CYBER SECURITY INFORMER - news and tips to help you stay safe online and protect your network

Balancing Risk and Reward with Web Applications for Business

Web applications are becoming more popular for conducting business functions, not least because of their perceived value in lowering costs while increasing productivity. Increasingly, we are seeing even the most confidential information such as corporate accounting data placed online. But those who use these applications have to make a calculation about risk versus reward. 

This week in Cyber Security Informer, we talk with Clarity Accounting business accounting software company founder Dobes Vandermeer about what these kinds of companies can do to ensure better privacy and security for their users.

Security and privacy is definitely a concern that needs to be addressed as web browsers get more powerful and more services go to the web, Vandermeer says. Some of the standard security processes to protect the data include making sure the firewall is configured and using strong passwords. 

As well, the website gets scanned for known vulnerabilities by a third-party scanner. The company's blog, website and web application run on separate virtual machines, helping to keep important information isolated and protected in the event of a breach against one part.

Security from insider threats is also an important consideration for users of web applications. "In accounting, for instance, it's always a concern that some people might fudge the books," Vandermeer notes. Building levels of access into an application, so that only authorized employees can actually change data, while others can view it but not change anything, can be a valuable safeguard for data.

Before using a web application for business, a company needs to do an analysis of the benefits it could receive versus the privacy and security risks. Organizations should seek out the opinion of a security consultant to understand the landscape and go over ways of implementing better security throughout their network.

In the next issue of Cyber Security Informer, we’ll be continuing to profile organizations that are helping make the world a more secure place. If your organization is doing its part to build a more secure future by protecting partners, customers, website visitors and application users from cyber crime, contact us today at info@pcis.com

Network and Web Application Security Webinar April 29

When your network or web applications get hacked, your revenue stream evaporates. Security is essential for keeping your business running. So how do you protect your computer systems?

The Need for Network and Web Application Security Webinar by PCIS aims to help  managers understand the complex and changing cyber-threat landscape and how they can maintain business continuity through better security. 

How to Register: To register for this free webinar, go to http://boonbox.webex.com/meet/boonbox Click the "Register" link on the right in the Status column and fill in the short registration form. You will be sent your registration confirmation information and instructions on how to participate.

Date/Time: This webinar happens on April 29, from 8:30-8:45 am Pacific Time. 

Who Should Register: This webinar is a great opportunity for CEOs, managers and SMB business owners.

Webinar Synopsis: The Need for Network and Web Application Security includes a discussion of network security and web application security concepts, an overview of the cyber-threats, and basic strategies on how to protect your systems with network security assessments and web security assessments.

Webinar Agenda:

* Hacker Threats Basic Overview
* How the Threats Impact Your Business Today
* Network Security Assessment – A Roadmap to Security
* Web Security Assessment – Keeping the Hackers Away
* Questions

April 21, 2009

Cyber Security Informer is distributed by:

Pacific Coast Information Systems Ltd. (IT Consulting)

Boonbox, a division of PCIS (Security Packaged Services)

Contact PCIS

Toll-free 1.877.744.7558

In this issue:

* Balancing Risk and Reward with Web Applications for Business

* Network and Web Application Security Webinar April 29

* Hacker Bait 

* Ask A Security Expert

Cyber Security Informer provides security news and tips to help organizations protect their business and their customers. 

Give us your feedback about Cyber Security Informer

Name

*

Company

*

Phone

*

Email

*

Feedback

Please tell us how you found out about PCIS

Please Select One - - - - - - - - - - - - - - - - - - - We've done business with PCIS before A PCIS representative contacted meWord of MouthSearch EngineLink on another websiteNews Article or PublicationPrint AdvertisementOther

 Resources Links:

• Get more IT Security Resources
• Experience and join the discussion about tech trends and IT security on the Pacific Coast Informer Blog
• Managers’ Cheat Sheet for PCI DSS
• Types of IT Security Threats and their Consequences
• This Site May Harm Your Computer - How to Remove the Google Website Warning

Hacker Bait

The latest Hacker Bait list contains highly trafficked websites that have been found to have vulnerabilities that hackers and cyber criminals could exploit. 

This is not a complete list of all vulnerable sites on the Internet, but only represents websites where vulnerabilities were found within the past 90 days. These are only the latest additions to an ever-growing club of sites found to be insecure according to various public sources and online tools used in the web security industry.

If you would like more information on our data and why these sites are listed here, please contact PCIS

Hacker Bait Sites With Vulnerabilities Discovered in Past 90 Days

Ask A Security Expert

"Is Twitter safe for me to use for my business?"

This is the kind of question we are hearing more of lately. Whether it's Twitter, LinkedIn or Facebook, it seems like these social networks are falling victim more and more often to hackers. Safe? That depends, to an extent, on how you use it.

It's easy to see why the exploits are happening: you've got a network of millions of people who trust each other and link profiles, often based on no real-life connection, or often no connection at all. Links are sent out with most messages, enabling cunning phishers and scammers to launch  attacks.

The latest exploit on Twitter is a good example of this: a 17-year old student set up a simple self-regulating computer program that infected thousands of users, who clicked on a link to a website. In turn, all of the victim's followers were then sent a message asking them to click on the link. This infected tens of thousands of users. The hack could easily have included a web browser exploit  containing a keylogger and other malware.

How do you avoid getting hacked on Twitter? First, there's no reason for most employees in most industries to be on it while at the office, so monitor its use. Also, if you notice suspicious messages from friends, don't just ignore them, report the problem. Don't share your Twitter passwords. And don't leave information cyber criminals might use to steal your identity in your profile.

Boonbox and Pacific Coast Information Systems Ltd.

Boonbox is a division of Pacific Coast Information Systems Ltd., specializing in products for web security, network security, password management and data backup.

PCIS is a Vancouver-based company which provides strategic consulting, application development, technology solutions and managed services to companies and government organizations throughout North America.

HOW TO SUBSCRIBE/UNSUBSCRIBE

SUBSCRIBE: To subscribe to Cyber Security Informer, send a blank email message with subject line "SUBSCRIBE" to informer@pcis.com

UNSUBSCRIBE: If you do not wish to receive future issues of Cyber Security Informer, send a blank email with subject line "UNSUBSCRIBE" to:informer@pcis.com and we will promptly remove you from our distribution list.

WE WANT YOUR FEEDBACK

Our purpose for providing this free service is to keep our clients and business contacts informed of technology developments. This information can help them resolve common problems and achieve their full potential by strengthening their business processes and infrastructure. Your input is important to us and we welcome your ideas for new features and how we can continue to improve our service to you. Send your comments and suggestions to informer@pcis.com or contact us directly at 604.844.7558