Brochure
Best Practices

I.S. Sentry, Inc.
Information Systems Perimeter Security
Sales@ISSentry.Com

I.S. Sentry's Top Eight Recommendations

Check out our "Best Practices" document. You will need the Adobe Reader available at http://www.adobe.com

1.) Backup - Backup -  Backup!!!

2.) Microsoft Windows Operating System Update (Microsoft)
Get the latest updates available for your computer's operating system, software, and hardware. [Click here for website]

3.) Microsoft Office Suite Update (Microsoft)
Get the latest updates available for the Microsoft Office suite of applications. [Click here for website]

4.) Get Notified Right Away of Important Security Updates (Microsoft)
To help you maintain a safe computing environment, Microsoft offers e-mail alerts that notify you when they release an important security bulletin or virus alert, or when you might need to take action to guard against a circulating threat. [Click here for website]

5.) Antivirus Software (McAfee)
McAfee (Network Associates) has been a long time leader in the Antivirus community. They offer a complete line of products supporting the single PC user all the way to International corporations. [Click here for website]

6.) Antispyware Software (Ad-aware)
With its ability to scan your RAM, Registry, hard drives, and external storage devices for known data mining, advertising, and tracking components, Ad-aware can easily rid your system of these tracking components, allowing you to maintain a higher degree of privacy while you surf the Web. There is a FREE version available for personal use. [Click here for website]

7.) Antipopup Software (AdBolish)
At last, a way to stop the annoying tactics of Web advertisers and spyware. Block pop-ups, banners, messenger service ads, and Flash ads, and detect ad-serving spyware. Ads are blocked in AIM, MSN, Kazaa, Morpheus, Gator, and Trillian. Experience the power of AdBolish Popup Blocker. Auto updates keep you one step ahead of advertisers.  [Click here for website]

8.) Crabby's Top 10 Spam-Fighting Tips (Microsoft)
If you have an e-mail address, it is about impossible for you to eliminate spam completely. However, there are steps you can take... [Click here for Full Story]

The best defense is knowledge. In this case, to protect your computers from attack, it is important to know what the intruder will likely do to gain access to your valuable information. This is an ongoing effort so check back frequently as the information will be updated regularly.

Protect Your Privacy With Online Payment Services (Microsoft) 07/14/06
It’s not always easy to tell who's at the other end of your online transaction when you hand over your credit card number. Fortunately, you can use a third-party payment service to make paying for things online a little easier and safer. What is a third-party payment service?

When you use a third-party payment service, you transfer money into an online account and make payments from that account. That way, you never expose your real credit card or bank account information. The most popular of these services is called PayPal (owned by eBay), but there are others such as Amazon.com Payments. You can use these third-party payment services to: •

Make purchases on online auction sites. •

Purchase products from small Web sites. •

Donate money to different causes. •

Send money to anyone with an e-mail account (certain services only) [Click here for Full Article]

The Five Security 'Musts' You Can't Ignore (security pipeline) 11/28/05
Last month I told you about some myths that have grown up around security, but that are not necessarily things you should believe.

This month it’s time for things you really do need to believe in and act upon if you’re to stay out of trouble. Instead of myths, they’re the “musts”: security actions you must take regardless of the size of your enterprise or your network.

But be forewarned, this is not a complete list. These are just the first things you must do. There are plenty of others that depend on your specific needs and infrastructure requirements. But if you start here, you’ll be on your way to having a secure environment, whether you’re on a single computer tied to a DSL line or running an enterprise with thousands of users.

1. Know Your Network [Click here for Full Article]

Boost Security With A Web-Usage Policy (security pipeline) 11/21/05
Managing internet access is essential for all businesses--especially with today's increasing regulatory requirements. The good news is that software and hardware systems to block, monitor, or otherwise control employee Internet access never have been better, but they must be balanced with legal, ethical, and employee morale issues. This is a tightrope that IT must walk.

Employees spend an incredible amount of time on the Internet--and often what they're doing is unrelated to their jobs. Jose Negron, technical director of Layton Technology Inc., a developer of IT-auditing and help-desk software, cites a recent study by Salary.com and America Online that found that employees squander an average of two hours of company time per day online, at an annual cost of $759 billion. [Click here for Full Article]

Top 10 Tips For Mobile Security (security pipeline) 06/22/05
I never, ever leave my credit card out where people can easily take it. So why would I leave my data unprotected?

