503-359-1275
503-359-1275
 
Author Archives:

dtswally

Attacks, i.e. LizaMoon, foiled by built-in safeguards and common sense

A note from dts|infotech to our valued clients and friends . . . You may have heard about a current news story regarding the “LizaMoon” web attack.

To see what this attack actually looks like, follow this link and watch the 4 minute video. It’s very informative.
http://www.youtube.com/watch?v=wKI5dg1cs74

For more technical information follow this link:
http://community.websense.com/blogs/securitylabs/archive/2011/03/31/update-on-lizamoon-mass-injection.aspx

The LizaMoon attack is all the rage among online security watchdogs for its speed and scope, but built-in safeguards and common sense mean few users will suffer.

Security firm WebSense (www.websense.com) discovered the attack last week where malware writers used website flaws to inject malicious scripts into hundreds of thousands of websites. It’s virtually impossible to know the exact number of infections, but reports in the hundreds of thousands, and up to millions of websites, have been hit in this attack.

The attack comes in the form of an infected domain called Liza Moon, which is part of a larger attack that redirects users to a website that dupes them into downloading a rogue anti-virus software (for a monetary price) called Windows Stability Center.

In simple terms, what this means is that some of the web sites you visit have been hacked, and will now attempt to infect your computer until they are patched and repaired.  Knowing how to spot the attack will help protect you against it better than any anti-virus product could.  The trick is to simply close out your browser (IE, Firefox, Chrome, etc.) window at the first indication of the problem.

The common sense in all of this is simple. Do NOT install any web-based anti-virus software that claims your computer is full of bugs.

But rest assured that if you run into trouble, we’re just a phone call away!

dts|infotech Computer Networks that work

 

Employee Monitoring 2: Protect your company from employee misconduct

On January 11, 2011, Thomas J. Donohue, President and CEO of the U.S. Chamber of Commerce, said in his The State of American Business 2011 speech that, “We also need stronger global rules as well as more effective enforcement efforts to address the rampant theft of intellectual property in both the digital and physical worlds . . . and we cannot stand by as 19 million jobs in our most innovative and creative industries are threatened.”

Effective enforcement begins in house with employee monitoring. You may feel like Big Brother, but it’s the most effective way to protect your company against employees you suspect of goofing off while they’re on your payroll, or downloading and removing sensitive files to sell to your competitors. The reality is that it happens all too often.

There are numerous reasons to investigate employees. Here are just a few . . .

Increased Productivity

It’s estimated that US employers lose $759 billion dollars each year. Most of us accept a little downtime during the day for fun and relaxation, but according to surveys by Salary.com and America Online it happens much more than we think.

Conduct Investigations and Document Violations

Todd A. Bromberg, Privacy in Focus, says, On the one hand, employers must conduct employee investigations to run an efficient business . . . the failure to investigate reported employee misconduct may expose the employer to a myriad of legal claims and increased liability.”

Compliance Requirements

Corporate scandals and breakdowns such as the Enron case of reputational risk in 2001 have highlighted the need for stronger compliance . . . the Sarbanes-Oxley Act developed by two U.S. congressmen . . . defined significant tighter personal responsibility of corporate top management for the accuracy of reported financial statements.

Review

In a good review found on PCMag.com, Matthew Sarrel statesI’d be hard-pressed to find any major deficiencies in Spector 360 . . . I’ve been following this space for years, and I think this is the most mature product in the class. And it’s likely to get better: SpectorSoft . . . has the goods to make it worth the money.”

So what can you do about employee monitoring?

Call us at dts|infotech to install Spector 360-, “Powerful, Centralized Employee Internet Monitoring . . . Spector 360 records your employees’ web sites visited, files transferred, documents printed, emails, chats, instant messages and applications run. In addition, through a first of its kind surveillance-like camera recording tool, Spector 360 provides context by showing you in exact visual detail what an employee does every step of the way.”

dts|infotech authorized reseller for Spector 360

 

Employee Monitoring: Feedback that employees tell us they want more of

Regarding employee monitoring, one of the published goals of the non-profit, Privacy Rights Clearinghouse is to “Raise consumers’ awareness of how technology affects personal privacy.” And according to their Fact Sheet 7: Workplace Privacy and Employee Monitoring, “Employers want to be sure their employees are doing a good job, but employees don’t want their every sneeze or trip to the water cooler logged. That’s the essential conflict of workplace monitoring.”

As a former network administrator, employee monitoring was the last thing I wanted to spend time doing. The very thought of watching someone is repugnant to me, let alone monitoring them.  However, I was paid by a company to administer their network. And it is well documented that small businesses and large corporations are being ripped off every day by poor productivity, improper ethics, stolen documents and potential law suits stemming from employees who engage in this type of behavior.

But time out.  Can’t we frame this conversation in a way that has the potential to resolve conflict, and is non-combative yet beneficial to the company and their employees so it’s a win-win situation? Law suits and unethical behavior are serious stuff. Maybe we should include employees at the beginning of this conversation about employee monitoring. Wouldn’t that be better?  After all, they’re an indispensable part of any company that wants to produce a high quality product or service. Their help in planning could be very instrumental.

Joan Henshaw says in her article, How To Monitor Employee Performance Against Objectives , “. . . you can give the type of feedback that employees tell us they want more of, because they find it constructive and motivational, and which improves performance. And of course we know – ‘what get’s measured gets done’ and it’s impossible to measure without monitoring!”

For employee monitoring, dts|infotech recommends Spector 360

. “A Company-Wide Monitoring and Surveillance Software, it enables you to monitor employee Internet and computer use, analyze trends and patterns, investigate suspicious behavior, search for specific details and report your findings all from the convenience of your desktop. Spector 360 is a scalable, centrally-managed, employee monitoring solution that is easy to deploy and manage over your network for both Windows and Mac OS.”

