Security on Campus

Security on Campus

It may surprise you to know that college and university campuses are scenes to more than just socializing and learning. All too often, they can also be the scenes of a crime. Awareness of this problem has grown dramatically over the last twenty years, and many institutions are taking appropriate measures to protect their students from malice. Wise parents do not close their eyes to these issues, but discuss them openly with their students. When choosing schools for their sons or daughters, they consider the security programs and features utilized by the schools. You must do all you can to ensure that your student doesn?t get an education they didn?t plan for.

Drugs and Alcohol
Nine out of ten student felonies involve alcohol or drugs. Annually, 1,700 college students die from alcohol-related causes. On their own for the first time, students often feel a surge of independence that can lead to poor decision-making, such as binge drinking. There are many resources available to help parents discuss substance use with their young adult children. Meanwhile, when choosing a school favor institutions with strict policies regarding alcohol and drug abuse, and effective parent-notification. In this way, colleges and universities keep better control of this problem.

Sexual Offenses
Unfortunately, 25% of undergraduate women nationally will be victims of an attempted or completed sexual assault. Many schools have embraced innovative technological solutions in an effort to protect their students. Residence halls that use electronic key-card systems are superior to the ones still using old-fashioned metal locks, and most commons areas of dormitories are now outfitted with video surveillance. At the very least, residence halls should be monitored, and nighttime access should be limited to residents only. Room doors should be equipped with peep holes and dead bolts. Bathrooms are safer when restricted to floor residents. For peace of mind, you may see if single-sex and ?substance-free? dormitories are available. Crime is lower in these halls.

Another important deterrent against sexual predators is awareness. Your student should study the campus and neighborhood with respect to routes between his or her residence and classes/activities schedule. Parking lots should be adequately secured, lit and patrolled. Many campuses offer emergency phones, escort services, and shuttle systems so that students should never have to compromise their safety by walking across campus alone after dark. These are free services that have dramatically decreased crime.

Theft
College students are often the target of fraudulent identity-theft and credit card schemes. Make sure your student is savvy about personal information. They should never leave bill payments, credit card offers, health insurance statements, or any personal mail lying around. Instruct them never to give personal information over the phone to any company unless they initiated the call, and they know the company is reputable. Caution students not to give out their social security numbers to obtain credit cards or memberships, and to keep a personal record of all such cards, with expiration dates and company phone numbers in a locked drawer or cabinet. PIN numbers should not be kept in wallets, and should never incorporate birthdates, social security numbers, telephone numbers or addresses.

The Jeanne Clery Act is a federal law that was signed into effect in 1990, requiring colleges and universities to disclose annual information about campus crime and security policies. It is your privilege and right to know these statistics. This law was passed at a great cost. In 1987 Jeanne Clery was raped and murdered in her dorm room by a student with whom she was unacquainted, who had passed through three propped open doors in order to rob dormitory rooms. Knowing they could never bring their daughter back, Mr. and Mrs. Clery demanded safer campuses for future students. More advice regarding security on campus can be found on their outreach site at www.campussafety.org.

About the Author:
Rob Daniels develops educational material for http://www.security-port.com and http://www.security-protection.net a top resource for locating security related RSS feeds.

View the original article here

Personal Security; Avoiding Identity Theft

Some law-enforcement authorities call identity theft the fastest growing crime across the country right now. In fact, identity theft is the most called-about subject on the Privacy Rights Clearinghouse's telephone hotline. Most victims don't even know how the perpetrators got their personal information.

Such fraud may account for as much as 25% of all credit card-fraud losses each year. Not surprisingly 49% of the victims, who have had their identities stolen, stated that they do not feel they know how to adequately protect themselves from this crime.

What Steps Can you Take to Avoid Identity Theft?
1. Credit Report
Order your credit report each year from each of the three major credit reporting agencies. Check each credit report carefully for accuracy and for indications of fraud, such as credit accounts that you did not open; applications for credit that you did not authorize; credit inquiries that you did not initiate; charges that you did not incur; and defaults and delinquencies that you did not cause. Check the identifying information in your credit report to be sure it is accurate pay particular attention to your identifying information like your name, address, and Social Security number. Make sure that you recognize every line of information established in your file.

2. Social Security Report
Additionally order your social security earnings and benefit statement once a year so that you can check to make sure your earnings are correctly recorded. If the numbers are inflated it maybe because someone is using your Social Security number for employment. (Note - The Social Security Administration now automatically mails these statements annually to all eligible workers age 25 and older).

3. Checks
Call the payees of any outstanding checks that you are not certain you wrote. The payee is the person or business to whom you wrote the check. Explain to each payee that you are the victim of identity theft and that you have to close your checking account for that reason. Ask each payee to waive (forgive) any late payment or returned check fee. Then send each payee a replacement check drawn on your new account and stop payment on the check that it replaces. It's a good idea to enclose a note with each check explaining why you are sending a replacement check and reminding the payee that the payee has agreed to waive the late payment or returned check fee.

4. Mail
If you are traveling be sure to stop your mail delivery at the post office, rather than having it accumulate unattended in your mailbox. If you do not receive your credit card statement on time or if you do not receive a new or renewed credit card when you expect it, your mail may have been stolen. If you notice your mail is dwindling, check with the post office to see if they have any change of address posted. If a change of address request has not been filed at the post office check if one has been filed with the creditor. Guard your mail from theft. Deposit outgoing mail in post office collection boxes or at your local post office, rather than in an unsecured mailbox. Promptly remove mail from your mailbox. Install a lock on your mailbox if you live in an area where mail theft has occurred. This will reduce the risk of mail theft.

