Ever thought about a burglar alarm but didn't want to deal with the wires? Ever think that wireless wasn't good enough? Maybe it's because of movies like The Score, The Italian Job, Heat, and the others that portray very talented thieves and complicated thefts. The kind that generally just don't happen everyday in real life. The common burglar will use the door or window that is left unlocked. Or they may put a foot against the door or destroy a window. Either way the greatest threat comes from the path of least resistance.
Realistically, what are the chances that someone would bring equipment to generate a radio signal to jam a wireless alarm system? But what if your wireless system could detect the jamming attempt and use that as a trigger for an alarm?
Welcome to the real world of quality wireless alarm systems. What is quality? See Zen and the Art of Motorcycle Maintenance for a detailed discussion of that topic. But a worthwhile wireless alarm system will likely include all UL listed parts. And is should do some very important things like detect jamming attempts, prevent data collision, and device supervision.
Data collision is what occurs when two or more devices try to communicate to the system panel at one time. Worthwhile systems will not do this. While device supervision is just what it sounds like. The system panel periodically checks the status of each device. What a device fails to respond then the panel makes notifications that something needs to be done.
What might be the best reason for looking at a wireless systems is their resilience during power outages. The backup battery that should be fitted with the system panel is good and may last for 12 hours, but when that battery does not have to support each individual sensor it lasts much longer. See with wireless systems each device has its own battery and thus is not affected by power outages in the same way as a traditional wired system.
Now you may think that he batteries are expensive, but its not the expense that is likely to cause a problem since they usually last for about one to two years. The greatest issue the annoyance of actually changing the batteries every so often. But there are trade-offs with everything.
Keep in mind that there are disadvantages to wireless systems as well, but for the most part they should work just fine for you home and small business needs.
More on planning an alarm system and monitoring options next...
Wednesday, January 31, 2007
Tuesday, October 17, 2006
A short note on landscaping
Landscaping can be an indispensable tool for security, not to mention how much better it can make any building look. For security it can provide some very real benefits, and I'm not talking about those "tips" for home protection like placing thorny bushes around windows (which works or doesn't depending on who you consult).
So here are a few basics for incorporating security functions into your landscaping.
The most important bit has to do with Natural Surveillance, or making sure that everyone is able to see the goings on in a given area. To do this keep shrubs relatively low, particularly closer to the building, to reduce potential areas of concealment. Then keep trees high, or "canopy" them, with the lowest branches somewhere above five feet (six is event better). There reason for adjusting the trees is to highlight the silhouette of a person standing near it. The head is one of the most identifiable features on a human silhouette. This coupled with improved lighting makes it much harder for someone to conceal themselves around a building.
From there is becomes possible to use landscaping for "wayfinding" or assisting persons to remain on the proper path. Shrubs and trees can help guide people without the use of fencing, bollards or chains. It looks nicer, costs less over time, and can be just as effective. For instance, if folks like to "cut across" the lawn on their way to a nearby attraction then a row of shrubs can help deter this behavior. Again the shrubs can be kept relatively low and the height can be compensated with depth. While it might be easy to just over an 18" high row of shrubs, it is much more difficult to do the same for a row that is, say, four or five feet deep. Different types of shrubs can add color and texture for visual appeal while making it uncomfortable to force passage. Some shrubs are particularly adept had creating a sort of "tanglefoot" entrapment that is difficult (or even treacherous) and uncomfortable to pass through. Here again, lighting can help enhance the shrubbery by lighting the path around the plants to further assist in guiding individuals.
There. A couple of quick thoughts on the uses of landscaping in security.
So here are a few basics for incorporating security functions into your landscaping.
The most important bit has to do with Natural Surveillance, or making sure that everyone is able to see the goings on in a given area. To do this keep shrubs relatively low, particularly closer to the building, to reduce potential areas of concealment. Then keep trees high, or "canopy" them, with the lowest branches somewhere above five feet (six is event better). There reason for adjusting the trees is to highlight the silhouette of a person standing near it. The head is one of the most identifiable features on a human silhouette. This coupled with improved lighting makes it much harder for someone to conceal themselves around a building.
