by Ross Sivertsen | Feb 12, 2015 | Blog, Information Security
Physical hardware does not need to leave your possession for data to be compromised, particularly when you’re using equipment or network connections in public internet cafes, business centers, airports or hotels.
It is not uncommon to find spyware on such PCs. Many users may have plugged USB sticks into such computers to aid data transfer, but this is in itself a possible source of infection.
It may come as a surprise to know that a business center in a hotel can often be less securely managed than a street cybercafé like Starbucks. And when it comes to the wireless internet facilities available in hotels ad other public areas, it is easy for anyone to set up a fake WiFi network and encourage people to connect to it to capture sensitive information.
Consider using a VPN; I use a VPN on my mobile devices and laptops when ever and where ever I go. There are several good inexpensive options. I use Private Internet Access
First of all make sure your personal firewall is turned on for your PC, both PCs and Macs have them.
If you don’t have a data tethering plan on your mobile device, consider getting one and use it in place of connecting to a public WiFi
Finally you might simply want to consider only using certain sites when connecting to a public WiFi access point.
http://lrs.ms/DataSecureTravel
http://lrs.ms/SecurePublicWifi
http://lrs.ms/VPNReviews
by Ross Sivertsen | Feb 12, 2015 | Blog, Business, Current Affairs
Very real opportunities exist for investment in China;
China continues to struggle fueling it’s economic growth; partly because it’s been paying for all of the infrastructure through borrowing, which as of right now is at about 250% of it’s GDP, adding to the fire is the forecasted economic growth not expected to hit 7.0% in 2015.
The amount of building that’s going on here is crazy… roads, high rise office towers, everything.
China recognizes the need to improve the lives of the citizenry rests in producing sustainable growth and participate globally.
In order to do that, China is going to have to shift from low end manufacturing to high end production.
Such a move requires that China reduce all of the heavy government spending and borrowing to fuel its growth, and move toward a consumer market with a focus on increasing the services sector. The services sector has risen 46% over the last 10 years, and will need to continue to grow and outpace the low end manufacturing.
We combine the rise in services with the strong dollar gives China a chance to increase exports to the US.
Now here are the clinchers, president Xi Jinping has eased up on visa restrictions to enter and stay in the country, I literally received a 10 year visa this year after having to renew my visa yearly for the last 10 years; the easing up on visa restrictions will allow more talent to enter the country more frquently from foreign companies.
Next while the Shanghai stock exchange has suffered some eratic performance recently, the fact that the Chinese equity markets have been opened to foreign investment is huge. In fact several mainstay Chinese companies are actively seeking foreign investment capital.
http://lrs.ms/ChinaGrwth
http://lrs.ms/DlrsRise
http://lrs.ms/ChinaServiceSector
http://lrs.ms/ChinaGDPFactors
by Ross Sivertsen | Feb 10, 2015 | Blog, Uncategorized
This is another one of those posts that I have filed under the category of ‘Really?!’
I posted two weeks ago about national data privacy day, and managing you information is YOUR responsibility:
http://lrs.ms/InfoProtect
While the EU and many other parts of the world are increasing penalties for breaching the loss of personal information; the French DPA levied a fine against Google for €150,000 for a simple neglect to notify a change in their privacy policy.
Anthem, the second largest insurance provider in the US suffers one of the most egregious data breaches in history with the loss of over 80 million customer/client records including those of the CEO. Now this little extravaganza is getting parlayed in to a congressional hearing.
Yes, Anthem was imediatley forthcoming of the breach, and it was found by their own internal audit procedures, kudos for them; don’t we wish Target and Home Depot were as equally transparent.
Boards and shareholders (myself included) are growing increasingly impatient with the cavalier way our personal information is thrown around.
All that said, there is little help on the horizon for netizens in the US, and managing the location and use of your personal information is still your responsibility.
For example, of the 10 most significant personal data privacy and protection issues from the last year, 9 of them involved the EU and Russia. Only one, the amendment to the Safe Harbor policies, and that involves the data for citizens of the EU.
I’m about to send out my forth information security tip; and folks I know the first three seems MIND NUMBINGLY simple (change your passwords, use complexity, etc.), but I will tell you, how few people actually follow those basic practices, and in reality cause 80% of the loss of data. The suggestions aren’t sexy, but they are VERY real.
http://lrs.ms/AnthemCSuite
http://lrs.ms/2014PrivacyDev
by Ross Sivertsen | Feb 6, 2015 | Blog, Information Security
90% of all passwords are vulnerable
it takes 5 minutes to go from hackable to uncrackable… (Look I know these sound like the fundamentals but you’d be surprised at what I see people do).
In fact over a long enough timeline every passwords security drops to zero.
(Thank you passwordday.org for allowing me to shamelessly plagiarize this first paragraph)
Surprisingly you would think those who were brought up in the age of always having a computer nearby, The Millennials, would think this is as old hat as the advice to use condoms or not smoke (both of which many choose to ignore anyway), but the statistics show otherwise. Only 41% them and their neighbors the Gen X’ers changed their passwords ever or only when prompted.
http://lrs.ms/MillennialPwds
And 55% use the same password for everything.
http://lrs.ms/55PctUseSame
I could write a book on good credential hygiene, but the site for password day 2014 has several excellent suggestions.
http://lrs.ms/PwdDay
by Ross Sivertsen | Feb 1, 2015 | Blog, Information Security
Let’s start with the basics… It’s called phishing for a reason…
95 Percent of all successful attacks started with an attempt to get you to click on a link you shouldn’t…
http://lrs.ms/atks-hum-err
Seriously people; would you knowingly drive to a questionable part of town… in the middle of the night… with your doors unlocked… your windows rolled down… your wallet, purse or whatever sitting open on the front seat… cash and credit cards out in plain sight and easy reach…
AND THEN give all of your personal information including driver’s license number, social security number, passport and banking information to the first STRANGER you meet?
THAT’S exactly what you’re doing when you venture to those questionable websites (if you really need a lesson on the ones to which I refer dust me privately and I’ll be happy to give you my opinion), or click the link in the email guiding you to an heretofore unknown inheritance from the long lost you didn’t know you had.
Here’s my first tip… DON’T
Patient: “Doctor, Doctor! It hurts when I do this…”
Doctor: “Well, don’t do that!”