Tag Archive | risk mitigation

Microsoft Security

1234Another day, another cyber security threat… This latest vulnerability puts all supported releases of Microsoft Windows at risk. The recommendation is if you use Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 8/8.1, Windows Server 2012/2012 R2, or Windows RT/RT 8.1, to get the patch using either Windows Update or download it directly from Microsoft’s Support site.

Ars Technicha has a comprehensive write up of the Windows bug. At this time there is no evidence that the bug has been exploited but now that it has been disclosed that could change quickly. Please be sure to update as soon as possible!

Learn more: https://support.microsoft.com/kb/2992611

http://arstechnica.com/security/2014/11/potentially-catastrophic-bug-bites-all-versions-of-windows-patch-now/

Use It or Lose It

Periodic testing your mass notification system is a best practice we highly recommend. Not only does it help to ensure that your messages are up-to-date and ready to use, it also serves as a reminder to your select group of test alert recipients that the system is active and available.

Another important reason to test your system is making sure the users in your organization are properly trained. Using the Rapid Notify system is easy to learn but we find that if our customers do not practice on a regular basis, they forget about many of the most powerful features available to them.

Periodic testing can also be a reminder to monitor internal accountability. Customers that experience staff turnover may not realize that the person previously designated as their Rapid Notify Customer Administrator did not train or even inform their replacement regarding access to their account.

We encourage all of our customers to contact our outstanding Customer Support team to schedule an online refresher training session. Our system has many new features that you may not even be aware of such as Reusable Scenario Alerts, Social Media posting and more.

Contact us today.

Password Cleanup

It’s time to change your passwords. The recent data breach of Target’s customer information may have exposed sensitive information of as many as 110 million people. This is just the latest high profile company to be attacked by sophisticated hackers.

With so much data exposed, it has again become clear that no one should ever use “1223456” or “password” as a password.  SplashData published its annual list of the worst online passwords and it is surprisingly similar to the year before. Unfortunately, rather than creating more original passwords, it appears that many people are just using longer chronological strings of numbers. If a “123456” password gets hacked, the solution is NOT to add a “7.”

The 10 worst passwords online are as follows:

Log In and Password

  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. abc123
  6. 123456789
  7. 111111
  8. 1234567
  9. iloveyou
  10. adobe123

Even high-level government offices have been caught using poor password selection. A recent Senate cyber security report detailed failures by federal officials to perform basic information security work such as installing security patches, updating anti-virus software, communicating on secure networks and requiring strong passwords.

It is critical for all of us to create more sophisticated passwords.

Read more:

http://news.cnet.com/8301-1009_3-57617034-83/yikes-targets-data-breach-now-could-affect-110m-people/

http://www.washingtonpost.com/business/technology/senate-cybersecurity-report-finds-agencies-often-fail-to-take-basic-preventive-measures/2014/02/03/493390c2-8ab6-11e3-833c-33098f9e5267_story.html

%d bloggers like this: