Archive for the ‘Security’ Category

« Older Entries
Newer Entries »

SecureWorld Expo Dallas – A Regional Conference with a Global Perspective

by FireHost Evangelist on October 20th, 2010

International, national, and even local considerations shape IT Security policies for the whole industry. However, as security and information technology professionals, it’s often difficult to find time to step away from our desks and really evaluate the scope of the ever-changing environment in which we operate. SecureWorld events provide the perfect opportunity to do just that.

With events across the nation, SecureWorld Expositions provide the platform and venue for leaders and “doers” in information technology and security to collaborate and make strides toward the end goal of comprehensive, globally unified security policies. All while earning 16 CPE credits that may be applied to your CISSP.

Chris Davis, Director of Security and Compliance at FireHost will be part of an industry panel attacking the difficult issue of Effective Compliance Management in Today’s Workplace. The best security minds from ArcSight, Shavlik, and Tripwire will participate in the hour long conversation scheduled for November 3rd in Dallas as well.

FireHost is proud to help lead an event that provides such broad reach on a global topic, and we invite you to use discount code “FIREDAL10″ when registering to receive a significant savings off the published rates. If you can’t make it to Dallas next month, perhaps one of SecureWorld Expo‘s future events will fit your schedule.

Follow Dallas SWE on Twitter.

Tags: , , ,
Posted in: FireHost News, Security | No Comments »

Meet FireHost at SpiceWorld 2010 – Where IT All Comes Together

by FireHost Evangelist on October 8th, 2010

This month, FireHost will participate in SpiceWorld 2010Where IT All Comes Together.

Chris Davis, Director of Security and Compliance at FireHost will present “Open Source Powered Websites: Protect Your Enterprise and Yourself”, but that’s just one example of the great topics to be covered. The educational event is jam-packed with speakers and workshops all committed to helping you become a better IT professional.

Over the course of two days, you will:

  • Learn new & advanced tools that will help you in your IT trenches.
  • Explore industry trends & IT vendor solutions that will simplify your job.
  • Take home practical IT tips, IT best practices & how-to’s from your peers.

We’re proud, Gold sponsors of the event, and we are honored to be hosting it alongside other esteemed participants like Dell, CDW, VMware, and others.

SpiceWorld 2010 kicks off on Wednesday, October 20th at Austin’s Speakeasy (featuring one of the city’s best views of downtown). Please join us that evening and for the whole conference. We’d love to learn more about what you do and introduce you to how Secure Servers can help solve some of your IT pains.

Come see us in Austin TX!

Follow Spiceworks in Twitter.

Tags: , , , ,
Posted in: FireHost News, Security | No Comments »

The End is Near! (for Dedicated Hosting)

by FireHost Evangelist on August 2nd, 2010

No More DedicatedEarlier this year, we introduced the Secure Server – a virtualized and secure, private hosting environment for companies and individuals who have the need to mitigate high traffic, high confidentiality, high availability, and compliance online.

Right away, many business owners, designers/developers, and IT professionals “got it” and signed up on the spot. We enjoy providing exemplary protection for our early adopters, but we won’t rest until the entire web hosting community understands that security, scalability, and affordability is for everyone, not just a select few.

Overall, the mission has been well received. As any “pioneer” would expect however, Secure Servers have been met with mixed reviews, particularly from die-hard dedicated hosting proponents.

In an effort admonish any remaining doubt from those who still have reservations about this new way, we created NoMoreDedicated.com. From here, you can:

  • Watch real stories from real people told in their own words and decide if dedicated hosting is the best solution.
  • Take our short, informative test to determine if dedicated hosting is right for your hosting needs.

Once you see the facts, we’re confident you’ll want to give Secure Servers a try, so we make it easy to do so.

  • Secure Servers can be provisioning within 24 hours of validating  your order, and
  • There is no lengthy hosting contract to which you must subscribe.

If you still have reservations, that’s fine. We respect your opinion and any doubts you may have about adopting a new way to protect your business. Even if you’re not ready to join the movement full stop, we request that you follow the movement that’s putting an end to overpriced, insecure, and inflexible dedicated hosting. Big change is on the horizon.

Follow: @NoMoreDedicated HashTag: #NMD

Tags: , , , , , ,
Posted in: Cloud Hosting, Security, Technology | No Comments »

Privacy Reform Starts with You, or Rather Your Pocketbook

by FireHost Evangelist on June 29th, 2010

Blippy, Facebook, and Lifelock, oh my! Each of these companies have come under scrutiny lately for mishandling, misusing, divulging, or otherwise playing a smoke and mirrors game with confidential information. This vignette is dedicated to conveying a different perspective on each situation, one that will hopefully convince you:

  • that security controls will only be as tight as consumers demand, and
  • that things can be different (better) with your help.

