http://www.agresearch.ca/careers.asp

Another phishing story, just proves you can’t be too careful.

Also, according the Cape Breton Partnership, a leading global IT services company is interested in connecting with new and experienced IT professionals on Cape Breton Island. They have also posted a job ad.

Interesting times ahead.

Fortune Cookies tell no lies – or how China may not be behind the majority of Internet borne attacks

Is China really behind all the attacks that the mainstream media would have you believe? During his talk Mr.Barlow will review recent happenings and the results of his research that provide some insights into what may be one of the largest Internet security assumptions in recent history.

Mr. Barlow is also the founder of the Atlantic Security Conference, Halifax Area Security Klatch, and the recently launched Halifax Hack Labs.

His presentation will run from 5:30-6:30 PM, with complimentary snacks and coffee/tea, then join us from 6:30-7:30 PM for complimentary appetizers, drinks, and networking. There will also be a draw for a $100 gift card from Future Shop!

A big thank you goes out to Check Point for sponsoring this event and to eSentire Inc. for providing an excellent presenter!

You don’t want to miss it! REGISTER TODAY! Seating is limited and your registration ticket is required for the door prize draw. You must print it and bring it with you to the event.

Why do you need to worry?

• Hackers – Hackers scan networks for vulnerable systems that can be easily breached for malicious purposes. This can result in compromised data that, in turn, can cause lost customer confidence.
• Disgruntled Employees – Employees bearing a grudge could easily walk out your door with company data on removable media. They could send internal company data to an external source (ie. FTP, SSH, or email server) or simply destroy company data from within.
• Script Kiddies – Typically inexperienced hacker wannabes use tools which are freely available on the Internet (ie. LOIC – Low Orbit Ion Cannon or BackTrack 5). In the wrong hands, these tools can cause significant damage.
• Spammers – Exploit vulnerable email systems to relay spam email through your network infrastructure, often resulting in a network outage due to the traffic generated from your compromised network.

What can you do to protect yourself?

Determine what needs to be protected. This could include credit card numbers, confidential customer data,  or corporate assets.

Figure out how your data might be acquired. A risk assessment should be conducted to determine any potential weak points in both your IT and physical controls.

Install controls to protect your data. This may be as simple as implementing a security awareness program for all employees, or as complex as installing a hardened network perimeter (ie. DLP or IDS systems). The scope of the controls will be determined by your financial situation and the likelihood of compromised data.

In the end, you need to decide how much risk you can accept. This will determine a security posture that suits the needs of your business.

I’m going to assume you picked the right server and now the question is “Do I go with SATA or SAS drives?”

A SATA drive can connect to a SAS interface, a SAS drive cannot connect ot a SATA interface.  Most SATA drives are designed for the consumer market where cost is a big factor.  Most consumer drives are based on 8 hours per day usage with a 10-20%* workload. They are designed to run at half duplex (one data direction at a time) with an I/O per sector of 77*.  Enterprise based SATA drive improved on these specs by being design for more usage, higher workloads and can run at higher temperatures, and cost more.  SAS drives are designed to be enterprise drives where performance and reliability are much more important than price.  SAS drives are design to be running 24 hours a day with a much higher workload and to withstand higher temperatures. SAS drives use full duplex and have an I/O per sector of around 319*, 3 to 4 times faster than SATA.  If you ever pick up a SAS drive, one of the first things you’ll notice is that they are much heavier than the SATA counterpart.

I guess you can see where this is going.  From personal experience, SAS based RAID system out-perform SATA based RAID systems.

Joe Clarke

*Some of the numbers used above are from Intel.

It’s almost as bad as a few years ago (ok, maybe more than just a few years) I was installing a new server.  I connected to the Internet through a dialup connection to update the anti-virus software, while waiting for the update to download, they got a virus (it was cleaned after the update and a reboot).  I remember thinking at the time what was the chance of getting a virus from a dialup connection as I saw the tell tale sign of the virus pop up on the screen, just imagine the look on my face.

I’ll chat more on viruses and such in later blog entries.

Joe Clarke

We want to take this opportunity to thank everyone who attended. Without you there would be no user group. The first meeting was such a success that we plan on having our next meeting this February or March. If you have any meeting ideas or would like to present, please let us know.

We’re also looking for a few volunteers to help out with the user group. Please contact us if you are interested.

I almost forgot to mention our first sponsor, AG Research. They generously donated the meeting space and coffee. Microsoft Canada also paid for the pizza and refreshments.

Hope to see you at the next meeting.

Get them while they’re hot!