Apple issues patch for BASH
Apple has been all over the place in regard to the BASH/Shellshock vulnerability that has dominated the tech security news over the last week. Given that OS X uses the BASH shell as its default shell, when the bug was discovered the experts noted that Macs would be vulnerable, but Apple didn’t immediately offer any comment in response to queries.
After a few days, the company issued a statement saying that Macintosh computers were unlikely to be affected by the vulnerability. According to that statement, their systems “are safe by default and are not exposed to remote exploits of Bash unless users configure advanced UNIX services.” The problem is that there’s no way of knowing how many OS X users have their Macs set up to be web servers or have enabled some sort of remote application that can hook into Bash.
Troubleshooting VPN client connectivity
They say a picture is worth a thousand words, and I can think of no better example in IT where a screenshot can help troubleshoot an issue with VPN client connectivity. For something so crucial to remote users, it is sad that vendors still make troubleshooting VPN issues something that requires an admin to work with, and familiarity with arcane error messages. It’s a chicken vs. egg scenario, since for an admin to troubleshoot client VPN they need access to the client, which they cannot get until VPN is working! Relying on users to do the heavy lifting guarantees exasperation for both user and admin, but it’s the situation we’re all in. To help troubleshoot VPN client connectivity, here are some pointers that may save you some time.
Third-party patch and vulnerabilities roundup – September 2014
It’s been another interesting month on the patch and vulnerability front, but this time the focus has been less on Microsoft products (although the company did have to pull one problematic non-security patch that was causing problems for OneDrive for Business customers. The big news when it comes to updating problems, though, was the release of iOS 8, which fixed more than 50 security vulnerabilities in Apple’s mobile operating system but which also introduced a multitude of bugs and functionality problems, and the resulting fiasco in which Apple released a fix that caused even bigger problems and then yanked the latter update on the same day it was released.
Are you prepared for Microsoft Forefront’s EOL?
You’ve probably heard that Microsoft Forefront, including MS Forefront Protection 2010 for Exchange Server, will be discontinued. Instead, Microsoft has launched a new product line called Exchange Online Protection. Can existing Microsoft Forefront Protection customers simply migrate to the new Exchange Online Protection solution? Unfortunately for many the answer will be ‘no’. The new Exchange Online Protection solution is a paradigm shift that is likely to be incompatible with the majority of Microsoft Forefront Protection for Exchange Server customers.
Microsoft Forefront Protection for Exchange is an on-premise solution. Hosted solutions may be popular, but people who decide to go for on-premise solutions do so for a variety of good business reasons. Exchange Online Protection on the other hand is a hosted email security solution.