Unfortunately, many people do just that every time they use their mobile devices. The rapidly growing base of mobile users is drawing the attention of hackers, who use a variety of schemes to get at your data and personal information.

We all need to wise up and take measures to safeguard our mobile data. Let's take a look at how to be secure in some common situations that you'll likely encounter when you're on the road.

1. In a hotel room that offers both a Wi-Fi and an Ethernet connection, which should I choose? [Click here for Full Article]

Langa Letter: How To Build Better Passwords (smallbiz pipeline) 06/19/05
Good passwords are essential for PC security. Even the world's strongest encryption algorithms or logon procedures won't protect you if you use the wrong kind of password.

And even if you once were safe, you may not be today: Passwords that were fine even just a few years ago may now be vulnerable to attack because of huge advances in hardware and software: Malicious hackers have tools that can make hundreds to thousands of guesses in seconds. Passwords that might once have taken months or years to crack can now be cracked in minutes or hours.

It takes very little skill to mount a password attack. The simplest form of attack is based on dictionary lists: The cracking software simply tries every possible word listed in an online dictionary. Any password found in the dictionary will thus soon be discovered. This type of software is extremely simple to create because no deep analysis or cryptographic skill is needed. It's high-school level stuff, and yet it can defeat many passwords! [Click here for Full Article]

Get the Security Guide for Small Business (Microsoft) Added 06/17/05
We know how much security and dependability mean to you in today's business computing environment. And we want to help. That's why we created the Security Guide for Small Business explicitly for small-business owners. Download this free technology resource to get tips, tricks, and how-to information you can use right away to help protect your PC and your business. You'll learn: • How to help protect your network against the most common threats • How to help guard valuable business information • How to help thwart viruses and hackers • Plus pointers to additional security resources, including a sample small business security plan [Click here for Full Article]

Strengthen Your Wireless Security by Avoiding These Missteps (Tech Republic) 06/15/05
Even with the heightened awareness of the security risks posed by wireless networks, some IT pros continue to overlook some of the essential safeguards the systems require. Here are five practices you should avoid so that you can ensure the best protection of your wireless network. [Click here for Full Story]

Windows XP Services That Can Be Disabled (Tech Republic) 06/15/05
One of the most effective ways to secure a Windows XP workstation is to turn off unnecessary services. This reference sheet lists each Windows XP SP 2 service, describes each service's function, specifies whether you can safely disable the service, and outlines the ramifications of doing so. [Click here for Full Story]

Video: Teaching Your Kids About Online Safety (Microsoft) Added 06/15/05
Watch this video to find out more about what you can do to help keep your kids safer as they explore the Internet. [Click here for Full Story]

The 12 Steps to Designing a Strategic Security Process (TechRepublic) 06/06/05
Building an effective security program for your organization requires a highly structured approach. This overview, written by Rich Schiesser, in conjunction with Harris Kern's Enterprise Computing Institute, lists fundamental steps you can follow to establish a framework that consists of an executive sponsor, a security process owner, review boards, and cross-functional planning teams. Once these roles are defined, you can inventory your current tools and policies and chart the goals, requirements, and priorities that will allow you to develop a comprehensive security strategy. [Click here for Full Story]

10 Ways to Work More Securely (Microsoft) 06/08/05
The security of your computer and data is crucial for you and the success of your company. Lost or stolen information can reveal company secrets, or expose your confidential or personal information. The more you can do to keep your computer secure, the better off you'll be. Use these 10 tips to learn ways you can protect your computer, your data, and your company's network. Work with your IT department.

Work with your IT department.

Make sure you install all the patches and updates that your IT department recommends. In addition to installing Windows and Office updates, your IT department might require you to install additional security software, such as a firewall or custom software to help you connect from remote locations. Making these regular installations will keep your computer and your company's network secure as possible. [Click here for Full Story]

Securing Wi-Fi Networks Doesn't Have to be Painful (server pipeline) 06/03/05
Years ago, in a strip drawn by the great cartoonist Walt Kelly, the characters were following a set of mysterious footprints through the swamp in which they lived. Finally, one of the characters, Pogo, a little opossum, realized that the footprints were their own. That's when he made his much quoted statement, "We have met the enemy," he declared, "and he is us."

To a great extent, it's the same scenario with wireless security today. The problem isn't exactly the technology—the problem is us. We want to be conveniently safe.

