by Tim Sullivan on September 29, 2009 · 0 comments
In an earlier post I discussed energy consumption savings when implementing server virtualization technologies. There are other savings you will realize when you move to a virtual computing environment. Not only can you substantially reduce your energy bills by virtualization but you can also save on hardware and software replacement costs. Virtualization allows you to host many virtual servers on fewer physical servers. Let’s say that you have an environment that has 5 servers running various business applications. When it’s time to replace these 5 servers you could purchase only a couple of servers to run all of these applications in virtual environments. Many businesses run legacy or custom software applications. Upgrading hardware often creates migration issues for moving these applications from their original server environment to their new server environment. If you can place these applications on virtual servers that have been imaged from the original server hardware then you could solve many software/hardware migration issues from occurring. Implementing virtual servers will translate to lower expenditures in numerous ways:
1. Purchase fewer physical servers
2. Use fewer man hours by either your IT staff or outside consultant to deal with migration issues
3. You won’t have to spend additional funds to update the legacy or custom software application(s)
4. Your staff won’t have to go through additional training for new and/or updated software applications and learn the new work flow
5. Reduction in energy consumption
Mailprotector can assist you with lowering your total hardware and software costs. We can provide you with hosted email services to keep your costs down. You don’t have to worry about updating your hardware or software. You don’t have to worry about spending money for IT staff or an outside consultant to work on your email systems. Mailprotector takes care of all of that for you. If you’re considering upgrading your email systems anytime soon and want to reduce your IT capital expenditures you should talk to us about our Hosted Exchange 2007 service or one of our Scan and Store options. We’ll be your virtual mail server providing all the service and support for your email infrastructure while you go on about your business. It’s an easy decision to make in these tough economic times.
According to a recent report from brand reputation firm MarkMonitor, phishing attacks reached a record high of 151,000 unique attacks during the 2nd quarter of 2009.
They want your login info
Favorite subjects and themes of phishing emails sent out in Q2 of 2009 include those which appeared to be from social media websites (up 168% from last year), and most commonly (4 out of 5 of all phishing attacks) from financial/payment service-related businesses. Almost all phishing emails are sent with the intent of tricking unsuspecting recipients into giving up their login information to various websites, thus severely jeopardizing the security of those who fall prey to such attacks.
The land of the free, and the home of most phishing sites
According to the report which looked at the number of unique Phishing sites, 50% originated in the United States — significantly more than any other individual country.
Conflicting data…who has it right?
The rise in attacks from phishing sites as reported by MarkMonitor conflicts with data which was published by IBM in August of this year. IBM claimed that attacks from phishing sites were actually on the downfall. This difference of opinion could be explained by looking at how the data was collected. IBM looked at phishing email as a percentage of spam, while MarkMonitor based their numbers off the number of unique URLs used by phishing sites.
How to prevent phishing attacks
- Use a spam filter to stop phishing emails from reaching your inbox
- Always be very careful to only open email from trusted senders
- Never click links in emails that seem even remotely suspicious
These latest figures show that phishing is still a big problem. Unless everyone gets wise to the tactics of the phishers (which is unlikely), phishing will continue to threaten the security of individuals and organizations worldwide. Be safe, and be prepared.
by Tim Sullivan on September 25, 2009 · 0 comments
Going green can actually save you a bunch of “green”, as in money. How’s that? Well, if you’re reducing your energy consumption in the work place, at home, in your car then it’s highly likely you’ll be reducing your energy bills. There’s lots of small steps we can all take to reduce energy consumption: digital thermostats, easing off the gas pedal, flying commercial instead of taking the private jet. Simple stuff. In the technology world one of the biggest movements is virtualization in the data center. The idea is to reduce the number of physical servers. Virtualization technology allows you to build multiple virtual servers onto a single physical server. The fewer physical servers there are to power up then the less energy is consumed. I’ve seen reports that datacenter power consumption can be greatly reduced when virtualization is implemented (see slide 4 here as an example). It’s an innovative way to save some “green”.
Mailprotector has been helping customers be green and save “green” for a long time now. We’ve assisted by reducing the amount of power the customer needs to run their email infrastructure. Our Scan and Forward service blocks over 90% of all spam before it ever reaches the customers’ network. That means less bandwidth is consumed and less processing power is used by the customers’ gateway servers and mail servers. Our Hosted Exchange 2007 and Scan and Store services eliminate the need for a mail server to be on the customer site. Customers use less electricity since they don’t maintain mail servers at their facilities. By using less energy our customers are paying less for utilities. That’s a good thing to be able to save money, especially in these tight economic times.
by Tim Sullivan on September 21, 2009 · 0 comments
My wife forwarded me an email that one of her work colleagues had received from a CPA. The accountant had been contacted by a few clients asking about an email purportedly from the IRS. The gist of the message is the recipient has to click onto the URL that is included in the email to go to the IRS site to answer questions about unreported income. The email is bogus and the link probably goes to a site that will perform SQL injection or other such attack against the user’s PC.
There’s plenty of new email scams that use the cover of legitimate organizations. In the latest edition of the SANS Institute – Ouch! Newsletter they cite three such examples. This newsletter is geared to end users so they may stay abreast of the latest IT security threats. They’ll email the newsletter monthly if you sign up for it. In section 2, Scams and Hoaxes, here are three recent email scams they cite that I’ll share:
Purdue University Warns Affiliate Organizations of .com Email Scam
Organizations closely affiliated with Purdue have been targeted by scam emails claiming that the University is changing its domain name and urging recipients to update their weblinks. The embedded link points to a fraudulent Purdue homepage. Purdue University is not changing its domain name and has no plans to move its web offerings to “.com” site.
