Tag Archives: security

Top 10 Net Neutrality

Top 10 Net Neutrality Reasons Why

Top 10 Net Neutrality advantages for the general public are all centered around the factor that without it the Internet will not longer be a universally accepted standard infrastructure.

  1. Only way to keep the internet open for small to mid-sized companies.
    If net neutrality is not made the basis for connectivity and access, the large companies like Google, Amazon and Twitter will have a complete monopoly in their markets.  Also the large carriers like AT&T and Verizon will have no incentive to create better and faster access to the Internet.

    Top 10 Net Neturality Pros

    Net Neutrality is a core requirement for IT Governance and Infrastructure definition.

  2. Creates an open playing field.
    With net neutrality in place, Internet Service Providers (ISP) have do not control what passes through the devices that are used by customers to access the Internet. This means an ISP under net neutrality cannot block access, change services, or alter the flow of data simply because there is something that goes on which they don’t like.
  3.  Remain as an international channel without governmental interference.
    Recently whenever there has been civil unrest, governments have taken over or eliminated access.  Without small players in the space, there can be no alternative sources for access.  Add to that the recent moves by the Russian government to to close down all connectivity to the general Internet in “troubled political” situations will only be enhanced without net neutrality.
  4. Fosters innovation.
    Innovation is encouraged and protected with the internet remains neutral. Big companies still have the same access as SMBs or freelancers and this allows everyone come with new and creative solutions.  Just look at companies that started with a video and audio attached to door bells.  Now and entire new segment of the security industry has been created with “self-service” security.  No longer do companies like ADT have a monopoly on that sector of the industry.
  5. Freedom of expression is fostered.
    Blogs, services, businesses, and any website that can operate legally is able to do so and be available because of net neutrality. There isn’t any censorship available as long as the content being offered meets legal obligations. If illegal content is discovered, it can be immediately reported to law enforcement officials. Without this freedom of expression, it could become easier for illegal content, such as child pornography, to become more available. If a small ISP blocked access to all and approved of such a thing, it could hamper keeping our communities safe.
  6.  Illegal activities are monitored.
    ISPs, are like utilities as they provide everyone with the services they need. For example , illegal file sharing, due to the fact that each ISP is treated as a regulated common carrier.
  7.  Unlimited data is available to everyone equally.
    In the 1990s, internet users had a good time being online in AOL chat rooms or waiting 20 minutes for a cool website to load. Today, there are real-time video calls. Companies like Netflix providing legal streaming. YouTube has grown into an educational and entertainment network.
  8. Income from internet uses has moved to a subscription base.
    There are certain businesses and high-use individuals who consume large amounts of bandwidth every month. Entire industries have been created that generate revenue based on service provided not access.  It is like the Interstate Highway System, everyone benefits.
  9. Competition thrives.
    There are numerous online streaming services that offer live TV today: Hulu, PlayStation Vue, and Sling by Dish Network are just three examples. If a customer must choose Comcast as their ISP, then these streaming services could be given a lower priority because they are rival organizations. Comcast could choose to offer the highest speeds to the networks and services it owns and slow down the signals provided by the competition. This would effectively limit consumer choice.
  10. Free internet access is Free.
    When the internet becomes a place where profitability is the primary concern, the idea of providing free internet access to those who cannot afford it goes away. Providers could charge whatever they wanted and restrict access to whomever they please. This could lead to demographic discrimination, socioeconomic discrimination, or prioritize content to the wealthiest who are willing to pay high prices for the fastest data streams.

This is an ever evolving area as Net Neutrality is not in the area of political influence. Time will only tell what will happen.

See also:

 

Please follow and like us
error

Cyber Currency Hacker Target

Cyber Currency Hacker Target – Risk is High

Security Manual TemplateCyber Currency Hacker Target as the population of Blockchain applications expands.In the last year there was a boom in malicious cryptocurrency mining. That is where cyber attackers secretly hijack the processing power of computers, servers and even IoT devices and use it to mine for cryptocurrency. While it is not very lucrative in the short term, it is stealthy and can be sustained over a long period of time. Typically it is taking very little from each PC, most users don’t even know their machine’s processor is being used to line someone else’s pockets.

Ransomware a much more aggressive approach: pay up, or risk having your files permanently locked.

Both cryptojacking and ransomware continue to be widespread threats, other attackers are quietly deploy a potentially much more damaging threat: trojan malware.

Trojan malware sneaks onto your PC by disguising itself as something else, often hidden in a malicious attachment that’s distributed with a phishing email.

Trojan attacks range from those using commodity malware, with phishing emails spammed out in bulk in the hope of scooping up victims for the purposes of stealing their login credentials, banking information or other private information. Other attacks are far more precise, targeting organisations or even individuals to gain access to specific data or information: this can be for creating a persistence presence on their network for espionage, stealing data and selling it, or loading other malware onto the system.

