Where can you go to get a pop up blocker for your computer? If you are like me, then there is little you find more annoying than logging on to the internet only to be bombarded with pop up ads. They are annoying and worse than that, they are dangerous for your computer. Pop up ads can cause viruses or put spyware into your computer without your knowledge. So, in order to cut down on or, hopefully, completely rid yourself of pop up ads, it is advisable to get yourself a good pop up blocker. When you go to get your pop up blocker, you should check online, in your local computer store, and with friends or family to get the best results.

The first place, ideally, to look for a pop up blocker is online. There are many legitimate free download sites that offer pop up blockers. Generally, you can download them directly from the site and have them working in no time. If, like me, you are a little bit paranoid about any download, then some of the companies will even send you a CD. If you go that route, though, just bare in mind that you will likely have to wait a week or two to get your pop up blocker. As you peruse the internet for your pop up blocker, though, be careful that you only download what you know. Make sure it is a legitimate site from which you are downloading and that the pop up blocker is a legit.

The second place to get a pop up blocker is off the shelf of your local computer store. Many of the software programs you have or put on your computer, especially internet browsers, already have a pop up blocker. However, you can buy other pop up blockers off of the shelf at your local computer store. Go in, speak with a sales consultant, and find out which one will work best for you. It is often said that you get what you pay for, and sometimes pop up blockers are that way, so buying one at the store can prove to be a worthwhile investment over a free one off the internet.

The third thing to do as you look for a pop up blocker to improve your computer is to talk with friends and family. Word of mouth is a powerful consumer report, so talk to people you know who have downloaded blockers, bought them, or are just using the ones that came with their existing software. You will quickly find out what is worth your time and money and which is not. Asking around is a great idea so that you can make the most of your money.

Pop up blockers are almost a necessity anymore. You likely do not enjoy or want to read the pop ups that litter your browser every time you find your way to the wrong internet site. Instead, you want to be able to browse the internet with speed and with peace of mind that you aren’t getting bombed with the viruses and spyware that can be associated with those pop ups. So check out the internet, browse your local computer store, and check out what your friends and family have to say to get yourself the perfect pop up blocker for you.

If you would like to read more of my articles on popup blockers, please feel free to visit my website on destroying popups!

Email Fraud is no more news. We regularly, hear of successful frauds committed on the Internet through the use of fraudulent mails. 419 fraud is a code name for an Email Fraud originating from Nigeria.

Take note, do not be deceived 419 fraud is a code name for an email fraud that promises contracts involving large sums of money. It is not peculiar to Nigeria alone but mostly originates from Nigeria.

WHY ARE PEOPLE FALLING VICTIMS TO 419 FRAUD

The 419 fraudster, uses social engineering neglected by most information security consultants to gradually convince the unsuspecting victim that the fictitious contract dangled before the victim is legitimate.

People are falling victims everyday why?

• They get close to you through regular chats over a long period of time, developing a kind of bond (friendship).

SAMPLE OF A TYPICAL 419 MAIL (EMAIL FRAUD)

This sample 419 Mail is Original(no correction of spelling mistakes).

Mr. Felix Afuwa
ECOBANK
Credit control Manager
Victoria - Island Branch
Tel.: 234-1774-8735
Fax: 234-1759-3019

Attention: XXXXXXXXXX

I am Mr. Felix Afuwa, the Credit Control Manager of ECOBANK - Victoria Island branch in Lagos Nigeria.

I am in charge of credit finances in the bank. The banking sector has a peculiar nature in my country as it concerns financial transactions; anything is possible for you to stay afloat with the enormous competition therein.

There was this foreigner Mr. John VanderPloeg who came at a time to deposit the sum of US$15.8million United States dollars in several installments on behalf of some multinationals for the prosecution of the Late General Sani Abacha to succeed himself as the civilian President of my country. What happened to this plot is left for prosperity to judge.

My reason for contacting you is because I want to find out if you could assist me with this situation.

This money has been in the bank for some time and due to the manner and purpose for which it was deposited, there was no next of kin provided for this transaction. Mr. John VanderPloeg I have on good authority was just an agent used for this purpose and has fled the country following a series of revelations on how the Abacha’s plundered the Nigerian economy and more revelations coming up at the present Oputa panel 3years after the death of the dictator. At the end of this year the bank would mob the money up if nobody comes forward to lay claim.

Taking into cognizance the foregoing, I am in a position to make all necessary arrangement to portray you as the next of kin as it affects this transaction at the bank, so that this money can be immediately transferred on your request to another bank account abroad.