5. Good Record Keeping
Be sure to keep a list of all your credit card account numbers, expiration dates, and telephone numbers of the customer service and fraud departments in a secure place, not in your wallet or purse, so that you can quickly contact your creditors in case your cards are lost or stolen. Make a list of, or photocopy, all of your credit and debit cards. For each card, include the account number, expiration date, credit limit and the telephone numbers of customer service and fraud departments. Additionally be sure to store a list of bank accounts in secure location, along with access numbers.

6. Lost or Stolen
A thief may steal, or the consumer may lose, the consumer's purse or wallet. The thief then may use the consumer's stolen personal identification information to obtain credit in the consumer's name.

7. Collection
If you receive calls from collection agencies or creditors for an account you don't have or that is up to date. Someone may have opened a new account in your name, or added charges to an account without your knowledge or permission. Financial account statements show withdrawals or transfers you didn't make. A creditor calls to say you've been approved or denied credit that you haven't applied for. Or, you get credit card statements for accounts you don't have. You apply for credit and are turned down, for reasons that do not match your understanding of your financial position.

8. Notebooks
Laptops and notebooks are treasure troves of useful information. Be sure to password protect any sensitive information. When creating passwords and PINs (personal identification numbers) do not use any part of your Social Security number, birth date, middle name, spouse's name, child's name, pet's name, mother's maiden name, address, telephone number, consecutive numbers, or anything that a thief could easily deduce or discover. For tips on strong passwords refer to: http://www.password-software.com . Avoid using an automatic log-in feature that saves your user name and password; and always log off when you are finished.

9. ATM/ Credit Cards
If your ATM card has been lost, stolen or otherwise compromised, cancel the card as soon as you can. Get a new card with a new PIN. If you suspect unauthorized use, contact the provider's customer service and fraud departments immediately. Never give out your credit card, bank account or Social Security number over the telephone unless you placed the call and you have a trusted business relationship with the business or organization. Place passwords on credit cards, bank and phone accounts. Avoid using easily available information like mother's maiden name, your birth date, the last four digits of your SSN or your phone number, or a series of consecutive numbers. Cancel your unused credit cards so that the accounts will not appear as being "open" or "active" on your credit report. Shield your ATM or telephone key pad when using an ATM or making a phone call with your phone calling card. Some shoulder surfers' use binoculars or video cameras to record your numbers. If you use ABMs or point-of-sale terminals, always shield the entry of your PIN, and never give your access code (PIN) to anyone. Choose a PIN that can't be figured out easily, as you could be liable if you use a PIN combination selected from your name, telephone number, date of birth, address or Social Insurance Number (SIN). Remember that no one from a financial institution or the police will ask you for your PIN. Always take credit card, debit card and ATM receipts with you. Never throw them in a public trash container. ear them up or shred them at home when you no longer need them.

10. Trash
One person's trash is another person's treasure. Shred documents before throwing them away. Be sure to shred credit card statements, bank statements, pre-approved applications, any important papers with identifying numbers. Memorize ALL passwords and PIN numbers. Keep them private. Some thieves create identities by retrieving personal information in your garbage or recycling bin by "dumpster diving".

11. Public Information
Some thieves use public information, Searching public sources, such as newspapers (obituaries), phone books, and records open to the public (professional certifications). Consider not listing your residence telephone number in the telephone book, or consider listing your name and residence telephone number without an address. If you decide to list your name and telephone number, consider not listing your professional qualification or affiliation (for example, "Dr.," "Atty.," or "Ph.D .").

12. Online Banking
After completing a financial transaction or online banking, make sure you sign out of the Web site and clear your Internet file/caches (Internet files are retained in your computer automatically and thus should be cleared so that hackers cannot obtain the information). Most financial institutions provide instructions on how to clear the caches under their "security" section. Look for "https" in the URL header and a padlock icon on your Internet toolbar at the bottom of the screen; both indicate that a secure connection is in effect. With Microsoft Internet Explorer, click Tools then Internet Options. On the General tab, click Delete Files, Delete Cookies and Clear History buttons.

13. Posing
Do not release any information to anyone calling. Thieves often pose as a creditor, landlord or employer to get a copy of your credit report or access to your personal information from other confidential sources.

About the Author:
Francesca Black develops educational material for http://www.security-port.com and http://www.security-protection.net a top resource for locating security related RSS feeds.

View the original article here

Holiday Security

Christmas holidays are a special time when families and friends come together to celebrate the season. It is also the time of year where families and friends are most generous and practice the tradition of gift giving. It should be a joyous and happy time for all of us. Unfortunately for us, home burglars view the holiday season a little differently. For them, it is a time of opportunity to burglarize your home for cash, credit cards, and all the new gifts of small electronics, computers, jewelry, and easily sold valuables. Here are a few tips of what they look for when shopping for a house to burglarize. These tips will help you enjoy the holidays without incident.

* Burglars look for an easy entry with good escape routes. Don't openly display your Christmas tree and gifts in the front window so it's easily visible from the street. It's too tempting for them to smash the window and grab the wrapped packages.

* Burglars look for occupancy cues like outdoor lights burning 24 hours a day, piled up newspapers, or advertising flyers hanging on the door knob. Use an inexpensive light timer when you are away and ask a neighbor to keep the front of your home clean of papers and debris.

* Burglars know to look for the hidden door key near the front entrance. Don't hide spare keys under rocks, in flowerpots, or above door ledges. Instead give the spare key to a trusted neighbor.

* Burglars prefer to enter through unlocked doors or windows. Sliding windows that are not secure can be seen from distance. One holiday problem can occur when exterior Christmas light extension cords are run inside through a window and prevent it from being secured. Hire an electrician or handyman to install an inexpensive exterior outlet for your holiday lights.

