Essential Computer Security

Password resets are more or less the bane of the help desk agent’s existence. Carrying that through logically, they also represent a significant expense for the organization to pay for the lost productivity of the employees and the time and effort of the help desk agent to get the issue resolved. So, many organizations seek single sign-on (SSO) solutions to minimize the number of usernames and passwords that users have to keep track of and hopefully reduce the amount of help desk calls.

This article that I wrote for the Midmarket Security Strategies and Tactics site at TechTarget examines a couple of ways to achieve SSO using protocols and technologies already built in to Windows. On the network server side, you can use Kerberos to achieve SSO, while users can make use of the Credential Manager feature in Windows XP and Windows Vista (and Windows 7) to store passwords and create their own SSO. Read  How to use Kerberos and Credential Manager for Windows single sign-on to learn more. 

Follow me on Twitter

Tags: News and Info // Add Comment »

Windows 7 marches on and is projected to be on retail shelves this October. Microsoft is providing free upgrades from Windows Vista to Windows 7 for consumers and businesses who purchase computer systems right now (albeit with some limitations). Microsoft has put together some animated video presentations to illustrate some of the new features and functions of Windows 7. You can view the Windows 7 videos on the Tour Windows 7 site.

Follow me on Twitter

Tags: News and Info // Add Comment »

GFI has come out with a new blog, Talk Tech To Me, that has a little bit of everything. The blog is split into five sections that cover a wide variety of topics for technical network administrators and budget conscious SMBs. There is also a video library and a tweet roll.

Sections on the site include:

• Tech Zone – Technical info for IT professionals and network administrators
• CEO Central – Observations and insights into the network securtiy world and how it affects SMBs
• GFI Fixes It – Key insights from customer support
• SMB Zone – Current tech issues and research articles for the SMB
• GFI World – Latest GFI announcements, news, and products

Follow me on Twitter

Tags: News and Info // 1 Comment »

Whether enterprise security administrators like it or not, instant messaging and social networking are part of the Internet fabric. Sites like Facebook and LinkedIn are growing in popularity. Twitter has quickly become a household word, especially with the integral role it has played in recent events such as the election in Iran or the death of Michael Jackson.

These tools have many benefits, but also come with some security risks. Allowing the flow of information in and out of the enterprise network always exposes some measure of risk. In this month’s Reality Check podcast I talk about these security concerns with Elaine Hom, Associate Editor of TechTarget’s SearchUnifiedCommunications site. We talk about whether or not social networking sites belong in the workplace, and how to prevent hacks and breaching. We also discuss best practices when trying to maintain IM security and social networking sites’ security.

Click here to listen to the podcast: Reality Check: Enterprise IM security and social networking security

Follow me on Twitter

Tags: News and Info // Add Comment »

This article that I wrote for the Midmarket Security Strategies and Tactics site at TechTarget focuses on the file access control possibilities of Windows Rights Management Services. Traditional NTFS file and folder permissions are effective for preventing unauthorized users from accessing data, but provide no control over what authorized users can do with the data once they access it. With Windows Server 2003 and Windows Server 2008 you can enable Windows Rights Managements Services (RMS) and be able to exercise control after files have been accessed and downloaded and even revoke access if necessary. You can learn more about Windows RMS and how you can use it to control and protect your data by reading Microsoft Windows RMS Enables Granular Access Control Over Sensitive Data.

Follow me on Twitter

Tags: News and Info // Comments Off

I recently wrote an article for TechTarget’s SearchMidmarketSecurity site. The new Mimarket Security Strategies and Tactics site focuses on practical knowledge and advice for SMB organizations. The article covers the basics of BitLocker- the scope of what it can protect and how it works. It also explains how BitLocker works with TPM (Trusted Platform Module) chips to provide even better protection of data and how to work with BitLocker keys to ensure that you don’t lock yourself out of your own data. Check out the article here: Understand the Basics of Microsoft BitLocker Encryption.

Follow me on Twitter

Tags: News and Info // Comments Off

Recent surveys suggest that businesses are ready to embrace and deploy Windows 7 en masse as soon as Redmond makes it available. Traditionally, businesses are slow to adopt new operating systems. Its like waiting for the second model year of a new automobile make. You want some other sucker to take care of the extended Beta testing affectionately known as the initial release.

