Synology DiskStation 411j NAS

November 13, 2011

Network Attached Storage (NAS)

A lot of small- and medium-sized businesses require a storage solution that centralizes the data and makes it accessible to all the workgroup computers. Also, a lot of home users who use heavy amounts of multimedia such as videos, music, and photos also require a centralized storage system. The solution for both of these scenarios is a network attached storage (NAS) device. A NAS functions much a like data server on a smaller scale. It can also be used to back up data from multiple computers, or as a external hard drive for more storage space. The Synology DiskStation 44j is a very good NAS for a home or small office. It can serve as a centralized data and a multimedia server. Its sleek design and powerful capabilities places the DS411j amongst the top NAS devices in its class.

Capabilities

The DS411j works as a really good multimedia server. It is DLNA and UPnP compliant and can stream videos, music, and photos to your media player, such as a Playstation 3, Xbox, or a WDTV Live media player. Because the DS411j comes with a gigabit Ethernet connection, it allows for high level network transfer speeds that are well-suited to stream high definition videos.

Using the DS411j as a backup solution works extremely well for all types of computer systems. It is compatible with Windows Backup, Apple Time Machine, and Linux systems as well. Because the DS411j comes with RAID architecture, disk redundancy allows for fail-over safety. Basically your data is recoverable even if a hard disk has failed. It has a max capacity of 12 TB.

Functionality

The DS411j functions as a fully operable server with its own web-based operating system that has many utilities. One utility that I really like is the Download Station. It functions as a torrent downloader as well as having FTP, HTTP, eMule, and NZB download capabilities. All of these capabilities make it safer to download it to the DS411j system rather than to a PC because viruses don’t affect it. You can even use eMule to search the web and download files. Music and pictures are available over the Internet and can be streamed to many devices over the World Wide Web.

Conclusion

I am thoroughly impressed by the DS411j NAS. Its capabilities, ease of use, and performance place it amongst the top of all NAS solutions in its home and small business class. If it had a double gigabit Ethernet connection, that would have been perfect for fail-over redundancy.

Rating: 4.5/5

Filed under Product Reviews Tagged with , , , , , , , , , , , , , ,

Security for Your Medical Centre – Part 2

September 30, 2011 Leave a comment

Statistics of IT Security Threats

This article is a continuation of Security for Your Medical Centre – Part 1. We will discuss various statistics related IT threats and security concerns. This article points out clearly the importance and significance of securing your IT infrastructure. Do not hesitate in any way from ensuring proper security measures, as not doing so can lead to damage and theft of your medical data.

Phishing Scams

Phishing scams come under social engineering attacks. They provide a fake e-mail or website that looks like an authentic one and tricks you into putting your username and password. Once they capture your username and password, they now have access to your bank account or whatever website they are pretending to be.

A disputed study by Trusteer showed that spear phishing a hundred LinkedIn users resulted in a failure rate of 68%. That would mean that around 30% of those targeted with phishing attempts disclosed their personal data. That is significant enough for medical centres to lose a substantial amount of money once their bank account information has been captured.

Cnet interviewed Michael Barrett, chief information security officer at PayPal (online payment processor) in April, 2011. This is what he had to say regarding the question of PayPal’s weakness to phishing attempts:

“I joined PayPal almost exactly five years ago and it’s fair to say the company had not realized at that point the true significance of phishing. But since that time we’ve put in place a number of defenses against it. It probably will never go away completely as a problem, but it can be substantially minimized. We’re at No. 8 on a list of most phishing sites, which is better than being No. 1. I’m not satisfied with being No. 8 and I’d really like to obliterate the crime completely, but I realize that will take another five years to get to that state. A few years ago we started digitally signing all our outbound e-mail and we worked with Yahoo and Google so if they saw e-mail that purported to come from us but wasn’t signed they would block it. That has been stunningly successful. Now we’re trying to get the whole industry to take up that type of approach. But it will take several more years of pushing to get the rest of the industry to do that.” (1)

Malware

Malware is software that is damaging to your computer in various ways. Spyware is a type of malware that infects a computer and relays information of your computer use to different parties.

