Friday, September 14, 2012

Security Director Alert - BYOD is way different than BYOB - Time to learn.

BYOD is an acronym the IT folks are using. It means Bring Your Own Device; the security process for allowing employees to use their personal electronics at work without jeopardizing company information or compromising the networks.

While IT continues to munch your lunch, take a moment to oversee their efforts. You have valuable insights to contribute. The last thing you want is to be left out of your own game. In fact, the security department should be the leader here, with IT carrying out your marching orders.

FREE Quick Study...
"Bring Your Own Device is here to stay. Don't be a lamb led to the slaughter, instead lead your users to the promised land of mobile device management.

1. Thou Shalt Allow BYOD
The rapid proliferation of mobile devices entering the workplace feels like divine intervention to many IT leaders. It's as if a voice boomed down from the mountain ordering all of the employees you support to procure as many devices as possible and connect them to corporate services en masse. Bring Your Own Device (BYOD) was born and employees followed with fervor."


You can download the full version here... The Ten Commandments of BYOD It is an easy read, and provides a logical roadmap for instituting BYOD.

Of course, nothing is really FREE. You will be asked for your name, email, etc. I did it and found the trade-off worthwhile. Within minutes I received a polite email... "My name is John Kerestus Account Executive here with Fiberlink MaaS360..." with an offer to see a demo. Impressive response.

Other companies who offer BYOD solutions also provide "free" education. Do comics get the point across better than white papers and webinars? You decide...
White Paper 1
Webinar
White Paper 2
White Paper 3 
White Paper 4

Have a wonderful weekend, find a cozy restaurant, and BYOB. ~Kevin 

Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   


Thursday, September 13, 2012

Emergency Phone - 15 Year Standby Battery Life

The $70 SpareOne emergency phone from Xpal Power, which uses a standard AA lithium battery, claims a standby time of up to 15 years. (10 hours talk time.)

Click to enlarge.
The phone has only the barest of features. No text, no Web, just phone calls and a dedicated 911 button. Indicators, like if you have a network connection, are provided by blinking colored lights. It saves a lot of power, but you’ll have to memorize what the color combinations mean.

The phone doesn’t even come with a SIM card, which you will need before you can use it, although you can make a 911 call using the emergency button even without the SIM card.

The phone is built for a GSM network, which means that in the United States it will work with T-Mobile, AT&T or companies that resell those networks. (more)


Bonus: It can not be infected with spyware. Too dumb. ~Kevin

Industrial Espionage? You decide...

Just coincidence? There are many car designers in the world, but how many could independently come up designs this similar for 2012-2013?
 

Click to enlarge.
"Ford puts a great deal of emphasis on styling with the new Mondeo, saying that its sports coupe profile provides “visual lightness.” The lines are more angular than previous versions with a sharper crease along the side breaking the lines and providing a bit of visual flair. Up front, there’s a trapezoidal grille like something stolen off an Aston Martin..." (more)


Click to enlarge.
Could they be right? 
You decide.

While you're deciding, think about this. What are you doing to protect your bright ideas, business strategies and private conversations? Help is available. Give Murray Associates a call.

False Security is Worse than a Healthy Sense of Caution

McAfee Social protection is a soon to be released app and browser plug-in for Facebook that gives users the ability to securely share their photos.

Product of a standard screen capture.
As it stands today, if you upload a photo to Facebook, anyone viewing that photo can simply download it or take a screen capture and alter or share it to their wherever they want, however they want. With McAfee Social Protection installed though, users viewing your images will not be able to copy or capture them. (more, with video) 

Just aiming a high-res cell phone camera at the screen defeats this app, of course. But here is the bigger issue here... security solutions that only partially work actually increase risk. In this case, people who believe in this app's effectiveness may now feel safe to post even riskier photos.

False sense of security examples abound in my field; eavesdropping detection gadgets, under-trained TSCM providers, window film to block electronic eavesdropping are but three.