That philosophy has led many organizations to hang on to Windows XP and forego Windows Vista entirely. Some organizations simply waited for Windows Vista Service Pack 1 (SP1), but by that time Vista had gotten a lot of negative press and developed somewhat of a bad reputation. One can debate whether the press was factual or whether the reputation was deserved, but the bottom line is that many enterprises simply decided that Windows XP was comfortable and that Windows Vista wasn’t worth the risk.

Windows 7 on the other hand has been getting rave reviews since the Beta version has been available. Computer experts from all fields all the way down to consumers love the new operating system. Features such as DirectAccess and BranchCache also provide solid business justifications for upgrading and have the potential for changing the way enterprises work with their growing remote sites and roaming work force.

 Follow me on Twitter

Tags: News and Info // 1 Comment »

Do you live in Washington state? Are you one of the millions of Americans currently unemployed and desperately seeking a new career? Finding a new career is never easy, but given the state of the economy and the fact that it seems like for every new job opening there are three new layoffs, it is even more important to have skills that employers need and to set yourself apart from the crowd.

Microsoft feels your pain and they want to do their part to help out. Microsoft announced that they will be giving away 30,000 vouchers over the next 90 days to unemployed individuals in Washington to help them learn new skills. The vouchers will entitle people to receive free training in computer skills and even to take Microsoft certification exams for free or at a discount. The training classes may be taken online or in person.

This is just the beginning of the program which Microsoft announced earlier this year at the National Governors Conference. The plan is to continue the program and expand it to other states. So, if you don’t live in Washington just keep an eye out for the program to come to your neighborhood (a.k.a. state).

Follow me on Twitter

Tags: News and Info // 1 Comment »

Many organizations have branch and remote offices. They might be across town, across the country, or around the world. A common problem facing organizations like this is having all of the various sites share information and work with data. Each site can’t maintain their own files, spreadsheets, databases or other files. That would be too cumbersome to correlate and try to ensure that everyone is on the same page. The solution for that is to house the data in a centralized data repository at the headquarters location or a common data center.

That solution comes with its own issues though. Opening and working with large files over a remote network connection can be painstakingly slow. One or two users accessing data over the network from the central repository can also tie up a significant chunk of bandwidth, making the network slow and unresponsive for others as well.

Windows 7 has a solution to help remote and branch offices work with data more efficiently while reducing the impact on network bandwidth- BranchCache. Essentially, BranchCache acts as a proxy, storing (or ‘caching’) data that is accessed so that subsequent queries for the same data can be served up locally rather than being sent across the network each time. I am not really doing the feature justice though. If you really want to learn about BranchCache and understand how it can help your organization or your customers, check out the Windows 7 Feature Walkthrough for a short video overview of BranchCache.

Follow me on Twitter

Tags: News and Info // Comments Off

Windows 7 will be here before you know it. So far, Windows 7 is getting much attention and rave reviews in its Beta version. The improvements from Windows Vista to Windows 7 are exciting and the new features like DirectAccess and JumpLists have many enterprises and users chomping at the bit.

Well, you don’t need to sit by idly waiting. In fact, I recommend that you don’t. Even if the operating system was available tomorrow there is a lot of planning and preparation that has to be done before you can just deploy it on your network. Some of the features require Windows Server 2008, so if you are still using Windows Server 2003 you should start to look at migrating to Windows Server 2008 so you are ready to capitalize on the new Windows 7 features.

Another thing that you can do to prepare is to validate that the applications your business relies on will work in Windows 7. Microsoft has released ACT (Application Compatibility Toolkit) 5.5 which you can use to begin verifying your applications for Windows 7. Conducting this exercise now will give you months to work with vendors to update any applications that have issues, or allow you to find other workarounds, or replacement applications that will work with Windows 7. Check out this interview between Stephen Rose and Jeremy Chapman to learn more about the updates and changes in the Application Compatibility Toolkit.

Follow me on Twitter

Tags: News and Info // Comments Off