Technical Help: Consulting, Strategies, Coaching
CyberSecurity, Data Protection, Internet Data Security, Online Privacy, Technical Help. IT Security Consulting: Pen-Test, InfoSec, Protection Strategies. Business Model and Monetization strategies for Start-up Technologies.
Onsite/in-home help with technology problems, coaching on the best ways to use technology currently owned. Includes Windows PCs, MACs, Linux, Routers, Wireless, Internet issues including Privacy, Smart Phones, iPADs, and also Home Theater, Audio / Video… most anything digital.
Information Security – Data Protection
2018 Big Issue #1 – RANSOMWARE: You can get this malware from ads when an employee visits a legitimate website. You won’t know you have it, antivirus software can’t catch it until it is way too late. Its called a ZERO DAY malware because its new each time. It quietly encrypts your data files that are anywhere on your connected network. There is little hope to recover unless you have the “right kind” of backups of your files saved on devices that are NOT attached to the infected network. There is hope of protection if, before you caught the virus, you had turned OFF administrator rights to ALL users, “air-gapped” the backup hardware, and have multiple VERSIONS of all backed up files. After an attack, I can eliminate the ransomware, work to recover files, and if necessary negotiate with the attackers to unlock the encrypted files. It is many times less costly to mitigate ransomware and other malware attacks before a complete take-over occurs.
2018- Big Issue #2 – HACKING: It actually costs very little to have an offshore hacker break into your network and copy, say, your latest proposals or bids to clients or other secret business information, leaving no evidence whatsoever that it ever happened. You won’t ever know. Intrusion detection and prevention is required to counter hacking, but this ALWAYS requires hardware installed at the server’s physical location, it can’t be done with just software, or in a cloud, no matter what is advertised
Online Privacy – Internet Security
Windows 10 has 50+ different processes (spyware) that send your info (telemetry) home to Microsoft. In Oct 2016 updates for Windows can not be seen into. We have no idea whats in them. People are abandoning Windows in droves for “Open Source” tools like Linux or Unix, which are also free, as well as private and secure. They come with Firefox, a free open source browser, for a safer way to surf the Internet.
TIPS for Privacy Online: Don’t sign-in to any user account with your real name, or real email address, or your real IP address. Backup data then disconnect it.
Revelations in 2013 shocked Americans that online companies from Google to the U.S. Government are recording everything you do, where you go, what you like, what you say or type over the Internet. These snoops include your Internet service providers, cable company, name brand businesses like Google, Facebook, Microsoft plus hundreds of others, and also the US and foreign governments. Basically, anything that is “free” online, is not free. Your private information is what you pay them with. In 2015 AT&T announced that for $30 / mo, they won’t spy. That’s at least what your info is worth to each of them.
It was for many a great shock to learn that the US Government (NSA) collects meta-data, and the content, of ALL your emails, ALL text messages and ALL phone calls, machine reads it and stores it for later review for 5 years.
While the commercial snoops create profiles of everyone, collecting the identity, likes, dislikes, taste, aspirations, desires and all possible personal preference data. Every webpage you go and everything you read. Email hosts like Gmail machine read all your email and the attachments, to determine everything about you to create an enormous dossier, for the profile database. They monetize that data.
This data is worth a lot of money… Thus this is the business model of “free” Internet services, such as Google Search, Gmail, Facebook, etc. It is easy for any nefarious entity to use this personal data.. they simply pay for access to it. – OR hackers steal it and resell it in the electronic black market. Thus, at the least, we are profiled to be advertised to for LIFE. But at the worst, to rob, blackmail, steal identities, steal business data and secrets, along with your peace of mind
Quick TIPS for Privacy Online: Don’t use your real name, or email address, or your real IP address.
Privacy from Government (ours or theirs) is nearly impossible. Especially if you become “of interest”. BUT anonymity and not getting flagged in the first place, certainly by commercial entities, is doable and a good idea. examples: You’re a “whistle blower” who wants to be anonymous when exposing some business or government corruption; you’re a citizen who wants to avoid being targeted for your political, social, religious views or preferences; you’re parents not wishing your children being profiled, or you want to search the internet and not be tracked, censored or purposely directed.
2018 – How we are tracked NOW – Cookies are “old school”… same with getting you to click on attachments or web links in email (still – don’t do it). Clever tracking is now done with MALWARE you get from simply viewing small advertising videos on well known LEGIT websites, as well as fake websites that appear just like the ones you usually visit, (that look like your bank). Secondarily, tracking cookies and Adobe LSOs, are replaced by trackers using your computer’s fingerprint, which cannot be hidden or turned off.
Virus, Malware, Spyware: I helped develop a business model for the first anti-virus start-up in 1992… but this business is still today as it was 20 years ago: antivirus (AV) products do not work with clever malware, if they do its 3-6 weeks after the virus hits. As it was in 1992, consumer-grade antivirus products are signature based, and thus it takes weeks for the vendor to learn about and circulate updates to block a new virus. That’s “better than nothing” for home users, but is too little and too late for businesses. Proactive, so called “zero-day” and behavior based malware monitoring solutions are available, however they always require detection hardware located at the server’s physical site. These are called Intrusion Detection Systems, (IDS). With no such hardware, no software solution alone is any better than residential anti-virus tools. IDS hardware is always deployed at large corporations with an IT staff, and is possible to rent IDS hardware along with monitoring services for small-medium businesses, just like a burglar-alarm system. A monitoring person calls the business owner with alerts about hackers trying to get in, an ALSO alert you to malware or employees improperly sending data out. Automated blocking is optional.
Cloud – A great solution to data protection AND also data security is do all computing in the cloud or managed service. This requires little or no software, or data, to reside on your own hardware, just a browser on inexpensive PCs. BUT use a name-brand Cloud company with “deep pockets” to hold responsible in case the data is hacked or lost on their watch. (i.e. Amazon) Beware of a small outfit or re-seller hosting your company secrets, they can easily fold up if data is hacked or corrupted. TIP: Examine the contract for how much you are compensated, and by who, if your data is lost or your company secrets are hacked, while in their custody. No caveats. No acts of God. Take a look at these terms, can be scary.
My background: 30+ years in Silicon Valley: Engineer, Marketing, Technology Alliances, Corporate Business Development.
Alan Crawley – TechCoach
Text / call: 541-625-0270
Bend, Oregon 97701