Marc Winger, ZephyrNetworks.com: Hello. So we wanted to talk about security. I know we talked to you about security a couple weeks back. But I guess I’ll start off by saying I miss you guys. And I haven’t been gone that long, but I miss seeing you guys every Thursday. And you guys are always in my hearts. I’m always thinking about you guys. But I’m probably not thinking about you when I’m sleeping.
So she kind of went over the idea that security is like an onion. There are lots of layers to securing your computer systems, etc. And she went over the different layers of security, all of the different areas involved. So we’re going to detail that on a little bit more.
This really affects those of you with laptops who travel around with them. How many people do that? Okay. Do you guys know how many get stolen at airports every year and just get stolen out of cars? The CEO of one of the companies that we work with was ironically in a Whole Foods parking lot, and someone smashed a window and took his MacBook out of his car. I mean, he made it really easy for them, but it was getting real at that Whole Foods parking lot. I had to go there. If anyone of you has seen that, it’s pretty funny.
Anyway, it’s important if you work where you keep people’s personal information, probably the insurance industries, anywhere you’re dealing with credit cards, that the hard drives are encrypted, if it’s a laptop, or if it’s something that’s got that kind of data on there. And it’s not so hard to do that. There are lots of products that’ll do that. Encrypting makes it so that they could take that hard drive out, but they can’t access it. And if they crack your password, then there are issues. You can try to get into it. So if you’re dealing with that kind of information, it’s important to encrypt that.
Let’s see. The locks, you’ve seen all those locks you can put on laptops, those as well. You need to worry about that as well.
Endpoint security, now this is kind of the more traditional stuff that you’re thinking about when you worry about antivirus. And I wanted to emphasize it. How many of you guys have Macs? You can safely ignore a good portion of what I’m about to tell you today. But the rest of you who don’t have Macs, you may want to just think about that. Although physical security is important for people with Macs who deal with information like that, for those people who are working in the world of PCs, it’s unfortunate, but it’s part of your reality that you have to be careful about this kind of stuff.
So most of the endpoint security stuff is all packaged into the same product, and most of them don’t do diddly-squat. I’ve finally kind of given up on a lot of them. I personally still have Trend Micro on my system, but really,where the strength of it all lies is keeping your password strong. How many of you guys just log in without even a password? You turn on your computer, you just turn it up to put in a password? Used to? Not anymore. Okay, that’s actually a good thing.
And then I will include and give you guys all an idea of how to build a strong password in this document a little later on. The internet’s like the Wild West, or as “The Economist” puts it, “Cyberspace will never be completely secure.” So don’t go out there worried that the whole world’s going to come to an end, because you’re putting your credit card on Amazon.com. I see a lot of people who are freaked out about doing that. But for the most part, right now, it is a wild, wild West out there.
The bad people exploit software that we all use on a daily basis. I mean, I can’t think of a single software product that I use consistently that has never had some kind of exploit available to it. So you want to make sure those programs are up to date. And you need to know where the attack factors are.
If you’re a rat, and you’re trying to get into a house, Terry will be able to kind of find the holes in which they climb in, or how they get in there. Same things about your computer. You know how they get in. They get in from email. There’s what’s known as drive-by exploits on websites, they automatically do that. So you make decisions based on that. The most obvious thing is don’t use Internet Explorer. Please don’t use it. I mean, I use it occasionally, but it is a sponge for malware and bad stuff.
And any time you’re connecting in, like disks and things like that, that’s another attack factor. But those are really the only avenues that they get into your computer on.
These are the symptoms of malware. How many people have run into some sort of virus or malware experience? Who’s gone through that? Yeah. So all those who have experience that, did it either cost you a lot of money or a lot of time?
Marc Winger, ZephyrNetworks.com: All those things. So like I said, the endpoint security stuff, the stuff that you run on your own computer, by the time it gets there, it’s too late most of the time, and Microsoft hasn’t done a really good job of doing that.
So what we’ve taken to doing in our industry is we go where you connect to the internet and put in a really fancy firewall there, and it scans for viruses, and malware, and it’ll do contact filtering, and those kinds of things there. And a lot of them, like this [inaudible 00:05:51] right here, and even the SonicWall checkpoint won’t even let you get to the sites that have specific malware on it. You won’t even be able to get to thost things. It stops dead in your firewall. “I can’t open this page! I can’t open this website!”