* Don't post your family name on your mailbox or on you house. A burglar can call directory assistance to get your telephone number and call your home while in front of your house to confirm that you are away.

* Don't leave descriptive telephone answering machine messages like, "You've reached the Wilson's...we're away skiing for the Christmas holidays...please leave a message." Burglars love to hear that they have plenty of time to break in and completely ransack your home.

* After Christmas day, don't pile up empty gift boxes from your new computer, DVD player, or stereo receiver on the street for the garbage man. Burglars appreciate knowing that you have expensive gifts inside for them to steal. Break them down or cut them up to conceal the items better. After a lucrative burglary, the chances of being burglarized again are increased to steal the new replacement products.

* Last, but not least, fortify your home by installing solid core doors, heavy duty locks, longer screws in the lock strike plates and door hinges, and install secondary security devices on all accessible sliding windows. See my webpage on home security products and options.

Home Security Prevention Advice

Doors and Locks
The first step is to "harden the target" or make your home more difficult to enter. Remember, the burglar will simply bypass your home if it requires too much effort or requires more skill and tools than they possess. Most burglars enter via the front, back, or garage doors. Experienced burglars know that the garage door is usually the weakest point of entry followed by the back door. The garage and back doors also provide the most cover. Burglars know to look inside your car for keys and other valuables so keep it locked, even when parked inside your garage. Use high quality Grade-1 or Grade-2 locks on exterior doors to resist twisting, prying, and lock-picking attempts. A quality deadbolt lock will have a beveled casing to inhibit the use of channel-lock pliers used to shear off lock cylinder pins. A quality door knob-in-lock set will have a 'dead latch' mechanism to prevent slipping the lock with a shim or credit card.

* Use a solid core or metal door for all entrance points
* Use a quality, heavy-duty, deadbolt lock with a one-inch throw bolt
* Use a quality, heavy-duty, knob-in-lock set with a dead-latch mechanism
* Use a heavy-duty, four-screw, strike plate with 3-inch screws to penetrate into a wooden door frame
* Use a wide-angle 160? peephole mounted no higher than 58 inches

The most common way used to force entry through a door with a wooden jam is to simply kick it open. The weakest point is almost always the lock strike plate that holds the latch or lock bolt in place followed by a glass paneled door. The average door strike plate is secured only by the soft-wood doorjamb molding. These lightweight moldings are often tacked on to the door frame and can be torn away with a firm kick. Because of this construction flaw, it makes sense to upgrade to a four-screw, heavy-duty, high security strike plate.

They are available in most quality hardware stores and home improvement centers and are definitely worth the extra expense. Install this heavy-duty strike plate using 3-inch wood screws to cut deep into the door frame stud. Use these longer screws in the knob lock strike plate as well and use at least one long screw in each door hinge. This one step alone will deter or prevent most through-the-door forced entries. You and your family will sleep safer in the future.

Alarm Systems

Alarm systems definitely have a place in a home security plan and are effective, if used properly. The reason why alarms systems deter burglaries is because they increase the potential and fear of being caught and arrested by the police. The deterrent value comes from the alarm company lawn sign and from the alarm decals on the windows.

Home and apartment burglars will usually bypass a property with visible alarm signs and will go to another property without such a sign. Some people, with alarm systems, feel that these signs and decals are unsightly and will not display them. The risk here is that an uninformed burglar might break a window or door and grab a few quick items before the police can respond. Also, don't write your alarm pass code on or near the alarm keypad.

Alarm systems need to be properly installed and maintained. Alarms systems can monitor for fire as well as burglary for the same price. All systems should have an audible horn or bell to be effective in case someone does break in. However, these audible alarms should be programmed to reset automatically after one or two minutes. The criminal got the message and will be long gone but your neighbors will have to listen to the alarm bell, sometimes for hours, until it is shut off. If you use a central station to monitor your alarm, make sure your response call list is up to date. Home alarms, like car alarms, are generally ignored except for a brief glance.

However, if you have established and nurtured your neighborhood watch buddy system, you will experience a genuine concern by your neighbor. It is not unusual to have a neighbor wait for the police, allow them inside for an inspection, and secure the residence.

A good neighbor can also call the glass company or locksmith to repair any damage, if pre-authorized by you. The greatest barrier getting to this level of neighborhood participation is taking the first step. You can get help by calling your local crime prevention unit at the police department. Most police departments in large cities have neighborhood watch coordinators to help you set this up. You should invite your adjacent neighbors over to your home for coffee and begin the information exchange. You'll be amazed how the process runs on automatic from there.

* Alarm systems are effective deterrents with visible signage

* Alarm systems to be properly installed, programmed, and maintained

* Alarm systems need to have an audible horn or bell to be effective

* Make sure your alarm response call list is up to date

* Instruct your neighbor how to respond to an alarm bell

Home Safes Since the prices of good home safes are falling, having a safe in your home is a wise investment. Home safes are designed to keep the smash and grab burglar, nosey kids, dishonest babysitter or housekeeper from gaining access to important documents and personal property. Home safes need to be anchored into the floor or permanent shelving.

* Use the safe everyday so it becomes routine

* Protect the safe code and change it occasionally *

Install it away from the master bedroom or closet http://www.boston-locksmith.com/

About the Author
Samantha West is an online marketer who specializes in helping people find ways to protect their homes.

