Author and IT Consultant since 1986

With all the interest lately in the Conficker worm, my friend security evangelist Christopher Spence has set up a simple test on his company blog.  It basically just displays images from 4 of the security companies Conficker blocks.  If you can display the images, you probably are not infected.  Otherwise, there is a link to Kaspersky’s Conficker removal tool.  Visit Christopher’s Conficker Test page.

I’ve recently received an email saying “Congratulations — you have been chosen by IPED current constituents to become a member of the prestigious Partner Advisory Board exclusively for solution providers. ” It goes on to say that by by participating, I’ll have access to unreleased research information, plus be eligible for other rewards, including gift certificates from Best Buy. To participate, I have to complete surveys on topics like Software Infrastructure, Storage, Security, Systems, etc.

The Advisory Board is hosted by UBM’s Institute for Partner Education & Development (IPED). While I want to feel honored, I keep thinking there’s less to this than meets the eye. A search on the internet only turned up the hosts websites, plus a couple of press releases from companies I’ve never heard of announcing the fact that they’ve been selected to serve on the board.

This is the third or fourth such invitation I’ve received. Maybe this time I’ll follow up on it and see where it leads. If I do, I’ll report my findings here.

A long time ago I decided to split this blog up into 2 or more. One for the horse stories, and one for technology and writing. Well, I finally got around to doing it. For stories and ongoing commentary about horses and horse people, please visit The Horse Trader’s Son.

The top 3 oil companies have recently recorded another quarter of record-breaking profits. $14.83 billion for Exon Mobile, $8.45 billion for Royal Dutch Shell, and $5.19 billion for Conoco Phillips.  With 92 days in the 2nd quarter, that puts the daily combined profit for these three companies at over $309 million.  Again, that’s profit, not revenue.  $309 million every day, $212,500.00 per minute, or $3,543.00 per second.  Tell me again why gas and oil cost so much?

The future does not look quite so golden however.  With the global economy in a tail-spin, demand for fuel has fallen sharply, resulting in lower prices. Even OPEC threatening to lower production recently has had little effect on the price of crude. Still, these three companies will likely report record annual profits anyway.

Some members of congress are calling for these companies to use more of their gargantuan profits to invest in alternative energy sources, but with little incentive for them to do so, don’t expect to see much change.

The credit card industry imposes mandatory safeguards to which merchants are supposed to adhere in order to protect your personally identifiable financial information. They are known as the Payment Card Industry (PCI) Data Security Standards. Additionally, government regulations exist for the same purpose, for example, the federal Fair and Accurate Credit Transactions Act (FACTA). In spite of the fact that the penalties for non-compliance can be severe, many merchants lack the discipline to maintain the required vigilance, and some simply don’t have the resources to remain compliant. Thus, even if <I>you</I> practice good security with your data (by burning or shredding credit-card receipts, etc.), the far greater risk comes from these businesses who do not.

There are steps you can take to help. They do nothing to safeguard your data maintained by non-compliant merchants, but they can mitigate the damage if your data is stolen.

• Set fraud alerts with the major credit bureaus.
• Opt out of pre-approved credit card lists.
• Check your credit report.

Read The Full Report, with links to tools to help implement these suggestions.

Read about other ways to Protect Your Privacy

I feel so special – I got an email from Robert S. Mueller III, Executive Director of the FBI. Amazingly, it appears that the Bureau is aware that I’ve been contacted by the Central Bank of Nigeria, and they felt compelled to protect my interests and investigate the contracts and related fund dispersal promised by the bank in payment for the rendering of some unspecified services.

This is good news indeed, since I didn’t even know that the CBN owed me $10,000,000.00, and now not only do I know about it, but I can rest assured that the FBI has already confirmed for me that the fund transfer is legitimate, and they will closely monitor the transfer. All I have to do is contact the CBN using the phone number and email address that the FBI has so thoughtfully provided, and follow their instructions expediently.

Seriously, does anybody fall for these scams anymore?

What is hosted email security?

