Archive for January 27, 2019

| January 27, 2019
Comments Off on Data Privacy Day

Data Privacy Day

Data Privacy DayData Privacy Day is January 28, 2019. Data Privacy Day began in 2008 as a celebration of the signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. The National Cyber Security Alliance (NCSA) leads the Data Privacy Day campaign. Here are some tips from the NCSA to own your online presence.

Digital footprintThe first step is to STOP. THINK. CONNECT.™: take safety measures, think about the consequences of your actions and connect knowing you have taken steps to safeguard yourself and your family when online.

Share with care. What you post can last a lifetime: Any information shared online can easily be copied and is almost impossible to take back. Consider who might see a post and how it might be perceived in the future.Protect it.

Protect your infoProtect your info. Information about the games you play and what you search for online, has value – just like money how else does Zuck make $6 million a day? Be selective with the information you give to apps and websites.

Own your online presence.  Learn how to use the privacy and security settings on your favorite online games, apps and platforms.

Stay current. Keep pace with new ways to stay safe online: Keep up with new technology and ways to manage privacy. Visit staysafeonline.org or other trusted websites for the latest information about ways to stay safe online.

Personal information is like money. Value it. Protect it. If you don’t you will be the victim of a data breach.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow him at LinkedInFacebook and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , ,
| January 26, 2019
Comments Off on Don’t Be SAD

Don’t Be SAD

Don't Be SADThe holidays are in the rear-view mirror. You drive to work in the snow. You have to dodge potholes in the dark on the way home. And we have 8-10 more weeks of winter. The likelihood of a getaway to the sun and sand is pathetically low. No wonder your mood sucks. It is SAD.

Seasonal Affective Disorder SADOfficially it’s Seasonal Affective Disorder (SAD). SAD includes feelings of fatigue, depression, and anxiety that occur every winter. Experts say SAD impacts over two million people. SAD is rooted in several factors. The lack of sunlight in winter can throw off your circadian rhythms your biological clock. This cut levels of the neurotransmitters serotonin (a brain chemical that regulates your mood) and melatonin (a chemical that regulates sleep and mood). This can lead to a rough few months. Fortunately, there are ways to beat back SAD while at work.

Manage your stress. Stress management is a natural treatment option for SAD.

Catch some rays. Get outside breath in some fresh air every day. Studies confirm that spending time outside can relieve stress and fight SAD. At the office. open the shades and let as much sunlight in as possible.

Clean your cube.  Give your workspace a thorough cleaning. Getting rid of things you don’t need. Straightening up your everyday items can give your space a more peaceful feeling. A fresh desk can be what you need to help keep SAD at bay.

Get a desk plant. Instead of waiting around for Spring to roll around to experience signs of life, take matters into your own hands and invest in a plant for your desk.

Takea pant to workCut carbs. Avoid slurping on comfort foods like chips and cake. Carbohydrate-rich foods can actually be counterproductive for fighting the blues. The happiness delivered is short-lived, as the spike in blood sugar levels will leave you feeling worse after.

Eat asparagus. Use your lunch break to help combat SAD. Add asparagus to a salad or use it as a side to reap the benefits. Asparagus has heaps of tryptophan, an amino acid that is essential to producing serotonin.

AsparagusEat dark chocolate. Keep a bar of dark chocolate at your desk. It can do more than satisfy your sweet tooth. It can also elevate your mood. Studies show that dark chocolate promotes the release of endorphins that give an instant boost to happiness. Dark chocolate is also rich in serotonin.

