Doug Bedell — August 16, 2017, 2:47 pm

Good Security Takes Continuing Attention, Discernment

Good security starts with continuing attentiveness to what is being kept safe from intrusion. The attendent circumstances don’t lend themselves to trivialization or distortion, as Brian Krebs discusses in a post headed “Beware of Security by Press Release”.

As Krebs explains, “It goes a bit like this: A security firm releases a report claiming to have unearthed a major flaw in a competitor’s product; members of the trade press uncritically republish the claims without adding much clarity or waiting for responses from the affected vendor; blindsided vendor responds in a blog post showing how the issue is considerably less dire than originally claimed.”

The circumstances are a bit involved, but patience and attentiveness are other aspects of good security. We recommend that you sort through Krebs’ post before coming to conclusions on virtually anything in the security world.

Doug Bedell — August 14, 2017, 4:07 pm

Security Readiness Requires Planning, Preparations

Unfortunately, the presence of vehicles driven (let’s say wielded) as weapons has been much in the news of late. That’s nothing for a barrier company to seek capitalize on, but it is the nature of current reality, and reality is our context.

Here’s an excerpt from a Security InfoWatch post discussing the reality of weaponized vehicles:

“Managing risk on a daily basis requires a security executive not only to be aware of the vulnerabilities and criticality of organizational assets, but also to adapt security strategies and systems to new threats. Adaptation is a reactive process, but to adequately manage risk, save lives and protect assets, a proactive approach is often more effective.”

The photo above shows concrete blocks in the city center of Dresden during the 2016 German Unity Day celebrations.

Doug Bedell — August 10, 2017, 1:58 pm

Suppose a Security Emergency Hits, Say, Your Mall…

When there’s a security-related issue at hand, whether it involves theft, intrusion or, indeed, weather itself, the people at risk need to know about it.

So, as an example in an educational setting, Caroline Hamilton advises about “Planning and Implementing a Campus Mass Notification System,” on the Security InfoWatch blog.

“Every organization,” Ms. Hamilton writes, “should have a mass notification system in place. Whether the organization is a hospital, a college or university, a business, a retail store, a mall, or a medical clinic, this piece (a notification system) should be a critical element of your organization’s emergency plan.”

So next time you’re walking through your favorite mall, ask yourself, or better yet, ask the mall operator, what would happen if an emergency should occur, like now… Ms. Hamilton offers some guidance about what should be foremost in terms of response.

Doug Bedell — August 9, 2017, 10:01 am

Security Remedies Take Time – Start Planning Now

“Obsolete/inadequate physical and digital perimeter protection capabilities.” Those are among today’s top five security drivers as noted analyst Kevin Coleman sees them and the Security blog reports.

“Consider the physical and digital threats that were at the top of our minds 18 to 24 months ago,” Coleman writes. “Only a small percentage can get all this done in that condensed period of time. While no actual data exists, based on what I have experienced I believe the average would have to be between three to four years.”

So start planning for your security needs now, not later.

Doug Bedell — August 7, 2017, 12:19 pm

Applying Heavyweight Thinking to Lighten a Marine’s Pack

PRO Barrier Engineering is an innovative company and we look with regard on ingenuity wherever it’s applied – as in this means of reducing the pack weights Marines have to carry on their backs.

DefenseTech reports on the outcome of the Marines’ 2016 Innovation Challenge (enterprising in itself), in which Staff Sgt. Alex Long has been credited with developing logistics reforms that likely can reduce the pack weight (up to 100 pounds) that Marines have to carry by a third.

Sgt. Long’s innovation, dubbed the Personal Combat Assistant and Reporting Device (PCARD), is a suite of smart products, including a device that’s about the size of a smartwatch. Instead of trying to make gear weigh less, Sgt. Long is “leveraging technology to improve resupply.” Read the DefenseTech post for more on his inspired (we won’t say heavyweight) thinking.

Doug Bedell — August 4, 2017, 1:56 pm

You Think This Sounds Fishy? Well, It’s Not

If it’s one of the latest models, not even your fish tank may be secure. Truly. The Washington Post reports how hackers stole data from a North American casino “by using an Internet-connected fish tank”.

“The fish tank had sensors connected to a PC that regulated the temperature, food and cleanliness of the tank.”

“‘Somebody got into the fish tank and used it to move around into other areas (of the network) and sent out data,'” said Justin Fier, director of cyber intelligence for the security firm Darktrace.

Evidently “10 GB of data were sent out to a device in Finland,” all without disturbing the fish in the tank.

Doug Bedell — August 3, 2017, 8:43 am

Mobile Employees Can Pose Cyber Security Risks

Many business offices are functioning as though they don’t have walls, the Clearswift cyber security blog notes. That’s because their increasingly mobile employees are using portable computers, iPads and cellphones for business purposes. And those mobile devices may not be as secure as their office counterparts.

So how do we insure the security of out-of-office digital tools? Clearswift lifts a number of safeguards, ranging from using secure passwords to learning how to use cloud-based applications like Dropbox propperly. (Still risky, though.)

Staff education and awareness of cyber security hazards is essential in today’s “mobile offices”.

Doug Bedell — July 31, 2017, 1:32 pm

Caught on the ‘Dark Web’ by Carelessness Over Passwords

The ‘Dark Web’ is defined as the part of the World Wide Web “that is only accessible by means of special software, allowing users and website operators to remain anonymous or untraceable.” That is, if the scamers use their passwords correctly.

Naked Security reports on some digital predators in the Netherlands who found their sites under the control of the Dutch Police, because they didn’t attend to their own passwords and didn’t use two-factor authentication on their accounts.

The Dutch police took down 16 shady operators not by using high-tech tricks, but by “simply reusing (web) credentials they’d already captured.” Oh my, whichever side of the law one’s on, security attentiveness matters.

Doug Bedell — July 28, 2017, 11:02 am

Security’s Realities, Both Physical and Digital

On the Security blog, Kevin Coleman, a security authority and visionary, identifies “the top five drivers of current approaches and strategies for security.” They are both physical and digital.

For PRO Barrier, whose expertise is primarily in entrance and perimeter security, the most pertinent of Coleman’s concerns is “obsolete/inadequate physical and digital perimeter protection capabilities.”

Read why Coleman is concerned that business executives aren’t sufficient informed or clearly enough focused on today’s multi-faceted security risks.

Doug Bedell — July 26, 2017, 4:02 pm

A Computer Mouse Can Be a Pesky Devil Indeed

More and more, the threats being talked about on security blogs these days concern cyber security and the increasing ease with which unprotected computer systems can be breached. There’s Yossi Appleboum on SecurityInfoWatch for instance. He’s the Co-SEO Sepio Systems, “a pioneer in securing organizations against attacks via rogue hardware systems.”

For example, “It may sound crazy that computer peripherals like mice, keyboards and network devices like printers and IP phones will be used for cyber attacks on commercial targets, but the fact is, these attacks are already happening. The cost of these tools is dropping rapidly, as are the required skills for executing attacks. Criminals are now selling plug-and-play “attack sets for dummies” on the dark web that require no coding or hacking expertise to be able to exfiltrate sensitive data from systems…”

Read on, and recognize that a mouse in hostile hands can be akin to a Trojan Horse.