From there is becomes possible to use landscaping for "wayfinding" or assisting persons to remain on the proper path. Shrubs and trees can help guide people without the use of fencing, bollards or chains. It looks nicer, costs less over time, and can be just as effective. For instance, if folks like to "cut across" the lawn on their way to a nearby attraction then a row of shrubs can help deter this behavior. Again the shrubs can be kept relatively low and the height can be compensated with depth. While it might be easy to just over an 18" high row of shrubs, it is much more difficult to do the same for a row that is, say, four or five feet deep. Different types of shrubs can add color and texture for visual appeal while making it uncomfortable to force passage. Some shrubs are particularly adept had creating a sort of "tanglefoot" entrapment that is difficult (or even treacherous) and uncomfortable to pass through. Here again, lighting can help enhance the shrubbery by lighting the path around the plants to further assist in guiding individuals.
There. A couple of quick thoughts on the uses of landscaping in security.
Wednesday, October 11, 2006
Managing vandalism - Part II: an alternate approach
Although it may be well past the original event discussed in this series of postings, vandalism to Houses of Worship continues unabated throughout the world. This article is a bit more recent but similar acts occur nearly every day (or night depending on how you look at it).
I have received much feedback from some very vocal peers with a different view on how to respond to such vandalism. Their approach is certainly valid and is, and has been, used many times in many communities - successfully. So here is an alternate response:
As discussed in the previous post you must do a little leg work in advance, but if you don't you will simply have to do it on the fly afterwards. Get a feel for how long it may take to discover vandalism. Keep in mind that I am speaking of prominent vandalism not so much something small in an out of the way place. I mean the sensational stuff that the passing public will see. Will you be aware of it in an hour, a day, or longer?
Then discuss with your local law enforcement what steps they will take once the event is reported. Build your actions around their response. It's just easier that way. Given that your organization is probably a little more agile than the local government (but not always).
The real divergence in this alternate approach is when the vandalism is removed. In this scenario, rather than hiding the damage, covering it up, cleaning in expeditiously, it is used for public relations and awareness.
Organize a press conference with the local media. Include whichever partners may be most appropriate: the local police chief, prosecutor, mayor, or council members. The press conference becomes a time to speak out say that you are not afraid or ashamed. And to discuss how long the vandalism will remain as a symbol of defiance. Follow-up coverage should be arranged with local media to keep this thought fresh in the public mind and additional awareness activities may be planned as well.
Regardless of which approach might be used, or any method for that matter, it is without a doubt important to plan your actions. Even if this planning is done for just a few minutes after an event. Take the time to think through your actions. What is it you wish to accomplish and why. Then act accordingly with those goals. A few minutes of preparation can prevent embarrassment, annoyance, and further hurt from the event.
Good luck.
I have received much feedback from some very vocal peers with a different view on how to respond to such vandalism. Their approach is certainly valid and is, and has been, used many times in many communities - successfully. So here is an alternate response:
As discussed in the previous post you must do a little leg work in advance, but if you don't you will simply have to do it on the fly afterwards. Get a feel for how long it may take to discover vandalism. Keep in mind that I am speaking of prominent vandalism not so much something small in an out of the way place. I mean the sensational stuff that the passing public will see. Will you be aware of it in an hour, a day, or longer?
Then discuss with your local law enforcement what steps they will take once the event is reported. Build your actions around their response. It's just easier that way. Given that your organization is probably a little more agile than the local government (but not always).
The real divergence in this alternate approach is when the vandalism is removed. In this scenario, rather than hiding the damage, covering it up, cleaning in expeditiously, it is used for public relations and awareness.
Organize a press conference with the local media. Include whichever partners may be most appropriate: the local police chief, prosecutor, mayor, or council members. The press conference becomes a time to speak out say that you are not afraid or ashamed. And to discuss how long the vandalism will remain as a symbol of defiance. Follow-up coverage should be arranged with local media to keep this thought fresh in the public mind and additional awareness activities may be planned as well.
Regardless of which approach might be used, or any method for that matter, it is without a doubt important to plan your actions. Even if this planning is done for just a few minutes after an event. Take the time to think through your actions. What is it you wish to accomplish and why. Then act accordingly with those goals. A few minutes of preparation can prevent embarrassment, annoyance, and further hurt from the event.
Good luck.
Monday, August 21, 2006
More on your home computer
Here is a link to some sound advice on securing your home computer from the folks over at CERT at Carnegie Mellon.
Sorry folks there just wasn't much more to say about this one.
Sorry folks there just wasn't much more to say about this one.
Thursday, August 17, 2006
Personal Firewalls
This article on Personal Firewalls does a really nice job of discussing the "long and the short of it."
