Vulnerability scanning best practices

As a vulnerability management professional, I talk about vulnerability scanning best practices a lot. There’s a lot more to vulnerability management than just scanning, but if you don’t get scanning right, the rest of the program suffers.

I’m going to talk about a lot of technical controls here, but don’t forget the nontechnical side. People and processes have to support all technology.

Read more

What to look for in a USB flash drive

USB flash drives are pretty much a necessity these days. They’re far more convenient for moving files around than optical discs, and they make good backup devices. But not all USB flash drives are created equal. Here’s what to look for in a USB flash drive.

Here’s a tip: I don’t just use USB flash drives for transporting data and backups. I like to keep a modest-sized USB flash drive plugged into my router, turning it into a small NAS. It gives me a convenient, reliable place to back up data from any of my computers.

Read more

How safe is my computer from hackers?

On Monday, March 13 at approximately 10:30 AM CST, I will be appearing on KFUO Radio’s Faith and Family program to discuss home computer security with host Andy Bates. One of the questions he’s planning to ask: How can I know how secure my home computer is? Or, to put his question another way, how safe is my computer from hackers?

I’m going to use this space to elaborate ahead of time on some of the things we are going to talk about. We could talk for an hour on any of the questions he’s going to ask, and he gave me three questions and 25 minutes. This is my workaround.

Read more

What can I do to improve the security of my digital information?

On Monday, March 13 at approximately 10:30 AM CST, I will be appearing on KFUO Radio’s Faith and Family program to discuss home computer security with host Andy Bates. One of the questions he’s planning to ask: “What can I do to improve the security of my digital information?”

This, fortunately, may be the easiest question to answer and the easiest step to implement.

Read more

How easily can someone hack my home computer and steal personal information?

On Monday, March 13 at approximately 10:30 AM CST, I will be appearing on KFUO Radio’s Faith and Family program to discuss home computer security with host Andy Bates. Here’s the scariest question he’s planning to ask: How easily can someone hack my home computer and steal personal information?

Someone asked me that question at work once, except it was about a work computer. I whipped out a copy of a book about Metasploit, flipped to page 137, and started reading. My point was that I could teach this guy how. He didn’t take it well, so I don’t recommend doing that.

My point that I could teach this guy how to do it still stands, though. And I think I could teach Andy how too.

Read more