View the original article here

Careers in Security

There was a time when might made right, when the victor was determined on the battlefield, and the tools of destruction were the weapons of war. That time is past. Keeping our nation safe and secure today involves much more than wielding a sword against the enemy. The development of new technology and communications systems has transformed the job of keeping our nation safe. The weapons of war today include some of the same tools we see in our schools: computers, communication devices, and electronics. While we benefit from the advancements in the telecommunications industry, so do our adversaries. We can no longer protect the outer borders of our nation and feel safe. The enemies of the present and future are bright, educated individuals who require us to be prepared and keep a step ahead. There is a great and steady demand for professionals in security-related fields.

While law enforcement, criminal justice, and military intelligence spring to mind as fields traditionally associated with security, people with diverse and varied backgrounds are needed to keep our country safe. For instance, the National Security Agency alone hires more business management professionals than the top 10% of the Fortune 500 companies combined. While important, education, training, and background are not as critical in today?s security job market as the individual?s drive, innovation, and ability to solve challenges creatively.

The field of security is a haven for computer scientists and engineers. With training in development and support, a multitude of jobs are available. Computer Scientists and Engineers are often teamed with Mathematicians and Signals Analysts to analyze, understand, and exploit the advanced signals that threaten our security.

Individuals with a background in history, foreign language, or education are also needed in security-related fields. As Intelligence Analysts or translators, these individuals have an impact on the actions of our leaders in the government. Their research and written and oral assessments affect the course of action taken. Language Analysts are in such high demand that they often receive generous recruitment incentives, especially if speakers are multi-lingual, or proficient in Asian or Middle Eastern languages. Often candidates who are fluent in one language will be hired and trained in another language to suit the current needs of the country.

Researchers with a more creative bent are also in high demand in the security sector. To stay ahead of the nation?s adversaries, new products must be developed and tested. Within the security industry, inventors have opportunities to create much more than the next new gadget. These visionaries use cutting-edge technology to invent a safer tomorrow, leaving their marks as technical legends.

To get almost any job in security one must pass a full background investigation and pass a drug test. If security clearance is required for hiring, this may take six months to a year. The military employs the nation?s greatest population of individuals who possess security clearance. Often members of the armed forces find gainful employment in security-related fields when their terms are up. It?s important to plan ahead and plot out your career path. The field of security is not for the light-hearted. It is a serious subject, with serious implications. Although it requires individuals to work under intense, stressful conditions, the reward is a better future for everyone.

About the Author:
Francesca Black develops educational material for http://www.security-port.com and http://www.security-protection.net a top resource for locating security related RSS feeds.

View the original article here

Security Policies

Security Software Basics

Create security policies to match the size and culture of your business. Policies must be written, enforced, and continually updated. Maintain configuration management through Security Policy implementation and systems hardening.

Inventory:
As a business owner it is important to establish a "computer software and hardware asset" inventory list and create a lifecycle plan for each piece of hardware and software. Classify data by its usage and sensitivity. Applications critical to infrastructure and essential data should be recognized.

Ownership:
Establish owners of all data assets. Identify the data covered by specific regulations and requirements. Many State and Federal laws provide specific guidelines related to managing data that contains personal information and credit card details.

Budget:
Prepare a comprehensive budget and ensure that security is a specific budget line item. Anticipate necessary software and hardware upgrades that are required to keep systems operational and protected. Budgeting preventative maintenance will result in less downtime and also save money.

Update:
Maintain patch management on all systems. Follow a regular schedule for applying patches to operating systems, software, and anti-virus updates. Regularly download recommended security updates and patches for operating systems and other software critical to operations.

Testing:
Maintain operational management through the reviewing of all log files, ensuring system backups with periodic data restores, and report any known issues or risks. Perform security testing through annual security audits and penetration scanning. Ensure physical security of systems and facilities.

Backups:
Perform scheduled backups of main systems and local drives on a regular basis. Monitor log systems to ensure that backups were completed, and test tapes to make sure that backup systems are functioning properly. Data recovery is expensive and not always effective, a good backup system will result in averted catastrophes.

Limit:
Limit access to key personnel. Both data and application access can be sensitive. Employees should only have access to files which are necessary for them to perform their duties.

Stay Alert:
Monitor news for specific security alerts that relate to critical software used within your organization. Many software companies provide alerts via RSS feeds or email lists. Search Security Protection http://www.security-protection.net for feeds related to specific security concerns.

A proactive systems management and security plan will often result in increased productivity and less downtime.

About the Author:
Francesca Black develops educational material for http://www.security-port.com and http://www.security-protection.net a top resource for locating security related RSS feeds.

View the original article here

New Security Portal

Security Port is an innovative web site that provides news, resources and information about critical security issues. The new site located at http://www.security-port.com makes it easy for individuals searching for security solutions and information. Security Port helps users locate the latest security news and technology in one convenient location.

Security industry professionals and consumers can visit http://www.security-port.com and browse a large directory of security resources. Information contained in the Security Port web site covers a wide range of security alerts, and warning subjects. Items such as security forums, security newsletters and security software are just a few of the topics covered. Each topic contains manufacturer links and brief descriptions. The software titles are specifically related to updates, alerts and warnings on security issues.

Security industry professionals and consumers can visit http://www.security-port.com and browse a large directory of security resources. Information contained in the Security Port web site covers a wide range of security alerts, and warning subjects. Items such as security forums, security newsletters and security software are just a few of the topics covered. Each topic contains manufacturer links and brief descriptions. The software titles are specifically related to updates, alerts and warnings on security issues.

About Security Port
Security Port is a free service from DR Management a Massachusetts company.

View the original article here

Security Systems Software

Security Software Basics

Anti-Virus Software:
Install virus protection software. That means three things: having it on your computer in the first place, checking daily for new virus signature updates, and then actually scanning all the files on your computer periodically. Update your anti-virus software daily or weekly and schedule a regular scan. Make sure all family members know what to do if the home computer becomes infected.