I am willing and ready to offer you 10% of the funds for you assistance.

Call me so that we can discuss further

Yours truly,
Mr. Felix Afuwa

TIPS ON HOW NOT TO BE A VICTIM OF 419 MAIL (EMAIL FRAUD)

• Do not open a mail you didn’t solicit or request for.

Advice

Fraudulent mails are sent out daily. Do not fall a victim by getting regular education on fraudulent mails through newsletter subscription, audio seminars, security e-courses, purchase of security ebooks. Don’t be the next victim take security awareness education serious.

Christopher Okoh
CEO
Computer Security & Network Associates.
Website: http://www.compsana.com
He has written over 100 computer security articles. He also writes for computer security magazines and newspapers. He specializes in security awareness training through free articles, audio seminars, newsletters, e-course, and e-books. The wave making title released by him is “419 Fraud Is a Reality. Don’t Be Caught Off Guard”. Over 5,000 downloads the first week of its launch. Several Information Security Consultants recommend it a must read.Visit http://www.compsana.com for a copy of this wave making e-book. His main pre-occupation is to create enough security awareness on the web to drastically reduce the number of cyber fraud victims.

Passwords to access computer systems are usually stored, in some form, in a database in order for the system to perform password verification. To enhance the privacy of passwords, the stored password verification data is generally produced by applying a one-way function to the password, possibly in combination with other available data. For simplicity of this discussion, when the one-way function does not incorporate a secret key, other than the password, we refer to the one way function employed as a hash and its output as a hashed password. Even though functions that create hashed passwords may be cryptographically secure, possession of a hashed password provides a quick way to verify guesses for the password by applying the function to each guess, and comparing the result to the verification data. The most commonly used hash functions can be computed rapidly and the attacker can do this repeatedly with different guesses until a valid match is found, meaning the plaintext password has been recovered.

The term password cracking is typically limited to recovery of one or more plaintext passwords from hashed passwords. Password cracking requires that an attacker can gain access to a hashed password, either by reading the password verification database or intercepting a hashed password sent over an open network, or has some other way to rapidly and without limit test if a guessed password is correct. Without the hashed password, the attacker can still attempt access to the computer system in question with guessed passwords. However well designed systems limit the number of failed access attempts and can alert administrators to trace the source of the attack if that quota is exceeded. With the hashed password, the attacker can work undetected, and if the attacker has obtained several hashed passwords, the chances for cracking at least one is quite high. There are also many other ways of obtaining passwords illicitly, such as social engineering, wiretapping, keystroke logging, login spoofing, dumpster diving, timing attack, etc.. However, cracking usually designates a guessing attack.

Cracking may be combined with other techniques. For example, use of a hash-based challenge-response authentication method for password verification may provide a hashed password to an eavesdropper, who can then crack the password. A number of stronger cryptographic protocols exist that do not expose hashed-passwords during verification over a network, either by protecting them in transmission using a high-grade key, or by using a zero-knowledge password proof.

David is the leader of a software development team, who developed many types of automation software. One of them is http://www.ArticlePostRobot.com, the software which can post articles to hundreds of article sites and mail lists automatically.

Ample media attention has been focused on security issues such as viruses, phishing attacks and theft of sensitive customer information from large databases. The proliferation of Spyware and Malware (malicious software) has also garnered media attention. Another major, yet seldom discussed threat which goes on largely ignored outside the IT community is the theft and redistribution of email.

To make a product which best addresses the quiet rise in email thuggery, sometimes we have to think like a criminal or mal-doer. How would these digital thugs hunt for Personal Identifying Information (PII), company assets or secret email conversations intended to be read ONLY by the recipient? Consider this article a security instructional on how-to get inside the mindset of those "bad guys."

Your occupation influences the number and type of emails you create and send each day. Most of the email you send contains harmless, benign material that you wouldn’t mind anyone else reading or sharing with others. However, there are portions of your online communiqué each day that probably shouldn’t be forwarded. These messages and attachments contain information that if stolen and/or re-distributed could harm yourself and/or your business. The following are just some ways a thief could intercept your email.

Interception of your wireless signal -

If you use an unencrypted wireless to log-on the internet or your local server, you are running a high risk of having your information stolen. The majority of wireless networks are completely unsecured.

Although it only requires a click to enable wireless security, most users do not encrypt their wireless transmissions. Intercepting these unsecured messages is trivial, making it easy for hackers to gain access to email as well your files stored on your laptop.

