Trends
Phishing for Twitter security
The social networking
site Twitter was hit by hackers recently,
affecting the accounts of several
high-profile celebrities, including Britney
Spears, Bill O’Reilly and even then
president-elect Barack Obama. The scam is
worrisome for Twitter users, since many
people use the same passwords across various
online accounts that contain personal and
financial information, such as Amazon.com,
PayPal and Web e-mail accounts.
"Phishing is the oldest
trick in the book," says Mary Landesman,
ScanSafe’s Web security expert. "Someone
sends a link that leads to a Web page asking
for the user’s login credentials. It’s a
completely avoidable breach of security.
"Never, ever enter your
login credentials from a Web site accessed
via a link received in e-mail, IM or
Twitter," she adds. "While it must be
embarrassing for the celebrities who were
impacted, it should concern all citizens
when the future president of the United
States is among the victims."
Phishing is not the only
security vulnerability on social networking
sites like Twitter, Facebook and MySpace.
ScanSafe recommends the following five tips
to protect yourself on social networking
sites.
Stop the virtual
popularity contest. There is a trend among
members of social networking sites to
"friend" as many people as possible, even if
they do not actually know them. The same
goes for "following" and responding to
unknown "tweets" on Twitter. Such "friending"
provides opportunities for would-be
attackers to spread worms and other viruses.
Do not go click happy.
Regardless of whether you know the sender,
never click on links received unexpectedly.
Be careful what you click
for. If you do click a link that then
requests you install something, do not
install it. If you have a reason to believe
a legitimate update is required, visit that
vendor’s Web site directly and update from
there.
Be cautious with your
login information. Never log in to a site
accessed via a link received in an e-mail,
instant message or a social networking site.
If you believe the login request is
legitimate, visit the site as you normally
would and log in via the normal interface.
Always sign out and log
off. Users should log off of sites they are
not actively using. It does require a bit
more discipline, since they will need to
remember to sign out and will have to sign
back in each time they wish to use the site.
By taking this extra step, however, users
will not only be enhancing their own
security, but the security of their
legitimate friends, as well.
The rising cost of telecom
The use of
telecommunications services has been
growing, but budgets have not substantially
increased–largely due to falling prices of
legacy services and the availability of
less-expensive new services like MPLS and
Ethernet. Those days are over, however,
according to Forrester Research’s Lisa
Pierce, who says the cost of using U.S.
telecommunications services is rising.
To limit the effect of
these immediate cost concerns, she suggests:
Use leased equipment or
managed/hosted services. Current economic
conditions may limit the ability to obtain
credit to fund large capital expenditure
projects, such as implementing an IP PBX
solution companywide.
Other pay-as-you-go
alternatives include using managed services
that combine telecom implementation,
monitoring and management capabilities with
amortized expenses, or hosted services that
go even further by essentially sharing the
CAPEX between multiple enterprises.
Decrease travel and
increase use of videoconferencing. Although
many enterprises still use ISDN
teleconferencing equipment, Pierce says more
than 30 percent have already turned to IP
videoconferencing systems and services.
"Advancements in quality across both
high-end systems like HP’s Halo and Cisco’s
TelePresence and more affordable systems
like Microsoft’s RoundTable will
significantly improve conferencing
experiences," she says.
Implement a SaaS solution. Pierce says
most companies can benefit from implementing
strong telecom expense and inventory
management (TEIM) practices for both
landline and wireless services and
equipment. Many companies consider TEIM
solutions to be pricey, however, although a
growing number of TEIM companies are
implementing hosted solutions, which can
help save some expense.
SMBs weigh security purchases
Small and midsize
businesses (SMBs) are aligning their own
concerns with key security threats this
year, and spending where it hurts, according
to research conducted by Chadwick Martin
Bailey. Among the findings:
Companies are focusing
security spending on the most important and
likely threats to their businesses. IT
professionals identified the least-critical
threats, and lowest budget priorities, to
most SMBs as: storage encryption, security
solutions for teleworkers and
networking/unified threat management.
E-mail-borne threats,
such as viruses, worms and Trojan horses,
are a top concern for IT professionals (60
percent), who also expect these threats to
affect their businesses in 2009 (54
percent). Spending for 2009 will be focused
around antivirus solutions, with 60 percent
of SMBs stating it was a top IT security
budget priority.
Other top concerns
include: employees inadvertently downloading
malware from public Web sites (51 percent),
lost/stolen mobile devices (44 percent) and
insider attacks (21 percent).
When SMBs are asked what
security vendors could improve upon, the
integration of product offerings (25
percent), implementation/integration with
existing network infrastructure (14 percent)
and less network performance degradation (14
percent) were all top priorities.
Short takes
Wireless football
ADC’s
InterReach Fusion in-building cellular
solution has been deployed at Tampa’s
65,000-seat Raymond
James Stadium
to support mobile services for capacity
crowds at football games and other events.
The system will provide coverage throughout
the stadium, including the inner bowl, all
seating levels, luxury boxes, offices and
locker rooms, and the stadium parking area.
The stadium operators wanted to ensure that
cellular services were up to the job of
handling as many as 10,000 to 15,000
simultaneous calls. The ADC system was
chosen because it delivers high performance
throughout the coverage area, and includes
19 main hubs, 23 expansion hubs and 109
remote antenna units. The wireless signal is
distributed and reproduced at full power
through each antenna location.
Secure e-mail
The
University of Rochester (N.Y.) Medical
Center (URMC) has
selected
Voltage Security’s
SecureMail to ease and protect e-mail
communications between employees, customers
and partners. The agreement includes 15,000
licenses for a fully managed hosted solution
that provides URMC users with on-demand
access to encrypted e-mails, files and
documents. "We needed a scalable solution
that was easy for URMC employees, including
doctors and healthcare providers, as well as
patients, payors and other providers," says
Chip Nimick,
project director, information security,
URMC.