Finding the middle ground between security and convenience can be tricky. You can design a wireless network to be quite secure, but doing so can make it hard to use. On the other hand, you can design it so that it's really easy to use, but then it's not completely safe. This conundrum has been acknowledged by the industry, of course, and that's why wireless security issues are big topics with vendors at recent trade shows including Interop and RSA. [Click here for Full Story]

The Top Five Biggest Network Vulnerabilities (server pipeline) 05/23/05
Securing your network is key to securing systems, and so knowing where the biggest holes are and how to plug them is crucial.

The correct answer to the question "where is my network vulnerable to attack?" is "everywhere." To some extent, that's the nature of the Internet beast; if you have a door open to the world, then it's inevitable that someone will try to open it up. And there's a good chance that they're not doing it just to say hello.

Dan Ingevalson, the director of professional security services at Internet Security Systems, says that enterprises have gotten better at managing security vulnerabilities, but the increasing complexity of networks and network-borne applications make perfect protection impossible. "There is always going to be some level of complexity in a network that will create a network security vulnerability," he says.

Having said that, some open doors are bigger and more common than others. A big part of maintaining network security, says Mark Curphey, senior director of consulting at Foundstone Services, a division of McAfee Inc., is knowing where these vulnerabilities are, and knowing how to plug them up.

Network edge devices: Though well-publicized, worms and viruses continue to be a common and, to some extent, under-appreciated network threat says Yankee Group senior analyst Jim Slaby. "We haven't seen a really big, really pervasive worm like Blaster or Slammer in some time, but they are waiting in the wings," he says. "It's not that people are complacent, but the problem with worms is that they're zero-day exploits. Signature defenses only work against things that you've seen before, or someone has seen before you, and they proliferate quickly." [Click here for Full Story]

Langa Letter: Reclaim Laptop Disk Space (desktop pipeline) 05/23/05
Hats off to successful mobile PC users! Using a portable PC--notebook, laptop, whatever type or nomenclature--can be daunting: Not only do road-warrior PC users have all the same issues faced by their deskbound brethren, but they also have a whole range of special concerns ranging from issues of physical and online security; connectivity issues; extreme power-management problems; performance issues; and more. Although anyone can use a portable PC, using one well, to its fullest capabilities, takes a little forethought.

We've covered some of the special concerns of laptop users in this space before, and it might be good to start today with a quick refresher: For example, we covered some security issues in Traveling With Laptops In The Post-9/11 World; looked at wireless security in Wireless Poachers, Wireless Guests; discussed Curing Laptop Overheating; examined power-management technology in To Sleep, Perchance To Hibernate...; and looked at ways of solving physical connection problems in USB-To-Whatever.

Some of our past broader topics also apply well to laptops. For example, System Setup Secrets, Ten Ways To Make Windows XP Run Better and 10 More Ways To Make Windows XP Run Better apply to any system -- stationary or portable; as do Make Windows XP Self-Maintaining and Managing Your Windows XP Passwords. You'll also find still more information via the index page for this column. [Click here for website]

Best Practices for Enterprise IM (security pipeline) 05/20/05
Instant messaging entered enterprises informally and largely unnoticed through public networks such as AOL, Yahoo!, and MSN. The motivations for using IM -- fast, easy, responsive communications with presence management built in -- are undeniable, and once the technology found its way into the workplace it was unstoppable.

Nowadays IM is so pervasive in businesses -- sources for this story estimate anywhere from 60 to 360 million corporate IM users in 85-90 percent of enterprises use the popular messaging technology -- that developing best practices is essential. Yet 50-70 percent of enterprises haven't established formal policies for IM use.

According to Cathy Planchard of VIACK Corporation, an authority on secure collaboration and communications over the Internet, 41 percent of users transfer files via IM. This exposes holes in the company network often not covered by security software. Jim Murphy, director of product development for SurfControl, an Internet threat protection vendor for businesses, points out that serious security vulnerabilities such as buffer overflows, denial of service attacks, and encryption weaknesses continue to be exploited in popular IM clients from AOL, MSN, Yahoo! and the like. [Click here for website]

The Best Free PC Utilities
04/04/05
AllSnap: I almost feel bad recommending AllSnap because it's so much simpler than the average utility. Install AllSnap and the program quietly makes program windows and dialog boxes click into place. No more slipping and sliding: windows snap cleanly to the edge of the screen or to each other.

Firefox Extensions: Over the years, Internet Explorer has inspired a raft of utilities, from pop-up blockers to cookie-management tools. The popular Firefox browser is getting similar treatment, but these utilities are packaged as Firefox Extensions--applets that plug into the browser. My two favorites are the Tab Mix extension for managing tabbed page behaviors, and the All-in-One Gestures extension for navigating with simple swipes of the mouse.

