Did you know that October doesn't just celebrate Columbus Day or Sweetest Day?

October is also National Cybersecurity Awareness Month which seeks to educate and promote using online security practices to protect individuals, businesses and organizations from data theft or other malicious Internet threats. This is the 8th year that the Department of Homeland Security has sponsored this event.

According to the DHS's website (http://www.dhs.gov/files/programs/gc_1158611596104.shtm) the overarching theme for National Cyber Security Awareness Month is "Our Shared Responsibility," which reflects the interconnectedness of the modern world and the message that all computer users have a role in securing cyberspace.

This month is geared towards engaging both public and private sector partners to raise awareness and educate Americans about cybersecurity, and increase the resiliency of the Nation and its cyber infrastructure.

That being said, I thought I'd spread the word about National Cybersecurity Month and ask everyone here what they are doing to protect themselves when they use the Internet. Are you using Antivirus software? Email security? Encrypted Email? URL content filtering? Laptop security?

Happy National Cybersecurity Awareness Month to all - I look forward to your responses :)

Cool. I had no idea there was a month for cybersecurity awareness.

I'd like to tell you I'm doing all the things you mention to protect myself, but I'm not. For the most part I can recognize urls that shouldn't be clicked on and can recognize which emails not to open. Basically I stay away from the places that will increase the probability there will be a security issue. I do use secure passwords wherever I go and also vary the passwords I use.

:) I'm happy that I was able to spread the word a little bit.

Cybersecurity is a big concern for everyone when you consider the amounts of spams, phishing attempts, and viruses out there. Using secure passwords and switching them up is a good place to start. I think that everyone would be better off using a 'safer' web, especially businesses that have employees using their computer networks. Too many chances for someone to accidentally click somewhere where they shouldn't be..

I think a big part of security is being aware of potential issues and being smart about a few things. The weak link in security is always us and not the technology.

For example at least one a week I'll get an email claiming to come from Facebook, usually telling me of some problem with my account and asking me to login to fix it. The email looks real, but I know not to trust it on face value. It's easy enough to mouse over the link and see that the URL it points to isn't Facebook, which lets me know not to click. The email is really just a phishing attempt to collect my login information should I have followed through.

No technology was involved in me protecting myself. Just a little knowledge and some healthy skepticism. If we can help more people get that little bit of knowledge and teach them to be a little skeptical of some of the email they receive we could eliminate a lot of security issues. Not all, but quite a bit.

Some of it resides in the companies who's sites we visit. I think Google has pushed toward making all connections with the site https instead of http. There's no reason other larger sites can't do the same. Browsers could make it more obvious when requests are across secure or insecure connections. Same goes for the companies that make operating systems.

One nice thing about Max OSX where security is concerned is that the most recent version Lion is now forcing applications to run sandboxed. Each application will run under a least privileges philosophy to limit the access any application has to other apps or the operating system itself. Then if one appl become comprised it should keep the potential damage to a minimum. I'd like to see Windows follows suit.

Of course the weak link is still us. When Microsoft made security improvements in Vista most people complained about the loss of convenience having to approve more things before they happened. Many people just turned that security off. The technology can only do so much. We still need to do our part.

I think that cybersecurity is definitely something of which we should all be aware. Vangogh mentioned one thing with the phishing e-mails. I get tons of those.

As someone who deals with both sides of this issue, as a consumer and as a business that deals with e-commerce, I know it's complicated, and that the security precautions can sometimes be a pain in the arse on both sides. On the other hand, spending an extra minute to enter a password or cross to a secure site is better than having your identity hacked.

Being smart and being protected are two different things. Although you might be smart most of the time, being protected all of the time is a lot different. All you (or someone else on your computer network) has to do is click on something - even accidentally - to have a bad breakout and issue on your hands. A lot of these phishing scams are run by criminal organizations that are working hard to fool you one time and steal everything they can from your computer (or your entire computer network.)

Sadly, I think anyone can be vulnerable if the message is convincing enough..

