Srcasm

So as most people know I am a big fan of Google in most ways. I use their email (for multiple domains and a Gmail account), I’ve been known to use Google Docs, maps are one of their best features — and who could forget good ‘ol Google.com? I have to say that their sites tool is a little on the junky side but all-in-all, their services are great. I recently came across one that I had not seen or used before and now I’m in love. The kind of love that can not be split up by browser upgrades, computer changes or long-distance travel and it’s called Google Browser Sync (for Firefox only).

I’ve used different browser sync tools in the past but this one just blows the others away with its simplistic design, cross-platform capabilities and an online storage system that I have come to love very much. After a quick install (just like any other Firefox plugin) the browser plugin prompts you for your Google account info (no Google for your domain accounts that I know of) and then has you choose a unique PIN number. The PIN is to make sure that someone doesn’t just add the tool bar on a computer where you’ve saved your password. I’m also not sure if the PIN allows you to have multiple Google Browser Sync subsections (i.e. Sync computers A and B and then sync computers C and D). Once this process is done, you’re off to the races. Not only does it sync your bookmarks but it also does browsing history, saved passwords and even keeps track of your open tabs. This means that if you close Firefox on your work computer, go home and open it up, it’ll prompt you to see if you want to reopen those tabs! How great is that?   In addition, there is no user intervention required.  When you close down Firefox, the small window pops up for a second that shows you that it’s syncing your browser to Google.  That’s it.

I know that many of the security gurus out there will yell at me and say, “hey, what about what they do with that information?!?!?!?”  Well I’ll tell you what — If you can show me a simpler, clean and fast way of syncing browsers online without using a service like Google (who already knows who I talk to (email), what I’m interested in (search) and where I like to eat brunch (maps)) then I’d be happy to hear it and take a look.  For now, I trust Google with my info.  They haven’t steered me wrong yet and I’m hoping that they never do.

Please, let me know what you think of the browser wars, syncing your info, sending email or anything else under the sun.

I’ve been a long-time believer in the need to encrypt your data but the question has always been, at what cost? Do I slow my access to the data down? Do I store it on a separate hardware encrypted device? Can I recover the data if something becomes corrupt? These are all important questions to ask one’s self when deciding on the level of protection of your data. TrueCrypt has won a new place on my shelf on security tools.

TrueCrypt has been one of the most intriguing programs I have used over the past few years. It has the ability to created encrypted containers to store data in that can be auto-mounted as drives during Windows logon, it’s cross platform, it allows encryption of full partitions and most recently in v5 had the addition of full system encryption (including a Windows partition). It does this in a seemingly easy but secure way. Continue reading »

So I finally sat down yesterday and upgraded our ePolicy architecture to version 4.0 and I couldn’t be more happy with the results of the upgrade.  After a bit of work during the upgrade of backing up the MSDE database on the server, the upgrade went off without a hitch.

ePolicy is a management system for all of McAfee’s products.  It combines customization, reporting, and control of machines in one easy-to-use interface.  This product can control McAfee’s SiteAdvisor, anti-virus product, compliance software, and more. It even controls some other software vendors’ products.  Some of the issues with the older versions of the product included very poor integration with AD and NT domains, a cluttered MMC controlled interface and very cumbersome reporting tools.  All of this is changed with version 4!

A few key additions/fixes in version 4 that make it so great to use are:

• Web enabled interface
  Not only did McAfee give us a new beautiful web interface but they completely got rid of the old MMC interface.  This means that the software runs faster, allows customized screens and has a snappy user experience.
  
• Reports and more
  McAfee also added a much needed, updated, reporting piece to their software.  You can create reports on the fly, link directly to them from other sites, and automate the reports and have them emailed off in a multitude of formats.
• Improved and redesigned AD/NT integration
  AD integration was one of the worst pieces of the old software to deal with.  It would not remove machines when they removed from AD, it would not move machines when they moved in AD and it would duplicate machines all the time.  This version provides direct integration into AD and provides the options to customize exactly what you need it to do.

The list of great new features and fixes could go on and on but I think I’ll let you decide.  Shoot on over McAfee’s site to take a look at all the great tools that they have.  And if you’re working in an organization that doesn’t manage your anti-virus, anti-spyware and compliance software today make sure you take a look at McAfee’s product.

When it comes to keeping your office/computer/network secure, it can be a confusing time. How much security is too much security? How do I even tell if my system(s) is/are secure? Am I really in that bad of shape if I don’t improve the security in my environment? These are all questions that get asked in the beginning of a security audit. I hope to cover a few of these basic questions in this blog post. Don’t worry, I’ll make sure I’ll try to keep it shorter than the last one.

1. How much security is too much security?
I know that this sounds like a silly question to ask — I mean is there such a thing as too much security? Of course there is. Unfortunately there is not clear-cut answer to this question but I have a guideline that I like to follow. Since I come from a security background I always ask myself, before implementing a new policy, product or system, “Would that degrade from my normal, everyday work performance?” It’s a simple question to ask yourself (or poll the audience if you have a life line or two left) but it’s powerful and important. At the end of the day, unless you own a company that sells “security” (which I hope none of you claim to be) then your first priority has to be your business. At Southco, we sell latches and fasteners. While installing card readers and fingerprint scanners at every door would greatly increase security, it would also degrade from the speed at which we could discuss, engineer and manufacture the parts that we sell. This would cause a greater impact to the business than it’s worth to us.