In 2007, Kaspersky Labs was seeing new malware samples every two minutes, but in 2010, just three years later, that had increased to one new sample every two seconds.

This is what InformationWeek has to say about small organizations and virus threats:

“Small organization respondents’ other top concerns were Trojan applications (60%), malware designed by criminals expressly to steal data (59%), data leaks (56%), spyware (55%), and fake AV (52%). Spam and phishing threats ranked lowest. Most of today’s antivirus software suites protect against many viruses and worms. But when it comes to data-stealing malware, 21% of small U.S. organization respondents said that their IT department could do a better job of protecting end users. Notably, only 47% of small organizations install security software to help stop such malware, 30% offer related security policies, and 28% provide relevant education or guidance.” (2)

Some are touting Cloud resources as the answer to fighting back malware spread. That remains to be seen.

Security Breaches – Hacks

It’s interesting to note that organizations attribute 59% of all security breaches to human error. This can occur if the network administrator has failed to set up the proper security barriers, or it can occur by inadvertently giving our information that a hacker can use to compromise the system.

About half of all organizations consider IT security a top priority. This stat indicates two scenarios. One, namely that there are pockets of IT infrastructures that don’t need high security. Perhaps these are small organizations and medical centres that have a wireless network setup, and they don’t see themselves as a potential target from hackers. The network is small and their data isn’t all that critical. The second is that IT security is seen as a big issue for larger organizations. They have important data that cannot be leaked and as such they are prime targets for hackers. Hackers use stolen company data to sell to competitors and it is quickly becoming a lucrative business. Larger organizations need security for their systems and that entails purchasing the right equipment and having it administered properly.

The cost of an individual data breach – including lost business and the burden of responding to the incident – in 2010 increased 13% year-over-year for U.K. companies. That roughly equals $3 million for each breach, which is quite substantial. Needless to say, every organization, small or big, should pay close attention to its IT security needs.

Viruses

Medical centres still fear the virus according to a new survey of 1,600 end users in Germany, Japan, the United Kingdom, and United States. Conducted by antivirus vendor Trend Micro, viruses are the leading concern for 63% of small organizations.

A CompTIA stat shows that 33% of law firms admit to experiencing a security issue such as a virus. That’s only law firms, if you total firms from other fields the number is much higher.

Conclusion

The presentation of stats and facts in this article is only intended to create an awareness of various cyber threats. Cyber security is a huge issue and should not be taken lightly.

References

(1) http://news.cnet.com/8301-27080_3-20052310-245.html#ixzz1MvDmlGv5
(2) http://www.informationweek.com/news/security/vulnerabilities/228200171

Filed under Medical Tagged with , , , , , , , , , , ,

Internet as Critical as Food and Shelter

September 25, 2011 Leave a comment

Cisco Study Finds Internet as Crucial

A Cisco survey of college students and young professionals has found that respondents indicate that the Internet is as crucial to them as food, shelter, and even air. The second of its annual Connected World Technology Report underscores the importance that the Internet serves for a generation that hasn’t been without the connectivity of the Internet. The report found that a full one-third believe the Internet is as critical to their lives as food, water, shelter and air. Also, another half said that it was “pretty close” to that level of importance.

Cannot Live Without

Interesting to note that 55% of respondents said that they could not live without the Internet and 64% said that they would choose the Internet over having a car. Scott Gainey, director of product marketing for Mobility Solutions at Cisco, said the company chose this particular demographic for the survey to help companies gain insight into the future of work. “What do companies need to be ready for?” he said. “They need to prepare for not just the technology shift but the attitude shift as well.”