For more information click here.
Alarmist Swine Flu Emails
According to email warning messages, H1N1 (swine flu) is wiping out entire villages in parts of Asia and has already mutated into a more deadly strain. This information supposedly originates from experts at the US based Centers for Disease Control and Prevention (CDC) and The Johns Hopkins University. However, it is unsubstantiated and false, as are claims that the mutated version of the virus is set to reach the United States in coming months where it will kill six out of ten people and necessitate implementation of martial law.
For more information click here.
Bell Canada Phishing Scam
This email, which purports to be from Bell Canada, claims that due to a problem with a recent bill payment, the recipient is required to update his or her billing information or risk an interruption of service. The recipient is advised to follow a link in the message to confirm and update billing information. However, the message is not from Bell Canada. Instead, it is a phishing scam designed to steal personal and financial information from Bell Canada customers.
For more information click here.
If you’re responsible for the IT security of your organization these are great examples to share with your users as part of their ongoing security training and awareness. Email scams and hoaxes aren’t just from Nigeria anymore.
by Tim Sullivan on September 15, 2009 · 0 comments
Recently, there were shipments of laptop computers sent to governors’ offices in West Virginia, Vermont, Wyoming, and Washington state. These laptops were not purchased by the governors nor anyone in their offices. The purchases were made with credit cards in the names of each governor but not belonging to any of them. Two things stand out here that are incredibly frightening. First, why were these laptops sent to the governors? Secondly, is there ID theft involved since the credit cards used to purchase the laptops were in some of the governors’ names? The FBI has gotten involved now to learn if there is something nefarious about these free laptops.
The shipment of these mystery machines may be a new twist on the old Trojan horse attack or a newer spear-phishing method. I’ve read of reports of USBs being “gifted” to employees of targeted firms by a seemingly legitimate source. The employees would plug them into their laptop or PC only to unleash the malware that was contained on the USB. The malware would do it’s dirty work, compromise the network, “phone home” with information gleaned and wait for any other instructions to carry on further attacks.
Hopefully this story raises awareness in the mainstream. If it’s learned the laptops the governors were sent contain malware then it will become more clear as to why these machines were “gifted” to the governors. People should be diligent if they receive “free” computers, USBs, email solicitations, email attachments and the like from known or unknown sources. I once had an auditor tell me the best policy to follow is to trust but verify. Education is a key component in IT security. This story can be used to teach your computer users the proper way to handle “gifts” they may receive via FedEx or email.
by Tim Sullivan on September 10, 2009 · 0 comments
I read a recent Fortune article about AT&T’s iPhone offering. Apparently they didn’t anticipate that iPhones would be such bandwidth hogs. They were too excited about their exclusive deal with Apple and the lucrative margins they would earn from the associated voice & data plans. Well, the iPhone users tend to stay on their devices all the time sucking up lots of bandwidth and creating problems for AT&T’s mobile delivery infrastructure.
We at Mailprotector have decided to toss a lifesaver to AT&T to help them through these tough times. We’re offering all of our hosted email services to their business customers: Hosted Exchange 2007, Scan and Forward and Scan and Store. How will the Mailprotector services help alleviate the bandwidth issues for AT&T? There are estimates that 90% of all email traffic is spam related. Mailprotector is going to smack it down. Heck, we’ll even offer this wonderful deal to any business so they can save on their bandwidth costs, too. At Mailprotector, we’re all about helping others solve their messaging security and bandwidth problems.
H1N1 is the latest rage on the Internet, TV, radio, and print. You can’t help but hear about swine flu no matter where you go. A couple of the latest news stories I’ve read report that students at Emory and University of Kansas have been quarantined. I guess if you’re one of the healthy students at either of these fine institutions you’re most appreciative that the infected students have been sequestered. I mean, you really don’t want to be stuck next to a coughing, sneezing, sniffling, tissue carrying sicko in English Lit 101. Nope, keep those kids away from the healthy population.
Hey, that reminds me! Mailprotector’s award winning email security service quarantines viruses, too. That’s good – you definitely don’t want your network infected with malware, Trojans or H1N1. Mailprotector keeps all that bad stuff away from your systems. I guess it’s like vitamin C for your email.
Yep – H1N1 has gone viral. Hopefully it doesn’t go postal.
When most of us hear of identity theft we first think of someone stealing information from our garbage can and using it to open an account. While personal identity theft is a real threat, many small business owners fail to realize that their business is subject to identity theft as well.
Many of us try to keep our personal data hidden from others; however, as businesses we often times promote pieces of this private data – address, contact information, phone number, and even business license number.
Just as you do in your personal life, it is important to take steps to protect your small business from identity theft. Some basic steps include:
1. Check your business credit report
2. Be sure to have an email security system in place to prevent spam, viruses, and phishing
3. Lock down the network – firewalls, encrytion
4. Shred important documents (dumpster diving is still common)
According to a Panda security report, a surprising 29% of small businesses don’t have a spam filtering solution. Additionally, 16% of small businesses do not have firewalls.
You can read more on small business (SMB) identity theft in the following CIOZone article.
