|
Inspiration: "Great deeds are usually wrought at great risks."
-Herodotus
|
 |
IND Vulnerability Awareness Seminar |
Top |
Learn Best Practices in the Following Areas
Join IND and Several Industry Experts Helping You Identify Pitfalls in Your Security and Compliance Management
- Technology - IT Weaknesses
- Compliance / Legal - Identity Theft Protection
- Documentation - Digitalization and Shredding
- Security Services - Security Staffing
Date: Wednesday, June 13, 2007
Time: 8:00 AM - 12:00 PM
Location: The Park Avenue Club, Florham Park, NJ
- Located at: 184 Park Avenue, Florham Park, NJ 07932
Tel: 973-301-8233 | Fax: 973-301-2348
- There is no cost to attend this event
More Information & Registration
 |
NJBiz Magazine Features IND in Cover Article |
Top |
Parsippany, NJ (March 21, 2006) -- IND CEO Douglas Rahn was featured in this week's NJBiz Magazine story "Vista Has Been Launched: Now the Questions Begin." The article reviews the new features in Microsoft's new operating system Vista, and Mr. Rahn provides insights into why and when companies should upgrade their computers, and some of the impacts that the new software can have for business.
Read the NJBiz article "Vista Has Been Launched: Now the Questions Begin"
|
 |
Identity Theft: What Every Employer Should Know! |
Top |
On January 18, 2007, T. J. Maxx reported that systems used to process and store customer transaction data had been hacked. The number of accounts affected is unknown. Some estimate that is could be as many as 800,000. How could this have happened? A better question is -”Could this happen at your company”?
Companies are losing customer and employee information by the truckload every day. Privacy Rights Clearinghouse, a non-profit consumer and advocacy organization, tracks reported data breaches by companies. As of March 1, 2007, nearly 104 million data records of U. S. residents have been exposed due to security breaches since February 2005, on average 142,661 records a day. Laptops are left on airplanes or in cabs or stolen. Flash and jump drives are lost or forgotten. Obsolete computers are donated and their hard drives with sensitive information have not been erased. Hackers are breaking into companies’ networks, downloading their information and companies do not have a clue. Back-up tapes are shipped to never reach their destination and by the way, most are not encrypted. Worst yet, in some cases employees steal the information for organized crime, who are moving from traditional crimes to identity theft. Why? It is less risky and more profitable.
The New Law:
On January 1, 2006, The New Jersey Identity Theft Prevention Act was signed into law. This Act requires businesses operating in New Jersey to safeguard personal information related to any individual, including customers and employees. The term “personal information” is broadly defined, including, but not limited to, first and last name, driver’s license number, date of birth, social security number, employee id number, medical information, account numbers, images, and signatures. This Act is one of the toughest laws in the nation.
The Act requires that companies “take all reasonable measures to protect against unauthorized access to or use of personal information.” Reasonable measures you ask? You can shred, pulverize or burn information to destroy it or render electronic information unreadable. You must also document your destruction policy and educate your employees on the new policy. Remember, if you document “it” you must retain a paper trail, which proves that the policy is followed.
In addition to the New Jersey Identity Theft Prevention Act, there are federal laws that require you to safeguard consumer information. These laws include Title V of the Gramm-Leach-Bliley Act (GLB Safeguard Rule), the Health Insurance Portability and Accountability Act (HIPAA Security Rule) and the most recent, Fair and Accurate Credit Transactions Act (FACTA). Although very similar, each of these laws has different requirements for compliance. Work with a professional to make sure you fully understand each of them.
Companies risk a security breach due to three factors:
• Rogue Employees – They steal, provide access to or sell the personal information.
• Hackers – They hack into your system and steal the information.
• Company negligence – Companies do not have effective policies and procedures in place to protect personal data or they don’t follow them.
If your company is compromised and there are victims of identity theft because of it, the Act provides for civil remedies and injunctive relief for violations of the law. This would include the payment of fines, penalties, attorneys’ fees, and cost of actual damages, not to mention class action suits. According to USAToday, the average dollar amount charged in identity theft is $92,000. Ouch! The Identity Theft Resource Center (ITRC), a non-profit organization that researches and supports victims of identity theft crimes, reported that it takes on average 600 hours to clean-up the mess, if one ever does.