Pencil and paper, as written about before on this site, were the dictators of communication. Information and technology has changed the landscape of communication and productivity is synonymous with the Internet. When the Internet shuts down, so does productivity and the modern workplace has to reflect that. Colleges and universities are still somewhat lagging behind in using the Internet and telecommunication resources to their fullest. This report surveyed college students as well and indicates that much of the course curriculum should be Internet based.

Cyber Socialism

It’s important to note  that the workplace and the classroom only reflect a growing trend that runs as an undercurrent which is social media. For respondents the Internet is more important than dating, going out with friends or listening to music — at least for 40 percent of the survey respondents. This number says a lot about the human being a “social animal”. Does this mean in the future we would not need to verbally speak to each other? Who knows?

Other Findings

  • Many respondents cite a mobile device as “the most important technology” in their lives
  • Seven of 10 employees have “friended” their managers and coworkers on Facebook
  • Two of five students have not bought a physical book (except textbooks) in two years
  • Most respondents have a Facebook account and check it at least once a day

Filed under Exabyticals Tagged with , , , ,

Minimizing Your Online Footprint

September 2, 2011 Leave a comment

Global Internet Usage

Internet usage amongst the world’s population has increased significantly. Since 1990, 30.2% of the world’s population uses the Internet. Since the year 2000 there has been a 480.4% increase, which is quite substantial. North America has the largest Internet footprint in the world at around 70%, followed by Oceanic regions such as Australia, and then Europe. This increase in Internet usage has burdened the global Internet infrastructure, and every user is adding to this. One way of lessening the burden is by minimizing our Internet footprint. This basically means that we can adopt a few simple practices that will ensure that we use the least amount of bandwidth and therefore help strengthen the Internet.

Bandwidth Usage

Every click on a web page link, or every search on Google results in Internet traffic being exchanged. This traffic crosses and is processed by network devices that form a web of infrastructure, hence the term World Wide Web. Every YouTube video consumes bandwidth as well, and large movie downloads also result in increased web traffic. This affects both you and me. First, it affects you because if you have an Internet cap limit set by your Internet service provider, then the more Internet you use, the more you will pay if you cross the limit. Secondly, it affects everyone else because the more traffic that you impose on the infrastructure, the slower it becomes for the rest of Internet users that are sharing that same infrastructure.

Tips On Lessening the Internet Footprint

Here are a few simple tips that can help lessen the online footprint.

  1. Download actual music files instead of playing YouTube videos. This tip basically means that instead of playing a YouTube video to hear your favourite song, you can download the actual MP3 and just play that. This will reduce your Internet traffic because every YouTube video you watch, it consumes bandwidth in order to download it to your system. YouTube downloading is also known as streaming media, and every time you watch or listen to a different clip, you are consuming bandwidth.
  2. Don’t use short URLs. Short URLs are provided by different web services such TinyURL.com and help make a lengthy hyperlink into a short one that can be pasted or written out easier. How does this increase the online footprint? Well, every time you click a short URL, it has to trace itself to the real URL or hyperlink, which results in slowing down the Internet. I’m not saying that you shouldn’t use short URLs at all, but what I’m suggesting is basically using less of them in order to keep Internet speeds up.
  3. Work offline when viewing common websites. If you’re commonly viewing the same website over and over again, you can use the offline feature of your web browser and download the material to your computer so you don’t have to send traffic on the Internet. Even if you need a certain site for any reason when you don’t have a link to the Internet, say you’re out of the house, you can use the offline feature prior to leaving and download the website to view later.
  4. Keep track of downloads. Often people keep downloading the same file over and over again, even though they have an original copy of it in their downloads directory. Keeping track of all your downloaded files can help in knowing when not to download a duplicate file. This too will reduce unnecessary Internet traffic.

By reducing the traffic on the Internet we can help make sure that the Internet stays fast and responsive.