Folder Size: Windows Explorer's Detail view lets you see all sorts of information about files, including creation and modification date, and of course, file size. But folders in Explorer don't get the same treatment. The only way to see how much information is stored in a folder is to hover the cursor over it and wait for a balloon to pop up.

Folder Size is a tiny app that adds two columns to the Detail view--one displaying the size of the folder and another that lets you sort by size. It's not a perfect solution, but the added information really helps in some instances, such as when trying to figure out if the contents of my music directory will fit on one DVD-R disc.

JGoodies JDiskReport: The age of digital media means no disk is big enough. The Java-based JDiskReport utility scans your hard disk and then produces highly informative graphical displays. You can see exactly where most of your data is residing, and even explore data by file type, last modified date, and other criteria. It's a terrific tool for deciding what files you want to keep on your overcrowded hard disk, and what files might be good for saving to removable media.

IrfanView: IrfanView is the little app that could. Small, fast, and easy to use, it displays or plays back almost every type of media, including images, photos, music, and video files. Unlike hopeless media bloatware like Windows Media Player and Real Networks RealPlayer, IrfanView also doubles as a lightweight photo editor. Perform red-eye removal, color and gamma tweaks, image resizing, and format conversions. There's even a useful set of batch operations--great for renaming files or applying an image change across a set of files.

Microsoft Antispyware: In a classic case of "better late than never," Microsoft last winter released a beta version of its free antispyware tool. Based on the respected Giant Antispyware product, Microsoft Antispyware offers a capable spyware scan and removal engine that has proven superior to popular freeware offerings like Ad-Aware and Spybot Search and Destroy. Microsoft Antispyware goes even further, letting you purge Internet caches, recently used file lists, and cookie files to better ensure your privacy.

NetStumbler: Wireless networking is great--until Windows XP gets confused and can't find your network. When Wi-Fi befuddlement strikes, I launch NetStumbler, a utility that uses your Wi-Fi adapter to listen for nearby networks and then display detailed information about each access point. Useful for sniffing out Wi-Fi hotspots and troubleshooting problems, NetStumbler displays information such as Wi-Fi protocol, encryption type, access point ID, and signal and noise levels. If you have a global positioning system, NetStumbler can even map out access-point locations. Very handy.

StatBar: Sometimes smaller is better--much better. The svelte StatBar monitoring utility provides a sleek and slim interface for checking on all sorts of stuff, from CPU workloads and memory usage, to network traffic, battery levels, and even WinAmp controls. Loads of customizations make this attractive program one of my must-install utilities.

Rainmeter: Another riff on the PC-monitoring theme, Rainmeter is eye-pleasing and boasts a sleek clock and a compact RSS feed display. The graphics are stunning, but they take up enough screen real estate that some users might opt for the more compact StatBar.

Michael Desmond is publishing director at Bock Interactive, a Web commerce solutions and consulting firm in Burlington, Vermont. He drives his wife crazy with all the utilities he installs on her PC. [Click here for full article]

Spyware and your Kids (Microsoft) 01/05/05
If your computer starts to suddenly slow down or you begin to see pop-up windows, even when you're not browsing the Internet, you may be the victim of spyware and other unwanted software. Spyware is software that is automatically downloaded to your computer without your notice, and is often attached to another file you have chosen to download or install. Spyware can also be downloaded to your computer when you click on banner ads on Web sites.

The types of unwanted software programs that kids accidentally download are usually annoying and may slow down your computer, but are typically not dangerous.

If your children regularly use your computer, they may be visiting sites or downloading files that could be exposing your computer to spyware and other unwanted software. [Click here for website]

10 Things You Can Teach Kids to Improve Their Web Safety (Microsoft) 12/17/04
The Internet can be a great place for kids to learn, be entertained, chat with friends from school, and simply relax and explore. But just like the real world, the World Wide Web can be dangerous for kids. Before you allow your child to go online without your supervision, make sure you establish a set of rules that you can all agree on.

If you're not sure where to start, here are some ideas on what to discuss with your kids to teach them about using the Internet more safely.

1.Encourage your kids to share their Internet experiences with you. Enjoy the Internet along with your children.

2.Teach your kids to trust their instincts. If they feel nervous about anything online, they should tell you about it.

3.If your kids visit chat rooms, use instant messaging (IM) programs, online video games, or other activities on the Internet that require a login name to identify themselves, help them choose that name and make sure it doesn't reveal any personal information about them.

