About.com Business Security

Write That Disaster Recovery Plan Now

Mon, 30 Nov 2009 08:00:38 +0000

James Bucki says that writing a DRP is like planning your own funeral. Inspiring, no?

The difference is, if you fail to write your plan, you may still be around to deal with the mess after the disaster hits.

So, to help you start and finish writing your plan, I've added James' excellent guide to writing a quick and dirty disaster recovery plan to my site. Follow his six steps, and you'll have that plan written and implemented in no time.

Write That Disaster Recovery Plan Now originally appeared on About.com Business Security on Monday, November 30th, 2009 at 08:00:38.

Permalink | Comment | Email this

RFID Tags May Get Harder to Clone

Sat, 28 Nov 2009 23:30:24 +0000

They are used on everything from department store merchandise to passports. And now Radio Frequency Identification Tags (RFID) may be getting an extra layer of security.

At present, it is possible to clone an RFID Tag by copying its unique information onto a new tag. But researchers at the University of Arkansas have discovered that each tag has a unique electronic "fingerprint" due to radio frequency and manufacturing differences in the device itself.

If adopted by industry, this added safeguard may address the security and privacy issues raised by the wide deployment of RFID tags.

Take a look at this Press Release to learn more about the University of Arkansas research.

RFID Tags May Get Harder to Clone originally appeared on About.com Business Security on Saturday, November 28th, 2009 at 23:30:24.

Permalink | Comment | Email this

An Inconvenient Leak

Tue, 24 Nov 2009 00:42:06 +0000

Some years ago, I was introduced to the Wall Street Journal Rule for business email. Briefly stated; don't say anything in an email that you wouldn't want to see printed in the WSJ.

The guys at the UK's Hadley Climate Research Center didn't follow the rule and guess where their climate change research and internal emails are being discussed? In the Wall Street Journal, The New York Times and a gazillion blogs all around the web. In addtion, you can now download their body of work from Wikileaks and other sources.

The hacked files seem to document an attempt to fudge data and discredit dissenters. Things will get interesting as the story unfolds and the leaked info is analyzed.

Wherever you stand on global warming, Tony Bradley's advice in PC World is worth heeding:

Make sure you have security controls in place to prevent unauthorized access. Encrypt the data so that it can't be compromised even if the security controls fail. And, ultimately, don't write things in e-mails that you wouldn't want broadcast on the big screen in New York's Times Square.

An Inconvenient Leak originally appeared on About.com Business Security on Tuesday, November 24th, 2009 at 00:42:06.

Permalink | Comment | Email this

Armed Security Thwarts Pirates

Thu, 19 Nov 2009 23:06:57 +0000

For the second time in seven months, Somali pirates attacked the Maersk Alabama. Unlike the last skirmish, which resulted in a hostage standoff, security personnel quickly repelled this latest threat.

The attack took place roughly 600 miles of the coast of Somalia as the ship headed for the Kenyan port of Mombasa. A security team on board the Maersk Alabama responded to the attack with small arms fire. They also unleashed a Long Range Acoustical Device (LRAD). The LRAD fires a focused, 150 decibel beam of sound which is loud enough to cause permanent hearing damage, intense pain and temporary blindness.

Shipping companies, like many businesses, debate the pros and cons of using armed security. In this case, the security team responded effectively and protected the lives and cargo aboard their vessel.

According to a statement from the US Navy:

The security team embarked aboard Maersk-Alabama responded to the attack by using evasive maneuvers, Long-Range Acoustic Devices (LRADs) and small arms fire, causing the suspected pirates to break off their attack.

"Due to Maersk Alabama following maritime industry's best-practices such as embarking security teams, the ship was able to prevent being successfully attacked by pirates," said Vice Adm. Bill Gortney, commander, U.S. Naval Forces Central Command. "This is a great example of how merchant mariners can take pro-active action to prevent being attacked and why we recommend that ships follow industry best practices if they're in high-risk areas."

Further Reading:
Do You Need an Armed Guard?
Defeat Your Pirates

Armed Security Thwarts Pirates originally appeared on About.com Business Security on Thursday, November 19th, 2009 at 23:06:57.

Permalink | Comment | Email this

Erasing Hard Drives with Handguns

Tue, 17 Nov 2009 23:40:29 +0000

If you have a to comply with HIPAA, Sarbanes-Oxley, or protect trade secrets, you already know that a discarded hard drive can come back to bite you. So, not long ago, I wrote an article explaining how to erase a hard drive completely.

Apparently, there is one method I overlooked. The guys at Data Devastation will sanitize your hard drive with a .357 magnum. Or an AK-47 for that matter.

For about $60, these pros will take your drive to a range, unleash a fusillade that will wipe it to Department of Defense specs, and provide physical evidence that the data is gone.

You can even choose the caliber.

Erasing Hard Drives with Handguns originally appeared on About.com Business Security on Tuesday, November 17th, 2009 at 23:40:29.

Permalink | Comment | Email this

A Lesson from Sherlock Holmes

Sat, 14 Nov 2009 22:34:35 +0000

This is probably the last post I'll write concerning the Fort Hood shootings. From a business security aspect, the salient lesson has to do with workplace violence, a topic I touched on last Wednesday.

New facts continue to come to light, however, including recent reports that it may have been Sgt. Mark Todd and not Sgt. Kim Munley who actually took the shooter down. This doesn't make Sgt. Munley one iota less of a hero, it only highlights the difficulty of nailing down verifiable facts in the aftermath of a violent attack.

As I continue to watch the available information swirl and realign, I'm reminded of this sage advice from Sherlock Holmes:

It is a capital mistake to theorize before one has data. Insensibly one begins to twist facts to suit theories, instead of theories to suit facts.

