Twelve Key Questions You Need to Ask About Your Computer Security for Your Home or Business

Security technology is only a part of an overall security plan. If you own a small business or a home-based business, or if you’ve been tasked with implementing security at your organization, developing a comprehensive security plan should be a very important part of your overall security strategy. Get the information you need to get started on the right track! In the computer/internet security game, the best move is one of Prevention! Prevention! Prevention!

With that in mind, here are the twelve questions you need to be asking, or, at least, be thinking about if you’re serious about preventing or stopping security risks, threats, and attacks:

1. Do I have a solid security policy or strategy?

If you don’t, begin immediately to get sample security plans, policies, and best practices for your business and/or home.

2. Where would I go for key information and news on keeping your information private?

Search the internet for managed security services. Ask if they provide a free computer test to assess your pc’s level of vulnerability. Ask if they provide the latest tips to keep your privacy and protect your personal information and that of your business. Or simply – ask me.

3. Does my disaster recovery plan include redundant back-up and data recovery systems?

Understand what a good data back up system is and how to best recover from a disaster.

4. Do I know how to create safe passwords?

Learn how to write virtually un-crackable passwords.

5. How do I train my employees or family members to be secure?

Get all leading research on what to teach about security.

6. What do I do if my employees are my biggest security risk?

Learn all about social engineering and insider hacking.

7. What or who is a hacker?

A person who uses and/or creates software technology to break into the computers of individuals, businesses, government, and organizations for personal gain is known as a hacker. Often after he, she, or they hack into a computer, they can control it secretly by remote, making it a “zombie computer”.

8. How does he (or she or they) break into home and business computers?

If they don’t have the break-in software, they can buy it off the black market, or create it, themselves. With this technology, they use their malicious software to look for holes in the computers of their targeted victims.

9. To what extent might my home or business computers be vulnerable to hackers, hacker’s tools, viruses, etc.?

You will never know unless you take the time to test your computer to see what holes are open, by what back doors (up to 65,000 portals) are malware entering your computer.

10. What is “drive-by hacking”?

Because wireless Internet access points have become popular for homes and businesses, home and business computers have now become a major target for hackers. In this new phenomenon, called “dive-by hacking”, hackers simply take their laptop computers in their cars and drive through business parks or residential neighborhoods remotely scanning for open wireless networks.

11. Would I know if someone tries to hack into my computer?

Depending on the security measures you have on your computer and the sophistication of the hacker’s software program, you might or might not be aware. Using keylogging programs, these cybercriminals can secretly see and record every keystroke you enter on your computer, thereby gaining access to all your private and personal information.

12. I have all the security measures, anti-virus, anti-spyware, and firewall I need. Can I still be hit by hackers and other pc-disabling attacks, risks, and threats?

Again, depending on the security measures you have on your computer and the sophistication of the hacker’s software program, your computer or computers might or might not be compromised. Remember: Cybercriminals are superintelligent criminals! They somehow always seem to stay one step ahead of authorities and anti-cybercriminal software.

Obviously if you have to ask these questions, then you need to take immediate steps to plug the holes and cover the gaps.

So, here are some steps you can take immediately to implement, increase, or improve your present security measures:

* Learn all you can about hackers and the tools and methods they use to invade your privacy and cause problems. Subscribe to a comprehensive source of Internet security research, news and information for small and mid-sized businesses and organizations, or other professionals, that want to increase their level of security and build on their current technologies and efforts.

* Take advantage of the research already done. Get access to information about the leading topics in the security field, including hackers and hacker tools, viruses, data back up, writing good passwords, government and legal issues, protecting from insider hacking – and more.

* Stay current with important security news developments. Work with a managed security firm that maintains an entire library of the most beneficial news articles, white papers and other links that you can use to maintain an excellent awareness of cyber-security issues on an ongoing basis.

* Need help creating a security plan for your organization or business? Take advantage of professional security consulting and training both by telephone consulting or on-site visits. Get vulnerability assessments, employees training, security implementation, and much more.

Because cyberpredators and other cybercriminals are becoming smarter and more sophisticated in their operations, they are real threats to your personal security and privacy. Your money, your computer, your family, and your business are all at risk.

