Doug Bedell — February 24, 2017, 9:14 am

Securing Computers In Today’s Offices


We talk a lot about digital security, but here are “10 physical security measures (ital. added) every organization should take,” courtesy of TechRepublic.

They start off with, “Lock up your server room.” If you have a small office without a server room, we assume that means, Keep your computer-containing office space darned secure.

Doug Bedell — February 22, 2017, 4:59 pm

Don’t Invite Spammers In


Here’s a simple, but important, security tip to ward off would-be attackers of your computer systems: Don’t open files or messages you don’t recognize. They may be spam carriers. Spammers can trick users into opening a rigged .zip file and…

“Once the .zip file is opened, an .exe file that’s nested inside is activated and code – in the form of a malicious DLL (MSIMG32dll) – is dropped onto the victim’s machine. The malware uses DLL hijacking to write system usernames and passwords to a text file, ‘Log%s#%.3u.txt,’ and send them along to the attacker’s command-and-control server.”

Got it? This sobering advice comes from threatpost.com. And it’s well worth heeding.

Doug Bedell — February 21, 2017, 9:10 am

New Security Gear: Drones, Robots and Virtual Reality


Welcome a new set of staffers to security scenes just about everywhere: Robots and virtual reality rigs. The Security blog interviews an integrated security director on the prospects that site protection will become increasingly robotic.

“I don’t think robots will ever replace humans 100-percent,” says Joe Young, Director of Cloud Monitoring Services for G4S Secure Integration, “but the future looks like a healthy blend of robotics, data and humans. In today’s market I see two types of robotics available in the market today: drones and patrolling robots that augment a traditional security officer. These can either be manned or fully autonomous solutions.”

Doug Bedell — February 19, 2017, 9:22 am

Know What You’re Protecting, and How Best to Do It


Before deciding how best to protect your physical security assets, know what you’re protecting. Sounds basic, and it is. But ASIS International provides a checklist for Physical Security Assessment that will help make your priorities assuredly valid and clear.

ASIS lists four sets of tasks, each with a lot to consider, that will help insure that your priorities and purposes are well-considered. You want to know what actually needs protecting (more than you might think), and how best to do it. Head down the ASIS list before making your moves.

Doug Bedell — February 13, 2017, 10:23 am

Do You Have a Hacking Response Plan? You Need One


In these digital times, with computer hackers on the prowl, it’s important to have what Security Metrics calls an incident response plan.

Six steps are involved in developing an effective anti-hacking plan, from identifying assets to be protected to training employees in following the plan. It’s time well-spent to consider how prepared you are to respond should your computer(s) be attacked.

Doug Bedell — February 10, 2017, 11:52 am

Security’s ‘People Problem’


Security is a people problem as well as a perimeter one. That might seem obvious, but the implications of too casual an approach to the people, especially employee, threat are compelling. It’s a reality of our digital times.

That’s because employees are not only readily trusted, but carry around with them a variety of mobile devices that may not be secure, Matthew Gyde on DarkReading.com, notes.

“The security challenges aren’t only the result of more employees working outside of the corporate office,” Gyde advises, “but also the number of devices used by each individual. The same Frost & Sullivan report forecasts that more than 80 billion connected devices will be in use globally by 2025 — a staggering figure! Work has shifted from a place people go to daily to something people do, and as such, businesses need to be flexible, but not so flexible that their data and devices become security risks.”

Gyde develops these observations further in a highly pertinent post.

Doug Bedell — February 8, 2017, 5:03 pm

The Border Wall: Solid or See-Through?


Discussion continues on the nature of the wall to be built along the U.S.–Mexican border, and retired Marine General John Kelly, the new Homeland Security secretary, will have to sort it all out, in consultation, we presume, with President Trump.

Not everybody wants a dense, solid barrier. Government Security News reports that “Border Patrol agents who serve along the 2,000-mile expanse have told the secretary they prefer a barricade that enables them to see what’s happening on the other side.

“There are already several stretches along the border that have steel fencing serving as a buffer between the two countries.” So, solid or see-through? We’ll see.

Doug Bedell — February 6, 2017, 4:54 pm

‘Safer Internet Day’ Focuses on Creating Secure Passwords


Tuesday, February 7th, is Safer Internet Day, and F-Secure’s Safe & Savvy blog offers some suggestions on how to observe it. First, run updated security software on all your sites and use “unique, uncrackable passwords.” There’s a link to another post on how to do that.

This post notes that it’s not as easy to create secure passwords as you might think and provides some guidance on so. An essential post to study and, indeed, to master.

Doug Bedell — January 31, 2017, 2:05 pm

More About Drones, and Their Security Role


Here’s an update on the use of drones for emergency management and security functions. This Emergency Disaster and Emergency Management post calls it “tremendously important” for crisis managers (police, fire and emergency medical personnel, among others) to consider purchasing a drone, or drones, for gathering useful information at a disaster scene.

“Used properly,” drones “can save lives when minutes count,” EDEM advises. We’d add that they can also keep more or less routine watch over an installation’s circumference. They’re both emergency response and security tools.

Doug Bedell — January 27, 2017, 10:50 am

Bank Security: A Stringent Discipline


A bedrock tenet of effective security is to take security seriously in the first place. Are you kidding? Who wouldn’t be doing that? Well, security is a discipline, and here’s how it plays out in bank settings.

“It’s not a bad thing to be paranoid,” says a bank manager in the post “How to Perform a Physical Security Risk Assessment,” on BankInfoSecurity.