A Lesson from Sherlock Holmes originally appeared on About.com Business Security on Saturday, November 14th, 2009 at 22:34:35.

Permalink | Comment | Email this

Fort Hood: Warning Signs Missed?

Wed, 11 Nov 2009 00:38:06 +0000

Readers know that the purpose of this site is not to analyze national security/terrorism issues. Still, national security and business security are inextricably connected. And practitioners in the public and private sectors can and should learn from each other.

One of the questions swirling arond the Fort Hood shootings is, Were early warning signs missed? History suggestst that those who travel the tortuous path to rampage killing drop plenty of bread crumbs along the way.

Haig Neville in Dealing With Workplace Violence, notes:

A New York Times study of 100 rampage murders ... found that most of the killers 'spiraled down a long, slow slide, mentally and emotionally.' According to the study, most killers gave multiple signs that they were in trouble.

With this in mind, employers should be alert to some of the predictors of violent behavior. These include employees who: use intimidation, talk about weaponry, exhibit paranoid or anti-social behavior, feel they're not being heard by the company, express extreme desperation, have a history of violence, are loners who don't fit in with the group.

For further reading, take a look at Human Resources Guide Susan Heathfield's article, Workplace Violence: Violence Can Happen Here.

Fort Hood: Warning Signs Missed? originally appeared on About.com Business Security on Wednesday, November 11th, 2009 at 00:38:06.

Permalink | Comment | Email this

No Evidence of Friendly Fire at Fort Hood

Mon, 09 Nov 2009 08:15:47 +0000

Authorities do not believe there is any evidence of friendly fire in the Fort Hood shootings.

According to a recent story in CNN Justice:

Army Criminal Investigation Command spokesman Chris Grey said authorities did not believe that any of those killed or wounded were shot by anyone other than the suspect, Maj. Nidal Malik Hasan. Furthermore, Grey reiterated that all evidence indicates that the suspect "acted alone." Grey said there was "no evidence to contradict that finding." He added that the investigation is continuing.

No Evidence of Friendly Fire at Fort Hood originally appeared on About.com Business Security on Monday, November 9th, 2009 at 08:15:47.

Permalink | Comment | Email this

Fort Hood: Separating Fact from Conjecture

Sat, 07 Nov 2009 00:01:25 +0000

Opinions and expert commentary are zinging through the media like Ricochet Rabbit today. As the story behind the Fort Hood shootings continues to develop, I am attempting to separate the facts from the guesses.

This is what we know, as of this evening:

The suspected shooter's name is Maj. Nidal Malik Hasan
Hasan was an army psychiatrist and about to be deployed - some reports say to Iraq, others to Afganistan
Hasan is the sole suspect in the shooting
Hasan is a Muslim
The Council on American-Islamic Relations (CAIR), along with other prominent Muslim groups, has condemned the attack
Hasan was fired on by Police Officer Kimberly Munley five minutes after the first 911 call came in
Officer Munley took several gun shot wounds but continued to fire until Hasan went down
The suspected shooter is currently on a ventilator in stable condition
Soldiers in the vicinity responded quickly and heroically, treating the wounded and sealing off a nearby crowded auditorium
Fort Hood operates like a small city, and soldiers living on base do not carry firearms as a matter of practice
13 are dead
Roughly 30 are wounded
All but two of the victims were soldiers

This is either conjecture or, at best, unconfirmed:

Some of the dead or injured were hit by friendly fire
The suspect shouted "Allahu Akbar!" before opening fire
Hasan was known to have made extremist postings on the Internet as well as disturbing private statements about his disdain for the military

The real facts of this case are coming to light even as I type. Based on what we know a picture emerges of a disturbed loaner and a brave community reacting decisively to an attack.

I was quite discouraged listening to the radio today as callers and broadcasters who couldn't possibly have collected enough information to form a sound opinion, nevertheless fired off authoritative commentary on what caused this tragedy and how it could have been averted.

It was up the first responders to act quickly - instinctively - to end this attack. It is up to the rest of us to calmly and thoroughly gather information before making any pronouncements or policy decisions. In security, we must avoid making decisions based on the raw emotion of the moment. And we must shun feel-good responses that give the appearance of action but do little to actually make people safer.

Risk can never be eliminated. It can only be managed. All we can really do today is to fly our flags at half mast, and pray for those grieving and recovering in the wake of this madness.

Fort Hood: Separating Fact from Conjecture originally appeared on About.com Business Security on Saturday, November 7th, 2009 at 00:01:25.

Permalink | Comment | Email this

Bullying in the Tower of London

Thu, 05 Nov 2009 00:14:15 +0000

A couple of weeks ago I wrote about bullying in the work place. This week we learned that two of England's iconic Beefeaters have been suspended for allegedly bullying Yeoman Warder Moira Cameron.

Cameron is the first woman to serve on the corps of Tower Guards tasked with protecting the Crown Jewels. Accoring to a story that broke earlier this week, she has been the target of repeated harassment by her male counterparts. Tower of London officials are investigating the allegations.

The Yeomen Warders of Her Majesty's Royal Palace and Fortress the Tower of London, as the Beefeaters are properly titled, were organized in 1485. According to a popular theory, their knick-name was inspired by the extra ration of beef that the guards used to receive. In order to qualify for this position, candidates must have served at least 22 years in the Army, Royal Marines or Royal Air Force retiring as a non-commisioned officer.

Photo: Getty Images

Bullying in the Tower of London originally appeared on About.com Business Security on Thursday, November 5th, 2009 at 00:14:15.

Permalink | Comment | Email this