Security Protection – Harry Waldron MVP Rotating Header Image


WORDPRESS – Best practices in authoring posts

These links provide best practices and advice on constructing blog posts in the Word Press environment


WORDPRESS – Primary Lessons Menu page

WORDPRESS – Introduction to Blogging

WORDPRESS – Design and Layout

WORDPRESS – Advanced Topics

WORDPRESS – How to create your own personal blog

WORDPRESS – Support topics


AntiVirus – Windows XP product tests June 2014

Windows XP users should actively plan migration to the latest version of Windows for improved security protection.  AV-Test institute shares test results for about 2 dozen products that still support this expired operating system

QUOTE:  As of April 2014, Microsoft officially ended support for Windows XP. Those still using XP won’t get any more security patches. Well, there was one in May for an egregious Internet Explorer bug, but that’s not likely to happen again. An XP system without antivirus protection is a sitting duck, ripe for attack. On the plus side, the latest test results from AV-Test Institute show that many popular security products remain quite effective under XP.

AV-TEST May/June 2014 results for Windows XP SP3 for about 2 dozen products,1740,iid=425806,00.asp

IT Project Management – John Maxwell’s 10-80-10 Delegation strategy

John Maxwell shares project delegation tactics in his latest blog post. Within the 10-80-10 delegation framework, the leader is most active at start of project where they set vision, direction, and help define the blueprint for project success.  Then the project manager delegates detailed responsibilities to team to carry out the plan. Finally at the end, there is a need to “seal the deal” and ensure a thoroughly completed project, including satisfaction by the stakeholders.

QUOTE: If you know me, you’re already aware that I’m a big fan of delegation. I delegate almost everything. But there are right ways and wrong ways to delegate. The 10-80-10 Principle is what I consider the best way to delegate.

Here it is in a nutshell. For any project, I divide the total process (100%) into the first 10%, the middle 80%, and the last 10%. Then, I involve myself in the first and last 10%. The middle 80% is carried by my team. I pour myself into the first 10% in order to get the project started on the right track. Then I hand it off to the team. I interact a little bit with them, but not much. It’s really their baby. After the team has taken the project almost to completion, I dive back in again and help with the final 10%.

I call those two parts the bookends of success. I could also compare the process to piloting a plane. The crucial parts of the flight are the takeoff and landing. They’re the most dangerous, and the most complicated. By involving myself in the team’s project during those crucial times, I’m able to help them make a successful trip.  Here’s what I provide when I involve myself in the first 10%:
  1. The Big Picture
  2. Objectives
  3. Direction
  4. Resources and Support
  5. Responsibility

Nigerian 419 Scams – More Sophisticated Attacks in 2014

As shared below, 419 scams are improving as these social engineering experts improve on their technology techniques.

QUOTE: Nigerian criminals are infamous for running easily-spotted “419″ phishing scams that bait individuals into giving up credit card details or other personal information. But over the past few years, these criminals have expanded their skills to target businesses with many of the same tools used by more sophisticated criminal and espionage groups — tools that are specifically designed to evade traditional antivirus programs and legacy firewalls. 419 Evolution, the new report from Unit 42, explains in detail:

* The evolution of these actors from low-level spammers to a growing threat to businesses that have not previously been their primary targets

* The tools they use, including commercial RATs such as NetWire that provide complete control over infected systems

* How to safeguard your business by decrypting and decoding command-and-control traffic to reveal potentially stolen data

Anti-Virus Products – JUNE 2014 test scores

AV comparatives recently conducted their “real world” simulation tests for 20 AV products as noted below:

QUOTE: The full report goes into great detail about the exact test methodology. Briefly, researchers install 20 or more antivirus products on identical PCs. Every day they gather the latest malicious URLs and test whether each product protected the system. If the antivirus asks the user whether to block or allow any action, they always choose allow. An antivirus that successfully fends off compromise even when the user makes the wrong choice still gets full credit. If making the wrong choice leads to compromise, it gets half credit.  During May and June, the company’s researchers ran over 4,000 such tests. They also checked for false positives—legitimate URLs or programs wrongly identified as malicious by the antivirus software. A product with more than the average number of false positives can lose points. Nine products successfully protected against 99 percent or more of the samples. Eight of them, including Bitdefender and Kaspersky, earned the top rating, Advanced+.