Order Security Policies and ProceduresDownload TOC security policies

See also:

Please follow and like us
error

High Paying IT Jobs

High Paying IT Jobs

Median IT Salaries

Median Compensation for IT Professionals based on Janco’s January 2019 IT Salary Survey

High Paying IT Jobs that are in high demand are associated with the new e-commerce roles and Internet based application areas.  All of the job titles that we have listed here fall into positions where the starting salaries are above the median salary of $93,077 for all IT professionals.

The positions that fall we define as high paying for this analysis are associated with IoT (Internet of Things), Salesforce Automation, Virtual Reality and Security.  These are the hot Job titles.  The entry level for each of these positions is over $100,000 and some have pay ranges that exceed $200,000.

High Paying IT Jobs

The positions most in demand and commanding the highest are the associated with Salesforce Automation and that unique application.  That is followed closely by IoT and Security.

If the current demand for these skills continues, two things will happen.  First, there will continue to be an increase in the compensation levels for these positions.  Second, more IT Pros will migrate into these positions increasing the supply.  That in turn will be dampening factor on compensation.

We have seen this before when new technologies required specialized skills.  Typically we found that it took 24 to 36 months for the supply to catch up with the demand. At that time salaries leveled off.

In any case, we see the median salary for all IT professionals at around $97,000 by the end of 2019.

Order Salary SurveyDownload Sample salary survey

See also:

Please follow and like us
error

Top 10 Security Weakness

Top 10 Security Weakness Issues Enterprise-Wide

Top 10 Security Weakness Issues – In a review of over 100 enterprises we identified the security weakness issues that CIOs, CSOs, and IT pros need to address. There are:

  1. Using only single level verification for access to sensitive data
  2. Having “public” workstations or access point is connected to a secure network
  3. Weak Passwords
  4. Sharing login credentials
  5. Static Passwords
  6. Data validation for forms is contained in client-side JavaScript
  7. Connect to network from an unsecure access point
  8. Corporate web site is encrypted but the login process is not
  9. Using weak encryption for back end management
  10. Using unencrypted or weak encryption for Web site or Web server management
Top 10 Security Weakness

Top 10 Security Weakness Issues Identified

Order Security Policies and ProceduresDownload TOC security policies

Janco’s Security Manaual provides tools that IT Professionals can use to address these  issues.  In addition, there are a number of articles that have been published on Janco’s main web site.  To see them go to the site and under the main menu bar there is a search option.  With that you will be able to see all the web pages that have the term security weakness or any sub-set of the seach term.

See also

Please follow and like us
error

Blockchain Payment System

Blockchain Payment System

Universities Work Together On Payment System – Shades of Internet Development

Universities Work Together On Payment System just like they did when the Internet was developed by them in the late 1960’s with ARPAnet.

Blockchain payment system must smoothly collect, process, and protect sensitive personal information

Several universities, including MIT and Stanford, are working together to develop a digital currency network that solves blockchain’s scalability and performance problems before public confidence in the technology erodes.

Funded by a Swiss-based non-profit organization, the cryptocurrency application, called Unit-e, and its blockchain-based payment system is expected to launch in the second half of this year; if successful, it would surpass even mainstream financial networks like Visa’s VisaNet in transactional capability.

This is very similiar to how the Internet was first developed.  Universitiy staff and associates worked together to create a common netwok which was in competition with the then exisiting TimeSharing services.  None of which exist today.

The question is will propritary systems like VisaNet exist after the public university system is operational. Research shows that well-run companies are most productive, suffer the least loss of sensitive data, and have less downtime of operations if they have good policies in in place.

Read on Information Technology Infrastructure…

 

 

Please follow and like us
error

Security Manual Template

Security Manual Template – 2019 Version Released

The 2019 Version of the Security Manual Template was just released.

Security ManualThere now are new standards for user privacy and control according to Janco Associates – Janco has just released an update to its Security Manual Template which identifies mandated user rights and enterprise responsibilities related to privacy protection. The CEO of Janco, Mr. M. Victor Janulaitis said, “We have reviewed in detail the California Consumer Privacy Act of 2018 (CaCPA) and generated a detail list of user rights and business responsibilities that are mandated.  The CaCPA requirements are very complex and significant resources will have to be allocated for organizations to comply with these new mandates.  These mandates will impact all organizations that have an Internet presence in the U.S. and California in particular.  The compliance deadline is January 1, 2020.”

The Security Manual Template is now distributed in a segmented format with five (5) specific directories. They are:

  1. Security Manual Template directory – containing the full editable MS WORD and pdf versions of the template;
  2. Forms directory – containing all the forms that are needed to implement a “World Class” security infrastructure;
  3. Policy directory with 5 policies in MS WORD and pdf versions – Blog and Personal Website Policy – Mobile Use Policy – Sensitive and Confidential Information Policy – Server Security Policy – Travel and Off-Site Meeting policy;
  4. eBook directory (with the author’s name as the directory name)- with eBook versions of the Security Manual Policy and the supporting policies; and
  5. Tools directory with the Business Impact Analysis Tool, Threat and Vulnerability Assessment Tool, Security Checklist, and PCI Audit Program.

See also Security and Compliance…

Please follow and like us
error