Moral: No matter what security solution your employ – from "fully" effective to completely bogus – keep your healthy sense of caution. ~Kevin

Pool of Likely Phone-Hacking Victims Skyrockets

UK - The number of likely victims of phone hacking by people working for Rupert Murdoch's London media empire has jumped to more than 1,000, the top police officer working on the case said Tuesday.

Police have identified another 3,706 potential victims of illegal eavesdropping by journalists in search of stories, Metropolitan Police Deputy Assistant Commissioner Sue Akers told lawmakers.

Authorities had earlier put the number of "likely" victims at around 600, but now say it is 1,069. (more)

Sunday, September 9, 2012

Create Your Own Headline For This One...

Chinese telecoms equipment maker Huawei Technologies Ltd. has issued a report on cybersecurity that includes a pledge never to cooperate with spying in a fresh effort to allay concerns in the United States and elsewhere that threaten to hamper its expansion.

The report, written by a Huawei executive who is a former British official, calls for global efforts to create legal and technical security standards. It makes no recommendations for what standards to adopt but says current laws are inconsistent or fail to address important threats.

Huawei, founded by a former Chinese military engineer in 1987, has grown to become the world's second-largest supplier of telecoms network gear after Sweden's LM Ericsson. 


Suspicions that Huawei might be controlled by China's Communist Party or military have slowed its expansion in the United States and it was barred from bidding to take part in an Australian broadband project.

The company denies it is a security threat. (more)

Saturday, September 8, 2012

Vector Technologies, LLC patent number 8203850 for an Anti-Eavesdropping Device

The United States Patent and Trademark Office has awarded Vector Technologies, LLC patent number 8203850 for an Anti-Eavesdropping Device, i.e. Portable Electronic Device (PED) Countermeasures Box.

Vector Technologies' product has already been purchased by various government agencies, including key defense agencies, defense contractors and the White House as a solution to the growing number of PEDs in the workplace and the grave technical espionage threat that PEDs pose to classified and sensitive information. (more)

Intercepting Unencrypted WiFi Not Wiretapping

A federal judge in Illinois has ruled that intercepting traffic on unencrypted WiFi networks is not wiretapping. The decision runs counter to a 2011 decision that suggested Google may have violated the law when its Street View cars intercepted fragments of traffic from open WiFi networks around the country.


The ruling is a preliminary step in a larger patent trolling case. A company called Innovatio IP Ventures has accused various "hotels, coffee shops, restaurants, supermarkets," and other businesses that offer WiFi service to the public of infringing 17 of its patents. Innovatio wanted to use packet sniffing gear to gather WiFi traffic for use as evidence in the case. It planned to immediately delete the contents of the packets, only keeping the headers. Still, the firm was concerned that doing so might violate federal privacy laws, so it sought a preliminary ruling on the question.

Federal law makes it illegal to intercept electronic communications, but it includes an important exception. It's not illegal to intercept communications "made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public." (more)

Watergate History: Ford Pardons Nixon

On Sept. 8, 1974, President Ford granted an unconditional pardon to former President Nixon.

Thursday, September 6, 2012

Spy Project Corporate Espionage Case Settles Out Of Court

CO - Paragon Dynamics Inc., an Aurora defense contractor, is paying $1.15 million to settle allegations it stole bid information from Raytheon Corp. about spy agency projects over which the companies competed in 2009... 

Around July 31, 2009, an unidentified senior software director for Paragon used computer access to Raytheon’s systems in Aurora to obtain Raytheon’s bids for two NRO projects — code named Antietam and Savannah — plus other information, the settlement agreement says.

Security cameras caught the employee faxing some of the information to the president of Paragon Dynamics, who forwarded it to someone at a company Paragon partnered with to compete against Raytheon for the NRO’s Antietam contract, the government said. (more)

International Hotel Rooms: The Enemy's Gateway To Economic And Industrial Espionage

by Luke Bencie
"For most international business travelers, overseas hotel accommodations can conjure up an array of images. Depending on the region of the world they travel, frequent fliers know that lodging is never consistent.