Well, be thankful, because a lot of times there are really legitimate websites that get malware on them. The OC Fair, five years ago, had a drive-by exploit put on it through an ad that was on the right hand side of it. Google found it, I think, before anybody else did, and they blocked it. These programs will do the same thing. So it’s a prevention technique, and it means that it doesn’t even get to your endpoint security solution, like your Norton Antivirus. And I hope nobody’s using Norton Antivirus, too.
This part is really important. A good firewall can often make up the increased up-front cost by preventing a single malware infection. How many of you guys are still using just the firewall that was given to you by the cable company, or by Verizon, or something like that, instead of having a good firewall? It’s worth having a good firewall, and looking at ones that do protection in-line, right there in that firewall. We can talk to you guys about that.
Email security. Email security is a huge one, and we use filtering tools. There are services on the web where basically you tell the whole internet to send all your email through this filtering service, and then they securely forward it to you. And a couple examples of that is it used to be called MXLogic, and I still call it MXLogic, because I’m old school, but it’s called McAfee SaaS, and the other one that we use is Reflexion. These are both services to help protect your email from nasty stuff getting in on it.
You should be cognizant of emails to or from unknown addresses or with unknown attachments. I’ll try to send to you guys, there’s a game about trying to figure out what is a phishing email. They show you two examples, like is it real or Is it fake? It’s kind of entertaining, because it’s really hard to tell the difference sometimes.
So really, what this whole presentation is about is educating you and giving you guys some of the tools. And really where the difference lies, we can do endpoint security all day long. So basically, you guys make these decisions every day. You see something come in your inbox or whatever. It’s what’s going on between your ears that’s going to help decide whether that’s something to click on or not click on.
All these other techniques are great solutions. They’re not going to prevent everything probably, because there’s just too much nastiness on the internet. But I think, at least in my experience, with a lot of these tools in place, you’ll rarely, if ever, deal with any of these problems. And a lot of clients have learned the comfort of that and don’t run into a lot of these problems.
The other thing that we do, and I’ve done them in here before, is I do Lunch and Learns. We do Lunch and Learns, and we can go through specific examples of some of these things. So if it’s of interest, let us know. We’ll set up another Lunch and Learn. We can even do Lunch and Learns in our office, or Coco’s, or wherever.
You’ve probably heard me talk about this a million times, because I harp on it a lot. It doesn’t matter if you have a Mac. It doesn’t matter if you have a Chromebook. You need to back up. And having a business continuity plan is some idea of how your business is going to continue to run if this computer fails or this server fails, or heck, if my Google Drive falls apart. Or if you’re using Amazon S3, a lot of people lost all their data on Amazon S3.
So you can’t count on the cloud entirely to be your full backup as well. You need your data in two separate places, and you need to have a plan on how you’re going to bring that data back.
There was one client who didn’t listen to us and do mail filtering. One of their computers got the evil CryptoLocker on there, and it actually encrypted a bunch of files on their server. And fortunately, we did have a very good business continuity plan and good backups, and we were able to restore that data from 15 minutes before the exploit took place and cleaned out that system. But that’s a specific nasty virus, And if it gets to you, if you don’t have a backup plan in place and it gets on your computer, you’re really out of luck. There’s nothing else you can do.
Male Speaker: That’s ransomware?
Marc Winger, ZephyrNetworks.com: That’s ransomware. But it’s gotten to the point, because a lot of the servers have been blocked by DNS servers and Google apps, that it encrypts it, but it doesn’t even give you the chance to decrypt it for $500 or whatever they’re charging. Don’t do that. Don’t pay that money, because the people who pay that money make it worse for the rest of us.
Anyway, the long story short, the most important element is you. So no matter how strong the network security is, if you’re not educated in the dos and don’ts, then no amount of software will help.
So if there’s anything we can do to help you guys learn more, we’re here to help you with that. I also have these documents that kind of go over some of the things, so I will hand these out.
What’s in this document right here, in particular, there’s a gentleman by the name of Bruce Schneier who gives a really good idea, he’s a great security person and a great blog, if you’re at all interested in that stuff. Anyway, he has this document on how to create a safer password. So I’ll pass these out. And I want to thank you guys.