Do you own a computer? Since you’re reading this let’s assume that you do. Does your computer have anti-virus software? Since you’re a reasonable, intelligent human being, let’s assume that it does. Do you also run something like Malwarebytes or SpyBotS&D? Since you’re a responsible netizen, let’s assume that you do. Does this mean that your computer is “secure”? Since your computer is on 24 hours a day, 365 days a year, let’s assume that it isn’t.

I can hear all of you now: “My antivirus is up to date! I’ve got nothing to worry about!”, “My spyware definitions are current, I’m protected!” The problem lies in a couple of factors; First, your antivirus was up to date the last time it was updated. Ten minutes later, you are still vulnerable. Second, I can’t count how many times I have been asked to look at a computer that was “running slow” or “acting funny”, only to find that it had been all but taken over by malware. These are computers with updated anti-virus, owned by people just like you and I who religiously check their systems for evil bits and eradicate them. Just kidding! Most of the time, I find the anti-virus software is out of date (usually because the subscription expired), and nobody has ever taken the time to check for malware.

The truth is, anti-virus software is, at best, an arms race. The companies who make anti-virus software are forever playing catchup to the people who write the viruses. They are perpetually one step behind, by design, because their technology is REACTIVE rather than PROACTIVE. Anti-virus software can not protect you until the bad stuff has already made it to your system, by which time it may be too late. In addition, if you don’t know what you’re doing you can actually harm your system by trying to run too many of these anti-malware applications at the same time, or worse, reduce productivity while people try to work around a system that is not optimized for your environment. If your system is too aggressive people will get in the habit of “clicking ok to make the box go away”, which can actually leave you more vulnerable to attack than if you didn’t have the software in the first place.

All of that being said, most anti-virus software does an excellent job of protecting you from known threats. Anti-malware software helps to clean your computer up after the evil bits have been installed. Both of these are important pieces of the security puzzle, but anyone who tells you, “Install this piece of software and you’ll be completely secure!”, is trying to sell you something. Any “security assessment” that only looks at whether your anti-virus software is up to date and you have the latest Microsoft patches installed is not a security assessment.

A lot of people today sell software wrapped up in a package with SECURE!!! written all over it, the number of people who can actually help you secure your priceless data is far lower.

Many businesses are turning to Voice over IP (VOIP) to reduce overhead. Just like many other technologies VOIP (or any other phone system) adds additional risk to your business that you may not be aware of. Phone systems today (as they have been for a while) are just computer systems and must to be considered in the overall security strategy of your business. Left out, their software becomes outdated, passwords become stale, and the potential for loss increases.

Consider the following example where a 4 digit password protected the phone system from outside attackers. How would your business react to a $52,000 phone bill (plus the lost time dealing with the phone company).

http://www.winnipegfreepress.com/local/hacker_makes_costly_calls.html

Remember:

• Change your voice mail password just as often (or more often because it is shorter) than your computer passwords.
• Check for firmware and software updates for your telecommunications equipment just like you do for your computer systems.
• Review the agreement between you and your VOIP / Telco provider to ensure that charges can be disputed should your system be compromised.
• Have your system audited by professional as part of your yearly system maintenance.