Filed under GPIT Tagged with , , , , , , , ,

Security for Your Medical Centre – Part 1

August 18, 2011 1 Comment

Security is essential for any medical centre running IT systems. These days there are more threats than ever before, and to keep guard is one of the requirements for any health IT infrastructure. This series on data security measures for your medical centre entails topics such as basic terminology of attackers, different attacking methods, statistics of IT security, and how to secure your network.  There are many types and classifications of threats and we will go through some of them in this part of the series so your organization has the insight and knowledge to properly understand these critical issues.

Why is Security for Your IT Systems Important?

If your security is breached it means that your data can be stolen, altered, or destroyed. Serious issues such as the loss of privacy and theft of information can land your company in legal turmoil. It is hard to determine how secure your network should be because the more secure your network is, the less accessible are the resources on the network. Your organization has to determine the fine balance between having more access to certain network resources, but having less security, or having less access to network resources and having more security.

Security Threats are Rising

Attack tools and methods have drastically evolved and have become easier for even novice users to break through data security walls using the simplest of tools. Here is a brief look at how attacks have evolved over the years:

  • 1985: Password guessing and code replication
  • 1990: Password cracking and war dialing (calling lists of numbers to hack into phone systems, fax machines, and computers)
  • 1995: Viruses, including Love Bug, Nimda, and Code Red
  • 2000: Trojan horses such as Back Orifice
  • 2005: Worms including Blaster, MyDoom, and Slammer
  • 2010: Packet sniffing, social engineering, and phishing

Attacks that once involved deep knowledge of computer and computer systems can now be performed by entry level computer enthusiasts. This is because many of the attack tools, such as password cracking, have been simplified to the extent where even beginners can take advantage of them. Some of these tools come with easy-to-use graphical user interfaces that make them easy to understand and use for beginners. This has resulted in people committing computer crime where they previously would not have.

Terminology You Should Know

White Hat: A hacker who seeks vulnerabilities in systems and exposes them for the purpose of having them be fixed. A white hat hacker is a good guy who uses his or her knowledge to improve the security of a system.

Hacker: A computer programming expert who can use his/her computing knowledge to bypass systems. This term is usually associated with a negative connotation and generally refers to anyone who bypasses security systems.

Black Hat: A hacker who gains unauthorized access to systems and uses it in a negative way. For example, one who steals information for monetary gains or compromises systems with a malicious intent.

Phisher: A person who sets up fake links to websites and dupes people into giving their personal information, such as passwords, and then uses that information for personal gain, i.e. stealing money from their bank account.

Attack Methods

There are many types of attacks and they can get confusing. A few attacking methods mentioned here are intended to give you a “heads up” on how these attacks are executed.

  1. Social Engineering: This is one of the simplest of attack methods. One simply dupes the other party into giving critical information that is in turn used to gain access. Phishing, as mentioned above, is of this classification. I have heard of companies who have had their security systems compromised simply by a phone call of a person pretending to be the president of the company, who had forgotten his/her password. The employee on the other end believes it is the actual president and offers him/ her access to the computer systems. This attack can be mitigated by constructing and following a security policy for your company.
  2. Viruses: These little pieces of software code can do a lot of damage to the integrity of your computer systems. These codes are written to infect computer systems and to either render them useless or take over the systems. Some of them ask for money in return for leaving the system unharmed. I would include worms, Trojan horses, and malware in this category as well. This attack method can be mitigated by using an up-to-date virus scanner.
  3. Password-cracking: One of the most used password-cracking methods is known as Brute Force. Basically this techniques cycles through different combinations of characters hoping that eventually it will get the right combination and break through the system. It is always recommended that the password you set should be a “strong” password, meaning that it should contain small and large letters, numbers, and unique characters, such as “$”, “@”, or “&”. Setting a strong password will hinder the brute force method.
  4. Sniffing: This method commonly refers to the ability of the hacker to “listen” in on network traffic and thereby discover the passwords. This can be easily accomplished by using network tools (i.e. WireShark) to drop in on computer conversations on the network and capture the usernames and passwords. There are many other techniques that allow the hacker to gain access, such as the man-in-the-middle technique that places the hacker in the middle of the conversation of two network computers, and then the hacker is able to intercept the username and password to gain unauthorized access.

