Security Bytes – October, 2016 – Backups? Cross your fingers and pray?....
This month I wanted to come back to a topic that I have already talked about but countless times I have seen clients that do setup a backup procedure, but never test the backup procedure to see if the data backed up can be recovered successfully in case of a failure.
The best backup strategy is to backup in 3’s: One onsite, one you can keep with you when you leave the location, and one that is in a secure location in the cloud. The reason for this is that if your business location suffers a catastrophic loss due to fire / flood, etc., it is a good bet that the onsite backup might not survive. That is why one needs to also take a backup offsite. Another good reason to keep a 3rd backup in the cloud is to ensure that even if you done have access to your onsite backup and you lose the backup you carry with you, you have a 3rd
Security Bytes - August 2016 OpenSprinkler
This month I will take a slight departure from the usual security related news to more of a tech product review. In recent months I have been struggling with a failing sprinkler box that controls 18 zones but simply was NOT intelligent to not water when it rains nor was it easy to switch zones without having to go back to the timer in garage and manually set the next zone time and then walk back around house to see the effects.
I had been looking at many “intelligent” networked sprinkler systems that are available many of which have a multitude of features that make them very attractive for my purposes. Some had very fancy graphical interfaces, some seemed to be more secure, some had the ability to be expandable. In my case, due to the high number of zones I have ( 18 ) , I was having a hard time finding a solution that was expandable, simple to use and program, easily updatable and most of all remotely accessible and intelligent.
Many of the systems are capable of controlling 8 – 10 zones and have auto update features, but I was looking for more… I wanted something that I had total control over and that was flexible for my expansion needs. A friend of mine suggested that I look at the Open Sprinkler project ( www.opensprinkler.com). After comparing feature for feature with other more expensive solutions I found that Opensprinkler is the perfect solution for my needs. While the physical box is plain, it is packed with many of the features that most people would want.
Security Bytes - MAY 2016 - Personal Surveillance
This month I wish to talk more about the Internet Of Things (IOT) as it pertains to video surveillance. In my previous articles I talked about segregating and securing your personal networks from the devices that tend to have connections outside vendors. In the past year there have been an explosion of new devices that can be placed in your home to automate just about anything. Many home security vendors are empowering users with remote cameras that can enable one to see who is at the door or help to monitor the home while you are away.
All of these devices are great tools however we need to understand how these devices impact one’s network from both a bandwidth and security perspective. Some of the more interesting products are video surveillance that can assist in knowing what is going on at your house while you are way and some of the products are more secure than others and therefore need to be treated differently. Some vendors like Ring and Dropcam (Nest Cam) all offer a form of could recording and notification when activity is present, which is a wonderful thing to many people. We need to understand that these cameras DO communicate back to their respective vendors for software updates and to the cloud recording site when they send messages and video to your mobile devices.
Security Bytes - JUNE 2016 - IOT part2
Last month I introduced the topic of IOT (Internet Of Things) devices and how they can be a useful devices if they are implemented correctly. In the past month I have heard so many stories where many of these devices are NOT set up correctly on a segregated network and as a result privacy can be compromised. I felt that it is necessary to continue to add more information so that everyone can have a handle on how to do this correctly to allow these neat devices to do their thing in a secure way.
IOT devices range from light bulbs, home appliances, security systems, and all the way to sprinkler systems. Many of the companies that make these devices have a system where the device itself basically “phones home” to get software updates and feature updates, sometimes without user interaction. What this means is that there is a connection made out of your private network to a vendor’s network to gather updates. While this may seem innocuous it does present the possible threat that if a vendor’s network or software gets compromised, then there is the possibility that when that device gets its update it may also become compromised. If that IOT device is on your main network, it could possibly be a way for an intruder to see private data. It is essential that one set up these devices on their OWN network or network segment (VLAN) so that they ONLY have access to the Internet and NOT your private network.
Security Bytes - APR 2016 - Privacy vs. Need to Know
This month I wish to address the controversial topic of Privacy vs. The Need to Know. If you have been watching the news lately, I am sure that you are well aware of the issues involved with out Government wanting Apple to decrypt the mobile device used by a gunman in San Bernadino. While on the surface it seems like a simple case, however what our Govt. was asking Apple to do is to write a piece of software that is capable of weakening the security of ANY “iDevice” to the point that Govt. agencies would be able to decrypt ANY device without having to make specific court orders to Apple to assist in the decryption of those devices. Apple IS in fact able to assist with decrypting a since device, however the case was geared to force apple to give away access to potentially ALL devices in one fell swoop.
Many people I talk to simply say that Apple should assist and that “they” have nothing to hide on their devices. However, when I get into details of what they do on their phones, people quickly change their opinion. Just think about all the things you do on a mobile smart device today, Pictures, text messages, Facebook, twitter, possibly banking software, etc. Suddenly people start to realize why should some “unknown” individuals or Govt. be able to look at everything you do in detail every day without a warrant?