You can't be protected all of the time, though. There's no such thing as 100% secure. In the case of some clicking on your network, again the problem is us. It's someone clicking on something they shouldn't click on.

Even something like anti-virus. It's all well and good to install AV software, but if you never update the database of potential attacks it's not very useful. The world of AV is a cat and mouse game. You protect against one exploit of type of exploit and the attacker comes up with a new exploit you don't yet know about.

I don't mean to imply that you shouldn't put security measures in place. I hope I'm not giving that impression, because I think you should do what you can. I definitely think you should implement technical solutions to help make you more secure. However the weak link is still us. You can require someone use a secure password and you can require they change it every x days, but that doesn't prevent them from writing their password down on a sticky note attached to their monitor or being tricked into giving it out over the phone.

Security is a difficult problem to solve and one that probably can't ever be solved completely. You can make things more secure, but you can't make them 100% secure. Making them more secure is a worthwhile goal though. It does make sense for all of us to protect that which is valuable to us.

I agree, 100% is a tough number to reach, but there are services that offer 99.2% spam protection and remove 100% of spams so they never reach your inbox.

In the case of large businesses, it isn't as simple as just blaming "us" for the clicks. A lot of employees might not be paying attention or just get fooled into clicking on something that they shouldn't, but if that Email wasn't delivered they wouldn't get a chance to. If this click unleashes a virus, trojan, spyware or other malicious code it ends up being the responsibility of the business owner or the IT department to clean the mess up. If it results in a fine or other penalties, that comes right out of the owners pocket.

As you said, security is still in our hands and luckily there are software solutions that can help make the decisions for us..

A lot of employees might not be paying attention or just get fooled into clicking on something that they shouldn't

That's the employee being the weak link. Cutting off all email isn't the solution. That same employee could just as easily not be paying attention when it comes to locking the door or they could get fooled into sharing confidential information over the phone. You can put the strongest security into place, but if people don't turn it on it doesn't protect you. Security is like a chain of different things working together. The people who use it are the weak link in the chain.

But again that doesn't mean you shouldn't implement the technology. If you don't have the technology at all then you have even weaker links than the people.

As you said, security is still in our hands and luckily there are software solutions that can help make the decisions for us..

Recently, Steven M. Bellovin a researcher at Columbia University highlighted the fact that we still update our software using an untrusted path (https://www.cs.columbia.edu/~smb/blog/2011-10/2011-10-02.html).

We still don't have a secure way to get patches of our applications and our OS applied without the risk of installing malware that dresses as a legitimate patch. I had a disturbing experience a few days ago when I discovered that I was using Firefox 7 when I thought I was using Firefox 6.02. I didn't realize that at any time there had been an update applied to my system. Usually I install updates myself after checking out the reason for the update, but this time it was done completely without my approval and even my awareness. Simply using Firefox opens up the possibility that someone changes the code I am running without my approval? A code I am constantly using to enter passwords to establish access to some website. This is not acceptable.

Unfortunately, we're a long way from using secure computer systems.

Regardless of who the "weak link" is, once there's a problem, it's still the responsibility of the business owner to do his best to protect his own interests. Spam rates have reached the highest levels they've been in 2 years - and these aren't just about diet pills. They're sent by cybercriminals (http://www.zdnet.com/blog/security/malicious-spam-campaigns-proliferating/9420) with the intent to steal everything they can from you.

These Emails are designed for trickery...and it works..

The beauty thing with this Email filtering solution is that it doesn't "cut off" all Email to the employees, it just prevents them from getting the Emails that are Spam, have viruses and that contain malicious files. This is helpful for an IT department that has to manage 30 computer operators..

Oh I agree you still want technology in place. Just suggesting some education for the general public and employees in particular here would also be a good idea.

How does the email filtering determine which emails are spam and have viruses, etc. Is it checking against a database? Is it something IT determines? It sounds interesting.

