E-Bitz - SBS MVP the Official Blog of the SBS "Diva" : Tuesday, April 18, 2006

Tuesday, April 18, 2006 - Posts

The Dirty Little Secret of SBS

SBS Podcast gang on on the air with the "dirty little secret" of SBS... better known as the POP Connector... now we should tell them that their formatting kinda horked the blog there a bit....But BE THERE April 25th and check it out!

posted Tuesday, April 18, 2006 11:49 PM by bradley with 3 Comments

Patch Status Report - April Patches

Let me know if it's too long, too short.. you like.. you hate... you want me to slow down.. you want a podcast?

This is a short 6 minute recap of some Patching issues that are being tracked with last week's security patches.

Susan Bradley has invited you to view a Microsoft Office Live Meeting recording.

View Recording

Recording Details

    Subject:              Patch Status Report - April patches
    Recording URL:        https://www.livemeeting.com/cc/winserver_usergroup/view
    Recording ID:         WM3XMM
    Attendee Key:         2/k=['F

Now before everyone freaks out.... most of the time patches are just
fine, and I've installed these here with no issues either because I 
didn't have the Share to Web installed or it was on the newer version, 
so most of the time patching is just fine with no impact other than 
a TON more protection from the bad guy.

And Kelly of Kelly's Korner has put up an automated fix for the 
registry change needed for the HP Share to Web issue

U Page - Windows XP from A to Z: 
http://www.kellys-korner-xp.com/xp_u.htm#hp

posted Tuesday, April 18, 2006 6:25 PM by bradley with 1 Comments

Trend CSM Version 3 service pack 1 now out

Trend Micro, Inc.                                  March, 2006

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         Trend Micro(TM) Client/Server/Messaging Security for SMB
                             Service Pack 1
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Service pack one for CSM version 3 is now out... thanks to MikeM for the heads up!

oooh Charlie will be happy about this:

Client/Server Security Agent

o) 64 Bit Support

Client Server Messaging Security for SMB:
http://www.trendmicro.com/download/product.asp?productid=39

posted Tuesday, April 18, 2006 5:00 PM by bradley with 1 Comments

The cost of doing nothing

SB 1744 Senate Bill - AMENDED:

Existing law requires any agency, or a person or business conducting business in California, which owns or licenses computerized data that includes personal information, as defined, to disclose in specified ways, any breach of the security of the data, as defined, to any California resident whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person. The bill would require ~~that~~ an agency or a person or business that has suffered a breach of the security of the system to ~~provide 1 year of a credit monitoring service, as defined, without charge~~ offer to pay the fees associated with placing a security freeze on consumer credit reports to each person whose personal information was, or is reasonably believed to have been, acquired by an unauthorized person.

The bill would require specified information to be included in the notice given to California residents pursuant to these provisions and would require a copy of these notices also be provided to the Office of Privacy Protection. The bill would also make technical changes to these provisions.

----------

To me that's a bit bonechilling...but at the same time... there's a part of me that says maybe stuff like this is the key to get folks to wake up and start taking security seriously.... the next time one of your small businesses that handle names or credit card numbers or anything.. and either due to the fact that they cannot (vendors won't support encryption) or they don't want to take security seriously... quantify the costs of offering to every single one of their potentially affected clients or customers... a year's worth of credit monitoring service. Now then, now that you have THAT quantifiable cost stuck in your brain.. think about the stuff that doesn't have a price tag on it... unless you are in the Business valuation biz like I am.

Business reputation
Client trust
Public Relations impact

Quantify those... quantify the value of your business... now then... are you.. RIGHT NOW...this very moment doing "good enough" security to ensure that you are taking reasonable security precautions to protect the valuable data you have? I know I'm not doing as much as I should and I could do more... I know my vendors (and I'm not talking Microsoft here..but CCH and Intuit) are definitely NOT doing enough to HELP me protect my clients data. I know that I need to do a better job of end user education. My gang know enough to ask me ..but I could do better here. I need to add remote control software and better management of home machines that connect to my network. They are just as much a part of the security fabric of my network. I want to do (I need to do) a better job controlling/filtering/protecting email. Even though sometimes I don't quite consider SPAM as a security risk.. the fact that it's an example of social engineering that's slithering it's way into my firm means I need to do more.

No, it's not law... but it's having a hearing in a few days.... and you know what... while there's a bit of a chill factor in reading that proposed law... it's hard to argue against it, isn't it? We do need to step up to the plate and do our part. And we're really not, are we?

So pay for security in your networks..a cost to ensure that "nothing bad happens" (as someone is apt to say in his speeches and book), or pay for it later... and at a much higher cost than you intended to....a real cost to your business.

Quantify doing nothing... absolutely nothing at all.... and soon you'll realize it has a much higher cost to your business than the price tag of "nothing bad happening".

posted Tuesday, April 18, 2006 12:20 PM by bradley with 0 Comments

So you want to "whitelist" an SMTP address from being caught by IMF?

So you loaded up Exchange sp2.. got IMF working ..but you have some emails that no matter what you do.. either get caught by spam if you set the value one way.. or let in too much spam if you set the value so that the business email comes in... so what do you do?

Have it 'go around' IMF...

You go into Exchange System manager.. and you expand "Global Settings", then on message delivery, then on the connection filtering tab, and you insert the SMTP or IP address of the server you want to bypass the IMF settings in the "Exception" tab.

You can see this IP address by going into the email, right mouse click, go into options and you'll see the header info...

posted Tuesday, April 18, 2006 12:20 AM by bradley with 1 Comments

Another new link on the blog roll

http://uksbsguy.com/blogs/doverton/

Another new link on the blog tonight ... it's the MS UK SBS guy.. which means he'll probably be doing things like spelling the word "color" wrong.. and "Center" and stuff like that on his blog...

(bet he pronounces the word Aluminum weird too... al-loo-men-e-um)

;-)

posted Tuesday, April 18, 2006 12:01 AM by bradley with 2 Comments

E-Bitz - SBS MVP the Official Blog of the SBS "Diva"

Search

Archives

News

Navigation

Post Categories

Article Categories

Sharepoint

Exchange

Security

Microsoft Downloads

SBS - Blogs

ISA Server

SBS Team Blogs

Interesting Small Business Blogs

SBS - CRM