RSSRichM

Help RichM Secure Enterprise IM

| January 31, 2007

Active Image
Active Image del.icio.us

Discuss in Forums {mos_smf_discuss:RichM}

no-imChat is pervasive throughout our enterprise. Its use is an integral part of how most businesses get work done.  It is understandable considering how much faster it is than talking on the phone or even sending an email.  The ability to exchange information in real-time, cutting right to the chase, is what makes instant messaging (IM) so enticing to corporate society.  The problem is that users are just as susceptible if not more so to malicious attacks, since they have not been educated as to the dangers that IM can bring.  This is why I chose to eliminate my dependence on outside entities for my organizations internal chatting needs.

Each month, I do my best to find an interesting topic to focus on or a new project that I can share.  I sought out a way that could eliminate third party chat clients, namely AOL Instant Messenger (AIM) and outside servers that are not in our control. I also sought to do this all while making the project cost effective and more secure.  That was the intent, anyhow, but sadly I fell short.  And this is where I need your help.

Continue Reading

RichM on BCP and Free Apps Like Spiceworks

| January 1, 2007

Active Image
Active Image del.icio.us

Discuss in Forums {mos_smf_discuss:RichM}

RichM is a real person. Everything contained in this column is real. This evolving column will live and breath with RichM's daunting new job. Your feedback helps decide the direction the column will take. It may be a bumpy ride, but it will be educational. Let's call this experiment Reality Web 2.0.


This month, as I continue the daunting task of my new job, a couple thoughts are forefront in my mind:

  1. Over the years I have had good fortune to always be on the "ins" with the main decision maker (CEO, president, etc.).  Sometimes it was because the company was so small that knowing the owner was inevitable. Other times it was because my immediate supervisor was the go to guy; which made me the go to go guy (in waiting) by proxy.  Currently this is not the situation, and for the first time I am on the outside looking in.  I don't want anyone to get the wrong impression. I do know the decision makers, and they know me, but getting face time is near impossible.
  2. Many of us know how hard it is for IT to get a workable budget.  Then try to boil it down for information security, and the picture gets even more grim.  Of course there are always exceptions to the rules, but overall most of us need all the free solutions we can get our hands on.

Continue Reading

RichM Takes the Field

| November 27, 2006

Active Image
Active Image del.icio.us

Discuss in Forums {mos_smf_discuss:RichM}

EH-Net Welcomes Newest Columnist and Experiment

RichM is a real person. Everything contained in this column is real. This evolving column will live and breath with RichM's daunting new job. Your feedback helps decide the direction the column will take. It may be a bumpy ride, but it will be educational. Let's call this experiment Reality Web 2.0.


First installment 

I wanted to write an article that would be a page turner, something that readers couldn't resist. Sadly, this is an article based in real life and not a Hollywood blockbuster. Try as I might, reality is not that sexy.

This office is a disaster, nothing is even close to secure. Its a miracle that our organization hasn't been featured in a prominent magazine for exposing sensitive information about our clients. I clearly have my work cut out for me, and the following is the first month in the quagmire that is my network.

Continue Reading

Who is RichM and what is he up to?

| November 4, 2006

Active Image
Active Image del.icio.us

Discuss in Forums {mos_smf_discuss:RichM}

EH-Net Welcomes Newest Columnist and Experiment

RichM is a real person. Everything contained in this column is real. This evolving column will live and breath with RichM's daunting new job. Your feedback helps decide the direction the column will take. It may be a bumpy ride, but it will be educational. Let's call this experiment Reality Web 2.0.

Premise

RichM has recently accepted a position to helm a flailing network that has remained untouched for six years. The main issues include a porous firewall, non-existent documention and out of date software. Once a month he will share a new catastrophe and what he did to mitigate the risk.

The monthly column will cover a week by week breakdown of all vital details necessary to remedy the situation and hopefully serve as a model of CISSP/CEH principles in action. The column will uncover the current risk, offer details of the issues that needed to be tackled, and ultimately offer a resolution. When applicable, suggestions will be made that you can implement in your own environment.

But this will be a two-way street. There will also be a section in the forums dedicated to the monthly column. RichM does not pretend to have all the answers, but he will do his best to answer any questions that arise. Feedback and recommendations are encouraged, as this will not only enhance the effectiveness of the column but also his own learning and the overall network security of his enviroment. 

Continue Reading