Data Security for Your Medical Centre – Part 2
The next article in this series takes a look at the statistics of IT security.

Filed under Medical Tagged with , , , , , , , , , , , , , , , , , , , , , , , , , ,

EMR/EHR Implementation Models for Medical Practice

July 29, 2011 Leave a comment

Three Types of EMR/EHR System Models:

There are three topologies that a medical practice can choose to implement. One is the SaaS model, the second is the in-house server model, and the third is a hybrid of the earlier two. Your choice in selecting one of these models will determine who bears the responsibility of data security and its retrieval if in case the EMR/EHR vendor shuts down for any reason. This article will discuss each of these models, their benefits and shortcomings.

SaaS – ASP

SaaS stands for Software-as-a-Service, and that means the EMR/EHR application is hosted at the EMR/EHR vendor site on the Internet. They maintain control of the data that is being sent from your clinic or office to their servers on some physical location far from you. This means that you would have to entrust them with your patient data. It is our advice that you get in writing everything that relates to the ownership of that data in case that vendor goes down, i.e. bankruptcy. Also note, that some vendors engage with a third-party data centre to hold the patient data. This can be troubling for the medical practitioner as there could be a legal dispute between the vendor and the third-part data centre. It is best to have all of the necessary accommodations written down before signing with an EMR vendor.

In terms of IT infrastructure needed to run a SaaS, it is not as much as having an in-house server model, although you would need to contract IT support personnel for regular maintenance. One service you will need is to have a backup Internet connection in-case your primary Internet connection goes down for some reason taking your clinic or office with it. Really important to plan for a backup Internet connection.

In-house Server

This model requires your office/clinic to run the EMR/EHR vendor software on your own servers located in your clinic or office. This model requires a lot more investment in hardware and software and nearly daily upkeep measures would need to be contracted from IT support services such as Soulistech. This option does give you the control of keeping all of the EMR data on your own site instead of having it stored somewhere where it would be hard to retrieve the data, should any emergency happen. Also, not much data is transmitted on the Internet, making this a safer choice.

With the data in your possession, it becomes incumbent on your practice to ensure proper security measures are met to withstand attacks from hackers. Again, IT services from Soulistech can help in this regard. In terms of having an Internet connection. One line is good as you won’t be using the backup line anymore.

Hybrid Model

The hybrid model basically combines the in-house server with the SaaS input method on the client computers. The EMR application runs on the client computers either through a web browser or custom application and sends all of the data to the in-house web server. Instead of sending the web browser entered data to an off-site EMR/EHR vendor, all the data goes in to the in-house server like the in-house model.

This model requires just as much IT support as the in-house server model, but gives you the control of keeping the data on-site and off-site. It keeps the off-site data to a contracted place where it regularly backs up to the off-site location. Even if the Internet is down, the EMR/EHR will continue running as usual, and when the connection is set again, it will backup and sync automatically.

Filed under Medical Tagged with , , , , , , , , , , , , , , , , , , , , , , , , , , ,

WDTV Live

July 8, 2011 Leave a comment

Media Player

Gone are the days where you would need to burn a video or audio file to a DVD or CD in order to play it on a TV or theatre system. With the WDTV Live media player, one only needs to connect the device via a network connection or USB to play almost any media file. This media player plays full 1080p HD video and also has a YouTube app built into it so that you can stream YouTube videos straight to your TV. I wouldn’t see it as hard to argue that media players, in general, have taken a bite out of the Blu-ray market. These devices have probably increased the amount of downloading of movies and TV shows as it becomes so easy to play whatever you have on your PC to your TV.

Functionality

The WDTV Live comes with a small remote that enables one to interact with the user interface. The user interface itself is quite easy to navigate as it presents icons of videos, music, and pictures that you can simply play by pressing the enter button on the remote. A USB keyboard can also be attached to aid in typing of search strings for YouTube videos.