These cybercriminals leave you with three choices :

1. Do nothing and hope their attacks, risks, and threats don’t occur on your computer.

2. Do research and get training to protect yourself, your family, and your business.

3. Get professional help to lockdown your system from all their attacks, risks, and threats.

Remember: When you say “No!” to hackers and spyware, everyone wins! When you don’t, we all lose!

© MMVII, Etienne A. Gibbs, MSW, The Internet Safety Advocate and Educator

Key Safety and Security Planning Tips for Successful International Corporate Events

Post-financial crisis has seen many companies and sponsors return to the international events scene with renewed enthusiasm, evident by increased volume, along with a whole new generation of offerings from providers in the sector. However, despite many internal, mature risk management processes, the majority of international events still continue to present an Achilles heel when it comes to business travel health, safety and security.

Despite the fact the event may be held offsite or away from the usual place of employment, it still does not discharge a company from their usual duty of care or workplace health and safety obligations.

When it comes to international corporate events, meetings, incentives, conferences and gatherings, here is what every planner needs to know to ensure a successful, safe and secure event. In this article you will learn the most important safety and security planning tips starting with location, activities, emergency planning, monitoring and communications. By the end of this article you will have a rapid evaluation criteria and consistent, safe approach to ensure all your international corporate events run smoothly and prevent the majority of avoidable incidents that ruin otherwise great gatherings and corporate events.

Location Selection

Too many planners leap to an ideal location and then attempt to force all the solutions and planning solutions around this ideal destination. The best location must meet the requirements for an enjoyable, successful and functional site for all the planned activities but also provide for all the support needs such as routine medical, reliable transport, secure locations and safe environments. Any location that fails these initial criteria will only amplify any emergency situation and likely result in a higher overall risk to all involved.

While the initial location is important, it is just as important to evaluate all the activities needed for the event and identify any and all social activities that will take place in conjunction with the event.

International Corporate Events

Activity Focused

Corporate meetings, incentives, conferences, and events can be high activity situations with lots of people coming and going along with information sharing and enjoyment opportunities. Therefore all proposed and possible activities must be considered and included in the final plan. This should include everything from arrivals, reception; check in, conference events, networking, social/entertainment, sightseeing, ground transport, shopping, internal travel and departures.

It is paramount that all activities available be considered in the chosen location, not just those provided on the official program as attendees or accompanying partners/families always seek out alternate options, with a high potential for emergency situations outside the traditional plans.

A commonly overlooked element is parallel or simultaneous events and activities. Other company functions, public holidays, climate changes, religious festivals and even internal company events such as product launches or press releases need to be considered and how they will impact the running of the event along with any altered threat or emergency planning concerns.

Only after all the activities, internal and external to the event, have been identified and mapped out can you progress to the emergency management and planning stage.

Emergency Planning First

This may seem counter intuitive but in my experience it is the far superior approach. With a set location and a list of activities you can now start to create broad and detailed emergency planning sessions. The reason this is a better approach is that you do not want to discover areas that require minor or major treatment solutions late in the budget, promotion, and management or confirmation cycles. For example, if you discovered that the local medical services were routinely overwhelmed on a weekend due to peak tourist activity in your chosen location, you would need to either reconsider the location as a plausible option or include onsite medical support as part of your budget and risk mitigation solution. Especially when you consider in your planning the impact and support demands should you have a group emergency such as food poisoning or the collapse of a viewers stand.

With an emergency support plan in place first, almost all your routine concerns and considerations will be itemized for completion. Rooms, transport, ushers, communications, medical, security, service providers and many more will have been considered and prioritized in the planning stage and now await procurement and confirmation in a far more organized sequence by the planning team. These services and requirements in the emergency plan, almost always have a routine and day-to-day requirement anyway, and both cost efficiencies and planning time can be reduced considerably.

No plan or assumptions are ever one hundred percent accurate; therefore a system for continued monitoring and review is also mandatory to ensure success.

Continued Monitoring

Change is inevitable, especially if your event was scoped and planned weeks or months in advance. Therefore a reliable and effective system is required to identify and manage change in accordance to the priority required by the altered outcome.