Locate Anti-Virus Software - http://www.monitoring-software.net/

Install Firewall Software:
Firewalls act as a gatekeepers between your computer or network and the Internet. They are essential for those who keep their computers online through the popular DSL and cable modem connections, but they are also valuable for those who still dial in. Protect your computer from Internet intruders. Use firewalls. Firewalls are usually software product but can also be hardware solutions.

Passwords:
Choose passwords or Personal Identification Numbers (PINs) that are difficult for others to guess. Use both letters and numbers and a combination of lower- and upper-case letters if the passwords are case-sensitive. Use a different password for each of your Internet accounts.

Passwords should not be names, or words (from any language). Hackers who try to obtain passwords for accounts that don't belong to them (called crackers) use large dictionaries filled with these kinds of passwords. In order to protect yourself against these people, simply don't use common words!

Change these passwords frequently. Don't keep your password where someone can see it. If it can possibly be avoided, don't write it down at all. There are ways to create passwords that are both secure and easy to remember. Remember that your password unlocks your online identity. Don't leave yourself logged in when your machine is unattended. Everything that is done with your account can and will be attributed to you. It's best that you keep your password somewhat esoteric. Do not use the same password for different systems.

More on Passwords - http://www.password-software

Backups:
Back up your computer data on disks or CDs regularly. Retain the only copies of those files on removable media and store the media in a safe place. Use accessories such as rewriteable CD drives and zip disks for copies of your important files - they're easy to use and relatively cheap.

Alert:
Be alert for fraudulent (sometimes called "phishing") emails. They may appear to come from a reputable business or a trusted friend but are actually designed to trick you into downloading a virus to your computer or directing you to a Web site to disclose sensitive or personal information. An ounce of prevention is worth a pound of cure, educate all system users to be alert for phishing scams.

Practice Safe Computing:
Protect shared files and folders. Set the permissions on the share to "read-only." This means that no one will be able to copy, delete, modify, or rename your files. Set-up login accounts and file permissions, so only authorised users can access the system. Unix and Windows NT/2000 have these security functions built in. If you run Windows 95/98/Me, you can buy products to provide this protection.

Configure the access restrictions to individual files or folders, so other users can only access the files you want them to. Understand and use the security features provided by your PC software, such as those included in many operating systems, browsers and word processing systems. The safest option is to set your computer to ignore Java and ActiveX programming languages. Otherwise set your browser to ask you each time it is about to run Java and ActiveX code.

Depending on what you know about the site, you will at least have the choice to run it, or not. If information privacy is imperative you should also consider using a file- or disk-encryption system on the sensitive files.

About the Author:
Francesca Black develops educational material for http://www.security-port.com and http://www.security-protection.net a top resource for locating security related RSS feeds.

View the original article here

Homeland Security

The US President's Executive Order issued October 8, 2001 established the US Office of Homeland Security. The Office is directed to develop and coordinate a comprehensive national strategy to strengthen protections against terrorist threats or attacks in the US. The new Office will coordinate federal, state, and local counter-terrorism efforts. The Secretary of Homeland Security will provide assistance to state and local governments to develop all-hazards plans and capabilities, including those of greatest importance to the security of the United States homeland, such as the prevention of terrorist attacks and preparedness for the potential use of weapons of mass destruction, and ensure that state, local, and federal plans are compatible.

All federal departments and agencies shall cooperate with the Secretary of Homeland Security in the Secretary's domestic incident management role and shall participate in and use domestic incident reporting systems and protocols established by the Secretary of Homeland Security.

The act designated the Department of Homeland Security as a "defense agency of the United States" for purposes of 35 U.S.C. ? 181, which accords the chief officer of any Federal department or agency so designated the right to inspect certain inventions that will be disclosed by the granting of a patent, and with respect to which disclosure might be detrimental to the national security, for the purpose of determining whether the invention should be kept secret.

The Secretary of Homeland Security is responsible for coordinating federal operations to prevent, prepare for, respond to, and recover from all domestic incidents when any of the following conditions apply:

(1) the initial lead federal department or agency has requested assistance;

(2) the resources of state and local authorities are overwhelmed and assistance has been requested by the state and local authorities;

(3) more than one federal agency has become substantially involved in responding to the incident; or

(4) he has been directed to assume responsibility for the domestic incident by the President.

Departments included under homeland security now include: Domestic Emergency Support Teams previously under the Department of Justice that expeditiously provide expert advice, guidance and support to the Federal On-Scene Commander during an incident involving weapons of mass destruction or a credible threat. Nuclear Incident Response Teams, Atmospheric Release Advisory Capability, Radiological Assistance Program and the Aerial Measuring System previously under the Department of Energy that provides radiological response assets to respond during a radiological incident. Strategic National Stockpile previously under the Department of Health and Human Services that ensures the availability and rapid deployment of lifesaving pharmaceuticals, antidotes, and other medical supplies and equipment. Dissolve the President's Critical Infrastructure Protection Board, and transfer reporting, funding, and administrative responsibilities for the National Infrastructure Advisory Council to the Department of Homeland Security.

The Attorney General has the lead responsibility for criminal investigations and intelligence operations concerning terrorist attacks and shall also work to ensure that members of the law enforcement community will work with the Secretary of Homeland Security as the official responsible for domestic incident management, to detect, prevent, preempt, and disrupt terrorist attacks against the United States.

Some versions of the homeland security department bill included a much narrower provision that required a connection to a terrorism investigation before such sensitive information could be shared.