Firewalls are a necessity, period (fullstop for those speaking the Queen's English). Folks in the security industry often speak of "Defense in Depth." In other words, you don't put everything you have in place, much like the French did prior to WWII with the Maginot Line. This incredible fortress was bypassed by the Germans, making it useless to the defense of France. Unfortunate for their history and disasterous for your data if you try it on your home computer or home network.
However, that is exactly what most folks do when they only use Anti-virus protection. And it some ways it is similar to using the same vendor for all phases of your defense. Many folks use the all-in-one packages (firewall, anti-virus, anti-spyware) from the major vendors like McAfee or Norton, but again all of the muscle is in one product. And that puts all the work on the processor of one computer as well.
My thoughts on this are simple for those with broadband internet access. Start with a hardware firewall (perimeter firewall). It's a box that is physically between your cable/DSL modem and your computer. There are several brands such as Netgear. Now do you need all the muscle it offers? Probably not, but for about $100 why not add that extra layer of protection. With this the work of your software protection products is a little less intensive. It only needs to focus on everything that gets by the hardware firewall.
Think of it this way. You keep the front door of your house open so you can speak with your neighbor across the street. Bugs tend to fly through the door and you have to spend a bunch of time and effort with a flyswatter getting rid of them. Then you install a screen door and you only have to open your door once in awhile, so your "flyswatter time" is reduced.
It think that might be enough today.
Firewalls are a necessity, period (fullstop for those speaking the Queen's English). Folks in the security industry often speak of "Defense in Depth." In other words, you don't put everything you have in place, much like the French did prior to WWII with the Maginot Line. This incredible fortress was bypassed by the Germans, making it useless to the defense of France. Unfortunate for their history and disasterous for your data if you try it on your home computer or home network.
However, that is exactly what most folks do when they only use Anti-virus protection. And it some ways it is similar to using the same vendor for all phases of your defense. Many folks use the all-in-one packages (firewall, anti-virus, anti-spyware) from the major vendors like McAfee or Norton, but again all of the muscle is in one product. And that puts all the work on the processor of one computer as well.
My thoughts on this are simple for those with broadband internet access. Start with a hardware firewall (perimeter firewall). It's a box that is physically between your cable/DSL modem and your computer. There are several brands such as Netgear. Now do you need all the muscle it offers? Probably not, but for about $100 why not add that extra layer of protection. With this the work of your software protection products is a little less intensive. It only needs to focus on everything that gets by the hardware firewall.
Think of it this way. You keep the front door of your house open so you can speak with your neighbor across the street. Bugs tend to fly through the door and you have to spend a bunch of time and effort with a flyswatter getting rid of them. Then you install a screen door and you only have to open your door once in awhile, so your "flyswatter time" is reduced.
It think that might be enough today.
Liquid explosives? And what it means for the rest of us...
What does all this mean for everyday life? Well, it's sort of the same situation as 9/10 syndrome. The only thing that's different between today and "yesterday" is how we perceive the situation. Liquid components for explosives have been a concept for a long time; I even knew some folks in high school that toyed with them.
The difference is that we are reacting to it now. Here's the deal on flying and I don't intend this to sound like a bunch of false bravado.
Whether or not someone sneaks a bomb onto a plane is generally out of your (and my) control. Simply stay alert and help where and when you can. If all you can do is calm others that are interfering with any response then do it. Rick Rescorla did much more than this on 9/11 and he exemplifies what the security professional, but the one thing that everyone that walked past him keeps stating in interviews was his calm and his efforts to keep everyone else calm as they evacuated.
So do what you can, when you can, but remember that very little has changed since the day before the announcement, except maybe your perception.
The difference is that we are reacting to it now. Here's the deal on flying and I don't intend this to sound like a bunch of false bravado.
Whether or not someone sneaks a bomb onto a plane is generally out of your (and my) control. Simply stay alert and help where and when you can. If all you can do is calm others that are interfering with any response then do it. Rick Rescorla did much more than this on 9/11 and he exemplifies what the security professional, but the one thing that everyone that walked past him keeps stating in interviews was his calm and his efforts to keep everyone else calm as they evacuated.
So do what you can, when you can, but remember that very little has changed since the day before the announcement, except maybe your perception.
Tuesday, August 15, 2006
A short hiatus
Sorry for the break folks, I have recently moved to Washington State for a new opportunity. Just a short move across the entire U.S. from one Washington to another.