For example, Southeast Asian hotels deliver a personal attention to detail that can only be found in the Orient, while hotels in the Middle Eastern Gulf states compete against one another through stunning opulence to attract powerful sheiks and wealthy oil barons. Closer to home, Latin America and Caribbean provide relaxing, tropical beach resort, while Europe still offers old world charm in quaint surroundings..."   Read the whole article here.

Mr. Bencie also conducts instructional seminars for executives who travel overseas. (more

If the above article applies to you, you should also read: 
Top Five Ways Business Executives are Spied Upon Overseas and How They Can Protect Themselves (Luke Bencie)
The Top Twenty Information Security Tips for Business Travelers to Closed Society Countries (Kevin D. Murray)
Staying Safe Abroad: Traveling, Working & Living in a Post-9/11 World (Edward Lee)

Sunday, September 2, 2012

Spy Tie Helps Make the Collar

via GeekAlerts.com...
Are you a spy and in need of a new camera that others won’t notice? This Spy Camera Tie with Wireless Remote will help and make you a well dressed James Bond.


Click to enlarge.
It looks just like a regular tie, but it records audio & video. It comes with a remote control and a built-in 4GB DVR. The built in USB port makes it easy to transfer data. This spy gadget will record up to 3 hours per single charge so you can get plenty of footage.

($70 at Amazon.com)


Why do I mention it?
So you will know what you are up against.
~Kevin

Saints Vindicated

LA - Louisiana State Police investigators have found no evidence that the Saints or general manager Mickey Loomis rigged Superdome wiring so opposing coaches' radio communications could be intercepted.

''This has been an intensive investigation, and after numerous interviews we have determined that there is no evidence that state laws have been violated,'' State Police Col. Mike Edmonson said Monday after meeting with Saints owner Tom Benson in New Orleans to brief him on the status of the probe.

State police investigators have been working in conjunction with the FBI since the eavesdropping allegations surfaced in news reports in April.

''We found no corroborating evidence that Mickey Loomis or anybody in the Saints was engaged in wiretapping or eavesdropping,'' Edmonson said. (more)

Fin for Fino - Argentine Ex-Police Chief Indited for Spying

Argentina - A court confirmed the indictment of former Metropolitan Police head Jorge “Fino” Palacios, who is accused of using the NOSIS system to spy on opposition city lawmakers...

The victims of the alleged spying were City lawmakers Silvia La Ruffa, Diana Maffia and Gonzalo Ruanova, and Patricio Datarmini, head of the City public employees union.

Palacios is accused of leading an illicit organization aimed at wiretapping opposition lawmakers. City Mayor Mauricio Macri is also accused of taking part of the illicit organization. (more)

Hello Moto - Ex-employee Sentenced for Spying

IL - A federal judge sentenced a Chinese-born American to four years in prison for stealing millions of dollars in trade secrets from Motorola, describing her as a soft-spoken, unassuming woman who carried out a ‘‘very purposeful raid’’ on the company in the dead of night.

In a barely audible voice and heavily accented English, 41-year-old Hanjuan Jin told the judge she was ‘‘so sorry for what happened’’ and pleaded for a second chance. Her lawyers had argued that she took the files merely to refresh her knowledge after a long absence from work and was not spying for China. They appealed for leniency and asked that Jin receive probation, in part because of her poor health. ( more)

But before you pull out your hankerchef...
Jin, who worked as a software engineer for Motorola Inc. for nine years, was stopped during a random security search at Chicago’s O'Hare International Airport on Feb. 28, 2007, before she could board a flight to China. Prosecutors say she was carrying $31,000 and more than 1,000 confidential Motorola documents, many stored on a laptop, four external hard drives, thumb drives and other devices.