There are two USB ports, an Ethernet adapter, a HDMI connection, and composite connectors as well. The device can be made to connect to a wireless network with the purchase of a separate wireless adapter that is compatible with the device. The list of compatible wireless adapters can be found from the WD website.

Issues

There are a number of issues that can arise in terms of operability. One of the most annoying problems is the network connection issue. Workgroup computers are sometimes not detected, or funny connection errors come on the screen when trying to connect to a PC. Even though there have been a number of firmware updates, WD still hasn’t been able to resolve many of the network problems that plague the WDTV Live.

There are also issues with playback of certain media file types. Encodings of HD video sometimes result in jittery playback, where the media player is unable to smoothly play the HD video. This is not always the case, although it happens more frequently to 1080p videos than 720p videos.

Conclusion

If you can see past the glitches that come with this device, it will provide you with one of the most unique entertainment experiences found today. The ease of playing audio, pictures, and videos from any network PC or USB is what makes this device applicable to tech enthusiasts and people interested in multimedia entertainment.

Rating: 4/5

Filed under Product Reviews Tagged with , , , , , , , , , , , , , , , ,

IT Needs for Medical Offices and Clinics

June 23, 2011 1 Comment

Medical clinics and doctor offices usually have a simplified IT infrastructure model as compared to businesses. The needs of a medical clinic and office revolve around the issues of redundancy, in terms of backup, and the health of the hardware and software of the computers. In addition to this, many clinics and offices use specialized patient database software to maintain their schedules and inventory. These specialized software may be purchased from independent developers from which IT support is also required from. IT consulting companies, such as Soulistech, have a role to play here as a managed service provider (MSP) and as an administrator in taking care of the PCs and the network, something that the developer cannot offer. Some clinics and offices are upgrading their infrastructure to EMR/EHR, and as such the demand for upkeep of all of the services mentioned above is increasing.

What Are the Primary IT Needs of a Clinic/Office?

There are three primary IT infrastructure needs that a clinic or medical office has to implement. These three needs are:

1. Computers
2. Network (printers, scanners, etc. included)
3. Backup Solution

Computers

The first primary need is of proper computer implementation. Computers can be custom built to match the needs of the clinic or office, or they can be purchased from computer manufacturers such as HP or Dell. I prefer to go after hardware over looks. Most computers in medical offices and clinics are not visible to the patients. Therefore, going after fancy cases should not be a concern. What matters more are the internal components that should run smoothly and efficiently. Fancy cases sometimes pose a problem when it comes to repair as their port structure and form factor hinder easy access to components. I suggest a range of $300 to $400 for a computer (without a monitor) that should be sufficient for a medical clinic or office.

Network

The second primary need is that of the network. The network infrastructure consists of switches, routers, and peripheral devices like the printer or scanner. Cisco offers the best networking solutions when it comes to switches and routers, but D-link and HP also offer good products for less of a cost. Ethernet wiring (cables for the network to connect all of the devices) should be at the very least Cat. 5e so that it can accommodate Gigabit speeds. I would prefer Cat. 6, as needs for the future should be considered when placing a network. Some clinics and offices don’t have Internet connection. This is something that needs to be thought out as remote support options aren’t available if there is no Internet connection, and the cost of on-site support can cost more than the remote support. As for printers and scanners, a Xerox device or any HP LaserJet can do the job. Support for these devices usually come with the manufacturer for a limited time.

Backup Solution

Probably the most important need for medical offices and clinics is a proper backup solution. I’ve experienced a case where patient data had not been properly backed up for two years and when a problem hit, there was no recent backup for all of the patient data. Luckily I was able to extract the core files from the broken down computer’s hard drive and insert them into the new computer. If it wasn’t for that, that clinic would have lost crucial data that would have hurt them in many ways. I recommend on-site and off-site backup: a hybrid solution of backing up to an external drive or network share as well as backing up to the Internet, in case a fire or burglary hits. Having a backup solution that works is important and that requires proper checks. Daily checks of both the on-site and off-site backups should be done by an MSP like Soulistech to ensure proper security and availability of data.