The current version, according to the ACLU, is broad enough to sweep in minor criminal matters. Overly broad intelligence information sharing provisions between the Homeland Security department and other agencies, such as the FBI or the CIA and even with foreign law enforcement agencies. Some versions of the homeland security department bill included a much narrower provision that required a connection to a terrorism investigation before such sensitive information could be shared.

Shielding information from public scrutiny.
The bill exempts information about so-called critical infrastructure from the Freedom of Information Act. It even goes so far as to impose criminal penalties for government officials who disclose this information. As a result, officials who blow the whistle on threats to public health (uranium stockpiling or tainted blood) or private sector incompetence (poor maintenance of railroad tracks or computer networks) could become criminals. The legislation imposes these FOIA exemptions not just on the federal government, but also on states and municipalities by trumping all state and local open government laws.

About the Author:
Francesca Black develops educational material for http://www.security-port.com and http://www.security-protection.net a top resource for locating security related RSS feeds.

View the original article here

Home Security Measures

Anyone is susceptible to robbery, home invasion, or assault. Criminals often survey their target before entering and taking a few precautions will make your home and those who dwell there less likely to be victimized. Those who have experienced someone coming into their home will often report the feeling of being violated. More than the items lost or destruction of property, the concern for the lives and well-being of those in the home are the foremost concerns. It can effect daily activities, comfort and self-assurance. There is generally enough concerns in life that take worry, that your home security should not have to be one on them. There are a variety of precautions to take, ranging from simply installing lights to a full security system in your home. Taking these measures will give the impression some one is home, deterring would be criminals and/or warning through lights or noise that their presence is known. If the question comes to mind, "why do I need a security system?", it might be beneficial to search the local statistics for crime in your geographical area.

Automated Lights/ Motion Sensors
Probably the most simple of actions to pursue is to get timers for various lights in your home to turn on at designated times. One concern that comes up is the same light coming on at the exact same time each day. To avoid the obvious repetition, one can get timers set on a weekly basis. Each day a different light can come on at a different time. Another light that is beneficial is one that is set off by motion. Easily installed in driveways, garages, porches or backyards, they serve a dull purpose to both light up when an intruder is present and to give a resident of the home light as they enter dark areas.

Dog
A criminal does not want attention drawn to them and their activities. A dog that barks at intruders and unwanted guests is a good alarm for home owners to know that someone is around their property. Dogs to not have to be viscous or attacking, simply their presence will dissuade criminals from your home.

Monitoring Systems
Installing a security system in your home has many benefits. When you have a system installed a sign can be posted as a warning that there is an alarm system, hopefully dissuading an individual from invasion. If that does does have an effect, the alarm sounding after entry will bring attention to your home and the presence of an invader. Along with the initial noise a security company can be hired to monitor your home. When an alarm goes off they will notify the police so they will investigate the problem. Another option is to have the company call your cell phone so you are notified of any alarms.

Remote Home Surveillance
A higher level of security can be installed similar to that which monitors the traffic on freeways. Remote home surveillance is made possible by having an IP address camera installed in your security system at your residence. It makes it possible to access a visual of your home in any room in which a camera is installed. Just as you can access freeway traffic situations through these cameras that are installed on overpasses, you can view your home at any given moment from any computer that has Internet access. A recording device can also be installed if you want to be able to look back over a period of time.

Taking measures to protect your home and family will help deter would be intruders as well as give you assurance that you are doing all you can to look out for their safety. Although it is not a guarantee, it is effective to reduce incidents of breaking and entering and violence within your home. Even the simple things make a big difference.

About the Author:
Francesca Black develops educational material for http://www.security-port.com and http://www.security-protection.net a top resource for locating security related RSS feeds.

View the original article here

Encryption, Security and SSL

When it comes to accepting online payments and other sensitive information over the web, normal HTTP just doesn't cut it. It's an insecure method of communication where everything is sent over the wire in cleartext - it's completely trivial for anyone in a network administrator position at a business or ISP to gain access to the network, and most networks are even vulnerable to 'sniffing' by non-privileged users of the network.

Things are bad enough that you really shouldn't even transmit any passwords without taking additional security measures, unless the things the passwords give access to are entirely trivial - put simply, as a webmaster, you need to be worried about encryption and security. But how can you add them to your website? Well, it's not as difficult as you think, because there's a standardised way of doing it: SSL.

What is SSL?
SSL stands for Secure Sockets Layer. It is a method of using cryptography to make sure that communication between a server and a client is secure: in other words, data sent can't be intercepted or tampered with in any way. SSL works using a variety of encryption methods, but the most important feature is that SSL certificates effectively certify that a site is the real thing, which helps to prevent spoofing. When SSL is combined with HTTP, it becomes HTTPS (Secure HTTP), a powerful way for web browsers and web servers to send sensitive data back and forward securely.

If all that was over your head, maybe I should put it to you in the way that your customers will. SSL is what makes their web browser come up with the little padlock symbol that means your website is secure for them to enter sensitive information into. If there's no padlock, they don't want to do business with you.

However, you should also be aware of what SSL is not: it isn't a complete security package. If you transmit data over HTTPS and then store it in a database unencrypted when it reaches your server, someone with access to the database will still be able to easily retrieve the data. SSL is not the answer to everything - it's simply a way of avoiding anything happening to the data while it's 'out there', travelling across the Internet. Of course, your customers are unlikely to realise that (they think the padlock works like magic), but you at least should.

Levels of Encryption

There are three main levels of SSL encryption: 40-bit, 128-bit and 256-bit.