Hosted (outsourced) email security is a service offered by 3rd party providers which handles the scanning of inbound (and sometimes outbound) email messages. Following the trend toward SaaS (Software as a Service), or “Cloud Computing” as it is becoming known, hosted email services handle such things as spam filtering, virus and other crimeware removal, phishing protection, etc.

Recent Growth and Projections

The last several months have seen spending on outsourced email hosting and security grow at the substantial rate, primarily among small to medium sized businesses. The growth rate within larger corporations (greater than 2500 users) is smaller but also increasing measurably. According to IDC, The Radicati Group, and other analysts, these growth rates should continue to accelerate over the next few years, exceeding an estimated $2 billion by 2012. This represents a 40% growth in the number of seats over today’s figures.

Already, about 5% of SMB users are utilizing hosted email security solutions, a figure expected to grow to 9% over the next few years.

Advantages to SMBs – Reasons for Growth

A variety of reasons are cited by researchers and subscribers for outsourcing email security, but the main ones are:

• Lower Network Resource Requirements: Spam entering a company’s network incurs bandwidth and storage costs, even if it’s caught in spam filters. Outsourced spam filtering solutions only allow legitimate email to enter the network.
• Fewer Maintenance Costs: The costs of acquiring, configuring, and keeping spam filters up to date can be extensive for in-house solutions, especially when you include the cost of the admin’s time.
• Malware Protection: While an outsourced solution shouldn’t replace in-house virus scanners, keeping up with the latest threats becomes the burden of the solution provider for email. These companies often employ up-to-the-minute malware updates and multiple scanning engines.
• Business Continuity: Should a company’s own network fail or become compromised, the external service provider can queue their mail for a period of time, until their Disaster Recovery Plan is executed (you do have a DR Plan, right?).

Reservations

Not everyone is jumping on the bandwagon. The biggest concern expressed by potential customers is the perceived security and reliability of the service providers’ network. However, research done by NetworkWold indicates that many of these providers maintain infrastructures more robust and secure than that of most of the enterprises they serve. Another issue is the concern for the safety of confidential information being in the hands of an external agency, which is why most subscribers only use these services for inbound email, even though some providers offer outbound filtering as well.

Outlook

As IT departments strive to cut costs while maintaining service levels, more will be looking at the ROI offered by outsourced security solutions.

Today Exxon Mobile recorded their 2nd quarter profits of $11.68 billion. This is lower than analysts’ predictions, but still managed to break the record for the largest quarterly profit for a U.S. company (previously set by Exxon Mobile).

This works out to $1,485.55 per second in profits, over $128 million per day. Yes – you’re reading that correctly – that’s $128 million in profit, not revenue, every day.

Who do they think they’re fooling when they blame high fuel costs on the speculators or production problems? Petroleum seems to be the only industry in the world where production problems equal higher profits. Look up the term ‘oligopoly.’

Legendary writer and author Jerry Pournelle sent me an email! OK, so I’m a subscriber on his website and he sent it out to everybody, but still, I thought it was cool. The message was a warning about the fact that malicious hackers had compromised the online job boards and were selling their services to spammers and scam artists. Monster.com, hotjobs.com, and other mainstream job boards are affected. You can get the details here.

I became a fan of Jerry’s writing in the ’80s when he was a columnist for BYTE Magazine. This was back when magazines printed a lot of useful technical information, hacks, program listings, and electronics projects. A fellow programmer was a subscriber, and introduced me to the magazine, and particularly “Chaos Manor,” Jerry’s column. When BYTE was sold to another publisher, it’s format turned more to product reviews and coverage of the IT business industry. In other words, it became geared more for managers with IT budgets and less for programmers, hobbyists, and end users. Not long after that the magazine ceased publication altogether.

I missed Jerry’s anecdotal accounts of his struggles with technology. He did product reviews too, but always from the first-person perspective of a non-technical person (an author) actually trying to implement, rather than just cover, the products. His often humorous tales were always informative and entertaining. I was delighted when I discovered a year or so ago that Jerry was still writing his Chaos Manor Reviews, as well as Other Musings. I should have known that his talent and desire (need?) for self-expression would have steered him toward the online publishing world, and was chagrined that I hadn’t thought to search on his name sooner.