I wasn't aware that it was Cybersecurity Awareness Month either, and I'm in the IT field =(

To answer the ops question, there's allot of of methods that one can deploy to protect their environment.
First and foremost is user permissions. If a user does not need access to install/configure software then remove the "administrator" role from their ID. This is made easier by implementing a domain (I.e. Active Directory) environment with centralized user accounts.

Install antivirus/antispyware on each desktop/server in your environment and ensure they are kept up to date. To make things easier you want to use a centralized management method such as Symantec Endpoint (Personally this is what I use and deploy to my clients).

If your in a domain environment, utilize the Group Policy functionality to granually control what the user and/or computer can or can't do (I.E. Set the machines to automatically update via a centralized Windows Update Server)

Install/configure a firewall for your network. Look for one that provides Intrusion Detection (Detect & Block attacks being made on your network), Content Filtering (Allow/Prevent users from accessing certain content on the internet based on website category or application protocol), and Gateway Antivirus filtering (Take a look at the SonicWALL TZ or NSA line of appliances, and be sure to keep the TotalSecure license up to date).

Configure both inbound and outbound mail filtering on your server. Inbound filtering will prevent spam and viruses from reaching your users (I.E. Those fake facebook links are an issue of the past), and outbound filtering allows you to encrypt sensitive e-mails you send (If your provider offers this), as well as blocks any e-mails that may contain spam/viruses that your users somehow send (Stopping the propagation of the spam/virus) - I use and provide McAfee's MX Logic product to my clients on a monthly basis

The only issue I or my clients have had with viruses is 1 client that I do consulting for on their database platform and they utilize another provider for their managed services. They are constantly being infected with viruses because the other providier isn't taking the appropriate measures to protect the network. Unfortunately they are locked into a contract for another year or so and are hesitant to change before the contract expires.

How does the email filtering determine which emails are spam and have viruses, etc. Is it checking against a database? Is it something IT determines? It sounds interesting.

The viruses are easy as it uses known virus definitions for items that have already been identified, along with a Heuristics model to identify traits of a virus if it has not already been identified.

SPAM is a bit more difficult and is based on a scoring method using different methods:
I.E. Is the originating server on a known blacklist (I.E. This server has been identified previously as sending SPAM). These blacklists utilize user/server submissions along with "Honey Pots" which are essentially e-mail addresses that are not provided to anyone, but monitored for inbound mail (I.E. Spammers automatically generating e-mail addresses).

Is the originating server authorized to send mail on behalf the the senders domain. This is known as an SPF Record which lists the servers that you authorize mail to originate from.

Does the senders mail server report the same name as a reverse lookup of their IP Address? (I.E. If my mail server is reporting mail.domain.com, is the same name reported when I do a ping -a on the IP address?)

Does the e-mail address exist at the recipients domain?

Are multiple attempts being made to send e-mail to the recipients server where users do not exist (I.E. Known as Mail Harvesting)

Do the e-mails contain certain keywords that are identified as SPAM?

Has the recipient previously communicated with the sender (I.E. Servers can automatically whitelist their e-mail address, company domain or etc to allow future e-mails to be accepted with minimal inspection)?

If the e-mail contains URLs, do they correspond to the actual link (I.E. <a href="http://fakefacebook.com">http://facebook.com</a> would be identified as SPAM since the URL the user is being sent to does not match the domain being displayed/

Additionally, if the e-mail contains a URL, is it a known SPAM URL (Database driven)

The service I provide to my clients is pretty good at what it does, below are some statistics just for one client of mine for 1 weeks worth of e-mails (Approximately 20 users total):
Total Inbound Messages Received: 20,887
Total Inbound Messages Delivered: 1,432

Messages Delivered Normally: 1,432
Messages Denied (Senders received non-deliverable report): 19,325
Messages Quarantined (For user review): 130

I recommend users check out MX Lookup Tool - Check your DNS MX Records online - MxToolbox (http://www.mxtoolbox.com) and look at the Blacklists, Diagnostics and SPF Records reports to get some insight into their own e-mail domain/information.

