Profile of Keith Ferrell
News & Commentary Posts: 69
Articles by Keith Ferrell
The change of seasons offers a good time to take a look at your security posture -- and especially any vulnerabilities that may have cropped up.
How long since you've taken a look at your business's security policy? (Assuming, of course that your business has a security policy.)
Heavy weather can carry a heavy price if your digital and workplace security measures aren't thorough and up-to-date.
The new year brings plenty of the same old security challenges and problems, as well as some new mash-ups of old attacks.
How much is your data worth to you? That's the question behind ransomware, an aggressive bit of data extortion that's making some noise again.
Threats targeting mobile devices are growing as the holidays get under way. Time to make sure your employees have their mobile guards up.
A recent study pointed out that fear of downtime outranked data theft among consequences of a data breach or other intrusion. There's a reason for that ranking, and it extends far beyond breaches.
Employee vacations, workplace celebrations, unexpected visitors and hours and hours of online shopping loom. Time to take a pre-holiday look at your seasonal security preparations.
Employee access to social networks is blocked by half of small and midsized business, security firm Webroot reports. The company's survey also found that malware and data leakage were the top social network fears.
The attractiveness of unpatched Java as an attack entry-point continues to grow, as do calls for all users to patch Java immediately. But in order to do that, you need to know who's running which version of Java.
Viruses and Trojans topped small and midsized business's security concerns in a recent survey, with data leaks not far behind. But the real top concern needs to be the incomplete security policies and practices that are typical of too many SMBs.
The approach of winter, and the holiday season in the middle of it, means it's time for SMBs to take a few security steps, and implement a few security measures and practices aimed at keeping the chill away from your data and systems.
Insider fraud cost businesses 5% of their revenue in 2009, a new study reports. So ho how much should you trust -- or distrust -- your employees?
A critical zero-day Flash exploit that arrives in a PDF file is being used in attacks aimed at Adobe Reader and Acrobat 9.x. The exploited vulnerability is found across all major platforms, and a patch is not expected to be available for a couple of weeks.
Java exploits are on the rise, and sharply so, exceeding PDF attacks by a factor of 60 to 1, according to Microsoft. Is it time to cut off Java in your workplace?
Whatever your employees need to be doing on the Web via your network, a fair percentage are doing -- or trying to do -- a lot more, according to Symantec/MessageLabs findings.
The best source of SMB funds is SMB bank accounts, obviously, and according to the FBI, those accounts are precisely what the crooks are going after.
The latest version of Webroot's Security Service adds bandwidth trend tracking, both overall and for employees attempting to violate company usage and security policies.
KEMP Technologies' LoadMaster DR, available as a hardware or appliance or software download, aims to insure that DMB customers have reliable access to the business's servers. And introductory price in the appliance aims to insure that SMBs can afford it.
What's your business's patch policy, who's in charge of it -- and should Microsoft's latest Biggest Patch Tuesday Ever prompt you to review it?
Panda Security has introduced hybrid cloud-based content protection for its GateDefender Performa 4.0 perimeter security appliance. One of the things the device protects your company against is your employees' behavior.
Any device that contains company information is an endpoint, right? So how do you protect your data on the personal devices in your employees' pockets, cars and homes?
Ever have a trusted salesperson, contractor or customer bring by a flash drive with a file by for you to view on one of your company's machines? Ever regret letting the outsider's drive inside your perimeter?
Steer clear of gambling, porn and other known risky sites and related searches and you and your employees -- and your business -- are safer, right? Not according to a new Websense study which found that leading news and pop culture sites, and hot-trend search terms may be more dangerous than some of the ones you're steering clear of.
File sharing, drive-by downloads, social nets, phishing, malicious attachments -- according to a new report, these are the leading approaches for criminals targeting small and midsized businesses.
Got 10 or fewer computers and users in your business and want to protect them for free? Next month Microsoft will make its Security Essentials anti-virus, anti-malware program available at no charge to businesses consisting of up to 10 users... as long as those users are running legit copies of Windows.
Whether you look at it as the end of summer or the beginning of fall, the season change offers a convenient point on the calendar to change passwords and review certain security basics.
Everything and everyone is a potential vulnerability, if not an outright threat. That's the message Forrester Research is sending, and it's a message well worth listening to.
Social networks --Facebook and YouTube at the top of the list -- have delivered a load of malware to small and midsized businesses, according to new survey from Panda Security. And that malware is taking quite a few of those businesses fro quite a bit of cash.
The increased attention being paid to insuring businesses against cyber crime, disaster and related losses and costs isn't all coming from companies that sell cyber risk coverage.
The alerts and buzz surrounding an e-mailed worm with the subject line "Here You Have" and the promise of porn is a reminder that old cyber-tricks don't ever really go away. Remember the "I Love You" virus? Thought so.
How many of your employees are keeping passwords, log-ins and other information on sticky notes under their keyboards? Easy enough to find out.
New figures from Avira indicate that a healthy fear of the Web is making users more security-conscious if not yet more careful. Now's a good time to reinforce the lesson.
