GLITR

The show floor at Secure World Detroit

Posted: Wednesday, 05 November 2008 4:19PM

Security Threats Worst At Home, Expert Says

By Matt Roush

The threats to data security are most severe at home, a Seattle security expert told the Secure World Detroit conference at the Ford Conference and Events Center in Dearborn Wednesday.

Gordon Mitchell, president of Future Focus Inc., told the audience of a couple of hundred IT security professionals how to "become a counterspy in three easy lessons."

Mitchell said good counterspies must figure out what information is valuable, think about who could be a spy, think likea spy would and protect the information.

Companies and institutions are constantly surrounded by people who are spying on them, Michell said. The strategies can range from the sophisticated to the simple -- like the biotech client that actually had an employee listening to board meetings by using a drinking glass up against a wall.

Mitchell said home workers are generally the biggest security threat, given the sophisticated protection at many workplaces and the rudimentary protections in place on many home computers.

And it isn't just about computers. Far from it. Mitchell warned against discussing sensitive information onk a cordless phone. "About half the cordless phones you see aruond can be easily intercepted by stuff you can buy for 100 bucks at Radio Shack," Mitchell said. "My advice is to use a phone with a cord on it or a cell phone."

He also said home users should use software that's less targeted by the bad guys. For Web browsing, that means Mozilla Firefox with the NoScripts plug-in that won't allow running Java script programs.

He also recommended the use of shredders -- and even pouring paint on shredded documents to keep them secret.

Mitchell also had amusing advice for dealing with an intruder at home -- lock your bedrom door and go back to sleep. Mitchell said he has a friend who trains SWAT teams, and even among trained SWAT teams, "the guys clearing the building always lose to a guy hiding behind the couch with a gun. Why should I walk through my house with a baseball bat? I lock the bedroom door." But he said your cell phone should sleep in that bedroom too, in case you need it after someone has cut your regular phone line.

As for computers, Mitchell advised that "every computer that's hooked to the evil Internet should have a hardware fireball, and they cost under $100 ... it keeps a lot of the garbage away from your machine, and it logs things, so if something goofy happens you can find out what it was."

Also evil in Mitchell's book is wireless Internet access. "The reason I think so is that every time I start getting comfortable with something ... somebody figures out how to bust it. I don't think you can keep ahead of those folks unless you hvae a full time IT staff at your house."

Oh, and Mitchell added: "Music sharing, porn and game sites are poison." And he said that parents who don't monitor kids' Internet activities are irresponsible -- and that kids' computers should be in a public part of the house, not a bedroom.

He also said IT managers should get copies of pictures of the people fired as the result of tech investigations -- so they can quickly recognize whether someone is headed back for revenge.

As for foiling spies at work, Mitchell said, yes, IT managers really do have to check the undersides of tables for wireless microphones and other hidden electronics intended for eavesdropping. He said he's found wireless microphones in a meeting room that can beam its notices 15 stories up or down, and open cell phones in others. Another time, he found a node on a network that gave a competitor access.

He also recommended studying employee Web searches, recalling one client with an employee who killed his wife after workplace Web searches on "kill spouse."

He also urged an understanding of "elicitation," the way professional spies get information out of marks without them even seeing to ask sensitive questions. He recommended John Nolan's book on the subject, "Confidential."

Finally, Mitchell said IT managers have to learn how to pay attention by the important 20 percent of the data they recieve, and to relax.

More at www.esleuth.com. GLITR also recorded a podcast interview with Mitchell Tuesday. Check the podcast section of www.wwj.com.

The Secure World Conference Detroit continues today.

 
 
Print Page Email This Page
 
 
ADVERTISEMENT
 
 
 
 
GLITR Newsletter
GLITR January 5, 2009
GLITR December 19, 2008
GLITR December 18, 2008
Archive
 
 
GLITR Podcasts
Great Lakes IT Report 1/7
Matt Roush has his daily update on new technological innovations in and around the Great Lakes area.
Great Lakes IT Report 01/06
WWJ Technology Editor Matt Roush looks at technology trends across the state.
GLITR 1/5
A lively look at tech news throughout the Great Lakes area put into focus by WWJ's Tech Editor Matt Roush.
Great Lakes IT Report 12/24
WWJ Technology Editor Matt Roush with the latest on innovation in Michigan.
Great Lakes IT Report 12/23
WWJ Technology Editor Matt Roush with the latest on innovation in Michigan.
 
 
ADVERTISEMENT
Sponsored Links:
WWJ Newsradio 950 is Detroit's only all-news radio station and is the leader in Detroit radio news. Listen online to WWJ-AM 950 for live, local Detroit news, up-to-the-minute Detroit traffic, Detroit sports, Detroit business and Detroit community information. WWJ Newsradio 950 is an award winning radio station and you can listen online and podcast on demand Detroit news, Detroit Construction Alerts, Detroit School Closings, Winter Survival Guide and learn more about our Business Breakfasts. www.wwj.com.
Home | Local Detroit News | Michigan Politics | US & World News | Sports News | Detroit Business News | Automotive News | Detroit Real Time Traffic | Detroit Weather | Detroit School Closings | Water Cooler | Health News | Michigan Gas Prices | Detroit News on Demand | Exclusive Music | CBS News Video | National & World News Video | Subscribe to WWJ E-News | Detroit Area Photos | Detroit Business Events | Detroit Small Businesses | WWJ Sponsored Events | Contests | Michigan Lottery | Our Staff | Contact Us | Jobs | Michigan Lottery | Listen Live
© MMVIII CBS Radio Stations Inc., All Rights Reserved.
Powered by Intertech Media, LLC		 Advertise | Privacy Policy / Your California Privacy Rights | Terms Of Use | EEO Report