4.Insist that your kids never give out your address, phone number, or other personal information, including where they go to school or where they like to play.

5.Teach your kids that the difference between right and wrong is the same on the Internet as it is in real life.

6.Show your kids how to respect others online. Make sure they know that rules for good behavior don't change just because they're on a computer.

7.Insist that your kids respect the property of others online. Explain that making illegal copies of other people's work—music, video games, and other programs—is just like stealing it from a store.

8.Tell your kids that they should never meet online friends in person. Explain that online friends may not be who they say they are.

9.Teach your kids that not everything they read or see online is true. Encourage them to ask you if they're not sure.

10.Control your children's online activity with advanced Internet software. Parental controls can help you filter out harmful content, monitor the sites your child visits, and find out what they do there.  [Click here for website]

Using Family Contracts to Help Protect Your Kids Online (Microsoft) 12/14/04
Before your children start exploring the new frontiers of the Internet, it's a good idea to make sure everyone understands what they should and shouldn't be doing online. One idea is to sit down together and draw up a family code of conduct for all to agree on. You can create a different contract for each child in your family with Internet usage rules set appropriately by age. Everyone signs his or her contract to show that they understand the rules you've set, and they agree to follow them when they go online.

The following is a suggested family code-of-conduct contract for you to use for each of your kids. Feel free to copy this contract, revise the rules as necessary for your family's needs, and print this contract for your personal use. Once the terms of your family Internet usage contract are agreed upon and signed, consider posting these contracts next to each computer in your house to remind everyone of the family Internet rules. [Click here for website]

Helping Kids Tell Fact From Opinion on the Internet (Microsoft) 12/14/04
The Internet offers tremendous resources and learning opportunities, but it also contains a great deal of information that may be neither helpful nor reliable. Since anyone can post comments or information on the Internet, users need to develop critical-thinking skills to judge the accuracy of online information.

This is particularly true for kids who tend to believe that, "If it's on the Internet, it must be true." Traditionally, printed resources have had gatekeepers—such as editors, proofreaders, and fact checkers—to weed out mistakes, lies, and inaccurate information. However, the Internet, in many cases, has no safety guards when it comes to checking the validity of information posted online.

Teach kids how the Internet works and that Web sites can be established with no questions asked. Train them to use a wide variety of information resources and to check, question, and verify what they see online. [Click here for website]

Safety Tips for Kids Gaming Online (Microsoft) 04/16/04
Online gaming is not designed for young children, but playing video games with others on the Internet can be a fun and even educational activity for older kids. By educating yourself about game ratings and learning how to use the privacy and safety tools built into the games, you can help keep your child's gaming experiences safe, age-appropriate, friendly, and fun. Read on to learn how you can make smarter choices about the games your child plays, and how you can help protect your child when he competes online.  [Click here for website]

How to Build a Secure Wireless Solution (smallbiz pipeline) 04/15/05
Wireless networking is rapidly becoming a victim of its own success.

Wi-Fi devices are approaching commodity status, and with easy-to-use setup and configuration wizards, Wi-Fi is quickly becoming the standard infrastructure for small businesses. Therein lies the problem—wireless is so easy to deploy, set up and configure that solution providers are getting elbowed out of potential profit opportunities. However, many of these “home-grown” installations neglect important security features. The lack of end-user concern for security can be chalked up to either ignorance or laziness, but that is not the point. The gaping security hole still leaves room for solution providers to offer security assessments and services.

By leveraging security knowledge and experience, integrators can sell wireless security solutions, which protect customer networks and lead to recurring service revenue for solution providers. [Click here for website]

How to Make Your 802.11 Wireless Home Network More Secure (Microsoft) 11/05/03
11 steps to secure your home wireless network. [Click here for website]

The Need for Speed (PCWorld.Com) 12/28/04
When it comes to personal computing, speed is life. You want Windows to load faster, pictures to draw faster, and files to download faster.

The problem is, the more you use a PC, the more it tends to slow down. Barb Demas can tell you. She runs Home Computing Solutions, a consulting firm in Colchester, Vermont, that specializes in troubleshooting PCs in the home and small office. Demas says that over time, Windows-based PCs often succumb to a glut of startup programs, Windows services, and hidden files and templates.

"Even if you don't know it, there are so many things running in the background at startup that don't need to be running," says Demas. "I go through and clear up everything that doesn't need to be in the startup process. That makes a huge difference." [Click here for full article]