According to Michael Freidenberg, Editor of CIO Magazine, “If you (your company) experience a security breach, 20 percent of your affected customer base will no longer do business with you, 40 percent will consider ending the relationship, and 5 percent will be hiring lawyers!”
Based on other companies’ experience with breaches, an information breach is a possibility and problem for every employer in New Jersey. It is not a typical liability insurance issue. Is identity theft covered under your fraud policy… all five types? Yes, five types! You had better check, but it is not likely. Identity Theft is not a typical crime. It presents itself in the following ways:
• Financial/Credit
• Division of Motor Vehicle (DMV)
• Social Security Number (SSN)
• Medical Information
• Character/Criminal
You and your employees are responsible for the security and privacy of your customer and employee information. Because of the new laws, you must decide what personal information is pertinent to run your business. If there is personal information that you collect, but really do not need - destroy it. You need to implement an effective data security and privacy plan and education all of your employees regarding the new plan.
Veronica A. Jenkins
Independent Associate for Pre-Paid Legal Services, Inc.
vjenkins@prepaidlegal.com
908-685-7117
www.veronicajenkins.idtforbusiness.com
 |
Consider the Cost of Spam to Your Online Business |
Top |
Everyone's email server gets hit with spam several times a day and unfortunately most of our emails do as well. When this occurs it slows down the productivity and also keeps people from being able to access their email remotely or internally as quickly as they would like. When a server gets to be bogged down with spam it can crash a cause everyone even more inconvenience.
When a server crashes, you must consider everything that is on that server that you and your clients no longer have access to.
If your website is hosted on the same server as your email it will also be down – and what about those attempting to visit the site?
If you have important messages in your email concerning a client that needs help you will not have as timely a response to them in their time of crisis.
What is happening to your customers impression of you while your server is down and they receive “Undeliverable email message – recipients email server is not available”.
And that urgent late night email message regarding the change of meeting time tomorrow that didn’t come thru.
All of these items cause major money losses in business that most people don't consider when they think about spam. The return on investment of an Anti-Spam solution can be tremendous regardless of it being an internal or external solution. Even the most inexpensive solutions can save thousands of dollars and hundreds of hours a year in lost efforts. Microsoft, Symantec, Barracuda and many more offer solutions ranging from entry level to enterprise that can be installed within your organization and others offer external solutions that have added benefits for even higher return. Contact IND today to discuss the full range of options that may be the best fit for your company.
 |
Microsoft Exchange Server 2007: Help Remote Workers Accomplish More |
Top |
Mobile and Web-based Messaging
Exchange Server 2007 includes Microsoft Outlook Web Access (OWA), which allows users to access their messages remotely through either mobile or web-based methods. Mobile workers can further stay productive by taking advantage of Exchange ActiveSync technology, which delivers a familiar experience on a variety of mobile devices, with no requirements for extra software or services beyond an Internet connection.
Unified Messaging
Microsoft Exchange Server 2007 integrates e-mail, voice mail, faxes, and calendaring into a single inbox that can be accessed from virtually anywhere. With new voice access functionality anyone can use touch-tone or speech-enabled menus to hear and act on their calendar, listen to e-mail messages, listen to voice mail messages, manage their personal contacts, or call anyone listed in the company directory.
Collaboration and Productivity
Exchange 2007 also gives remote users the freedom to access the file server without having to use a secure VPN conncection. It also allows each user to use a new scheduling assistant that suggests dates and times dependant upon the attendee's calendars and the resources needed.
|
Emphasizing Spyware Importance to Users |
Top |
If you are concerned about keeping spyware off of your network, your users need to know what to do and the consequences of not doing it. They also need to know what spyware is and why they should be protecting the network and their systems from it.
Spyware does not know the difference between company data and personal data, which means that it will just as likely take your personal information off of your network as it will a company finance file. Another important fact is that anti-spyware programs are not and never have been 100% effective causing a need for users to follow company policy on network usage and make sure that no personal information is saved on their computer. |
|
