Unruly USB: Devices Expose Networks to Malware

The news today is chock full of stories about sensitive information being carried out the institutional perimeter on ‘simple’ USB devices. These powerful portable drives rightfully worry IT as a means for devastating data loss at the hands of malicious insiders. But it’s pretty easy for organizations to get so wrapped up about what goes out on USB drives that they forget to protect against what comes in their environments via 
USB.And with attacks inflicting increasingly greater damage following uncontrolled connection, it’s time that organizations got serious about this threat.Recently the US Army admitted that an infected USB stick was responsible for causing one of the biggest cybersecurity breaches in military history.

In order to keep organizations secure from threats, IT departments must bring greater scrutiny and control over how the network is exposed to potentially infected portable payloads.  But let’s get real: they can’t do so by gluing USB ports shut. Portable devices as business tools are here to stay. IT leaders who refuse to recognize that fact will be seen throughout their organizations as inhibitors to success. The key to USB 
security is balancing productivity with protection. 
It’s Not Just USB

While we’ve focused much of our attention on the ubiquitous USB flash drive, organizations need to 
think about threats that extend from all forms of removable media in use today. These include:
» CD drives
» DVD drives
» Blu-ray drives 
» FireWire 
» eSATA connected devices
» Consumer products such as picture frames

Evolution of USB as an Attack Vector

The more users depend on USB and portable devices to store and move data, the more tantalizing a target these devices become for hackers looking for an easy way to infect a large number of machines. And as the USB format becomes more complex with a greater number of features to exploit, the bad guys are finding increasingly creative ways to use USB against their victims.
USB Security Best Practices

So what exactly does it take to change our trust models? It starts with smart policy development. 
Some key policies that organizations should consider to reduce their risks right off the bat include:
» Ensuring common PC and laptop configurations have AutoRun features disabled, limiting the efficacy of USB malware that depends on this feature to run and to propagate.
» Requiring timely installation of security updates 
In order to minimize the risk of USB-borne malware taking advantage of unpatched endpoint vulnerabilities.
» Limiting access of USB and portable devices to registered devices only, enabling better control over who, when and how devices are being utilized.
» Preventing the initiation of some or all executables from portable devices, blocking malware from running in the first place.
» Requiring strong passwords (and not allowing the use of default passwords) throughout your infrastructure to prevent worms such as Stuxnet from working their way further into systems.
» Requiring proper, up-to-date AV and firewall usage to prevent malware from gaining a foothold within the endpoint and spreading to other systems in the network.
Enforcement: Putting Teeth in Policies

By enforcing usage policies for removable devices such as USB flash drives and other removable media such as CDs / DVDs, you can control the flow of inbound and outbound data from your endpoints. 
Devices that are not authorized should simply not be allowed to execute. Ideally, organizations should look for tools and develop processes that enable them to quickly establish and enforce device control policies as simply and as methodically as possible. Policies should be manageable by user or user group as well as by computer, and organizations should look for capabilities that enable user groups to be immediately associated with devices “on-the-fly.” The goal is to dramatically simplify the management of endpoint device resources through improved tracking of who, when and how devices are being used. By validating removable devices as they are used within the enterprise, you can prevent malware from being introduced into the network. This includes assigning permissions for authorized removable devices and media to individual users or user groups and controlling the uploading of unknown or unwanted files from removable devices.
By developing policies and implementing solutions that enable a more flexible but easily trackable 
environment, IT departments become partners in security and business success rather than technology mall 


cops to be disregarded at all costs. Enterprises with such forward-looking technology decision-makers will 
gain a decisive productivity advantage while protecting their organizational endpoints.

Customer Service Management

The explosion of social media has changed the business-to-consumer landscape. A couple of points will elucidate this fact. 34% bloggers post opinions on brands and products on their blogs and 78% consumers believe them. It’s a fact that Facebook knows more about your customers than you do.
So, what are you doing about it? If customers are talking about your brand on social networks, shouldn’t you be listening to them carefully?

Customer support management in the new age is all about being proactive and creating cases for quick resolve. There are four clear steps for proactive online social customer support.

1. Keep an ear to the ground and listen to what they say and wherever they say.
2. Address customer’s problems using data captured and collected through various sources and analyze it using data analytics technique. Salesforce.com CRM provides resources like dashboards and real time service reports which provide these insights.
3. Relate if the problem is regarding the product, service or end user support.
4. Act, if possibly, real time and through the social networking medium of the customer’s preference.

Benefits

• Track customer satisfaction in real time in order to address problems immediately and enable better customer retention
• Provide support teams anytime, anywhere access to customer information—ideal for remote support employees
• Link sales, service and fulfillment organizations to drive more revenue
• Accelerate case resolution times by providing support reps with complete customer visibility
• Increase response accuracy and reduce response times with an integrated knowledge base
• Use case escalation rules to ensure that your most valued customers always receive the proper levels of support

  Key Features

  • Case Management

    • Cut costs and improve workflow by automating the business processes associated with customer support case assignment, management and escalation
    • Route cases intelligently, enabling fast, efficient prioritization
    • Respond to customer cases across a variety of mediums, including e-mail, phone and fax
    • Log and analyze e-mail communications in order to better serve current and future customers
    • Route and track support cases according to product, issue, case type, partner or customer, giving customers a specialist in each area to address their concerns
    • Enable online case creation and self-service case updates.