I plan on being just a tad more regular here in the near future.
I plan on being just a tad more regular here in the near future.
Friday, March 3, 2006
SHAC six found guilty on ALL counts!!!
I'll get links to articles up soon, but in the meantime just know that the federal jury in Trenton, New Jersey found Kevin Kjonas and the rest guilty of terrorism under the Animal Enterprise Act.
This is exceptional news and it means that it may become just a tad easier to defend your organization from such attacks.
Here is a short list of SHAC's tactics:
So, if your organization has done business with HLS in the past, is involved in any sort of animal testing in particular, or other uses of animals targeted by the Animal Rights movement it would be prudent to be prepared for random retaliatory actions.
This is exceptional news and it means that it may become just a tad easier to defend your organization from such attacks.
Here is a short list of SHAC's tactics:
- Posting executive and employee information on the web. This information sometimes went so far as to show what schools the executive's children attended. Not that it makes any difference, this was not just information about HLS employees but also that of other companies that did business with HLS.
- Home protests - that's right they would visit an employee's home and protest outside with graphic signs. They might also canvass the neighborhood to inform their neighbors of the "horrible" things their neighbor was involved in.
- Telephone campaigns - companies were inundated with phone calls that amounted to little more than denial of service attacks.
- Others limited only by creativity...
- Vandalizing employee homes and cars - throwing paint on the houses and using etching acid to write on house and car windows. They would also use paint stripper to write in the paint on cars.
- Booby-trapped letters were mailed to some executives - not explosives but razorblades.
- Threatening phone calls, letters, emails and the like.
- At least one denial of service attack on a bank.
- Vandalizing the Marsh offices.
- And let's not forget the Chiron and Shaklee bombings in California.
- This is just the short list.
So, if your organization has done business with HLS in the past, is involved in any sort of animal testing in particular, or other uses of animals targeted by the Animal Rights movement it would be prudent to be prepared for random retaliatory actions.
Tuesday, February 28, 2006
More thoughts on your home network
Here's a news story that you probably won't find as a headline, because it happens all too often... My friends house was burglarized and among his losses - possibly the least of his concerns - were his computers.
So we chatted a good bit about it and I got a little food for thought as well.
First, was the question how anyone would know that he had computers in the first place. Anyone? Anyone? Here are three quick possibilities:
So what are some solutions?
As for the laptop cases, there are some designer bags that don't "have the look," but they're pricey. I'm pretty cheap so my solution involves my favorite daybag (book backpack) and a bit of swag from my buddy at Cisco. For you, just find a bag or briefcase that you like and works for you. Then get a padded carrier for the laptop and put in inside your bag/briefcase. It may not be pretty, unless you put some time into it, but it works nicely. I like it for airports and other public places. No one would ever put a laptop in my ratty old backpack, so no one gives it a second look.
The windows problem should be pretty easy. If not, you have much larger problems. And if you problems are much larger, like you have a server rack in your kitchen, then it's time to get creative with your window treatments. Possibly frosting the lower half of window will prevent casual observation.
Wireless networks are a problem - and one that just won't go away. Most folks look at this issue in terms of encrypting data and the like. The focus is on a hacker, not a burglar. So you can turn off your SSID Broadcast to make it a little harder form someone to find your network. This has little benefit and does create some headache. While it makes the network stop broadcasting "its name" it still has to transmit the data and you must "tell" your computer the name of the wireless network it is looking for before it can get access. Keep in mind that someone with moderate skill will be able to find your network, sniff all you packets, crack you encryption and get onto your network. It's coming, but right now the average burglar probably isn't going through this trouble. If he/she did they probably wouldn't enter your home since they could steal your data remotely. So consider lowering the profile of your wireless network. Turn it off when out of the house. Turn off the SSID. Turn on the MAC filter - again, this has limited benefit with additional headache. Oh, and I should not have to mention this, but make sure you change the password to your router.
I'll stop this here, but don't worry this topic will come up often I'm sure.
So we chatted a good bit about it and I got a little food for thought as well.
First, was the question how anyone would know that he had computers in the first place. Anyone? Anyone? Here are three quick possibilities:
- The comings/goings of persons with "laptop cases" - we all know what they look like and it's pretty unavoidable.
- Looking into the windows of the house. How many of us actually try to conceal our computers from the windows? Afterall, they're so common.
- Wireless networks. That's it. Anyone with a laptop running XP that turns it on will see the network listed, unless....