Be cautious of local hotspot café. Hotspot hijackers may also utilize wireless networks to insert viruses, spy-ware, or malware on the computers of those who connect unsecured to the hotspot network.

Access to your email account is stolen -

Once and outsider has gained access to your email account, they not only have access to all of your messages (and potentially your on-line passwords) but can also use it to distribute spam, viruses and other harmful information that appears to come from you. Three methods are typically used by outsiders to gain access to your email account:

1.) Theft via interception
2.) Password cracking
3.) Key loggers

Your email password and username can easily be intercepted if you log-in via an unsecured connection. To ensure that you are logging-in securely, look for the https: prefix on the web address. Doing so will greatly reduce the possibilities for password interception.

If you use a simple password consisting of a single word that exists in the dictionary, your email can be easily hijacked. If they want your information bad enough, motivated hackers can either guess it or crack it by using software tool to try every word in the dictionary until access is gained.

The best way to prevent password cracking from happening is to choose a strong password which is a combines different cases, letters, numerals and symbols such as "4JeIw#Tr&2".

Diligent email hackers can also gain access to your email by installing key-logging software on your computer. Key-logging software silently records all of your key strokes and sends them to an interested individual or group. Your usernames and passwords can be parsed and then used to steal your on-line access to your email, credit card, bank information, shopping accounts or any other means of PII (Personal Identifying Information). The best means to thwarting key-login is to use anti-spyware and firewall protection and always keeping them up to date.

Insider leaks and Redistributing Sensitive Content -

Employees are the leading cause of corporate security breaches. According to a 2005 study by the FBI and CSI.(1) Insider abuse accounts for approximately 50% of all security breaches. You may only have to look out across your SMB’s office to see a digital thief among you.

The Ponemon Institute’s "Survey on Data Security Breaches" reveals that 69% of all serious data leaks occur as a result of employee activities, whether intentional or unintentional (2). Of those leaks, 14 % involved intellectual property including software source code. Other findings by the Ponemon institute cross into business-client best practices area and are as follows:

* 39 % involved confidential business information.
* 27 % involved personal information about customers
* 10 % involved personal information about employees

Dissemination of sensitive information can happen all too easily. An accidental click of the "Forward" or "Reply All" button can send proprietary information to unwanted parties.

Interception on Your Company’s Network -

Many companies do not have security protocols in place to prevent the interception of interoffice email. Before email is transferred to the internet it typically travels through the corporate intranet first. If your local network is not secure, it is a trivial matter for an employee with packet sniffer software to intercept all of your intra-network communications.

Company Scanning of Outbound and Inbound Email Content -

According to a 2004 survey by the American Management Association and ePolicy Institute (Workplace E-Mail and Instant Messaging Survey,) 60 % of American Companies use software to monitor the content of inbound and outbound email messages (3).

Email containing everything from inappropriate language, file types and other data are often flagged by a company’s IT Department. While monitoring employee email can reduce a company from liability, this policy can have a different, malevolent result. In a worst case scenario, unscrupulous IT insiders may be tempted to gain access to a company’s email logs, thereby compromising executive and other departmental communication.

Interception at the ISP Server -

While most Internet Service Providers (ISPs) have very sound security policies regarding access to their servers, it is possible for an ISP insider to get a hold of your email and attachments. Your email is stored in a queue for a split second while being transferred from server to sever on its way to your recipient’s inbox. In most cases your emails are deleted as soon as they arrive at the next stop. As in the previously mention "Company Scanning" scenario it is just as plausible that your email could be hijacked by a malicious ISP employee who decides to mirror all of the ISP’s contents on his or her own server. This may be of particular concern when sending email to countries that do not enforce individual privacy protection policies.

Cross-Border Interception -

When emailing internationally there are few legal safeguards to keep your email and attachments from being stolen. In many developing nations your proprietary information could provide a financial windfall for the employees of the local ISP. Your email will likely reach your recipient but it have also have been copied, sold or sent elsewhere. Without added security measures, neither you nor your company will have knowledge of the ill-effect until the damage has been done.

If foreign laws do not allow your recipients to install encryption software, find another way to transfer your important information.

Diligency About Your Online Safety Pays -

Hackers, digital thieves, thugs and general internet mal-doers strive to intercept your email with the goal of financial gain or to cause havoc. Avoiding them will inevitably save your company’s assets. Staying abreast of the newest ways to steal your PII and paying attention to Security and Technology news in general is key to a best practices business policy.