Try some tech. Use technology to block blue light. Blue light suppresses serotonin making it harder to fall asleep. Of course, there is an app for that. You can try Night Shift on your Apple (AAPL) product, Twilight on your Google (GOOG) Android or f.lux on your PC to cut blue light. Or try blue light blocking glasses.

rb-

Of course, I’m no doctor so consult with a health care professional. But it is nice to know you can manage your SAD symptoms by eating chocolate-dipped asparagus at your sunny clean desk.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Health care | Tags: , , , , , , , , , , , ,
| January 19, 2019
Comments Off on Zix Buys AppRiver – Bolsters Email Security

Zix Buys AppRiver – Bolsters Email Security

Zix Buys AppRiver - Bolsters Email SecurityCompetition in the email security market is intense. Most of the major endpoint security companies, Barracuda, Cisco (CSCO) Fortinet (FTNT), Mimecast (MIME), and Proofpoint (PFPT), have moved into email security — emphasizing training services to mitigate rising phishing threats. Plus, Microsoft (MSFT) has pushed into email security services that wrap around its core business productivity software Office 365.

email securityThe global email security market is expected to reach $18 billion by 2023, expanding at 22% from 2016, this report asserts. This growth has drawn the attention of venture capitalists. The latest VC deal is unique in that the smaller company is buying the larger firm.

Publicly traded Zix (ZIXI) is acquiring AppRiver for $275 million in cash. Zix is a Dallas-based maker of email archiving and security products including ZixMail which manages the key management to provide end-to-end email encryption that protects messages and attachments.

Zix is acquiring AppRiver AppRiver is a privately held Florida-based MSP-friendly cybersecurity and Microsoft Office 365 cloud solutions provider specialist. AppRiver, founded in 2002, supports more than 60,000 companies globally in 2019.

Zix and AppRiver each have about 260 employees. As part of the M&A plan, Zix expects to generate about $8 million in cost synergies — which typically means that layoffs are coming. AppRiver CEO Michael Murdoch is exiting the combined firm. Zix CEO David Wagner would not rule out further job cuts.

cost synergiesCEO Wagner has lined up financial backers to help finance the AppRiver deal. Among the financial players are:

True Wind Capital will make a $100 million equity investment with the closing of the AppRiver acquisition.

SunTrust Bank and KeyBanc Capital Markets committed to a new five-year $175 million term loan and a $25 million revolving credit line.

The combined company, known as Zix, expects to generate roughly $200 – $207 million in annual recurring revenue in fiscal 2019, up 11% – 15% year over year. The deal is expected to close by March 31, 2019. Bu purchasing AppRiver, the new Zix will grow its channel from about 400 to 4,000 partners and its customer base will go from 20,000 to 60,000.

AppRiver is no stranger to acquisitions as it worked to position itself as a one-stop-shop for commercial cybersecurity services.

In October 2017, VC firm Marlin Equity Partners purchased a majority stake in AppRiver with intention of expanding its global footprint.

In March 2018, AppRiver acquired Canadian company Roaring Penguin for its anti-spam and machine learning technologies. In October of 2018, AppRiver acquired Total Defense, a provider of subscription-based endpoint security for consumers and small businesses.

rb-

The last three places I have worked were AppRiver or Zix shops. It makes sense email is the gateway to the cloud for many firms. Email is mission-critical and complicated to secure so it gets moved to the cloud.

My experience with both firms was OK. We were an earlier adopter of hosted Exchange from AppRiver and then at a re-seller. In keeping with industry trends, my current employer moved from Zix as we moved to O365, maybe this deal is a year too late.

 

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , ,
| January 12, 2019
Comments Off on Why Shielded Cables?

Why Shielded Cables?

Why Shielded Cables?With high bandwidth applications emerging in and out of the data center, the need for shielded cable has increased. Many of these new installations are in harsh environments.  Robotic equipment, motors, generators, air conditioners, fluorescent lights, printers, and they often generate a large amount of EMI (Electromagnetic Interference) and RFI (Radio Frequency Interference). You may need to install shielded cables in these harsh environments.

interference will cause increased errorsEMI and RFI can cause crosstalk between circuits and interfere with data transmission on a copper cable. The interference will cause increased errors resulting in mire network traffic due to packet retransmissions, and downtime.