So what are some solutions?
As for the laptop cases, there are some designer bags that don't "have the look," but they're pricey. I'm pretty cheap so my solution involves my favorite daybag (book backpack) and a bit of swag from my buddy at Cisco. For you, just find a bag or briefcase that you like and works for you. Then get a padded carrier for the laptop and put in inside your bag/briefcase. It may not be pretty, unless you put some time into it, but it works nicely. I like it for airports and other public places. No one would ever put a laptop in my ratty old backpack, so no one gives it a second look.
The windows problem should be pretty easy. If not, you have much larger problems. And if you problems are much larger, like you have a server rack in your kitchen, then it's time to get creative with your window treatments. Possibly frosting the lower half of window will prevent casual observation.
Wireless networks are a problem - and one that just won't go away. Most folks look at this issue in terms of encrypting data and the like. The focus is on a hacker, not a burglar. So you can turn off your SSID Broadcast to make it a little harder form someone to find your network. This has little benefit and does create some headache. While it makes the network stop broadcasting "its name" it still has to transmit the data and you must "tell" your computer the name of the wireless network it is looking for before it can get access. Keep in mind that someone with moderate skill will be able to find your network, sniff all you packets, crack you encryption and get onto your network. It's coming, but right now the average burglar probably isn't going through this trouble. If he/she did they probably wouldn't enter your home since they could steal your data remotely. So consider lowering the profile of your wireless network. Turn it off when out of the house. Turn off the SSID. Turn on the MAC filter - again, this has limited benefit with additional headache. Oh, and I should not have to mention this, but make sure you change the password to your router.
I'll stop this here, but don't worry this topic will come up often I'm sure.
Friday, February 3, 2006
You Network, Your Computer - protect it.
I know I'm a little late on this topic, but I'm really not just writing about this new threat.
There are three things that everyone should have in place on their home network.
The firewall is a tool for separating networks. Think of it more as a doorman than a wall. I think the tech guys just thought firewall sounded better in the beginning. The doorman or receptionist's job is to keep the wrong visitors out and admit the right ones. It's not perfect and there are ways to get around it. The most common is when traffic is initiated from the inside. Like when I send you an email with a link to a website; that you dutifully click on. This tells the firewall that you wanted the communication in the first place. That is one way to get the bad stuff past the firewall - it's not foolproof. The better firewalls are on the lookout for bad data trying to get through.
It is ideal to have a firewall on your network; that is at the point of origin in your house (by the cable or DSL modem). It should be an appliance - a physical box separate from your computer. It will handle the bulk of the work and screen all sorts of bad stuff.
It is also ideal to have a software firewall on your computer - desktop or laptop. This does not need to be some robust system like Norton Internet Security because your appliance is carrying the bulk of the workload. This firewall gives you more control over who your computer tries to contact - outbound traffic. On a laptop this is an essential tool if you ever connect to public networks where such a lightweight firewall prevents many disasters. This local firewall let's you more easily keep those programs you just installed from reaching out to the web - ah you didn't know they did that, huh. Remember though, the more robust (read powerful) this firewall is the more of your computer's resources it will consume; which means slower downloads, graphics processing, etc.
Anti-virus software is like the linebacker behind the firewall. It prowls around and makes sure that anything that gets through gets special attention. It also fills the role of a free safety by making sure that everthing crossing the line is covered. In other words - for the non-football minded - this software makes sure that the code (program) that is malicious is not able to install or run. How it does this is not really important here; what is important is having it installed and running ALL THE TIME!
Anti-spyware is still evolving and is useful for preventing some of the methods used for tracking your activity on the computer. Try a few like Spybot, Adaware, Microsoft, and the others; then see which combination is best for you since none get everything.
When it doubt... Google the application that is trying to reach the web, or the term you do not understand. Google and Wikipedia are your friend and partner on this and will help choose the right programs to deny access to the web.
That's the quick and dirty. For more advice, send an email.
There are three things that everyone should have in place on their home network.
- A firewall
- Anti-virus Software
- Anti-spyware Software
The firewall is a tool for separating networks. Think of it more as a doorman than a wall. I think the tech guys just thought firewall sounded better in the beginning. The doorman or receptionist's job is to keep the wrong visitors out and admit the right ones. It's not perfect and there are ways to get around it. The most common is when traffic is initiated from the inside. Like when I send you an email with a link to a website; that you dutifully click on. This tells the firewall that you wanted the communication in the first place. That is one way to get the bad stuff past the firewall - it's not foolproof. The better firewalls are on the lookout for bad data trying to get through.