SMBs (Small and Medium Businesses) in the technology sector are seeing security and encryption as the forefront of their IT priorities. In July 2005, Forrester Research released its SMB findings after surveying nearly 800 technology decision-makers on their IT services priorities. Among Forrester’s findings, 71 percent of SMBs will buy security software, similar to the 75% that said they would invest in 2004 (4).

Isn’t SBRM (Small Business Rights Management) Expensive? -

Compliance as it concerns digital data is finally catching up to the widening commercial sector which is highly impacted by the success of small businesses. Small firms dealing with compliance issues can turn to specific SBRM solutions to bridge the gap between staying current with industry regulations and staying in business. ERM (enterprise rights management) software has itself has begun to slim down in price in acknowledgement of the budgetary constraints of small businesses. Current SBRM software can be as vastly robust as common ERM solutions, but as they are specified for the needs of smaller business entities, are more affordable too.

Using encryption will ensure secure transmission when sending email. However, the best way to prevent your email and attachments from being intercepted and redistributed is to use Digital Rights Management (DRM) software, which is often described within the business sector as Enterprise Rights Management (ERM). DRM for the Enterprise and Small Business sectors gives content authors the power to determine how recipients may use their email and documents. For example, senders can prevent unauthorized distribution (no forwarding, printing) and prevent unauthorized editing (no cut, copy, paste) of content, i.e. copy prevention.

When taken into account, the countless hours put into building your company, protecting your company assets from online thugs is a necessary tool to ensure your business survives from this year to the next.

- - - - - - - - - -

End Notes:

1.) Gordon, Lawrence A., Martin P. Loeb, William Lucyshyn and Robert Richardson, "CSI/FBI Computer Crime and Security Survey" http://www.cpppe.umd.edu/. July 2005, 13.

2.) Ponemon Institute - as cited by DRM Review), "Leading Cause of Data Security Breaches Are Due to Insiders, Not Outsiders" DRM Review February 10, 2005 http://www.dmreview.com/article_sub.cfm?articleID=1019828 December 1, 2005.

3.) Virginia Business Magazine Online "Email Snooping" May 2005 Issue, Virginia Business Magazine, December 1, 2005, http://www.virginiabusiness.com

4.) Michael Speyer, and Liz Herbert, "Software And Services in the SMB Market - Business Technographics," Forrester Research. http://www.forrester.com

- - - - - - - - -

Ms. Veniegas is an alumni of the University of Washington Marilee joined the Marketing team at Essential Security Software, Inc. in 2005. She also serves as one of the ESS site editors for I Want My ESS! a stolen work and SMB resource site.

There is already a lot being said about malware (Trojans, viruses, worms, etc.) and attempts to obtain your cash, personal identity, usernames and passwords through various frauds and phishing schemes. While this is crucial information to have, practically nothing is being written about the tremendous amount of personal information pouring onto the Internet through the careless use of blogs and photo album services. In these popular new Internet outlets there exists a dangerous opportunity for predatory criminals; bloggers may in fact be fueling the fire and opportunity that these monsters need to commit their crimes!

To reinforce my statement I would love to point out one shining example I stumbled across a week ago and illustrate how one particular blogger has put her entire family in jeopardy. In the interest of their safety however, I am not going to identify the particular blog. I will however, relate to you what I saw so that you may learn from her mistakes then take an objective look at your own online presence and determine if changes need to be made.

The name of her site was something whimsical like “The Smith Family Blogosphere of Happiness” and the blog had its own URL- “TheSmithFamily.com.” This blogger was obviously dedicated! There were many pictures in the online photo album of blogger, her husband and beautiful children in various activities both at home and at school. She obviously put a lot of thought into the numerous blog entries about various subjects: family vacations; the usual ups and downs that she and her husband have at work and raising their children; how she felt about some issues in her community and anything else that seemed to cross her mind. It was a typical non-commercial blog.

No big deal right? Wrong… in terms of personal security this blog was a nightmare.

The first thing I noticed was that she identifies her last name in the title of her blog. A quick trip to the WHOIS database verified that her URL was registered publicly and identified the blogger by name, home address, private email address and home phone number.

She did a good job at referencing her children in her blog posts as “the oldest boy,” “our youngest son,” or “my daughter” but she mistakenly names most of the picture’s filenames after them (i.e. janes_xmas.jpg, johns_new_bike.jpg or john_and_jim.jpg); anyone can tell who’s who and put a face to a name.