Dedicated systems and resources, often already present as part of the overall event administration, needs to be harnessed to support the inevitable change management issues. Timings, resources, weather, personnel and services are all likely to alter in some shape or form prior to or during your ideal plan. Clearly defined information requirements, lines of communication, prioritization of response and follow up procedures need to be in place and communicated to those affected or influential to the process. This should be supported with an appropriate vehicle in which to share information such as email, SMS, radios, blogs, bulletin boards and so on.

The more information you collect, the more you have to process but the better informed you will be when making routine and emergency decisions.

Information, Information and more information

Plan to capture and access as much information as possible when managing successful corporate events. Too few planners and event managers appreciate or successfully capture and process routine information that could dramatically improve the efficiency and productivity of an event but also prove pivotal to emergency situations.

Consider well in advance how to store and access information. The right information should be accessible in the easiest possible way by those that need it and the coordination and evaluation of all input should be ongoing. Flight schedules, media events, meals, contact numbers, agendas, weather activity, emergency services, support resources, capabilities, response times, preparation time, cost, expertise, and all other requirements must be pre-prepared, captured and managed throughout the event. All this information should not die with the event’s conclusion but provide a template for future events and even return options for routine and extra ordinary business activity.

With all this preparation, it is almost criminal that too few prepare their attendees adequately in advance with pre-arrival preparations.

Pre-Arrival Preparations For Greater Corporate Event Safety and Security

With all the preparation and information activity up to this point, it remains illogical why so much of it is then not shared with attendees and planners. A centralized body of knowledge in which elements can be extracted to provide and prepare attendees is neither difficult nor indulgent.

Group pre-arrival guides, information and key updates should be delivered in a “readable” or “digestible” format to all those likely to attend and support the event. This channel and focus group should be regularly updated with the most salient points regularly until the completion of the event.

A more focused demographic such as organizers, supporters, families, technical personnel, alternate language groups, men, first time travellers/visitors, women and mixed national or cultural groups should be isolated and communicated to with more specific and relevant content. This is not just in the form of a general “goodies bag” that seem to dominate a lot of these events and are rarely read or retained by the majority of attendees. Any further segmentation such as those with dietary restrictions, medical conditions and so on should also be catered for and engaged. Event providers and suppliers could learn a lot in distinguishing themselves from the general market by providing this as part of the attraction and delivery offering. All this does not need to be the sole responsibility of the attending company but could easily be provided by the host facility/entity. Don’t forget, this is a two way street also with many social media platforms available for rapid and widespread distribution should attendees seek to share their opinion, dissatisfaction or even during a crisis. Therefore, channel monitoring is also advisable.

Routine and continued updates should be available that could easily be altered to include priority/emergency information updates should the need arise. Prior development and regular use of any communication platform will only enhance the success and engagement of the event.

Communications For Corporate Event Security

Event planners and managers are almost spoilt by choice with the various means and mediums for communications. The consolidation and consistency of message is the challenge, along with ensuring segmentation of both content and receiver. Facebook, YouTube, SMS, email, blog, website and numerous other social media platforms are all viable means for two-way communication. Planners should have already identified in their emergency planning what local options, limitations or nuances prevail and the best or most reliable for the task.

Regular and enjoyable communications are never a burden but frequent, irrelevant communications puts any emergency communication at risk as users may have already dismissed or blocked specific channels due to abuse. This must also be collaborated with all aspects and planners of the event.

Like all the afore mentioned elements, these systems don’t run by themselves. They need supervision and constant management throughout the lifecycle of the event and should not be shutdown or turned off until the event is officially complete and all attendees under care are safely on their way back to their point of origin.

Continued Management

It is not the plans that are important, it is the planning. Continued management and monitoring is a close second. All events, locations and activities require care and management to ensure they go as close as can be reasonably expected to plan.

Continued management is a team event and not solely dependent upon one or two individuals. Succession planning and redundancies should have been identified in the emergency-planning phase to prevent the vulnerability presented when one or two key people are unavailable momentarily or for extended periods.

Each stage, action and even event should be reviewed and analyzed for opportunities to improve the process or identify overlooked aspects.