Filed under Medical Tagged with , , , , , , , , , , , , , , , , , , , , , , , , , ,

Twitter For Business?

June 17, 2011 Leave a comment

After Facebook, Twitter has become one of the most widely used social networking site in the world. Placing mini blogs, or short status updates, that contain a message within 140 characters makes Twitter a unique tool for conveying messages to large populations, especially for businesses. So is the investment of time and effort worth it when it comes for businesses to use Twitter as an advertising tool or as a update channel? Let’s see…

Twitter VS Facebook

Facebook has established itself as the king of the hill when it comes to social networking. Businesses can have their business pages created and invite people to join them. These pages are generally “liked” (a like button that shows you and how many people like the page) by people seeing it from others or searching for them. They show a presence of the company in the Facebook community. Businesses can update their statuses and post videos, pictures, etc. to their page wall. This will be distributed to the walls of the people who have “liked” the page. This is an effective tool for communication and advertising.

Twitter uses the simple purpose of a short status update, within 140 characters, and conveys it to the wall (like Facebook) of the subscribers. You can choose to make your “tweets” (status updates) viewable to all or private. Businesses would probably choose the non-private option as it allows anybody to subscribe to the tweets and get the message updates, thus reaching the most people. The hard part in making an account for your business is getting people to subscribe. The number one way to make people sign on to your tweets is to become an active Twitter community member. This means that you interact with other members by sending them messages on their wall and letting people know that your active and not just a spammer. Another way to get people to subscribe is my following others. The more people you follow, the more will follow you in turn.

Special Advertising

If your company is interested in paid advertising, Twitter can be a great tool to reach the populous that you want targeted. Twitter offers something called “Promoted Tweets”. These are regular tweets that advertisers have paid to show up at the top of search results and hash tag topics (topics being discussed with a certain word tag). Promoted tweets are clearly labelled “Promoted”, yet they are treated like regular tweets. When Microsoft, for example, released Internet Explorer 9 and promoted its tweets in the Twitter world regarding the release of IE 9 its tweets regarding the web browser would show up in technology topics as well as in the Trends section. The Trends section in Twitter displays the topics that are currently a hot topic in the Twitter domain.

Twitter for Celebrities

Twitter has become a favourite amongst celebrities that communicate directly with their fans. Since many of these celebrities have millions of followers, it’s all the more becoming of paying these celebrities a lot of money to advertise your product or service by mentioning it in one of their tweets. For example, Kim Kardashian gets paid $20 000 per tweet if she is to mention a product or service by one of the advertisers. This is great advertising as stars have a heavy influence on fans and followers.

If your business can maintain its tweets stature, then Twitter is an profound place to advertise and keep in touch with your client base. However, if the routine of constantly updating statuses and keeping in touch with your followers is a daunting task, then Twitter may not be the best place to promote your business.

Filed under Exabyticals Tagged with , , , , , , , , , , , , , ,

Security for Your Business – Part 2

May 25, 2011 Leave a comment

Statistics of IT Security Threats

This article is a continuation of Security for Your Business – Part 1. We will discuss various statistics related IT threats and security concerns. This article points out clearly the importance and significance of securing your IT infrastructure. Do not hesitate in anyway from ensuring proper security measures, as not doing so can lead to damage and theft of your business data.

Phishing Scams

Phishing scams come under social engineering attacks. They provide a fake e-mail or website that looks like an authentic one and tricks you into putting your username and password. Once they capture your username and password, they now have access to your bank account or whatever website they are pretending to be.