Most horrifically, the kids are in athletic uniforms with the name of the school emblazoned across the front; knowing each child’s name, what they look like and the name of their school in conjunction with the address I obtained through the WHOIS record would allow me to find these particular children at school very easily.

While she only references her husband by his first name it isn’t much of a stretch to put it with her last name to reveal his identity. She describes both of their positions at work and names their employers. I even found a post referencing a vacation they were all taking in Acapulco, Mexico in December. The post was written in October.

I could have gained motor vehicle registration information (which includes full name, address, VIN, driver’s license number and date of birth) through the vehicle license plate information found in one particular picture. There are unscrupulous sellers on the Internet who will provide this information instantly to anyone with a credit card.

In completing my cursory internet profile, I “Googled” the blogger’s name, which returned nothing except for the blog, but when I searched on the email address I obtained via the URL’s WHOIS registration, I found her eBay identity, an entire UseNet newsgroup identity (which I am MOST sure that she wishes to keep VERY private since she did a good job maintaining her anonymity there) and a few other interesting morsels of information too bizarre even to mention.

It would not take the mental muscle of an evil genius to gather just a little bit of information to make this family’s location, identity, and habits, readily discernable. What horror would befall them then if someone were so inclined to cause them harm?

There are several things she should do differently. First, use good ol’ common sense, there is no greater substitute! Change the title and the URL address of her blog and remove her family’s last name. She can use a “proxy” or private registration service to maintain her URL with the registrar. She should use generic file names for her pictures that do not identify the people in them and obscure identifiers in the photos like the license plate and the school name on the uniforms too. She shouldn’t discuss the identity of her employer; if it is important, then refer to it in a generic manner such as “I work at an auto parts store.” She certainly should not be advertising when and where she will be vacationing in the future. Lastly, she should use a free (and anonymous) email address to post to newsgroups… especially when anyone may blush at the more than casual reference to her sexual inclinations.

I realize that you cannot avoid all risk in life, but the bottom line is if you participate in the online world, you will have to bear the risk of a certain amount of exposure and be prepared to address the issues that are part and parcel with sharing personal information on the Internet. Additionally, I concede that this blog was without a commercial purpose; out of necessity one often has to share personal identifying information when running an online business. It simply goes along with the territory.

I hope that you will take a critical look at your own online identity right now. Ask yourself, “Am I absolutely comfortable with what I have found?” If you are not, then resolve to do something about it today because someone else may stumble across your little corner of the Internet and decide to find you tomorrow. Unfortunately, this is reality.

Have a safe and prosperous new year in 2006!

L. Scott Harrell is a private investigator and principal of CompassPoint Investigations, an investigative agency with offices in the Southeast United States specializing in the prevention of fraud, theft and embezzlement within small to medium-sized businesses.

More information regarding CompassPoint Investigations and our work can be found on the internet: http://www.CompassPointPI.com

Web and FTP Servers

Every network that has an internet connection is at risk of being compromised. Whilst there are several steps that you can take to secure your LAN, the only real solution is to close your LAN to incoming traffic, and restrict outgoing traffic.

However some services such as web or FTP servers require incoming connections. If you require these services you will need to consider whether it is essential that these servers are part of the LAN, or whether they can be placed in a physically separate network known as a DMZ (or demilitarised zone if you prefer its proper name). Ideally all servers in the DMZ will be stand alone servers, with unique logons and passwords for each server. If you require a backup server for machines within the DMZ then you should acquire a dedicated machine and keep the backup solution separate from the LAN backup solution.

The DMZ will come directly off the firewall, which means that there are two routes in and out of the DMZ, traffic to and from the internet, and traffic to and from the LAN. Traffic between the DMZ and your LAN would be treated totally separately to traffic between your DMZ and the Internet. Incoming traffic from the internet would be routed directly to your DMZ. Therefore if any hacker where to compromise a machine within the DMZ, then the only network they would have access to would be the DMZ. The hacker would have little or no access to the LAN. It would also be the case that any virus infection or other security compromise within the LAN would not be able to migrate to the DMZ.

In order for the DMZ to be effective, you will have to keep the traffic between the LAN and the DMZ to a minimum. In the majority of cases, the only traffic required between the LAN and the DMZ is FTP. If you do not have physical access to the servers, you will also need some sort of remote management protocol such as terminal services or VNC.

