http://www.computerworld.com/securitytopics/security/story/0,10801,106807,00.html Opinion by Ira Winkler DECEMBER 06, 2005 COMPUTERWORLD It's the time of year when you need to pick out gifts for your friends, family and co-workers. I thought I would add a little security to your season, and maybe help you choose gifts that are unusual but also useful. So to that end, enjoy! Software and Gadgets Security software suites: For about $50, you can buy a firewall/antivirus/antispam suite. Antispyware is also a good option as well. Sadly, many people don't have this type of software, and frequently, if they do, they don't maintain the licenses so that the software can update attack signature files. Without an updated license, the software is as bad as having nothing. Personal shredders: With identity theft being a crime that will only continue to grow, a gift that helps to prevent identity theft should be very welcome. Personal shredders can be found for under $30 and are useful for everyone. You should look for cross-cut shredders that can accommodate at least five sheets of papers with staples, if you really like the person receiving the gift. USB drives: Most people don't perform backups regularly, primarily because they don't have a logistically feasible way to do it. This puts them at risk from everything from viruses to just stupid accidents. Without backups, you are basically screwed if something goes wrong. The newer Universal Serial Bus drives can hold up to 2GB and should be able to back up most people's "My Documents" directory structure. People with a lot of pictures and music will need several of them, but you can be one of the first to help them out. 3M Privacy Filters: For the frequent travelers on your list, 3M Privacy Filters are great gifts. I've gathered some of my best intelligence looking over people's shoulders on airplanes and in other public areas. While people shouldn't do sensitive work where "outsiders" can spy on them, they will. Just to make sure your friends don't lose that big contract and get fired, these filters are great gifts. Laptop cable locks: Also for the road warriors on your list, a cable lock can be a great gift. If you take a good look at a laptop computer, you will see an oval hole or two that's about a half inch in length. There are special cables that have a head that fits right into that hole. You wrap the cable around something that isn't going to move too easily, and then lock the head into your computer. While this doesn't guarantee your computer can't be physically stolen, it makes stealing your computer exponentially more difficult. Books Hackers Challenge and Hackers Challenge 2 (McGraw-Hill Cos., 2001 and 2002, respectively): If you're looking for a great reference for technical computer security professionals, this is it. These books test your computer security skills by putting you through more than 20 realistic scenarios, and see how well you would respond to them. You'll have a lot of problems finding a person better qualified to put a book like this together than Mike Schiffman. Hackers Beware (Sams, 2001): If you're not a computer security professional but you're technically inclined and want an idea about the intricacies of hacking, this is a good book. While the hacking techniques presented might be somewhat dated, the fundamental concepts are universal. You will also pick up a few security tips along the way. Eric Cole, the author, is one of the most knowledgeable people in the field and one of the SANS Institute 's most popular instructors. Spies Among Us (Wiley, 2005): OK, I'm biased as far as this one goes, but it is a good book. If you don't know why the gift recommendations above are so important, then you definitely need the book. I wrote this book, not for security professionals, but for the manager and the average person. It's intended to take away the hype surrounding computers and general security and provide practical and cost-effective solutions to everyday security problems. The case studies have been described as reading like spy novels. Don't take my word for it; read the reviews at Amazon.com. Paranoia: A Novel (St. Martin's Press, 2004): If you're looking for an entertaining, fictional take on security, Paranoia would be it. The plot involves industrial espionage, and Joe Finder did a great job researching the subject and makes the book a page turner. Movies Sneakers : This movie is a security classic. While the basic plot isn't overly realistic, it's still a great movie, and there are a lot of security lessons to take away. War Games : If you or your friends have never heard of this movie, you have to see it. It is the first and best of its genre. While it is a little idealistic of the hacker culture, the hacking techniques shown are still in use today. It's also good for highlighting the fact that even if computer hacking is not intended to cause damage, it can still have disastrous effects. Ferris Bueller's Day Off : This movie is probably one of the best examples of social engineering, the term for conning people, you will ever find. It's also really funny. _________________________________________ Earn your Master's degree in Information Security ONLINE www.msia.norwich.edu/csi Study IA management practices and the latest infosec issues. Norwich University is an NSA Center of Excellence.
This archive was generated by hypermail 2.1.3 : Tue Dec 06 2005 - 22:41:55 PST