  • Knowledge Base Software

    • Build an effective online knowledge base to help customers get the answers they need, when they need them
    • Give customers and partners 24/7 access to customer service at a much lower cost than staffing your phone lines around the clock
    • Organize and publish information into different types and levels of topics and solutions
    • Give service reps access to a complete knowledge base, enabling them to respond faster to customer issues and reducing the learning curve when bringing on new reps.

  • Customer Portal

    • Give customers real-time access to such data as order status, order status tracking and return authorizations
    • Drive more return visits and greater customer loyalty
    • Give customers the ability to enter trouble tickets online 
    • Customize content to create a true one-to-one marketing platform, letting you publish information to specific prospects, customers or entire groups.

  • Time Tracking

    • Automate and streamline the time tracking process, consolidating it quickly for reporting and billing
    • Keep accurate customer records by managing time within your CRM system rather than in separate systems
    • Get complete visibility into how your service and support teams are apportioning their time
    • Track time more accurately and use real-time metrics to improve time management practices.

E-Learning- Is it a substitute?

With the rapid pace of technological advancements, the field of education also could not remain untouched and unaffected. The technology had cast a revolutionary impact on the way education could be imparted and also made available to the millions of students across the globe.

E learning is considered the next big revolution and IT holds a big promise in the way education can be made available to a large number people, thereby overcoming the barriers of language, nationality, distance and time.

With better study material, better teaching techniques, efficient and cost effective means of imparting education, e learning is fast catching pace. More and more nations are investing in technology to significantly increase the rate of Literacy and provide more avenues to people to enhance the knowledge base and skill sets. IT companies are investing in softwares and more and more focus is given to make people competent to learn the basics of computers and harness the benefits of IT.

E learning no doubt has been fast catching pace with growing sections of society but my opinion is that the real time class room education can never be substituted with e learning. The one to one interaction with the teacher and interactive class room sessions with peers, go way beyond in influencing the over all growth and development of an individual. The chanellizing of ideas and direction given by a teacher is incomparable to any IT solution that can be provided. Even in the words of Henry Brooks Adams- A teacher affects eternity; he can never tell, where his influence stops.The type of atmosphere that is provided by the regular teaching and the exchange of ideas and inculcation of values and team work that happen, go way beyond in shaping the personality and intellect of a person.

In my opinion e learning can be a supplement to teaching and to an extent, a necessity for the ones for whom education is a distant dream, but it can never be a substitute for regular education. Some argue that present day teaching is below standards and class room sessions are boring, but this does not effectively substantiate the argument in favor of IT learning.Even today the very first option should always be regular class room teaching and efforts should be made to improve the standards of teaching.

Desktop virtualization

Desktop virtualization (sometimes called client virtualization), as a concept, separates a personal computer desktop environment from a physical machine using a client–server model of computing. The model stores the resulting "virtualized" desktop on a remote central server, instead of on the local storage of a remote client; thus, when users work from their remote desktop client, all of the programs, applications, processes, and data used are kept and run centrally. This scenario allows users to access their desktops on any capable device, such as a traditional personal computer, notebook computer, smart phone, or thin client. In simple terms, virtual machines are running on the server (for each client) and clients can connect to their "computers" using remote desktop software.
Virtual desktop infrastructure sometimes referred to as virtual desktop interface. (VDI) is the server computing model enabling desktop virtualization, encompassing the hardware and software systems required to support the virtualized environment.

VDI
Virtual desktop infrastructure (VDI) is the practice of hosting a desktop operating system within a virtual machine (VM) running on a centralized server. VDI is a variation on the client/server computing model, sometimes referred to as server-based computing (SBC). The term was coined by VMware Inc.

Advantages and disadvantages
The shared resources model inherent in desktop virtualization offers advantages over the traditional model, in which every computer operates as a completely self-contained unit with its own operating system, peripherals, and application programs. Overall hardware expenses may diminish as users can share resources allocated to them on an as-needed basis. Virtualization potentially improves the data integrity of user information because all data can be maintained and backed-up in the data center. Other potential advantages include:

• simpler provisioning of new desktops
• reduced downtime in the event of server or client hardware-failures
• lower cost of deploying new applications
• desktop image-management capabilities
• longer refresh cycle for client desktop infrastructure
• secure remote access to an enterprise desktop environment

Limitations of desktop virtualization include:

• potential security risks if the network is not properly managed
• some loss of user autonomy and privacy
• challenges in setting up and maintaining drivers for printers and other peripherals
• difficulty in running certain complex applications (such as multimedia)
• increased downtime in the event of network failures, which can be prevented by the use of a clustered file system
• reliance on connectivity to corporate or public network
• complexity and high costs of VDI deployment and management