It's very important to emphasise at this point that 40-bit SSL is now outdated and deprecated: you would be a fool to use it. The only reason 40-bit encryption was available to begin with was because the US government was initially afraid of exporting cryptographic algorithms that were strong enough to be used against them: 40-bit was strong enough for most web uses, but still weak enough that they could break it by brute force with their powerful computers. The US was persuaded to relax the restrictions when the government realised that they were doing nothing but forcing IT development to other countries, but by then there had been widespread adoption of 40-bit encryption.

Now, years later, there's really no reason to be using it. You should go for 128-bit as a minimum, and preferably 256-bit - what you can afford will likely be dictated by the value of the goods you sell. If you think anyone is likely to try to break your encryption, you should get the best you can.

How Do I Use SSL?
If your web host supports SSL, then it should already be all set up for you (if you host your website yourself, then you might like to take a look at the tutorials at modssl.org to get it installed). However, before you can use SSL, you need to get certified - that is, buy an SSL certificate from one of the trusted certificate authorities. The big three are VeriSign, GeoTrust and Thawte, but they charge relatively high prices.

The whole thing works more-or-less the same way as buying a domain name, and, in fact, many domain registrars resell certificates - you can often get a better deal from them than you would from one of the big companies. You can often find perfectly good certificates for as little as $30 per year, if you shop around.

About the Author
Original Source: Eclipse-Articles.com - Serving over 25,000 Articles. Information supplied and written by Lee Asher of Eclipse Domain Services Domain Names, Hosting, Traffic and Email Solutions.

View the original article here

Security Classifications

Much is heard these days of government secrets being uncovered, national security being compromised, and of sensitive information getting into the wrong hands. Most countries have a classification system to formalize state secrets and protect information from being used to endanger citizens. This article will familiarize you with the security classification system.

Although the exact number varies from country to country, there are generally five levels of security classification:

Top Secret: Information which, in the hands of the enemy would put the security of America at exceptionally grave risk. Individuals undergo meticulous investigation to receive the level of clearance necessary to view this information. Clearance must be renewed every five years.

Secret: Information which could cause serious damage if publicly available. Intense investigation is required for individuals with this clearance, which must be renewed every ten years.

Confidential: Information which could compromise the safety of Americans. Clearance must be renewed every fifteen years for individuals on this level.

Restricted: Information which could have undesirable effects if publicly available. Some countries (the US included) do not use this security level.

Unclassified: Not technically a classification. This includes all information that does not pose a security risk, which is available to the public.

All classified information, regardless of the level, is available only on a ?need to know? basis. Therefore, an individual having Top Secret clearance may not be privileged to view all Top Secret documents, only those documents which are pertinent to his or her work.

When two or more countries agree to share information with each other they must agree upon a uniform classification system. The United Nations, NATO, and the European Defense Organization all have their own security classification systems.

One example of a country without a formal classification system is China. The Criminal Law of the People?s Republic of China makes it a crime to release a state secret. However, there is only a vague definition of what constitutes a state secret; therefore the government has used this law to imprison journalists.

Private corporations make use of a similar type of security classification system when working with new product development teams, mergers, and the company?s financial reports. This type of information is protected under trade secret laws. Employers can require their employees to sign confidentiality agreements and undergo extensive background checks. While corporate classification lacks the harsh criminal sanctions of the government classification, individuals who leak company secrets can be tried and punished in courts of law.

Many citizens live out their lives without a thought for the secrets their government keeps from them. The military is the largest employer of people with such clearances. It might surprise you to know that one out of every thirty Americans, or 3-5 million individuals are authorized to some extent to know state secrets. Of all individuals with such clearances, it is estimated that one in a thousand can be expected to compromise the secrets they are entrusted with, either out of blackmail, greed, or sloppiness.

Only those individuals in positions where it is anticipated they will be dealing with classified information may apply for security clearance. Once the candidate has completed the application phase a detailed investigation ensues. The applicant?s background will be thoroughly examined by the Defense Security Service, and depending on the level of clearance needed, family members and relatives may also be scrutinized. The investigation phase can last up to a year or more. Candidates who pass this phase will then enter the adjudication phase. In this phase all information gathered in the previous two phases is reviewed and analyzed, based on thirteen factors determined by the Department of Defense. Allegiance to the United States and personal conduct are examples of areas that are considered. Four factors that are certain to lead to rejection of an applicant are:

1. Candidate was convicted of a crime and imprisoned for more than one year.
2. Candidate uses controlled substances.
3. Candidate has been deemed mentally incompetent by a health professional approved by the Department of Defense.
4. Candidate was discharged from the armed forces under dishonorable conditions.

Having a security clearance is nothing to sneeze at, and some experts say that having such a clearance can increase one?s salary between $10 and $15K. It is evident that the ability to keep a secret is a valued commodity in this increasingly precarious society.

About the Author:
Francesca Black develops educational material for http://www.security-port.com and http://www.security-protection.net a top resource for locating security related RSS feeds.

View the original article here

Security vulnerability found in iOS management of PDF files - at this time only jailbroken devices can be secured

Security vulnerability found in iOS management of PDF files - at this time only jailbroken devices can be secured -

Apple this week pledged to issue a fix for an iOS vulnerability that could let hackers remotely control iPhones, iPads, and iPod Touches.

"Apple takes security very seriously, we're aware of this reported issue and developing a fix that will be available to customers in an upcoming software update," an Apple spokesman said in a statement.

The move comes after the German Federal Office for Information Security (BSI) issued a warning earlier this week about the possibility of attacks via PDF files.
In a translated version of the report, the agency said clicking on an infected PDF via Email or on the Web is enough to infect an iOS device with malicious software and give the attacker administrative privileges on the device.

The BSI said the vulnerability affects the iPhone 3G, iPhone 4, iPad, and iPod Touch running iOS up to version 4.3.3, though officials said they could not rule out the possibility that other versions of iOS were affected.