It is ideal to have a firewall on your network; that is at the point of origin in your house (by the cable or DSL modem). It should be an appliance - a physical box separate from your computer. It will handle the bulk of the work and screen all sorts of bad stuff.
It is also ideal to have a software firewall on your computer - desktop or laptop. This does not need to be some robust system like Norton Internet Security because your appliance is carrying the bulk of the workload. This firewall gives you more control over who your computer tries to contact - outbound traffic. On a laptop this is an essential tool if you ever connect to public networks where such a lightweight firewall prevents many disasters. This local firewall let's you more easily keep those programs you just installed from reaching out to the web - ah you didn't know they did that, huh. Remember though, the more robust (read powerful) this firewall is the more of your computer's resources it will consume; which means slower downloads, graphics processing, etc.
Anti-virus software is like the linebacker behind the firewall. It prowls around and makes sure that anything that gets through gets special attention. It also fills the role of a free safety by making sure that everthing crossing the line is covered. In other words - for the non-football minded - this software makes sure that the code (program) that is malicious is not able to install or run. How it does this is not really important here; what is important is having it installed and running ALL THE TIME!
Anti-spyware is still evolving and is useful for preventing some of the methods used for tracking your activity on the computer. Try a few like Spybot, Adaware, Microsoft, and the others; then see which combination is best for you since none get everything.
When it doubt... Google the application that is trying to reach the web, or the term you do not understand. Google and Wikipedia are your friend and partner on this and will help choose the right programs to deny access to the web.
That's the quick and dirty. For more advice, send an email.
The Ineffective Risk Manager - A Comedy or maybe a tragedy
This in from a close friend. It took awhile to stop laughing.
So museums, like other firms, high these folks called Risk Managers. Otherwise they have security or safety professionals that fill this role, and sometimes they just have to rely on an operations manager to do this job. Well here's the result when no one is observing the environment with an objective eye and taking appropriate actions to safeguard the assets.
And here is the asinine comment of the day:
"Whilst the method of displaying objects is always under review, it is important not to over-react and make the museum's collections less accessible to the visiting public," he added in a statement."
Wrong! Assets like these - that is IRREPLACEABLE - must be less accessible to the public. That doesn't mean they need to be hidden either, but some sort of barrier should prevent destructive unauthorized access.
Let's face it, it's not like these can be replaced. The insurance carrier MIGHT pay a claim, and right there is a problem. The carrier should have dictated specific safeguards to be used in the display of the asset, otherwise no claim check. But even with the money the museum is out the vases, out the exhibit, and out the patronage that the vases drew. They were a key exhibit, why weren't they protected?
The priceless vases, dating from the late 17th or early 18th century, were donated to the museum in 1948 and have become one of its most recognizable exhibits.
And here's the absolute funniest quote from the article:
Shocked but determined museum staff members have vowed to glue the shards back together again.
I guess they were all absent the day that the whole Humpty Dumpty fairytale was covered.
Here's the moral of the story... Take a step back; look at your facility; know your organization's mission; then ask what if, what if, what if, and don't stop asking until the day you retire.
So museums, like other firms, high these folks called Risk Managers. Otherwise they have security or safety professionals that fill this role, and sometimes they just have to rely on an operations manager to do this job. Well here's the result when no one is observing the environment with an objective eye and taking appropriate actions to safeguard the assets.
And here is the asinine comment of the day:
"Whilst the method of displaying objects is always under review, it is important not to over-react and make the museum's collections less accessible to the visiting public," he added in a statement."
Wrong! Assets like these - that is IRREPLACEABLE - must be less accessible to the public. That doesn't mean they need to be hidden either, but some sort of barrier should prevent destructive unauthorized access.
Let's face it, it's not like these can be replaced. The insurance carrier MIGHT pay a claim, and right there is a problem. The carrier should have dictated specific safeguards to be used in the display of the asset, otherwise no claim check. But even with the money the museum is out the vases, out the exhibit, and out the patronage that the vases drew. They were a key exhibit, why weren't they protected?
The priceless vases, dating from the late 17th or early 18th century, were donated to the museum in 1948 and have become one of its most recognizable exhibits.
And here's the absolute funniest quote from the article:
Shocked but determined museum staff members have vowed to glue the shards back together again.