Drive-based threats may pose a larger risk to your business than drive-by attacks -- and USB drives may pose the largest threat of all.
Netgear debuted its latest security appliance today, the ProSecure UTM50, an $899 Unified Threat Management device that addresses firewall, ant-virus, URL filtering , spam and other aspects of network security.
Third-party apps and other content can enhance your business Web site. But they can also expose your business to unacceptable risks.
Wonder what your employees are doing on Facebook? Odds are they're clicking on spam links.
U.S. SMB cybercrime rates rose 2% over last year, according to a new survey from Panda Security. Considering some of the other findings it's a wonder the rate didn't rise more.
A new variation on the Fake Anti-Virus scam actually launches legitimate uninstallers of anti-virus programs from Symantec, Microsoft, AVG and others.
According to Zscaler's latest State of the Web report, one in five business users continue to browse with IE6, despite its being nine years old and far less secure than newer browsers
A compromised widget accessible from Network Solutions, Inc.'s small business advice site turned out to be dealing in drive-by malware, and doing so for quite a while.
As your summer help heads back to class, take the time to make sure that they're not taking your business's security secrets with them
With the next round of PCI standards nearing release, it's a good time to take a look at your company's compliance -- and how much compliance is costing you.
Can minor usage policy infractions serve as predictors of larger problems? Evidently so, according to a recent Verizon data breach analysis report.
Tomorrow's huge load of fixes coming from Microsoft provides a great opportunity to review your own patch policies. Starting with whether or not your company has a formal patch policy.
SonicWall's mid-year threat report indicates across-the-board growth in cybercrime trends with Web- and cloud-based attacks looming dangerously large and growing larger fast.
Dell's announcement of a broad range of new and enhanced security tools and services for small and midsized businesses includes network endpoint security, and will ultimately, in partnership with SecureWorks, offer a hardware/software solution that includes security management and threat identification and monitoring.
Cutting security expenditures is tough -- short-term savings can all too easily introduce long-term (or short-term) risks. Here are three solid, safe ways to save on security.
The fast-moving Stuxnet worm targets Siemens industrial automation controls via default passwords, yet Siemens recommends that customers not change those passwords. Not a Siemens customer? You're not off the hook. Default passwords may well be more of an issue at your company than you know.
A Microsoft advisory warns of a new threat aimed at its Windows Shell, particularly at the way Windows handles shortcuts. The likeliest exploit uses AutoRun to launch malware. All versions of Windows are believed to be vulnerable.
Mozilla Sniffer, a little-used and now disabled Firefox add-on, turns out be a log-in thief and has been disabled by Mozilla. Additionally the Firefox-maker disabled earlier versions of CoolPreviews, another, more popular add-on which carried vulnerabilities that could enable remote takeovers. Time to take a long look at your company's browser add-ons policy.
The number of PC vulnerabilities is going up, and going up fast, according to security firm Secunia. The first six months of 2010 witnessed close to 400 detected vulnerabilities. 2009 saw 420 for the whole year.
Keeping up with patches,maintaining anti-malware defenses and responding to incidents are the most time-consuming activities IT for security professionals, according to InformationWeek figures. How do your figures match up with the survey's findings?
Two-thirds of the world's secure USB manufacturers are now including McAfee anti-malware on their devices. Question is, how many of your business's USB users are using secure USB drives?
Temporary and summer workers offer the chance to increase production -- and increase your security risks. But taking on summer help also offers the opportunity to review, refresh and enhance your security policies and practices.
When's the last time you updated and patched your printer's firmware -- if you ever have. Yet networked printers, copiers and other common workplace devices, including UPS backups and security cameras, can contain vulnerabilities that can put your business at risk.
Backup Exec 2010, a new backup and deduplication service for midsized and growing businesses released today by Symantec is aimed at the explosive growth of data experienced by businesses of all sizes. The elimination of duplicate data promised by the company also promises to cut storage costs and reduce recovery time in the event of a disaster.
Social networks such Facebook and Twitter are the new porn, at least according to one security firm that finds three quarters of businesses blocking social nets. But social nets' business potential is so large that by banning them businesses are essentially cutting off their noses to spite their Facebook.
As today's bMighty ANTenna points out, security giant Symantec is making a move into small and midsize business services. Its first salvos: hosted backup and online storage.
No, not the usual "Every business needs a quarterback callings its plays" sort of football=business yada yada. Plenty of those around already -- but there are also plenty of good e-business lessons the Patriots can teach The team is as ready for varying and intense Web traffic patterns as the players are for opposition shifts and shimmies.
Got an iPhone? Get ready for iPhone trojans. The first one's ringing in now.
Nice piece on information security on this week's 60 Minutes, with Lesley Stahl being walked through venues from wireless network vulnerabilities to stolen credit card number auctions.
The government giveth, the government taketh away, as two developments -- one on Net access taxation, one on broadband access regulation -- show.
Employee resignations and layoffs raise questions about network security and data security. Here are 7 ways to protect your small or midsize business
The Big Flu is coming. Many of your employees will be working from home, or not at all. How prepared is your company for this?