Shielded cables reduce interfernece

EMI is an unwanted signal that is induced into the cable. EMI typically comes from a source that is external to the cable, such as an electrical cable or device. Cables can be both a source and receiver of EMI. As a source, the cable can either conduct noise to other equipment or act as an antenna radiating noise. As a receiver, the cable can pick up EMI radiated from other sources.

RFI is a disturbance that affects an electrical circuit due to either electromagnetic conduction or radiation emitted from an external source. Conducted RFI is unwanted high frequencies that ride on the AC waveform. Radiated RFI is emitted through the air.

Ethernet cables can be shielded to deal with EMI and RFI.  The shield surrounds the inner signal carrying conductors. Shielded Ethernet cables can deal with interference in two ways. It can reflect the energy, or it can pick up the interference and conduct it to ground. Both methods use shielding to cut the EMI and RFI reaching the twisted pairs located under the shielding. Whether the EMI/RFI is reflected off the shield or “rides” the shield to ground, some energy can still pass through the shielding, but since it is so highly attenuated it will not cause interference.

Types of shielded cables

Two basic types of shielded cables are available. The first are cables with an overall shield known generically as STP. STP cable may be made either with a foil or a braid for the shield. STP cables with an overall foil are often known as FTP. In practice, FTP and STP cables may be interchanged with no apparent difference in performance according to BlackBox

Cable types
The second type of shielded cable is S/STP. S/STP cables have a shield around each individual pair and an overall outer shield. BlackBox says the purpose of the inner shields is to cut the Alien Cross Talk parameter in CAT7 and CAT6a systems.On both STP and S/STP the primary task of the outer shield is to resist external RF noise such as electrical spikes.  S/STP cables may also have an extra braid for strength and to simplify connection to the metal shields around the connectors.
Cable constructionTo reduce EMI/RFI interference, shielded Ethernet cables must use shielded connectors to maintain the benefits of STP cabling. High-quality shielded cable includes a drain wire to provide grounding that cancels the effects of EMI and can ease termination of the cable shield for crimping or soldering.

Redi WattProper Ground connections

The shielded cable system must have proper ground connections for the shields. Incorrect grounding opens the possibility for ground loop currents and associated interference to the Ethernet signal. In the worst cases with no proper grounding, the shields can actually act as antenna broadcasting high-frequency signals out into the environment interfering with electronic equipment and allowing external detection of the Ethernet data.

Standards bodies have requirements for shielded Ethernet systems. The American National Standards Institute (ANSI) specifics how shielded communications cables are properly grounded. Normal practice says the cable shields should be grounded in the telecommunications closet (TC). Typically, the cable shield is grounded through the connector to the patch panel. Then the panel is grounded to the rack, which is grounded to the telecommunications grounding busbar in the TC. Do not ground the cable shield at the work-area outlet. Fortunately, many of today’s shielded outlets automatically connect to the patch panel’s ground so there’s no need to set up ground paths for each cable.

ISO/IEC requires that shielding must be complete for an entire channel, shielded and shielded cables, connectors or network controllers should not be mixed.

Cable Types

Category cable types comparison.
Max Data RateMax TX RateMax LengthSheildingYear IntroducedStatus
Cat 310Mbps16MHz100mNo1983Obsolete
Cat 5 1,000Mbps100MHz100mOptional1995Obsolete
Cat 5e1,000Mbps250MHz100mOptional2001Obsolete
Cat 6 10,000Mbps500MHz100mOptional2002
Cat 6a10,000Mbps500MHz100mOptional2008
Cat 7 10,000Mbps600MHz100mRequired2002Not recognized by TIA
Cat 7a10,000Mbps1GHz100mRequired2010Not recognized by TIA
Cat 8.140,000Mbps2GHz30mRequired2016Backward compatible with Cat 6A
Cat 8.240,000Mbps2GHz30mRequired2016Not recognized by TIA

rb-

interference is not a new problem. It dates back to the earliest communication systems. In 1881 Alexander Graham described the interaction between many twisted pairs in US Patent 244,426.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
| January 5, 2019
Comments Off on Marriott Data Breach One Of Biggest Ever

Marriott Data Breach One Of Biggest Ever

Updated July 17, 2019 – The Brits slapped Marriott with a £99m ($124m) fine for “infringements of the GDPR.” The Information Commissioner’s Office said that Marriott failed to undertake sufficient due diligence when it bought Starwood, and should also have done more to secure its systems prior to the data breach.

