Blog

updates and yet more frikkin updates..

Daniel says - let us keep your computers and servers up to date - it's all part of running a well behaved system and being a good netizen.

Lock the damn doors!

Have a method of identifying visitors, Challenge wanderers, lock your critical systems away, operate a clear desk policy, lock PC's, get CCTV.

Passwords!

Password Management tools - eg Myglue, lastpass, roboform, keepass, 1password, etc
Haveibeenpwned.com

Awareness training!

You may not be aware but your personal information, address, phone numbers, email address and passwords could already be circulating around the darker parts of the internet to be sold for use by Cybercriminals and identity thieves.

As the Facebook + Cambridge Analytica incident showed and now on a local scale with Vector, Apps can be used to access private information on a massive scale.

I see small businesses on a regular basis running with just whatever their ISP has provided, usually a cheap device that provides connectivity and some very basic firewall-like functions such as NAT and SPI. As far as I am concerned these are just like putting a $5 lock on the front door of your Million Dollar mansion.

If you are concerned about your security online, then this seminar is for you. The Security and Success: How to survive and thrive online seminar is a primer on cyber security threats for the harried business owner. We will cover various threats to the online user, the effects of these threats and how to mitigate the risks these threats pose to the average Kiwi business.

It's come to my attention that on a wide range of HP Laptops there are Synaptics touchpad and Conexant audio drivers (older models only) which have code which inadvertantly records keystrokes in cleartext to the local hard drive. Whilst not malicious in itself it unlocks a door which could be used by malware to gain access to confidential systems.

The recently and widely announced weakness in the Wireless Security protocols in use pretty much everywhere have been alarming and caused great concern for some of our customers but let's weigh the risks.

This is an attack on the client portion of the protocol that deals with how the encryption is negotiated, Pretty much every device that uses the WPA protocol is affected.

There has been a fair amount of news regarding hacks where large volumes of private identity information has been exposed to the internet. I know that that can seem remote to us but you would be suprised where your information may have ended up and not every company has been very good at informing people when they have been compromised.