Leadership – IT Decision Making Best Practices

Another excellent leadership article from John Maxwell, that has relevance for IT professionals

QUOTE: Entire countries come to a standstill during the World Cup soccer tournament. With such a small margin separating victory and defeat, the decisions made by referees play a significant role in determining the outcome of a match. Like soccer refs, leaders eventually face situations that require making a tough call.

Each tough call has the following in common:

* It demands a risk. If it’s easy or comfortable, then it’s not a tough call

* You will never make a tough call and have unanimous support for your decision.

* It is costly. You will lose sleep over it, sacrifice finances because of it, and perhaps even sever relationships as a consequence of it.

* If made correctly, a tough call will lead to a breakthrough that lifts your leadership to a higher level.

How do make good decisions in circumstances where the right choice is not perfectly clear and where so much is at stake?

1) Makes a timely decision — A referee does not wait several minutes after blowing his whistle to issue his decision.

2) Refuses to surrender the decision to others – A good referee refuses to be swayed by the crowd

3) Does not say “yes” to everything – You’re not making smart decisions if you’re always giving the go-ahead or thumbs-up. By saying “yes” to everyone; you’re not being helpful and empowering. Instead, you’re irresponsibly robbing resources from what matters most.

Privacy – Top Data Breaches for 1st half of 2014

Network World shares most significant data breaches for 2014 so far, in terms of number of users impacted:

1. eBay – The online retailer suffered one of the biggest data breaches yet reported by an online retailer. The breach is thought to have affected the majority of the company’s 145 million members, and many were asked to change their passwords as a result.

2. Michaels Stores – The point-of-sale systems at 54 Michaels and Aaron Brothers stores “were attacked by criminals using highly sophisticated malware” between May 2013 and January 2014. The company said up to 2.6 million payment card numbers and expiration dates at Michaels stores and 400,000 at Aaron Brothers could have been obtained in the attack.

3. Montana Department of Public Health and Human Services -  The server held names, addresses, dates of birth and Social Security numbers on roughly 1.3 million people, although the department said it has “no reason to believe that any information contained on the server has been used improperly or even accessed.”

4. Variable Annuity Life Insurance Co. – A former financial adviser at the company was found in possession of a thumb drive that contained details on 774,723 of the company’s customers.

5. Spec’s  – A 17-month-long “criminal attack” on the Texas wine retailer’s network resulted in the loss of information of as many as 550,000 customers.

6. St. Joseph Health System – A server at the Texas health care provider was attacked between Dec. 16 and 18 last year. It contained “approximately 405,000 former and current patients’, employees’ and some employees’ beneficiaries’ information.”

Leadership – Growth Environment characteristics

Throughout the years, John Maxwell has offered excellent leadership and management training. This post was particularly noteworthy for IT professionals in leadership positions.

QUOTE: One day, I realized that I had never really thought about what a growth environment did look like. What were the characteristics of that environment? I was eager to figure it out, so I could go in search of one. So I created a list of characteristics to look for in any environment, so that I could be sure it was a place where I could grow. This is what I wrote:

In a growth environment,

1. Others are ahead of you. 2. You are continually challenged. 3. Your focus is forward.- “Yesterday ended last night.” 4. The atmosphere is affirming. 5. You are often out of your comfort zone. 6. You wake up excited. 7. Failure is not your enemy. 8. Others are growing. 9. People desire change. 10. Growth is modeled and expected.

Windows XP – End of Oracle Java Support

Vendors are starting to discontinue support for Windows XP, which has reached End-Of-Life and became an expired operating system back in April 2014

QUOTE: Oracle is no longer supporting Java for Windows XP and will only support Windows Vista or later. Java 8 is not supported for Windows XP and users will be unable to install on their systems. Oracle warns “Users may still continue to use Java 7 updates on Windows XP at their own risk”

Microsoft Security Updates – JULY 2014

Critical Security updates to Microsoft Windows, Internet Explorer, and other products became available on Patch Tuesday.  Users should promptly update to enjoy best levels of protection