Posts tagged Security
Cloud Computing and Sys Admins
Oct 16th
More and more these days I talk to people who are trying to figure out how and whether cloud computing fits into their business model. Cloud computing is really a new version of the old style of mainframe computing where diverse groups share the computing power and storage of large systems. Cloud computing, ideally, will be engineered to minimize or eliminate single points of physical failure. Physical system failure, however, is only one item of many that can affect your system’s performance and uptime.
Hardware configurations, including manufacturer choices, operating systems versions and configurations, firewall rules and ongoing maintenance of all the above heavily impact the performance and reliability of your systems.
Regardless of whether you have computers in your broom closet, colocated at your ISP or deployed in the cloud, your company needs a good system administrator looking out for your network and machines. Good system administrators know the pros, cons and quirks of different hardware, operating systems and network configurations. They know about possible vulnerabilities first because they are on private security lists you don’t even know exist. They’ve got your back. George Reese of enStratus, expanded on this in a recent post that compares programmers and sys admins.
One of the big differences between an ipHouse virtual machine (which is essentially deployed in a local cloud) and deploying a server with one of the national cloud providers, is the sys admin expertise that comes with your ipHouse machine. We work with you to make sure the system configuration is optimized for your business applications. We can also administer the machine for you, keeping it securely patched and up-to-date.
Ice Phishing
Dec 16th
So, how about that minus 20 degrees this morning – that cold enough for ya? Along with these near record lows last night and this morning, we received reports from a few users about a Phishing Scam that claims to be about their webmail account. This latest version asks the user to respond with their webmail username and password. This latest round has several give aways that are good reminders of what to look out for with scams in general.
Phishing is spam that attempts to extract personal information from the recipient. Here are some quick points about Phishing:
1. Email asks for your password: ipHouse will never ask for your password via email. This is a common policy with many companies so feel free to make it your own policy: Never send a password via email even if you think you know the recipient.
2. Strange reply-to address: The reply-to email address is not an official email address. ipHouse employees and internal addresses are all @iphouse.net. This latest round had the reply-to as an email address in Brazil (.br) or a yahoo.com address. A general rule for anyone is to always check a provider’s website for valid contact information. When going to their website type in the address yourself or use an existing valid bookmark. Do not click a link in an email even if it looks valid is it may be a “masked” URL whose destination is a different address.
3. Credit card fraud. While this email was looking for passwords, many Phishing scams ask for credit card numbers. And for decades there have been phone-based credit card Phishing scams. ipHouse will never ask for your credit card number via email nor ever via a call we initiate. Feel free to make it your own policy with everyone – never send a credit card number via email and never give your credit card number out to someone unless you initiate the call.
4. Spam filters don’t catch everything. While our multiple levels of Antispam catch most Phishing expeditions, some can get through. This one was harder to catch as it didn’t have any off-site hyperlinks and had enough words that it looked valid to the filters. We don’t publish for spammers how we adjust but trust me that we do adjust. Of course we do want to see what might get through. For example, yesterday alone ipHouse blocked 1,463,418 spam, Phishing, and viruses. We pride ourselves on an extremely low “false positive” rate. If a spam or Phishing message does get through, please forward it with full headers to spam@ipHouse.net. If you have an individual question or concern, our Support team can help.
5. Learn more! Here are some links to several sites’ take on Phishing:
- Blogs about Phishing: PhishingScam
- Popular OS: Apple, Microsoft
- Popular Guides (always with a grain of salt please): WikiPedia , About
- Trade/Industry groups: APWG, National Cyber Security Alliance, AARP
- Government: Stop-Think-Click
- Eric
Is your account really secure?
Sep 15th
By choosing ipHouse, or any good ISP, you may think that your account is automatically protected from random hackers. And you would be right, but only up to a certain point.
We can and do patch our machines and lock them down as much as possible. However, as an ISP, our job is also to make sure that information flows smoothly to and from your account. To a very real extent, you are in direct control of the weakest security link for your account, your password.
We have lately seen a rash of accounts compromised because they had passwords that were less than ideal. You may think your account isn’t worth hacking, but you would be wrong.