We just want to get this “disclaimer” out of the way, here and now in the first paragraph before you have a chance to form an opinion about our suggestions. We’re not condoning the actions or otherwise diminishing the liability of these companies (or any company for that matter) who has caused consumers or businesses time, harm, and any other loss because of a breach and subsequent leak of personally identifiable information (PII). The spirit of this article is to create awareness of the risks and to help everyone reading (consumers and business owners) understand that taking steps toward prevention is a collaborative effort in which consumers and companies alike must embark to see results. And so with that…

Blippy’s Security Blip

Synopsis: Credit card numbers for a limited number of beta users leaked into Google search results.

Blippy’s responsibility: Breaking this down to the most simple terms, Blippy’s dev team should have secluded all test data into a non-production environment. Furthermore, per PCI guidelines for SDLC dictate that all sample data must be purged from all accounts prior to launching the production environment. If you’ve visited the Blippy website or signed up for an account however, you’ll notice that there is no mention of PCI compliance or a PCI compliance badge… anywhere.

That’s because (arguably) Blippy isn’t governed by the payment card industry data security standard since they don’t directly collect or store credit card data. When the data leaked, all fingers pointed at Blippy (and rightfully so, I mean anyone who can read saw the cc numbers available in the statements associated with each user’s account.) The bigger problem however seems to be the fact that the issuing bank or credit card company allowed full, unencrypted, unmasked credit card numbers to be printed and/or stored on public statements.

Personal responsibility: Consider this. Participants in a clinical drug trial assume a large amount of risk by ingesting the pharmaceuticals under investigation. Wouldn’t a similar principle of risk apply when technology users participate in a beta, alpha, or electronic test of any kind?

Perhaps language in the warnings about unregulated pharmaceuticals is more ominous (or the risks more personal) prompting consumers take caution. Should commercial business ventures be more blatant about their warranties and have stronger indemnification policies so early adopters will think twice before signing on?

Consumers must realize that they are “swimming at their own risk” when participating in pre-releases of new, untested technologies. Blippy adopters who confidently linked bank accounts, retail payment card accounts, and credit card accounts to the service can’t be completely shocked when something goes awry with the system. Can they?

Bottom line: It is every business’ responsibility to take all measures possible to prevent problems like this from arising. It’s the consumer’s responsibility to perform due diligence and maintain our confidential information in higher regard and think twice before divulging information that could cause them harm.

(more…)

Tags: , , ,
Posted in: Security | No Comments »

Are YOU Your Biggest Security Threat? 5 Ways to Close Holes that Hackers Can Easily Breach.

by FireHost Evangelist on June 22nd, 2010

If I wanted to hack your eCommerce business, I’d have your help. It’s a fact that no one runs a business from one location (or one computer) anymore. In today’s world work gets done everywhere – in offices, at home, in a hotel, at the airport, while sipping mocha and siphoning Internet connectivity from a coffee shop.

Security risks increase when your business moves outside of the safety net of your main workplace. Mobile executives carry sensitive data around with them, and often times open it up to vulnerabilities just for the sake of convenience.

It all seems perfectly innocent. Connecting to wireless Internet in your hotel room, or syncing up to free wi-fi in a restaurant just to get a little work done. Convenient? Yes. Necessary? Sometimes. Is working remotely a down trending habit? Absolutely not. And so, we must learn (and educate our workforce) about how to work remotely more safely.

Protecting your mobile workforce is essential to protecting your business. And it can be accomplished (or at least done more successfully) by following a few simple tips to help keep your business safe from hackers, no matter where you go:

Stay Off the Free, Open Wireless

More and more public places are providing free, or shared wireless Internet. These open networks are dangerous. They’re risky for personal communications, but they are absolutely not suitable for conducting business without protection.

When jumping on public shared wireless connections, it’s essential to do so using a secure VPN connection with the latest encryption methods. This will funnel all your online activities (email, surfing, chat, etc) through this secure connection so prying eyes can’t see what you’re doing. Several companies offer this service but we’ve heard good things about Anonymizer.

As an alternative, Verizon, Sprint, AT&T, and others have mobile broadband services available for a reasonable monthly subscription. Spring for the mobile Internet access card. It’s a small expense for what you get in exchange – the ability to conduct business more securely outside the office.

Bonus Tip – turn off your wireless connection at all times when not in use so you are 100 percent sure about when you are connected to the Internet. If you’ve previously connected to default network names (like Linksys) then anytime that network name reappears at another location, you will be automatically connected to the network opening you up for risks.

(more…)

Tags: , , , ,
Posted in: Security | No Comments »

« Older Entries
Newer Entries »