I guess they were all absent the day that the whole Humpty Dumpty fairytale was covered.
Here's the moral of the story... Take a step back; look at your facility; know your organization's mission; then ask what if, what if, what if, and don't stop asking until the day you retire.
Tuesday, January 17, 2006
Interesting vulnerability for Laptops with Microsoft OS
Here is a nice little article concerning a vulnerability for laptops operating with Microsoft operating systems (as if there are all that many laptops not using windows). However the news is not bleak, and for those of you that know me personally, I've been talking about the countermeasures for a long time anyway. But here's the problem...
I don't know why everyone with a wireless enabled laptop doesn't have a firewall or routinely disable the wireless antenna. These two simple countermeasures are useful for other important reasons. First, disabling the antenna will help conserve battery life. Oh, you say you're plugged in so battery life isn't an issue. So what! Why would you have the antenna turned on if you don't need to? It's sort of like leaving a door open to your house - why do it if you really don't need to. And the firewall is like a screen door on the house. It lets you know when people are trying to get in and lets the legitimate "air" through. It's not foolproof but it's a very nice tool. Firewalls now have gotten more user friendly and are pretty lightweight in terms of consuming system resources. Granted with the antenna turned off you really don't need an active firewall, but it's not that big a deal to leave it up.
The author of the article notes that his firewall had to be disabled for the vulnerability to be properly exploited. So keep the firewall up and pay attention to any notifications that the firewall might provide for attempts at accessing your system. So just turn off the antenna if you don't need it and use a firewall. There's one bundled with the Microsoft operating system and there are free applications available on the web. You may not need a "big honkin'" firewall, just one that restricts access effectively.
Rob
/
I don't know why everyone with a wireless enabled laptop doesn't have a firewall or routinely disable the wireless antenna. These two simple countermeasures are useful for other important reasons. First, disabling the antenna will help conserve battery life. Oh, you say you're plugged in so battery life isn't an issue. So what! Why would you have the antenna turned on if you don't need to? It's sort of like leaving a door open to your house - why do it if you really don't need to. And the firewall is like a screen door on the house. It lets you know when people are trying to get in and lets the legitimate "air" through. It's not foolproof but it's a very nice tool. Firewalls now have gotten more user friendly and are pretty lightweight in terms of consuming system resources. Granted with the antenna turned off you really don't need an active firewall, but it's not that big a deal to leave it up.
The author of the article notes that his firewall had to be disabled for the vulnerability to be properly exploited. So keep the firewall up and pay attention to any notifications that the firewall might provide for attempts at accessing your system. So just turn off the antenna if you don't need it and use a firewall. There's one bundled with the Microsoft operating system and there are free applications available on the web. You may not need a "big honkin'" firewall, just one that restricts access effectively.
Rob
/
Wednesday, January 11, 2006
Managing vandalism - Part II (The Response)
Let's continue on and briefly discuss responding to vandalism and managing the successful attack. Once again, this has been spurred by this recent article about events near my home revisits just how hard it can be to prevent and manage vandalism.
Once a vandal, or vandals, have successfully attacked your facility what do you do? How long will it be before it is discovered and reported? What will the police want to do and how long will it take?
First make sure that you conduct some sort of liaison with your community police officer (by whatever name this position goes by in your local department) and learn how they will respond along with a "scientifically estimated wild guess" about how long their process will take to process the crime scene. Why? Because you want the greatest amount of time to reverse the efforts of the vandal before the general public gets a glimpse. Why? Because this has two effects: one it negates the effort of the bad guy and is a symbol of defiance, and two it helps to prevent any negative press that may come from the attack. What I mean by that is the willingness of the media - and this is not an attack on their activities - to begin digging and reporting on hate groups; and possibly giving them "face time" or printing their views. Why should your loss contribute to the publicity of those that work to destroy your organization.
With that said a quick step back to the previous post... You should create the opportunity to, if not prevent the attack, identify it as early as possible - so maybe patrols every two or three hours after nightfall. This might provide a large enough window to eliminate the value of the attack. This may further work as a deterrent to future efforts because they just didn't get anything out of their efforts - which may be referred to as a "benefit denial" strategy.
