http://www.itbusinessedge.com/cm/blogs/defrangesco Comment Feed for Ralph DeFrangesco Tue, 01 Dec 2009 03:51:31 GMT Clearspace 2.5.5 (http://jivesoftware.com/products/clearspace/) 2009-12-01T03:51:31Z http://www.itbusinessedge.com/cm/blogs/defrangesco/monday-could-be-a-black-day-for-the-cloud/?cs=37754#comment-34313 User1675409,   I guess if you have a myopic view of life, you would come to your assumption. However, I will share something with you, and you can keep this just between us...applications run in the cloud and are prone to these attacks. This Mon, 30 Nov 2009 19:59:39 GMT RalphDeFrangesco http://www.itbusinessedge.com/cm/blogs/defrangesco/monday-could-be-a-black-day-for-the-cloud/?cs=37754#comment-34313 2009-11-30T19:59:39Z http://www.itbusinessedge.com/cm/blogs/defrangesco/monday-could-be-a-black-day-for-the-cloud/?cs=37754#comment-34311 Your story doesn't back up your headline one bit. You say Black Monday could be a "Black Day for the Cloud" and then mention two vulnerabilities that are completely unrelated to the cloud. XSS is a vulnerability in the application code. That code will Mon, 30 Nov 2009 17:32:59 GMT User1675409 http://www.itbusinessedge.com/cm/blogs/defrangesco/monday-could-be-a-black-day-for-the-cloud/?cs=37754#comment-34311 2009-11-30T17:32:59Z http://www.itbusinessedge.com/cm/blogs/defrangesco/the-netbook-is-dead/?cs=37686#comment-34310 I use a netbook that runs Ubuntu(linux).  Much faster that windows, definitely more secure, and it has what a netbook needs in terms of apps.  The solid state drive is small but doesn't need to be any larger given the lean OS and cloud focused Mon, 30 Nov 2009 17:32:42 GMT netbook user http://www.itbusinessedge.com/cm/blogs/defrangesco/the-netbook-is-dead/?cs=37686#comment-34310 2009-11-30T17:32:42Z http://www.itbusinessedge.com/cm/blogs/defrangesco/improving-mobile-device-security/?cs=36044#comment-34263 just happened on to this web site as i was searching for some magic to "un" encrypt my flash drive (although if it's easier enough for novice yo-yos like me to find, well, then how good IS that security, huh?) .... anyway, i had some slide presentations Wed, 25 Nov 2009 20:48:01 GMT Lee http://www.itbusinessedge.com/cm/blogs/defrangesco/improving-mobile-device-security/?cs=36044#comment-34263 2009-11-25T20:48:01Z http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34141 User1439574,   You bring up a great point...is the hardware at these hot spots setup properly? How do we know what they have turned on or turned off? What protocols are they running? Frankly, I just would not want my employees connecting to them Thu, 19 Nov 2009 19:42:59 GMT RalphDeFrangesco http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34141 2009-11-19T19:42:59Z http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34138 I believe the WiFi tech is secure enough if you have the right Access Points (APs) and right setting. If you use WPA between AP and user's computer, setup AP to isolate each user's computer, the risk will be smaller than online itself. Thu, 19 Nov 2009 13:49:59 GMT user1439574 http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34138 2009-11-19T13:49:59Z http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34130 user1528738,   I know if I was going to look for new malware, etc I would include public hot spots as one place to look. They can work anonymously and never appear on the radar.   Thank you for your thoughts, -Ralph Thu, 19 Nov 2009 03:22:38 GMT RalphDeFrangesco http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34130 2009-11-19T03:22:38Z http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34129 Steve,   In my opinion yes. I think the larger carriers have the resources to monitor their networks. In contrast, the "hot spots" at public places (i.e. coffee houses, hotels) are a major concern since they really don't care. Providing Thu, 19 Nov 2009 03:16:05 GMT RalphDeFrangesco http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34129 2009-11-19T03:16:05Z http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34127 If your work place can be infected by a malware virus that isn't recognized by the top vendors: TrendMicro, Norton, McAfee, AVG, ... then someone at those companies isn't doing their job right.  Obviously they should be sending people or asking Wed, 18 Nov 2009 20:49:31 GMT user1528738 http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34127 2009-11-18T20:49:31Z http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34125 Are the major carriers' networks (Sprint, AT&T, etc.) any more secure, in your opinion/experience?  Thank you. Wed, 18 Nov 2009 19:56:55 GMT Steve http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34125 2009-11-18T19:56:55Z http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34124 Tom,   In reality, the risk are not any less. I think that many users feel though that when you pay for something that there is an expected level of security. However, we both know that this is not always true.   -Ralph Wed, 18 Nov 2009 19:33:26 GMT RalphDeFrangesco http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34124 2009-11-18T19:33:26Z http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34120 How are the risks any greater for FREE than they are for paying $8.95 for an hour? Wed, 18 Nov 2009 18:36:35 GMT Tom Crane http://www.itbusinessedge.com/cm/blogs/defrangesco/online-security-free-wi-fi-isnt-really-free/?cs=37416#comment-34120 2009-11-18T18:36:35Z http://www.itbusinessedge.com/cm/blogs/defrangesco/thoughts-on-windows-7/?cs=37109#comment-33960 My gut tells me that businesses will be migrating to the Windows 7 world sooner than later.  Eventually support for XP will take a nose dive.  In my experience as well as that of my peers, I can say that Windows 7 is a solid OS.  All Fri, 06 Nov 2009 13:17:10 GMT User1763083 http://www.itbusinessedge.com/cm/blogs/defrangesco/thoughts-on-windows-7/?cs=37109#comment-33960 2009-11-06T13:17:10Z http://www.itbusinessedge.com/cm/blogs/defrangesco/chief-information-security-officer-a-new-spin-on-an-old-job/?cs=37172#comment-33885 As IT budgets shrink in other areas such as with app development personnel, due to outsourcing, and server hardware, due to the adoption of virtual and the cloud, and we this is compounded with a shrinking economy, businesses are being hit with a Tue, 03 Nov 2009 13:16:56 GMT Jeff Goldman http://www.itbusinessedge.com/cm/blogs/defrangesco/chief-information-security-officer-a-new-spin-on-an-old-job/?cs=37172#comment-33885 2009-11-03T13:16:56Z http://www.itbusinessedge.com/cm/blogs/defrangesco/chief-information-security-officer-a-new-spin-on-an-old-job/?cs=37172#comment-33873 "Organizations are saying that security is a corporate concern..."  Love that! Everyone: every department, every business unit, has an impact on how secure or not an organization is - at the end of the day it affects every individual in the Mon, 02 Nov 2009 20:41:52 GMT The Garland Group http://www.itbusinessedge.com/cm/blogs/defrangesco/chief-information-security-officer-a-new-spin-on-an-old-job/?cs=37172#comment-33873 2009-11-02T20:41:52Z http://www.itbusinessedge.com/cm/blogs/defrangesco/which-data-is-important/?cs=36727#comment-33706 If a user requires the use of a backup, then I would have to say that all data being backed up is important. If the data were truly frivolous, then it wouldn't require a backup in the first place. Criticism of a backup provider is well warranted in the Wed, 21 Oct 2009 20:41:58 GMT MarcKuntz http://www.itbusinessedge.com/cm/blogs/defrangesco/which-data-is-important/?cs=36727#comment-33706 2009-10-21T20:41:58Z http://www.itbusinessedge.com/cm/blogs/defrangesco/dont-forget-to-create-good-security-policies/?cs=36801#comment-33698 One thing I'm starting to recommend as best practice is that there be a specific sub-set of your security policies dedicated to minimizing the risk of data loss - a 'Data Security Policy' if you will. This includes things like guidance on not Wed, 21 Oct 2009 16:14:28 GMT Michael Argast http://www.itbusinessedge.com/cm/blogs/defrangesco/dont-forget-to-create-good-security-policies/?cs=36801#comment-33698 2009-10-21T16:14:28Z http://www.itbusinessedge.com/cm/blogs/defrangesco/which-data-is-important/?cs=36727#comment-33688 This announcement by MS appears to be a big lie. In addition to destroying the existing Danger infrastructure during their efforts to switch it all over to Microsoft hardware, they are now telling some whoppers in the press. This "data is recovered" Tue, 20 Oct 2009 20:52:45 GMT Ed Itorial http://www.itbusinessedge.com/cm/blogs/defrangesco/which-data-is-important/?cs=36727#comment-33688 2009-10-20T20:52:45Z http://www.itbusinessedge.com/cm/blogs/defrangesco/security-strategy-surveys-key-findings-positive/?cs=36601#comment-33623 We're also seeing a similar interest in data leakage from our customers - the shift in the last few years from protecting against simple infections and the productivity costs, to fighting back against the criminal element and focusing on protecting the Thu, 15 Oct 2009 16:19:48 GMT Michael Argast http://www.itbusinessedge.com/cm/blogs/defrangesco/security-strategy-surveys-key-findings-positive/?cs=36601#comment-33623 2009-10-15T16:19:48Z http://www.itbusinessedge.com/cm/blogs/defrangesco/low-tech-attacks-still-get-the-job-done/?cs=34124#comment-33613 I'm surprised he was able to do this. I mean, didn't anyone at all think it was strange for a security guard to be going from computer to computer instead of watching his post? Wed, 14 Oct 2009 22:25:51 GMT XP Drivers http://www.itbusinessedge.com/cm/blogs/defrangesco/low-tech-attacks-still-get-the-job-done/?cs=34124#comment-33613 2009-10-14T22:25:51Z