- Innovation, regulation and research on tap at RSA 2008
- Researchers uncover 100 VoIP vulnerabilities
- Badware not pushing users offline
- Web attacks won't stop
- Most sites still hack-able
- Tips on employee monitoring
- Research: IT security maturing, but misaligned
- Clarke sharply criticizes Bush cyber-security plans
- Conference seeks to bridge risk, research
- Core finds new CEO
October 28, 2006 | Comments: (0)
You know it's bad when Halloween doesn't scare you
It's been a tradition of mine for some time to grab a fairly scary movie on Halloween and spend the night split between watching said fright flick and answering the call of neighborhood kids looking for a sugar fix.
You know, watching something so scary that rational thought is overridden for a brief moment. I can't pick out a movie that would do it for you, since everyone's different, but you know what I mean. I'll be you can think of a specific movie right now that would give you the heebie jeebies under the right circumstances.
The really frightening thing that I realized today is the fact that sitting in the dark watching a horror movie is not as scary as sitting down at a PC that I don't own or maintain.
That's really saying something.
And I don't think it's just my paranoia talking.
I sat down at a generic PC today, checked to make sure that the firewall was on, running and up-to-date, ran through a check of local anti-virus status, ran a quick anti-spyware scan via my USB drive, and still couldn't bring myself to log onto any system that I would normally be connected to remotely from my own laptop.
"Wouldn't be prudent at this juncture"
Of course, there are several solutions for this problem. I'm actually looking at one from Realm Systems that I've been putting through its paces and should be out as a review in the next few weeks. It's solid in terms of security for corporate access from off-site machines, but a bit pricey. Symantec and CheckPoint, not to mention GreenBorder, also provide solutions for secure remote access from untrusted hosts.
What this all boils down to is that I guess I'm more concerned about getting my credentials stolen than finding a razor blade in a candy apple.
Okay, maybe both to me are equally bad.
So, my question to you is: What do you use to reduce the fright factor of remote workers accessing your network? Is VPN software your primary defense? Or do you just close your eyes and take a big bite from that candy apple?
Remote worker survey
What started this whole new paranoid track going on in my head was that I just saw Cisco's new remote worker survey. Cisco surveyed a thousand international remote workers and gathered their responses on their remote use habits. I'll post it here next week so that you'll all get to join me in a good Halloween fright.
Posted by Victor R. Garza on October 28, 2006 03:29 PM
RATE THIS ARTICLE:
-
- COMMENTS
How about a live CD of your favorite Linux distro with a USB san disk drive for your data?
The only thing then running on the PC is the Linux distro from the CD which won't be corrupted.
Posted by: sam o rogers at October 31, 2006 09:14 AMSam,
My favorite is the Knoppix STD Distro. Most all of the security tools you could want, all in one place.
http://s-t-d.org/
Posted by: Victor R. Garza at October 31, 2006 09:21 AMNope ... you're not paranoid .... I'm with you and I keep my personal PC personal and I don't use generic PCs for anything other than websurfing. On the Enterprise side, we provide to remote users laptops with all the security tools installed and running automatically, and you only access the network via VPN w/ 2-factor authentication. Even the Web Portal requires the same 2-factor authentication. Oh, and BTW .... Once you provide robust secure remote access then company data can be removed from the laptop and left on the Enterprise servers. I no longer carry paper (my laptop bag is much lighter), I don't even think about backups (my datacenter friends take care of that), and if my laptop gets stolen or just plain busted... I have not lost a thing or exposed company data. No, you're not paranoid.... just realistic. Now for a bite of halloween candy.....
Posted by: ewl at November 1, 2006 11:45 AM| ZERO DAY PODCAST |
| Listen to the latest podcast: |
MP3
•
•
•
Archive
•
![[VoiceIndigo Mobilize - Listen to podcasts on your mobile phone]](http://www.voiceindigo.com/ht/images/mobilize_logo_sm.gif){kind=logo}
|
TOP STORIES
Top 10 stories of the weekA new place to hide rootkits
Sun exec on OpenSolaris, Linux
AT&T: No free iPhone Wi-Fi info
MS to appeal E.U. fine
XP SP3 causes endless reboots
Vista as insecure as Win 2000
Google grilled on human rights
Java ubiquity an edge in RIA battle
The InfoWorld news quiz
ADDITIONAL RESOURCES
- Virtualization: A Step by Step Approach to Success
- Dialing up Agility with Business Transformation
- 5 Things You Need to Know About Storage Virtualization
- Virtual Test Lab Automation: Manage development infrastructure
- Improve Resource Utilization and Lower Operating Costs
- Protect Your Data with SSL
