Technology Advisor Blog

Think Twice Before you Travel Overseas with your Laptop

Posted by Ann Westerheim on 1/9/12 8:57 AM

Laptop SearchThe Boston Sunday Globe had some interesting reading yesterday:  "Laptop seizures at customs cause thorny legal dispute".  When David House, a former MIT researcher, returned from vacation in Mexico a little over a year ago, federal agents seized his laptop at customs during a connection in Chicago, and kept it for almost two months.  There was no search warrant, and he wasn't charged with a crime.  The article describes a "Consitution-free zone" where governement agents don't need probable cause or reasonable suspicion to seize property, as long as it's not "invasive". 

The Customs and Border Protection agency says the power to seize laptops is necessary to find information about terrorists, drug smugglers, and other criminals trying to enter the country.  However, how far does this go?  Apparently federal agents wanted to learn more about House's connection to Bradley Manning, the US Army private who leaked classified government information to the website WikiLeaks.  David had met Bradley at a hackers convention in the past.  In the two months that David's laptop was seized, government agents had access to his files, photos, bank account passwords... everything about him, without any specific charge against him.

The article cites a survey last month by the Association of Corporate Travel Executives which found that nearly half of the participating companies did not know customs agents could inspect, copy, or even seize travelers’ laptops.

If you travel outside of the US think twice about what you carry with you on your laptop, smart phone, iPad or anywhere else you store files and sensitive information.  People who travel with confidential corporate documents, trade secrets, or attorneys with confidential client information really need to be aware of the risks. 

Balancing national security with civil rights can be challenging, but when you consider how much personal information is stored on your electronic devices, many argue that seizing laptops crosses the line and is in fact "invasive". John Reinstein is the ACLU lawyer representing House and he summarizes the argument for changing the law:  "Given the role of computers in modern society and the extent of the information that people carry with them on electronic devices, we have asked the court to acknowledge that the search of a computer should be treated as an invasive and overly intrusive search.’’ He adds,  “Under existing rules, you shouldn’t take anything across the border that you don’t want to expose to another set of eyes.’’

Some corporations are now requiring that laptops be wiped clean of sensitive information before travelling overseas.  You can use your laptop to access files stored on a remote server ("in the cloud") or for secure remote access to another PC.  This is inconvenient because you will always need an Internet connection to work.  Some people also create encrypted volumes on their hard drive to hide sensitive files.  With the BYOD trend (Bring your Own Device to work), things get even more complicated.  Bottom line, if you don't want potentially ALL your information exposed, create a game plan in advance, (and make sure everything is backed up).

Tags: computer security, customs, seized laptop

Gateway Security - Protect your Small Business!

Posted by Ann Westerheim on 9/14/11 9:55 AM

Perimeter SecurityOne of the strong recommendations we're making to our small business clients is to invest in gateway security to protect the perimeter of their network.  Everyone these days knows how important anti-virus and anti-spyware protection are at the desktop, but far too often, small businesses only have a basic router protecting the entry to their network. With more sophisticated security threats cropping up daily, this level of protection just simply isn't enough. 

While point solutions protect the individual computers locally, without gateway security, it's a bit like leaving the front door to your office unlocked. With gateway security, every bit of information entering and leaving your network is inspected against a constantly updated set of signatures for known viruses, spyware, trojans, worms, and other threats.  

In July, the Wall Street Journal ran an eye-opening article "Hackers shift attacks to small firms".  In the article, the author cites that in 2010, the U.S. Secret Service and Verizon Communications forensic analysis unit, which investigates attacks, responded to a combined 761 data breaches, up from 141 in 2009. Of those, 482, or 63%, were at companies with 100 employees or fewer. Visa estimates about 95% of the credit-card data breaches it discovers are on its smallest business customers.  The big companies make the headlines, but smaller firms are definitely a target.

If your small business is still running on a consumer class router, it's time to start planning an extra layer of protection for the perimeter of your network.



Tags: computer security, antivirus projection, gateway security

Fake SSL Certificates - The Latest Security Threat

Posted by Ann Westerheim on 9/7/11 3:26 PM

SSL Security - Fake CertificatesIt seems there's always a new computer threat to watch out for, and the most recent breach in the news is really scary.  Dutch Certificate Authority (CA), DigiNotar, was recently hacked and the result is that fake SSL security certificates were issued.  This is the Internet equivalent of impersonating a police officer.  We're all taught to be careful on the web and a look for an https (Hypertext Transfer Protocol Secure) connection so we know we're safe when transmitting data.  But when the certificate itself is fake, we can easily be fooled.

With a fake SSL certificate, you're vulnerable to what's known as man-in-the-middle (MITM) attacks. You think you have a secure connection when logging on to Google mail, your bank, or other sites, but because the certificate itself is fake, all your transmissions can be intercepted.  We rely on SSL encryption to scramble our communications, but in this case, it's wide open to the hackers. 

Microsoft effectively activated a "kill switch" yesterday to ban all use of DigiNotar certificates.  If you haven't updated your system with Microsoft updates, do it now.  The reference knowledgebase article is KB2607712 -   All the major browsers have blocked DigiNotar certificates from their browsers.  When the trusted authorities can no longer be trusted, who can you trust?  Stay alert!

Tags: computer security, fruadulent SSL certificates, Microsoft Updates

"Patch Tuesday" - Get your security up-to-date!

Posted by Ann Westerheim on 4/13/11 12:38 PM

WinUpdate 74x74Yesterday was a big "Patch Tuesday" with 17 new security patches released by Microsoft, 9 of which were listed as "critical".  The second Tuesday of each month is known as "Patch Tuesday", and this is when Microsoft regularly releases free security upgrades.  As vulnerabilities are discovered, upgrades are made to the software to prevent hackers from exploiting the vulnerabilities.  Full details on the April 12, 2011 Microsoft Security Bulletin can be found on the Microsoft web site.  