Database servers

If your web servers require access to a database server, then you will need to consider where to place your database. The most secure place to locate a database server is to create yet another physically separate network called the secure zone, and to place the database server there. The Secure zone is also a physically separate network connected directly to the firewall. The Secure zone is by definition the most secure place on the network. The only access to or from the secure zone would be the database connection from the DMZ (and LAN if required).

Exceptions to the rule

The dilemma faced by network engineers is where to put the email server. It requires SMTP connection to the internet, yet it also requires domain access from the LAN. If you where to place this server in the DMZ, the domain traffic would compromise the integrity of the DMZ, making it simply an extension of the LAN. Therefore in our opinion, the only place you can put an email server is on the LAN and allow SMTP traffic into this server. However we would recommend against allowing any form of HTTP access into this server. If your users require access to their mail from outside the network, it would be far more secure to look at some form of VPN solution. (with the firewall handling the VPN connections. LAN based VPN servers allow the VPN traffic onto the network before it is authenticated, which is never a good thing.)

Chris Weight is a writer for http://www.stekno.com, information for IT professionals

Living Digitized
The electronic flow of data permeates the fibers of every business. Try to make a transaction without accessing the binary realm - bets are that even the cash register used to ring your favorite morning beverage is accessing electronic data. Today, business survival and success depends on immediate connectivity and data communication.

Living in a digitized world has altered modes of business communication as well. Shooting a quick email off with a pricing quote or sending an answer to a email query are just as commonplace as a client call. Email has evolved into the standard mass communications tool, whether it be message communications or as a document courier. According to Pew Internet Research a mere decade ago, just 15% of adults in the US went online, today that number has jumped to 63%(1).

"On a typical day at the end of 2004, some 70 million American adults logged onto the internet to use email, get news, access government information, check out health and medical information, participate in auctions, book travel reservations, research their genealogy, gamble, seek out romantic partners and engage in countless other activities. That represents a 37% increase from the 52 million adults who were online on an average day in 2000".(2)

The statistics show that the internet and email flood our very existence. A business enterprise can’t be effective or successful without accommodating its wired clientele. Email is now such an integral part of the work world that a USA Today survey found that given a choice between giving up morning coffee or the ability to use the internet at work, 52% chose coffee(3).

Your Unintentional Data Flow
It’s inevitable that some of yours and/or your company’s data will be transmitted outside the network or personal system. Sharing unprotected electronic documents will ultimately cost you and your business By putting your intellectual property at risk. Think of all the man-hours of work that go into making your enterprise a success: proprietary designs, financial statements, competitive research, and other sensitive documents are all at risk when sent out as an unprotected email attachment.

Leakage of confidential intellectual property can seriously threaten the viability of an incubating contract lead. Unfortunately, email and documents meant for a select group can easily and quickly enter the public sphere. Once released over email, the transmitting flood of data which was once between company and client can fall into the hands of competitors, sometimes even forwarded by potential clients to competitors. Do you want to give your competitors shortcuts to your clientele? Each unsupervised electronic transmittal will poke hole upon hole in a company’s financial fortification.

Who’s Looking at your "Personal Stuff?"
Who’s protecting your small business enterprise’s best interests against these in unintentional information leaks? Certainly not the government, when US President, George W. Bush voiced his bias against email in his address to the American Society of Newspaper Editors, saying "I don’t email, however. And there’s a reason. I don’t want you reading my personal stuff."(4) Nor does Great Britain’s Prime Minister, Tony Blair and the rest of number 10 Downing Street trust the mass communication tool, instead opting to use sticky notes(5).

These are the drastic, archaic steps backwards those zealously phobic of the digital communications era have adopted. Do you see your business forgoing email for sticky notes? The likely answer is no, as your customers won’t be transitioning to the sticky note 2.0 platform.

A small business enterprise shouldn’t have to succumb to the paranoia of the few and uneducated. A business is most profitable when its channels of communication to its clients are open and accessible. Yet having these channels accessible also opens the flood gates of a small business’ proprietary information. Domestically, intellectual property theft was, according to the FBI, on the increase. In 2005, unauthorized distribution of digital information cost the average company $355,552, a two-fold increase from the 2004 rate of $168,529(6) With the growth of intellectual property theft, the government has allocated some resources to this issue.

