Small Business Susan

Stupid Users and Attackers: A day in the life of Securing SBS 2008 (revised)

Which is the bigger threat to a small firm? External attackers or Stupid Users? Perhaps both? Join Susan Bradley, Patch Watch author for Brian Livingston’s Windows Secrets as she guides you down the resources and tools she uses to secure and protect a small firm from both kinds of attackers. Along the way she’ll point out the security features of SBS 2008 and resources to keeping both the server and users safe and secure on the Internet Highway.


https://training.partner.microsoft.com/plc/details.aspx?publisher=12&delivery=259640


How many of you have found rogue antivirus programs on workstations?


How many of you have found enough IE toolbars to sink a ship on a workstation?


Is Google a risk to use as a search engine?


How many of you get calls from clients that have to deal with users going to twitter, facebook, and have you considered what the impact of these social sites have on the security and privacy of the employees of the network?


What proactive steps are you doing to ensure that you are balancing the needs of the business with the needs to secure the business?


Do you need to worry about Zero Day attacks?


What’s the best way to secure a Windows XP machine?


Does Cloud offerings help or do they bring risks as well?


All of this and more will be answered on 5/29/09 at 9:00 AM Pacific.  Sign up here:  https://training.partner.microsoft.com/plc/details.aspx?publisher=12&delivery=259640



2 comments ↓

  • #   Joe Raby on 05.21.09 at 10:08 am     

    1) “How many of you have found rogue antivirus programs on workstations?”

    If it’s more than zero, blame the IT guy for not locking down users.

    2) “How many of you have found enough IE toolbars to sink a ship on a workstation?”

    See answer for 1.

    3) “Is Google a risk to use as a search engine?”

    Yes – they don’t filter their ads. Former engineers have also stated that employees pick and choose their favourite sites for search results too, but that’s another story altogether.

    4) “How many of you get calls from clients that have to deal with users going to twitter, facebook, and have you considered what the impact of these social sites have on the security and privacy of the employees of the network?”

    I know I’ve thought of it. Sometimes it’s just the CEO or decision-maker offering the users too much freedom. Sometimes they think that play and work should mix, or else they’ll see a mass revolt by employees. I face that all the time. It’s sad when the top brass don’t understand the bottom line for paying someone to play at work.

    5) “What proactive steps are you doing to ensure that you are balancing the needs of the business with the needs to secure the business?”

    See answer 1 and 4. An IT head needs to convey the importance of securing the business to the top brass. If they don’t, they should step down as IT DM.

    6) “Do you need to worry about Zero Day attacks?”

    Understand them more, and understand safety measures to mitigate them. Don’t worry, be happy!

    7) “What’s the best way to secure a Windows XP machine?”

    Make sure you use double-loop chain to attach the boat anchor to it, and then replace it with a Vista machine. :P

    Ok, that was a cop-out. The “best way to secure it”? Quarantine it from the Internet. ;)

    8) “Does Cloud offerings help or do they bring risks as well?”

    Short answer: No and yes. In that order.

    Long answer: I have yet to see anything compelling in the cloud space that isn’t more cost effective in a self-hosted or local solution, even after paying for local management. Then there’s the privacy and ownership access issues. The other issues are QoS, SLA’s, and usability during downtime. There are many more variables with cloud platforms than with local platforms – many more steps in between you and your data.


  • #   DFriess on 05.29.09 at 1:33 pm     

    How soon until a recording of this is uploaded?