___

Marriott Data Breach One Of Biggest EverThe internet is a dangerous place for data. Hotel chain Marriott (MAR) proved that once again. Marriott revealed that hackers stole personal information from 500 million Starwood Preferred Guest program participants. The data stolen in the data breach included sensitive personally identifiable information (PII).

Marriott

Marriott said it got an alert on September 8, 2018, about an attempt to access the Starwood database and enlisted security experts to assess the situation. During the investigation, Marriott claims to have discovered that the unauthorized access to the Starwood network started in 2014.

Investigators found that an unauthorized party had copied and encrypted information from the database and had taken steps toward removing it. The company was able to decrypt the information on November 19, 2018, and found that the contents were from the Starwood guest reservation database. The hotel chain then waited until November 30, 2018, to tell its customers of the data theft.

What was lost on the data breach

personally identifiable informationFor about 327 million Marriott customers, the compromised information includes some combination of name, address, phone number, email address, passport number, Starwood Preferred Guest (‘SPG’) account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences. Marriott added that the data breach included payment card information. About 170 million impacted Marriott customers only had their names and basic information like address or email address stolen.

Marriott says that about 20.3 million encrypted passport numbers and approximately 8.6 million encrypted payment cards were compromised in the breach.

Chinese hackers Several sources report that state-sponsored Chinese hackers working for the intelligence services and the military were behind the attack. The stolen data would be an espionage bonanza for government hackers. Sources point out that the Starwood attacks began in 2014, shortly after the attack on the U.S. government’s Office of Personnel Management (OPM) compromised sensitive data on tens of millions of employees, including application forms for security clearances.

Sadly, the 500 million records Marriott hack only ranks as the third-largest known data breach to date. This list of fails illustrates, no matter what you’re doing online every time you put your information on the internet, you risk it being stolen.

RankCompanyAccounts HackedDate of Hack
1Yahoo3 BillionAugust 2013
2River City Media1.3 BillionMay 2017
3Aadhaar1.1 BillionJanuary 2018
4Marriott500 Million2014 - 2018
5Yahoo500 MillionLate 2014
6Adult Friend Finder412 MiltonOctober 2016
7MySpace360 MillionMay 2016
8Exactis340 MillionJune 2018
9Twitter330 MillionMay 2018
10Experian200 MillionMarch 2012
11Deep Root Analytics198 MillionJune 2017
12Adobe152 MillionOctober 2013
13Under Armor150 MillionFebruary 2018
14Equifax145.5 MillionJuly 2017
15Ebay145 MillionMay 2014
16Heartland Payment Systems134 MillionMay 2008`
17Alteryx123 MillionDecember 2017
18Nametests120 MillionJune 2018
19LinkedIn117 MillionJune 2012
20Target110 MillionNovember 2013
21Quora100 millionNovember 2018
22VK100 MillionDecember 2018
23Firebase100 MillionJune 2018

rb-

There is something else fishy here. Reports claim that the data was encrypted using AES-128 but not all the stolen data. Attackers were able to steal nearly 20 million passport numbers, and 8.6 million encrypted payment cards.

Marriott says that the attackers were able to gain access to 5.25 million unencrypted passport numbers and 2,000 unencrypted payment card numbers.

I’m sure that regulators (GDPR) and lawyers will ask why unencrypted sensitive info like passports and credit card numbers lying around waiting to be stolen?

 

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , ,
« Older Entries