The warning said there have been no reported attacks, but anyone taking advantage of the vulnerability could potentially access things like passwords, online banking data, calendars, Emails, text, or contact information.
There could also be access to built-in cameras, the interception of telephone conversations, and the GPS localization of the user, BSI said.

Given that more and more professionals are using the iPad and iPhone in a business setting, BSI warned that the security hole could be used for "targeted attacks on leaders ... to get to confidential company information."

Until Apple issues its patch, therefore, BSI suggested that iOS users do not open unknown PDF files, whether they are received via Email or linked on Web sites.
Browser use and link clicking should also be restricted to trusted Web sites.

Apple did not release a timetable for its security update.
Its last update, 4.3.3, was released in early May and solved a controversial "bug" with Apple's location-based services.

The fix comes amidst the release of JailBreakMe, software that will jailbreak an iOS device using the PDF vulnerability.
The program quickly hit 1 million jailbreaks:

"Be sure to share a link with your friends while it's still available," Grant Paul, one of the creators, tweeted earlier this week. 

JailBreakMe developer Comex said on its Web site:

"Along with the jailbreak, I am releasing a patch for the main vulnerability which anyone especially security conscious can install to render themselves immune; due to the nature of iOS, this patch can only be installed on a jailbroken device. Until Apple releases an update, jailbreaking will ironically be the best way to remain secure," .

 

View the original article here

Pozen: It's Time for Social Security Reform - CNBC.com

The time is ripe for Social Security reform. Last month AARP(router,verizon wireless,wireless network,wireless internet,i phone,i phone verizon,my verizon wireless,wireless adapter,att wireless)
—a historic foe of such reform—announced its openness to modest benefit reductions in order to restore the program to solvency. This week President Obama offered major reforms to Social Security as part of a far-reaching debt reduction deal.
The outflows from Social Security exceeded its inflows in 2010, and it is projected to become insolvent around 2037 — requiring benefit cuts of 25% at that time.
To avoid these across-the-board cuts, Congress needs to package Social Security with measures that attract voters in the middle range of the wage spectrum.
Most proposals for reforming Social Security preserve the current benefit schedule for low wage earners and limit the growth of benefits for high wage earners.
While these two aspects of reform seem to be politically acceptable, the challenge is replacing any benefit reductions for workers in the middle-wage range — with salaries and bonuses (not other income) between $35,000 and $85,000 per year.
To deal with this political challenge, Congress should offer a government match to retirement contributions by workers in this middle-wage range. Specifically, Congress should adopt the Obama Administration's 2010 proposal for an enhanced Saver's Credit – whereby the federal government would match each year a $500 contribution to a retirement plan by any eligible worker with a $250 contribution.
Tom Grill | Photographer's Choice RF | Getty Images
Workers eligible for the full match would include couples with adjusted gross incomes of $65,000 per year or less ($32,500 for singles), with lower matches available to couples with adjusted gross incomes up to $85,000 per year ($42,500 for singles).
The value of this federal match, conservatively invested over a long career, would roughly offset the proposed reductions in scheduled Social Security benefits for the median worker.
Suppose a married male worker at age 30 receives the median US wage of $37,000 per year, and his spouse has annual wages of $13,000 for part time work. He contributes $500 each year to an IRA, which is matched by $250 from the federal government, until he retires at age 66.
If this $250 annual match were invested in a balanced fund – half in long-term government bonds and half in an S&P 500 index – with a real return averaging 5.8% per year, the total value of this match would be $30,150 at his retirement. With that sum at a 5.8% interest rate, he could buy a fixed annuity with monthly payments of $255 for the rest of his life.
These annuity payments from the Savers' Credit would make up most of the modest benefit reductions for middle-wage workers in the future—reductions likely needed to make Social Security solvent.
For example, actuaries estimate that the scheduled monthly benefits of the median worker retiring in 2045 would be reduced by approximately 16%, or $290, under my progressive indexing plan for reforming Social Security. That $290 reduction would be largely offset by the $255 supplemental retirement benefit from the lifetime annuity funded entirely by the federal match.
As a result, the total monthly payments of this median worker — from his federal match and a solvent Social Security program — would be almost the same as the current benefit schedule. And the worker will receive more each month to the extent that federal match induced him to contribute more to his retirement plan.
It bears emphasis that this federal match would come entirely from the Congressional appropriations process, and would not divert any monies from Social Security. This is not a proposal to privatize Social Security.
The proposed federal match will cost $30 billion over the next decade, according to official budget projections. However, if this federal match is the political "sweetener" to help enact Social Security reform, Congress should estimate the cost of the match over the next 75 years – the standard period for measuring Social Security's deficit. Assuming that the cost of federal match grows at a rate of 3% per year, its 75-year cost would be approximately $850 billion.
This is a relatively small price to pay to facilitate the passage of Social Security reform. Without such reform, Congress would have to appropriate more than $13 trillion over the next 75 years to make up the shortfall between the estimated revenues and annual obligations of Social Security.
In short, Congress should combine a generous Savers Credit with a progressive plan to eliminate the long-term deficit of Social Security. The combination would make up a significant portion of the benefit reductions that the AARP recognizes as necessary to restore the program to solvency.
And the combination would not undermine the current economic recovery, since these changes in Social Security would be phased in gradually and would not apply to anyone who is now over age 59.
Robert Pozen will appear today at 4:15 p.m. on Closing Bell with Maria Bartiromo.
_________________________
Robert Pozen is Chairman Emeritus of MFS Investment Management. He currently is a senior lecturer at Harvard Business School.

View the original article here