2. How do I tell if my system(s) is/are secure?
There is a lot of technology out there today to help you check your system(s) for security holes. I’ll list a few below that are helpful in a small to mid-sized environment. This list is by no means exhaustive and if you have favorite tools for checking these types of things, please let me know.

• Trend Micro’s HouseCall - HouseCall is an outstanding, free, online virus scanner. It scans not only the file system but also at a memory level which puts it up there with the big boys like McAfee and Norton.
• Spybot Search and Destroy - S&D is one of the best adware/malware removal tools on the planet. I use this in both commercial and personal environments in order to keep my machines clean from any type of malware that I might pick up online.
• The Center for Internet Security Benchmarks and Tools - The tools provided for free from CI Security are outstanding. They work over a range of operating systems and they spit out nice, clean HTML reports that tell you exactly what you’re missing on your machine. The only downside to their tools are that sometimes they are a bit over-critical. As I explained above, you don’t need to implement every security option out there, just protect yourself.
• Tenable Network Security’s Nessus - Nessus is my number one security auditing tool. It scans over 900 different security vulnerabilities over a range of systems. It checks on ports as well and issues with the OS that’s installed. It’s quick and complete. (One word of warning, if not setup properly, Nessus can bring your network to its knees. Please learn how to use Nessus before unleashing it on your organization.)

3. Am I really in that bad of shape if I don’t improve the security of my environment?
The short answer is Yes. I know this sounds harsh as I told you above that you don’t need to implement new tools if they don’t make sense but remember, the first part to hardening your security is understanding where you’re insecure. No, I’m not talking about your figure or your weight — but rather the issues that are in your network or system(s) should not be found out when they are compromised, you should know what they are now and deal with them over time.

I hope this gave you a bit more insight on how to secure your environment. Remember that a professional security audit is always a great option as not only do you get people who specifically deal with security everyday but you also get a third party view. This is important in any organization. It’s easy to miss a problem that’s sitting right in front of you because you’re used to seeing it… Oh, that reminds me — A final security tip: Make sure you setup your desktop to auto-lock. It’s a simple and fast way of securing your information, your machine and your organization.

Helpful Informational Links:

• SecurityFocus - Conducting a Security Audit
• IT Security - Security Audits for Dummies
• Virtual Hosting Blog - Can Your Machine Be Hacked?

So one of the worst things for anyone who uses a computer, especially someone whos job revoles around the computer, is a catostrphic loss of data — namely a hard drive failure.  These failures come in all shapes and sizes.  Sometimes it’s as simple as some bad sectors and other times it can be bent discs or heads in the drives.  Well, this happened to me two days ago.  Lucky for me, it was my secondary laptop and I keep backups of most of my data.  Unfortunately for me, the last backup I had was from about 2 months ago.  A lot happens on my computer over the span of two months.  This is where data recovery software comes in.

It all began two years ago when a user came to me and told me that their hard drive crashed.  I was shocked to find that they had heard a clicking sound for about 3 months before the computer just “wouldn’t start” anymore.  This user was someone with a lot of pull in the company and contrary to our company policy — keep all the data on the network drive — they had all of their’s on the hard drive.  I had no option but to somehow recover this data.  I was ready to send it out to one of the big guys like DriveSavers who were going to charge me around $2000 plus another $250 to “give” me a hard drive with it.  But unfortuately it was the way that things had to be… Or so I thought.

Now before I get into the tools that I used to get this data back, I don’t want to downplay the use of a commercial data recovery specialist.  Someone like DriveSavers or OnTrack have a time and place.  They are very helpful when Joe from accounting walks over with the hard drive that was dropped in the lake, lit on fire and then run over by the four-wheeler but we are talking about a drive that just make some “small clicking sounds” as my user had put it.  And that’s where RecoverMyFiles came in.

I began the process by trying to connect the drive to my machine and booting into my copy of Windows.  Unfortuantely for me, chkdisk was no help as the machine was not even recognizing the drive.  After this, I booted into a copy of Ubuntu and attempted to see if Linux would be a bit more helpful in locating the drive.  This whole time, the drive was showing up in the BIOS, just not in the OS itself.  No luck on that occasion.  Finally after a bit of search and playing with different utilities online, I came across RecoverMyFiles.  The program offered a free demo copy so I downloaded and installed in on my machine.  The program showed me a quick wizard to recover the drive or a large group of files and after a few no-brainer choices, it was on its way.  10 minutes rolled by and 40GB of data showed up in a folder on my desktop as if the drive had never even stopped.  I was in shock.  There was no problem with the drive not showing up in Windows or the fact that I couldn’t even run chkdisk on it.  It just seemed to work.  This one even caused me to immediately purchase a copy of this program.  And that leads me two years down the line to the other day…

I popped open the RecoverMyFiles software, connected the dead hard drive from my laptop and pulled down 66GB of data that was on my drive.  There was one folder that it was unable to recover but that was alright with me.  It saved me a lot of time and energy that could now be spent on more important things — like posting this entry.  This post has two morals to it, lucky you!

Number 1 - When your drive seems like it might be going (since you always run disk checking utilities and disk defragmentation weekly like a good computer savvy person), back it up and get a new one; and

Number 2 - Keep a copy of good data recovery software on hand as you’ll never know when it might come in real handy.