Thanks. I was specifically asking about Heather's system, but that's still some great info. I think heuristics are the way to go, though from what I've read about them, they need to improve quite a bit. One of the things that used to frustrate me when I was running AV software on Windows was all the updates to the virus definitions. While I knew it was important to update them, it usually brought my computer to a standstill while the update was happening. Once or twice a day I'd lose all productivity for a half hour while I waited on the definitions list update.

Thanks for your interest VanGogh. Through our partnership we offer a complete solution that utilizes the power of multiple scanning engines to detect and quarantine these threats remotely in a cloud environment. No hardware, software or appliances are needed.

It's easy to deploy and offers industry-leading detection rates, enabled by the unique multi-layered combination of MXSweep filtering technology with the world’s leading detection engines assuring that you (or your client) has real-time, all-the-time virus and spam outbreak protection. Since all email is filtered offsite, threats are quarantined and only clean email is relayed to the server, assuring that your network is protected. Since it works on both Inbound and outbound mail, you can be sure that you aren't the one sending and/or receiving spams and viruses.

Additionally, it scans all outbound emails so that in the event of a virus outbreak on the customer network the threat will be contained and the customer’s mail server will avoid being blacklisted. Since there is close to zero false positive identification based on our ‘circle of trust’ technology, users receive every email they really need.

Since this is a self learning system, it offers painless management because it's intuitive. If a valid Email is ever flagged, you still maintain User control and you can 'unjunk' Emails on the system's regular quarantine reports to enable an individual to retrieve disputed mails.

If you have multiple Email users, you have integrated management of every email account, including individual users, their aliases and the groups they are part of.

Since your mail is stored in the cloud, it reduces your need for hard-drive space with your webhost. There are no capex or maintenance fees, either. Other services like Email archiving help to assure that key industries ruled by regulations such as HIPAA, SEC, NASD and others are compliant with the rules set forth by the Government. (Some industries are required to keep up to 10 years of archived Email by law.)

I hope this helps explain and please let me know if you'd like more information. There's lots of really great technology coming out of cloud computing!

Sounds like a good service. I know most any mail server does or can be set up to do some of what you're offering, but not to the same degree and naturally your company has a little more expertise than the average person. :)

Do you find you sometimes flag innocent emails? I know most AV programs will think some applications are a virus or trojan when they're really legit applications that happen to use code similar to what malware might use? Similar for some legit email and spam? Does the system handle this mostly by learning what the individual considers spam? is there a way for them to see some of the emails flagged and mark them as not spam.

The cloud is coming and I do think it'll offer some great things. I'm not 100% sold on it for everything though. There are some things I prefer remaining local only and some things I simply find easier to use when everything is local. That said it's hard to deny what cloud computing can offer us. You can see some very large companies pushing cloud services in our direction and it'll be interesting to see what they offer.

Thanks for your kind words, we are very excited to offer such a great Saas service to help businesses of all sizes protect themselves against threats on the Internet.

You are right that Email servers can be configured to do most of this, but services like Email archiving must be done in a very specific way to meet regulatory requirements (IE: must be time stamped, made tamper-proof, have the proper meta info, etc.) and for admission in a court of law, if it's ever called upon for evidence.

Yes, there is a small chance that a legitimate Email might be flagged, but since the IT head or business manager can still access their Email logs, they're able to review any incoming mail and send along whatever Emails they deem appropriate. The IT guy or business manager also gets sent a report of all Emails that were rejected, flagged or deleted. One thing I will tell you is your Email load drops by a lot, which saves time and money..

Additionally, it saves you from having to configure this stuff all by yourself because really big companies put big money behind to develop it so all you have to do is deploy..

Sorry to double post, but thought I'd share this report on just how serious these Email threats are to all business people and why they should use technology to protect themselves.

October 2011 - Internet Threats Trend Report | Commtouch - Internet Security Solutions (http://www.commtouch.com/threat-report-Oct-2011)

230 BILLION infected Emails is a stunning number, don't you think?