Chapter 10

Your colleagues and friends are your enemies !

Well I knew that would get your attention.
At least as far as computers go anyway.

External input to a computer is an invitation to cause trauma, steal and destroy your files and your business.

The easiest access to your computers is via Email. Usually Outlook because of course it is the most popular Email client however it is also one of the weakest and most insecure created Email clients. It is also the fastest way for viruses to propagate via your contact lists and for businesses through your networks.
First you should never allow your Email software to accept Email from anyone not on your “white”list but most importantly never with an attachment.

The Virus pretends to be your friend or colleague. It is an expert at masquerading as your friend. It has the same name and address and uses the same phrases and words . Sometimes it masquerades as your bank or doctor and likes to go phishing a lot. Go ahead google phishing. Phishers pretend to be your bank use your banks logo and other identifiers and then ask you to provide your financial data. No reputable company or financial institution will ever ask you fro this information via Email so if you happen to get one call them directly and complain and inform them of this Email.

Once the virus has entered your email domain it then searches for your contact lists and invites all your friends and colleagues to join the phishing trip or if it is simply a virus it will destroy and remove all the files from your entire network if it chooses to. If it is a well designed phisher it will acquire all of your financial and business records and wipe you out.

Ask yourself does this sound like a reasonable risk to take in order to use Email?

No of course it does not. So stop it.
You do not have to risk your business or your financial security to converse via Email.
Here are the steps to make Emailing a more reasonable risk.

Why are you answering Emails on your own compute?

OK this really is my biggest tip yet.
Remove all Email programs from your computer

And yes I can hear you laughing and screaming at me
“What to f%$%$% is wrong with you whats the point of having a computer or how can I conduct business without Email you f$%## hump?”

Thank you for asking. I didn't say don't use Email. I said not on your own computer. Your ISP is the service that is properly equipped to handle this and it is one of the main reasons you pay them.
Only use Webmail .

Direct from Wikipedia the explanation is:
Webmail is a type of website that allow users to read and write e-mail on the World Wide Web, as an alternative to using an Email client such as Microsoft Outlook, Mozilla Thunderbird or Eudora.

It is possible to run webmail software on your own web server, some notable open source software such as Horde IMP, OpenWebmail (based on NeoMail), RoundCube or SquirrelMail allow this. Many universities and schools use such software to provide students and staff with web-based access to their Email accounts and Also, many Internet Service Providers offer webmail for their customers. Some services offer stand-alone webmail. The most notable of these are MyPersonalEmail.com, Hotmail, Gmail and Yahoo! Mail. Other webmail provides which are not as notable as the above AIM Mail, Mail.com, Fastmail, Runbox, Rediffmail, Lycos Mail, Excite Mail and Hushmail.

The advantages are from Wikipedia:
Advantages of webmail services

• E-mail is stored remotely on a server, which means that it is accessible anywhere there is an internet connection and a web browser.

• Centralised maintenance of the (Webmail) Email client; upgrades and security fixes are done by the administrator. No need to install, update and patch local Email clients.
  
  Yes there are disadvantages but they certainly do not outweigh the advantages.
  
  If it is personal Email on your home computer only use Gmail or hotmail or another free Webmail.
  
  If your business does not have this option then insist they get one now. If your ISP does have this option move to one that does.
  First Webmail doesn't always permanently keep your Email, folders or options. They provide temporary storage. This is unacceptable, Sympatico is a common example of temporary webmail avoid this type of Webmail service. If this is the case, change immediately. Go to the Wikipedia link below to see the options to change to
  http://en.wikipedia.org/wiki/Webmail#Advantages_of_webmail_services
  
  These options are easily accessed and you should implement them immediately. Using your computer for Email is fool hardy.
  After you have done the above and deleted all email programs off your computer you are now at least 95 per cent safer and more efficient than your fellow users.
  When you get a Webmail with at least 1 GB storage they will should have an option for backup built in as well. The only thing you ever take from your Webmail and transfer to your computer is a file that has been already virus scanned and onto removable media directly. Again never to your hard drive.
  
  The Network womb is one of the largest fallacies of security and most depended upon system in business and homes today. Companies spend millions of dollars on networks and security. First because they don't follow the correct procedures I have outlined above and secondly because Network experts convince them all is well they are easily hit.
  If you have the Emperors army outside your door but you allow free reign to anyone who gains entry your protection is flawed considerably.
  I have been to several corporations with huge security budgets and the best Network security systems there are after they have been hit.
  “ How did we get hit?”
  I sit and observe in Bank offices and corporate headquarters and watch the number of people enter with laptops, handhelds,wireless devices,cell phones and portable and removable media. I have heard too many times someone ask “can I go online here?”and horrified here the answer in these places from people of all rank in the hierarchy “sure hook in here”.
  Or even watch as people who don't ask and have so far been unchecked in anyway hook into the network or put a USB device in or a cd.
  By far my biggest tip so far
  
  Absolutely no external devices allowed to be input into your computer or your network.
  
  This is not about authority “the only authorized people”statement is insufficient and short sighted. This is about knowledge not heirarchy. If you are going to screen people then have an expert do the screening. If not then use my storage steps above and your concern should be limited. Most business network experts will initially have set your system up with mirror,raid or online data security ftp systems. Entrust has some excellent products for protection
  http://www.entrust.com/data-protection/index.htm and there are sevral out there so research these thoroughly.
  For personal or small business back up your computers online as well. It is affordable and a very prudent step. Look at this link or google backup your pc online.
  http://www.datadepositbox.com/factsheet.asp?source=google&promoid=1&concept=onine+storage&gclid=CNLD3Oy6kocCFRG2PgodoHpUtw