Conclusion

When it comes to international corporate events, meetings, incentives, conferences and gatherings, these are the key health, safety and security points that every planner needs to know to ensure a successful, safe and secure event. You now have the most important safety and security planning tips starting with location, activities, emergency planning, monitoring and communications. Use this as a reference and checklist to ensure you have an evaluation criteria and consistent, safe approach to ensure all your international corporate events run smoothly and prevent the majority of avoidable incidents that ruin otherwise great gatherings and corporate events.

Key Tips to Develop a Security Culture in Your Company

Nowadays, take a look at any newspaper and you will realize how vulnerable your company is to security and data breaches. Moreover, we don’t have enough protection against the corporate thefts to keep pace with the threat landscape. This is evident by the fact that today, nobody in the whole world would make a statement like “My Company is absolutely protected” or “My security is foolproof”!

Also for any organization, if humans are the greatest asset, then they turn out to be the weakest link as well. Thus, what is required is an appropriate “security culture”. It will help your workers understand the right things to do when they suspect something questionable is going on (whether online or offline).

Therefore, we are penning down some key tips to help you inculcate a security culture in your organization. So, start marking the important points!

Make ‘all in’ in your agenda!

Your first line of defense against security threats should be developed within your own organization rather than for far away criminals and burglars. The drive for security is not the sole responsibility of IT department or the security department, but must be ingrained in each and every member of the organization.

Another pertinent thing is to understand that the security culture in no sense is a ‘once in a year’ event. It is a persistent process which should be embedded in all day-to-do procedures and activities. The company shall also organize quarterly reviews to check on the progress of such initiatives.

Shake their senses for it!

Some visual warnings and discussions can turn out to be boring and ‘boring’ generally would mean ‘unnoticed’. Get a little creative with your awareness efforts to firmly prove your point.

Different people have different interests and you can never be too sure about what will click the thought process of the other person. Thus, play with a variety of awareness channels! Use posters, newsletters, reminders, a team get-together or in-person meetings.

Talk brief and relevant when you are delivering a speech because nobody likes the old school long lectures. The more timely and striking your speech is, the better it is!

Get back to the basics!

Let your employees embrace the core concept of security and comprehend the reasons behind the rules they are asked to follow. When the concepts are understood rather than imposed, then your security culture could go a long way. For instance, tell them that why they are being asked not to follow random email links or share critical information to ambiguous online sites.

To help build such environment, lay the following keystones:

1. Passwords: This is the most basic step when it comes to security, but also probably the most ignored one. Foster a good password & code policy among your employees and take regular updates to ensure that all the members are on the same page.

2. Patches: Keep all your patches and software applications up-to-date. It is advisable to start a regular patch update program which comes in handy in case of emergencies.

3. Limited Access: The more the exposure, the more is the risk! There must be strict rules when it comes to accessing the files and resources of the company. Allow the members to access the data and files only that they need and nothing beyond that.

4. Inventory: Keep the count of your resources, machines and everything else. Tag them, claim them and secure them! The BYOD (bring your own device) culture indubitably scales up your company’s inventory, but, then you have to more careful that by any chance, someone does not take away your machine or your official data.

Watch like a falcon!

Some of your employees might turn to all fun and games behind your back and forget about the rules and regulations during the watch! To help induce the fact that they are being constantly seen, install some surveillance systems. Security cameras help you monitor your business even when you are not on-site and hence, facilitate to keep all the protocols in place.

Lead by example!

When the C-level execs and managers are following the rules, the key message comes clear to the masses! When you firmly teach your employees about your primary objectives through your code of conduct, then only you can hold them accountable for their actions. Just saying ‘This is not the right way’ is no more good enough!

Moving forward!

To lay a healthy security culture in your company, it is imperative to educate your employees about the need and importance of security. Experiment with different methods to inculcate this thing in their thought process. Understand that every employee has a stake in such a drive. From top-level management to the lobby attendants; everyone is important. Use distinct methods to gain their attention and if possible, personally ask your senior members to follow the protocol and set an example.

The most significant thing to discern is that this change will take time and not happen overnight. So, don’t push your ninjas to get security savvy while they are sleeping. Keep the right attitude and you will definitely get there!