Emerging Tech

Thunderbolt Successor to Come Out in 2015 Tags:   intel, thunderbolt Intel may have just released the first generation Thunderbolt this spring, but Intel is already planning it for long term. Intel is already working on the Thunderbolt's successor, even before the original really takes off. Here is what the director of Intel Research labs had to say: We see them as complementary. It's the evolution of these connectors and protocols as they move forward. [Besides], Thunderbolt is more than a cable. It's a router chip that aggregates DisplayPort and PCI-Express. No reason was given for the upgrades being developed so early on. Somecompanies outside of Apple have shown interest, but by no means have we seen anything big for it yet. Intel appears to be living more in a dream than a reality. Via TG Daily Pepsi Unveils Social Vending Machines Tags:   Pepsi, PepsiCo, social media You're out at a concert and you're about to buy a drink from a vending machine. You think about your friend who couldn't make it, and want to send them a quick text to let them know you're thinking of them and wish they were there.  With Pepsi's new social vending machines, you can not only send them a message, but you can buy them a drink at the same time.  Pepsi's new machines come with a fancy touch-screen UI that makes selecting a frosty beverage a more technical experience than perhaps it needs to be, but also include a social component that will take your friend's name and cell phone number and send them a text message with a code they can redeem for a free drink.  The code has to be redeemed at one of the new social machines. If you want, you can also give a random customer a gift at the vending machine through what Pepsi calls a "random act of refreshment," meaning someone will walk up, select their drink, try to pay, and be told that they're getting their drink for free. You can even record a quick video message to include with your free drink so the recipient knows who just made their day.  Pepsi has no plans for a rollout of the new machines; the current model is just a prototype. Still, it'll be on display at the National Automatic Merchandising Association Show in Chicago at the end of the month for everyone to see. Check out a video of the machine behind the jump. Coming Soon: Glasses-Free 3D TVs in Airplanes Tags:   3d Perhaps one day watching movies on an airline won't be a completely disappointing experience. A company called MasterImage 3D is leading the charge to bring 3D displays to airlines around the world. MasterImage also wants glasses-free 3D technology to come to in-car entertainment systems. In other words, it will become a ubiquitous medium for when you don't really want to watch TV but have nothing better to do because you're stuck in a vehicle of some sort. "We weren't looking at (airlines and car makers) initially. We were focusing on smartphones and tablets, but there turned out to be strong interest," said company VP Roy Taylor. Potentially Landmark Ruling Bans Debt Collector From Facebook Tags:   facebook A Florida judge has ruled in favor of plaintiff Melanie Beacham in a harassment lawsuit against debt collector MarkOne Financial. In it, Beacham says she received 23 phone calls per day about a debt she owed, and then at one point MarkOne was able to track her down on Facebook. Representatives then not only sent online messages to her but also to everyone on her friend list. In a preliminary ruling, the judge declared MarkOne is barred from contacting Beacham or any of her friends on any social networking site. The legal order is the first of its kind, and a big victory for Beacham's lawyer Bill Howard. Howard, who focuses on consumer protection cases at firm Morgan & Morgan, said a ruling against using social networking to harass debt owners is "something we've been fighting for, and we finally got a court ruling on that." Beacham's case remains ongoing, but some could say she already scored a victory

5 Things you need to know about videoconferencing

1. Your office is now optional. A recent study from Infonetics Research projects that enterprises will spend $5 billion on videoconferencing and telepresence by 2015. To accommodate the need for instant connectivity and information sharing at the office, CIOs need to coordinate IT investments with physical space. Vendors like Polycom and Steelcase are teaming up to integrate audio, video and file sharing using multiple ports and display screens at office meeting tables. KKR, a private equity firm, has been using HD videoconferencing for four years among its 14 global offices. "We prefer to do a video call because it adds another layer of interaction," says CIO Ed Brandman. "You have everyone's undivided attention."

2. One window shows all your applications. Companies are using unified communications (UC) platforms like Microsoft Lync and Avaya Flare as videoconferencing catchalls. These platforms consolidate all the windows workers have on their computer screens at any time, including videoconferences. They also integrate social media, so employees can video chat with anyone from their social networks. The trade-off, experts say, is that users must abandon preferred chat clients and adapt to using UC for everything.

3. You can access video on the go. FaceTime on the iPhone 4 offers only one-on-one chat, and you may have to sacrifice quality with other free options, like Tango. Skype Mobile, which works with Wi-Fi and 3G, can handle multiple parties at once, but the connection can be unreliable and not all smartphones support video calls. Until more sophisticated networks are introduced, such services are best suited for informal calls.

4. Free options offer limited quality. Free solutions like Skype and Google are not always suitable for the enterprise-you don't want to be fussing with the connection at an important board meeting. Many chat clients have video options, so for one-on-one conversations, free video chat may work fine. But a recent Forrester report by analyst TJ Keitt says 72 percent of workers still don't want desktop videoconferencing, adding that companies need a clear idea of what they will use video for: "Businesses distribute it with no sense of how it should be used."

5. Live feeds are the next frontier. Live streaming can be a helpful tool for sharing events with people who can't attend or who want to watch them later. Applications such as Video Center from LifeSize or free downloads like Ustream let users upload a videoconference so they can watch it anywhere. The United Kingdom's National Health Service is planning to use a live-feed video application to broadcast surgeries to new doctors.