In 2004 there were "with the support of Congress, the Computer Crime and Intellectual Property Section [(CCIPS)] has grown from 22 attorneys to more than 35 attorneys over the past two years. Created in 1991, CCIPS attorneys prosecute intellectual property cases…[they also] develop relationships with international law enforcement agencies and foreign prosecutors to strengthen the global response to intellectual property theft. (7)" A total of 35 dedicated attorneys in the CCIPS in Washington, D.C. are defending U.S. intellectual property rights. Are these resources enough ample resources for the 17.6 million sole proprietorships in the United States(8)? When looking at the growth of dollars lost through intellectual property loss accelerating every year, using government as the sole solution does not seem to be the answer.

Preventing those leaks
Each time a small business entity shares confidential information such as price lists, legal documents, plans and proposals - its reputation and competitive advantage is at stake. The impact associated with a private email or attachment being accidentally or intentionally forwarded can be colossal.

From sole proprietorships to ventures of a hundred employees, the small business enterprise must be able to access the same resources of large scale enterprises. The power to share work without relinquishing creative and innovative control is an invaluable tool. Taking preventative steps by using security software allows small business enterprises to protect their right to profit from their own intellectual property. Securing files is the best means to plugging information leaks

Protection of intellectual property is imperative for success in business. Individuals and small companies need to protect their email and digital assets with the same confidence shared by their larger enterprise business counterparts. Becoming actively aware of your digital assets and its whereabouts allows the individual and small business enterprise to managing the flow of your digital data in a more productive manner than President Bush or Prime Minister Blair’s sticky note solution for their "personal stuff."

- - - - - - - - - -

End Notes:

1.) Lee Rainie, John Horrigan p.59 Report: Internet Evolution, Chapter 4 "Internet: The Mainstreaming of Online Life." Pew Internet Rearch 25 January 2005. http://www.pewinternet.org

2.) Ibid, 58.

3.) USA TODAY. McLean, Va.: Jul 14, 2005. B1.

4.) Bush, President George W., “Address to the American Society of Newspaper Editors Convention,” 14 April 2005. http://www.whitehouse.gov/news/releases/2005/04/20050414-4.html

5.) 26 January 2004, http://www.theherald.co.uk/politics/8651.html

6.) Gordon, Lawrence A., Martin P. Loeb, William Lucyshyn and Robert Richardson, "CSI/FBI Computer Crime and Security Survey" July 2005, http://www.cpppe.umd.edu, 15.

7.) Israelite, David M., Daniel J. Bryant, Brian D. Boyle, et.al, "Report Of The Department of Justice’s Task Force on Intelllectual Property," U.S. Department of Justice - Office of Legal Policy, October 2004, http://www.usdoj.gov/olp/ip_task_force_report.pdf. 21.

8.) Buscher, Patricia, "Number of Small Businesses Continues to Grow (2002)," U.S. Census Bureau. http://www.census.gov

- - - - - - - - - -

The article "Filling in the Data Leaks (Protecting your Personal Stuff)" was a collaboration between Ms. Veniegas and Mr. Zachary Price of Essential Security Software, Inc. ESS is a SBRM solution for Small And Medium Businesses. The Company’s newest too; Essential Taceo was released in 2005.

What, you say! My life is not and has not been violent. I am a peace loving person and would not even hurt a fly. What happens when that fly decides to hurt your? Violence in neighborhoods is still rampant and you live close by. People get robbed, raped, and beat upon on a regular basis going from work to home or home to stores or just traveling on what they would think is a safe street.

Many of us, fortunately, have learned ways of avoiding attacks and the violent subculture that thrives in and around our lives. What about those of us who cannot sidestep this problem? We have always had to learn to defend ourselves the best way we can, physically or emotionally.

There is, and always has been, a plethora of articles and videos on how easy it is to –take care of yourself– and do not worry, you can beat that fly that is attacking you. Many people simply cannot defend themselves or their families without help. The answer may be in actually investing in some sort of self defense product and learning how to use it.

Interestingly, crime reports do not list the statistics about the billion dollar expense of lost work, medical expenses, legal costs, and the tremendous psychological toll for the victims, their friends and families. A woman, even with minimal self defense knowledge, who fights the attacker back, may have up to a 90% chance of successfully getting away without getting hurt. Products such as pepper spray or stun guns may give her that advantage to –get away. Likewise, a man has similar percentages of stopping the attack if he has some fighting skills.

The more strategies you use to –fight back– means you have a higher chance of successfully escaping an attacker. Strategies such as yelling, running, being very observant, and/or fighting mean that you have a greater chance of escape without harm. Men and women who stop an attack by successfully defending themselves spend much less time with therapists, have fewer problems at home, and are able to resume their normal lives faster.