A disputed study by Trusteer showed that spear phishing a hundred LinkedIn users resulted in a failure rate of 68%. That would mean that around 30% of those targeted with phishing attempts disclosed their personal data. That is significant enough for businesses to lose a substantial amount of money once their bank account information has been captured.

Cnet interviewed Michael Barrett, chief information security officer at PayPal (online payment processor) in April, 2011. This is what he had to say regarding the question of PayPal’s weakness to phishing attempts:

“I joined PayPal almost exactly five years ago and it’s fair to say the company had not realized at that point the true significance of phishing. But since that time we’ve put in place a number of defenses against it. It probably will never go away completely as a problem, but it can be substantially minimized. We’re at No. 8 on a list of most phished sites, which is better than being No. 1. I’m not satisfied with being No. 8 and I’d really like to obliterate the crime completely, but I realize that will take another five years to get to that state. A few years ago we started digitally signing all our outbound e-mail and we worked with Yahoo and Google so if they saw e-mail that purported to come from us but wasn’t signed they would block it. That has been stunningly successful. Now we’re trying to get the whole industry to take up that type of approach. But it will take several more years of pushing to get the rest of the industry to do that.” (1)

Malware

Malware is software that is damaging to your computer in various ways. Spyware is a type of malware that infects a computer and relays information of your computer use to different parties.

In 2007, Kaspersky Labs was seeing new malware samples every two minutes, but in 2010, just three years later, that had increased to one new sample every two seconds.

This is what InformationWeek has to say about small businesses and virus threats:

“Small business respondents’ other top concerns were Trojan applications (60%), malware designed by criminals expressly to steal data (59%), data leaks (56%), spyware (55%), and fake AV (52%). Spam and phishing threats ranked lowest. Most of today’s antivirus software suites protect against many viruses and worms. But when it comes to data-stealing malware, 21% of small U.S. business respondents said that their IT department could do a better job of protecting end users. Notably, only 47% of small businesses install security software to help stop such malware, 30% offer related security policies, and 28% provide relevant education or guidance.” (2)

Some are touting Cloud resources as the answer to fighting back malware spread. That remains to be seen.

Security Breaches – Hacks

It’s interesting to note that organizations attribute 59% of all security breaches to human error. This can occur if the network administrator has failed to set up the proper security barriers, or it can occur by inadvertently giving our information that a hacker can use to compromise the system.

About half of all organizations consider IT security a top priority. This stat indicates two scenarios. One, namely that there are pockets of IT infrastructures that don’t need high security. Perhaps these are small businesses that have a wireless network setup, and they don’t see themselves as a potential target from hackers. The network is small and their data isn’t all that critical. The second is that IT security is seen as a big issue for larger organizations. They have important data that cannot be leaked and as such they are prime targets for hackers. Hackers use stolen company data to sell to competitors and it is quickly becoming a lucrative business. Larger organizations need security for their systems and that entails purchasing the right equipment and having it administered properly.

The cost of an individual data breach – including lost business and the burden of responding to the incident – in 2010 increased 13% year-over-year for U.K. companies. That roughly equals $3 million for each breach, which is quite substantial. Needless to say, every organization, small or big, should pay close attention to its IT security needs.

Viruses

Small businesses still fear the virus according to a new survey of 1,600 end users in Germany, Japan, the United Kingdom, and United States. Conducted by antivirus vendor Trend Micro, viruses are the leading concern for 63% of small businesses.

A CompTIA stat shows that 33% of law firms admit to experiencing a security issue such as a virus. That’s only law firms, if you total firms from other fields the number is much higher.

Conclusion

The presentation of stats and facts in this article is only intended to create an awareness of various cyber threats. Cyber security is a huge issue and should not be taken lightly.

References

(1) http://news.cnet.com/8301-27080_3-20052310-245.html#ixzz1MvDmlGv5
(2) http://www.informationweek.com/news/security/vulnerabilities/228200171

Filed under Exabyticals Tagged with , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Older posts

Follow

Get every new post delivered to your Inbox.

Join 402 other followers