Fifteen of the bulletins address vulnerabilities that allow attackers to remotely execute code - Very Serious!

In Massachusetts, as of March 1, 2010 it's required by law for all computers containing personal information on Massachusetts residents to have up to date security patches. 

Recommendation:  We strongly advise clients to participate in a managed service program that involves full testing of all updates before installation, with tracking and reporting.  For clients who don't choose this option, then enabling automatic updates through Microsoft Windows is advised.  In Windows 7, open Windows Update by clicking the Start button Picture of the Start button, click All Programs, and then click Windows UpdateNote that updates can also be manually installed.

Tags: computer security, Microsoft Windows Update, MA Security Law

Computer Security - Use "Sandboxie" to Surf the Web Safely

Posted by Ann Westerheim on 1/26/11 10:06 AM

The creators of viruses and other malicious software have gotten so aggressive recently, that today its possible to get a "drive-by" virus.  You may be at a web site that seems safe, but if there are ads on the site, malicious code can enter your system just by viewing the ads.  Unfortunately, the world of viruses is a "cat and mouse" game where the threats escalate as user protection increases.

A solution we have implemented for several clients is "Sandboxie".  With this software in place, any code that is written to your system while you are web surfing is placed in an isolated container known as the "sand box".  This prevents these programs from making permanent changes to other programs or data on your system.  Any malicious code downloaded by the browser can be discarded when your down browsing.  You may not even know the malicious code is trying to get on your system, but the "sand box" protects you.  You also get enhanced privacy because browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don't leak into Windows.

This is a great solution to consider to keep your systems safe, and minimize the risk of getting an infection that requires costly clean up and data recovery.  No solution is 100%, but by isolating your browsing activity from the rest of your computer, you'll greatly minimize your risk.

Tags: computer security, Sandboxie, Sand Box

The Billion Dollar Lost-Laptop Study - Protect your Small Business!

Posted by Ann Westerheim on 1/11/11 9:27 AM

The "Billion Dollar Lost-Laptop Study" conducted by Intel and the Ponemon institute, reports that more than 300 businesses lost more than 86,000 businesses last year worth a staggering $2.1B.

While 46 percent of the lost laptops contained confidential information, only 30% of those systems were encrypted.

With the new MA Data Protection Law which went into effect March 1, 2010, any personal information stored on a laptop requires encryption. If you're not already compliant with the new law, make it a New Years resolution to get your company laptops encrypted. 

A recent article in Inc Magazine covers "What to do when you lose your computer" - must-reading for you and your employees.  Proactively encrypting your systems is the BEST protection against loss or theft, and keep in mind that if you carry protected personal information on any MA resident, you would be breaking the law without encryption.

Tags: computer security, Encryption, laptop loss

Computer Support Dilemma - How did I get a Virus?

Posted by Ann Westerheim on 12/15/10 8:48 AM

One of the computer support questions we get asked a lot is "If I have Antivirus software installed on my computer, how did I still get a virus?" 

The first thing we'd want to confirm is that you're getting regular antivirus definition updates.  For your Antivirus software to work, you need to constantly get updates for the latest threats.  Years ago, these updates came out once a week, now updates are issued many times a day.  Another thing we'd check for is that typically the free versions of Antivirus software don't have "rootkit" protection - to protect against software designed to conceal adminstrative control of your system - your antivirus software needs to include rootkit protection.  Another thing we'd look at is your operating system - Security patches should be kept up to date, and the newer 64-bit Microsoft operating systems have mandatory signing of kernal-level drivers to help prevent concealed processes, but this isn't fool-proof either.

The latest threats involve what's known as polymorphic viruses that change themselves to avoid detection.  Its like a mutation.  This is how viruses can stay ahead of Antivirus protection and users can do everything right that they're supposed to do, but still get a virus.  Unforunately its basically a game of cat-and-mouse - as the protection gets better, the threats get more agressive.  Bottom line is that you can minimize your risk level with regular antivirus definition updates, up to date rootkit protection, up to date operating system security patches and a 64-bit operating system,  but the risk is still there.

Tags: computer security, computer virus, computer support

Computer Security - Phishing scams that impersonate the IRS

Posted by Ann Westerheim on 12/9/10 9:08 AM

Many of our clients have expressed concern after receiving intimidating emails they thought were from the IRS.  Phishing scams seem to come in waves, and the most recent wave we're seeing involves fake messages such as "your federal tax payment has been rejected".  If you look closely at the message, the emails are typically from a random address with a name that doesn't even match the email address. Identity theft is the typical goal of these messages as they try to entice you to go to a web site to enter personal and financial information.

The IRS website explains their policy on email and has a lot of information regarding a wide variety of scams such as fake refund information.  "Generally, the IRS does not send unsolicited e-mails to taxpayers. Further, the IRS does not discuss tax account information with taxpayers via e-mail or use e-mail to solicit sensitive financial and personal information from taxpayers. The IRS does not request financial account security information, such as PIN numbers, from taxpayers."

Rest assured that you are not being personally targeted even though it feels like it because the message winds up in your inbox.  Anyone with an email (phone or fax) can randomly become a target.  The message looks intimidating, but its just a fake.  The messages are specifically designed to get through spam filters because the sender addresses are random (spoofed), and the content contains official sounding language that wouldn't normally be flagged.

What should you do if you get an email like this?  Report the sender by forwarding the suspicious e-mail or url address to the IRS mailbox, then delete the e-mail from your inbox.

Tags: computer security, phishing, IRS scam

Subscribe by Email

    Most Popular Posts

    Browse by Tag

    See all tags...

    Connect With Us

    Older Blog Posts

    For older Ekaru blog posts, go to