But let's assume that the attack has been discovered and the police notified. What should you do? First secure the scene. Keep everyone away from anything that may have value, like footprints, trash in trash cans, tire tracks, glass shards, and so on. It's perfectly acceptable, and in my opinion essential, to begin taking pictures now and keep taking them until the clean up it complete. This is useful for insurance purposes and for documenting the effort necessary to clean up the attack. Some of these may be useful when giving presentations to the local government and petition for better policing (manpower increases, enhanced patrols, etc.) or in developing anti-hate programs. You just can't go wrong with the pictures. I'd also encourage anyone to treat these like evidence and control the camera, any picture or film processing, and the pictures themselves. Also keep the rolls of film "clean" or don't mix pictures of none related activities with the attack.
Now that the police are gone you have to get rid of the mess. The purpose of this is to reduce the value that the attacker's efforts, not because of shame or other internal concerns. This is important to communicate to your members. You must not be ashamed - you did not commit the attack, you did not ask to have it committed. Cleaning up becomes an act of defiance. It is an act that is imminently more efficient if you have materials on-hand. Keep paint, sanders and sandpaper, boards for windows, tools, and the like availabe in moderate supply. More can be obtained on relatively short notice, but you should have enough to get started.
Determine in advance how you will respond to media inquiries for vandalism, then tailor your plan accordingly. Do you denounce the action, express forgiveness, seek punishment... Decide in advance when the emotions are not quite as strong. This first message after an attack may be crucial to how your congregation is portrayed in the media and in the community.
Just one last word... The goal is to prevent and not respond, but make sure that your response is planned in advance. Emotions can cause kneejerk reactions that are more detrimental than helpful, so plan your response and respond with your plan.
Rob
/
Once a vandal, or vandals, have successfully attacked your facility what do you do? How long will it be before it is discovered and reported? What will the police want to do and how long will it take?
First make sure that you conduct some sort of liaison with your community police officer (by whatever name this position goes by in your local department) and learn how they will respond along with a "scientifically estimated wild guess" about how long their process will take to process the crime scene. Why? Because you want the greatest amount of time to reverse the efforts of the vandal before the general public gets a glimpse. Why? Because this has two effects: one it negates the effort of the bad guy and is a symbol of defiance, and two it helps to prevent any negative press that may come from the attack. What I mean by that is the willingness of the media - and this is not an attack on their activities - to begin digging and reporting on hate groups; and possibly giving them "face time" or printing their views. Why should your loss contribute to the publicity of those that work to destroy your organization.
With that said a quick step back to the previous post... You should create the opportunity to, if not prevent the attack, identify it as early as possible - so maybe patrols every two or three hours after nightfall. This might provide a large enough window to eliminate the value of the attack. This may further work as a deterrent to future efforts because they just didn't get anything out of their efforts - which may be referred to as a "benefit denial" strategy.
But let's assume that the attack has been discovered and the police notified. What should you do? First secure the scene. Keep everyone away from anything that may have value, like footprints, trash in trash cans, tire tracks, glass shards, and so on. It's perfectly acceptable, and in my opinion essential, to begin taking pictures now and keep taking them until the clean up it complete. This is useful for insurance purposes and for documenting the effort necessary to clean up the attack. Some of these may be useful when giving presentations to the local government and petition for better policing (manpower increases, enhanced patrols, etc.) or in developing anti-hate programs. You just can't go wrong with the pictures. I'd also encourage anyone to treat these like evidence and control the camera, any picture or film processing, and the pictures themselves. Also keep the rolls of film "clean" or don't mix pictures of none related activities with the attack.
Now that the police are gone you have to get rid of the mess. The purpose of this is to reduce the value that the attacker's efforts, not because of shame or other internal concerns. This is important to communicate to your members. You must not be ashamed - you did not commit the attack, you did not ask to have it committed. Cleaning up becomes an act of defiance. It is an act that is imminently more efficient if you have materials on-hand. Keep paint, sanders and sandpaper, boards for windows, tools, and the like availabe in moderate supply. More can be obtained on relatively short notice, but you should have enough to get started.
Determine in advance how you will respond to media inquiries for vandalism, then tailor your plan accordingly. Do you denounce the action, express forgiveness, seek punishment... Decide in advance when the emotions are not quite as strong. This first message after an attack may be crucial to how your congregation is portrayed in the media and in the community.
Just one last word... The goal is to prevent and not respond, but make sure that your response is planned in advance. Emotions can cause kneejerk reactions that are more detrimental than helpful, so plan your response and respond with your plan.
Rob
/
Subscribe to:
Posts (Atom)