Observation is an obvious win for companies. But it can also be a win for productive employees, if employee monitoring is used as well to document employees who are always on task, working hard and producing high quality work.  More importantly, as far as the employee is concerned, when those documented trends and patterns of productivity are reviewed during their annual review and they are rewarded, productive employees will welcome the observation and documentation that rewards them.

In Employee Monitoring:  Part Two, we’ll look at the Spector 360 software in more detail to see how it can be used in a number of ways to protect a company from poor performing employees.

dts|infotech authorized reseller for Spector360.

 

Data Recovery: Only $199.00! Is cheap what you really want, seriously?

Before you send that crashed hard drive out to a data recovery vendor who claims they only charge $199.00 for their service consider this. A real possibility suddenly exists of losing important pieces to your life. You are putting sensitive data into the hands of people you don’t even know, data about your company, your financial records, social security numbers even information about your health. Potentially it’s the most important data in your life. The old axiom, you don’t know what you’ve got until you lose it says it all. Is cheap what you really want, seriously?

Years ago as a network administrator, I was called into the president’s office of the company I was working for. He told me that a competitor had knocked off our product and was reproducing it under their name. It was the one product responsible for the tremendous growth we were enjoying. He showed me the knock off. It was identical to our product, only it had their name on it. He said “You do have our original product drawings in an electronic format don’t you? I mean they we’re backed up, weren’t they?”

We had filed a lawsuit against this company to defend our product from patent infringement. As part of the defense we had to prove that we had invented and produced our product before the other company did. In fact this was the truth. They had stolen our product from us. And because all engineering drawings have the date of the drawing printed out in the title block, it was a reasonable question for him to ask. I assured him that we did and I would get right on it.

As I left his office panic crept in. My first thought was, “I hope we have those files. The drawings that he is asking for are 10 years old and I wasn’t even working here then! We’ve upgraded our process for backing up company data. We don’t use that old backup system anymore. We don’t even have the hardware, or software installed on the network. And if those old engineering drawings do exist, they’re on old tape. How am I going to get those files?”

As it turned out recovering those old files was not a problem. I sent the old tapes to a well respected data recovery company and two days later they called to tell me that they could recover all of the files. They just needed to know what format I wanted them in. Whew! I would sleep that night.

The data recovery cost for that project was $3,200.00. The drawings we recovered were entered in as evidence to the court and they were a part in successfully defending our patent. Later the president told us what it meant to win. He said the other company had to remove their product from the shelves of the companies they sold it to. They had to stop manufacturing immediately. They had to pay all the court fees and reimburse our company for damages. The total dollar amount was estimated in the millions because of lost sales. We may have lost that case without those old engineering drawings.

Whenever I see advertising that claims Data Recovery for $199.00! I always think about what we went through to recover our data. And I wonder if other companies who find themselves in a similar situation really want to trust their data recovery for $199.00.

For the really important pieces of your life, is that all they’re worth. Are you serious?

 

Networks: IT consultants manage your network and make you successful

My introduction to computers and networks began when the owner of the company I was working for told me I was the new network guy. He said he had over looked how important computers would become as our company grew. My response was, “I’ve never even turned a computer on, let alone manage a network. Are you sure about this?” He said, “Yep, you’re a good manager. I know you’ll do a good job!” Reluctantly, I assumed the responsibility of a network with 1 Novell server, 12 workstations, 1 fax machine, 3 printers and the telephone system. I had no idea how any of it worked!

If your experience with computers and networks matches or resembles mine, we have much in common. I feel your pain and I can help you. I know exactly what it’s like when a large client calls to say, “I sent you that info yesterday. You didn’t get it?” And sheepishly you say, “No, we crashed yesterday and we don’t have a back up, can you resend it?” Or when accounting comes to you because they can’t print out invoices and one of my personal favorites, you have to do payroll . . . but you can’t find the data on when hourly employees punched in and out. I’ve experienced all of that and more.

Does this sound familiar? You don’t have to live like this . . . really!

They best decision I made was to hire an IT consulting company that specialized in managing networks. Working together as a team, i.e. myself, who knew nothing about computers and the IT consulting company, they knew everything about networks, but nothing about our company. Together we transformed an outdated and unreliable network into one that was reliable, quiet and very cost effective.

How did we do that? That’s simple. We took the time to sit down and listen to the department heads, and we asked them a simple question. “What is it that you need us (the IT Department) to do so that you can be successful?” They all knew the answer. Then we researched the solution to their problems and met with them a second time. After that we knew exactly what to do, how to do it, what hardware and software we needed, how much it would cost and how long it would it take. Then the head of each of the departments went to the owner and got approval for their projects. Sounds pretty simple huh?

Managing a network is simple. I just listened to my coworkers (the department heads) about the problems and challenges they had. Then I listened to my IT consultant on how to fix the problems. Then we just applied sound management practices. We reduced it down to a simple strategy: make a plan and work the plan. We we’re always successful and we can do the same for you.

Is your network unreliable, or outdated? What do you need it to do so that you’re successful? Are you feeling overwhelmed like I did because you’re not a computer technician? If that’s similar to your experience, give me a call. We’ll schedule a time to come over to your office, sit down and listen to you. Then we’ll look at your network so we can advise you on a plan to make it work. Together we’ll make a plan. Then we’ll work the plan to make you successful. It’s pretty simple.

There is no charge for us to review your network and give you a written proposal. We’re not salesman, so there is zero pressure. And if you decide not to work with us, at the least you’ll learn a lot about your network and you’ll be glad you met us. We promise, because we’re the good guys!

 

Get Help Now