You can reduce your chance of being harmed seriously, or at all, by learning how to defend yourself, either through an accredited self defense program, or by purchasing self defense products and learning how to use them. Take charge of your life and your defenses. You have a choice, allow the fly to swat you, or you learn how to swat the fly.

Copyright 2006

Start learning ways to Defend Yourself Today

“A determined hacker is hard to stop. But those malevolent crackers would rather walk through an open door than pick a lock” writes Michael Fitzgerald of Extreme Tech.

With all of the viruses, worms, trojan horses, and other new phenomenon called by old words running rampant, how do we provide a little peace of mind for ourselves and our workplaces? Like locking our house, stopping the mail, or adding a security system to our home or automobile, there are some simple things we can do to make it less attractive or at least less obvious to be the next target of these malicious acts. Most of the following preventative measures are free or of little monetary expense and simple to implement, but can prevent immense cost.

If you have the time or inclination to read only this far, take note of the one preventative measure that probably has better payoff than all the others combined, and that is to not open e-mail attachments (especially any ending in .exe) unless you are absolutely positive they are safe. Positive in this case means more than recognizing the first name of the sender, or a familiar subject line. A telephone call e-mail to the sender (if the message is not expected), or use of other simple measures to double-check not only the authenticity, but freedom of contamination is just prudent. If you established the initial communication (say to a reputed software vender for download) you are much safer than if something comes unsolicited from the other end. It is not worth taking chances just for curiosity’s sake Next on the importance scale is to make sure you have some sort of virus protection software installed on each computer.

There are two major providers of such software, as well as several smaller. The majors (McAfee and Symantec’s Norton) and both are comparable in price, features and usability. They can be purchased at your local retailer, or even downloaded from the internet and then updated via download forever after. I have copies of both, being used on separate computers and although there are minor differences in user interface, they both are highly rated and effective. It is important to update the software frequently and each provides a recommended frequency and procedures. Most versions provide a setting that will automatically download updates as they are available and that is quite frequently. It doesn’t get much simpler than that.

The two steps above are the biggies for software related gremlins, but there are the human variety as well, who take pleasure in snooping around your hard-drive, or even commandeering your PC and invisibly using it to transmit, infect, or otherwise interfere with other computers and/or the network as a whole. Two important steps will go far in protecting you. First of all make sure you have a firewall installed. There are hardware versions (built in to modem, router, or separate box) and there are software versions available. If you connect via broadband (DSL, Cable, T1, etc.) you may be wide open to attack 24/7. Your ISP can most likely provide this as a service as well so check with them before buying anything else. Second, periodically check for updates available for both your operating system, and your browser.

Microsoft has a free service available to provide these update patches via automatic notification. One important point to note: Microsoft (maker of over 80% of all PC operating systems) will never provide software patches via e-mail, so if you see that as an offer (remember unsolicited above), it is a hoax.

John Geiger owns and operates the local affiliate of WSI Internet Consulting and Education, a Toronto based global network of consultants, developers and production centers providing turn-key internet business solutions for small and medium-sized enterprises to include web-site design, development and hosting; site maintenance and upgrades, full e-commerce solutions, on-line training and education, and other cutting-edge internet technology and solutions. For questions, comments, free consultation, or ideas for future articles contact John at (828) 328-5929 or http://www.webmasters-wsi.com

The net is full of software packages to prevent, clean and remove Spyware & Adware from you PC. Most of these packages cost a substantial amount of money to purchase and keep up to date. If you’re anything like me, the last thing you need is another monthly subscription to pay.

So what to do then? Top sources all agree that Spyware & Adware are some of the leading causes of computer problems today, and they are right. An infected computer can become almost useless. Often times it is near impossible to remove all traces of the infection short of reinstalling your operating system again.

Subscription services and software packages are only one layer of defense against Spyware & Adware. These remedies are not always up to the task of providing complete protection, so there needs to be multiple layers, the first and most important one being an informed user.

Most Spyware & Adware infections can be prevented by having an understanding of the nature of these attacks, and staying up to date with new methods of exploitation. Keeping informed is not as difficult as you might think. Finding an up to date website that is easy to read and understand is key. Armed with the knowledge of what actions can lead to infections, your risk decreases exponentially.

So get informed and stay that way. You might be surprised how easy it is and the positive effect it will have on the overall security of your computer.

D. David Dugan is the president of DD&C (http://www.dugancom.com), an IT Consulting and Solution Providing Organization, and is personally involved in updating http://spyware.dugancom.com