June 2006 - Vol 5, Issue 1
In This Issue
Sign Up
Quick Links

You’ve insured your business against physical disasters, but what steps have you taken to secure your data and the integrity of your IT assets? Could your business survive the loss of your computer network?

Cebic Technologies' job is to make certain your business never faces the loss of its computer network. In this, and subsequent newsletters, you will find tips to protect your electronic assets and information on how companies use Cebic's services. Your questions and comments are welcome, just email us at the link below.

People do learn. As a result, email viruses are much less effective. But virus writers have also turned to instant messaging. One of the first instant messaging worms, Kelvir, made the rounds in March of 2005 and was followed by several variants almost immediately.

Instant messaging viruses tend to appear as a simple message in the chat tool with a link to an infected web page. Because the messages can appear mid-conversation, it’s easy to think they are coming from someone you are talking to. Instant messaging viruses typically require two steps to infect users. First the message has to reach the user and second, the user has to click on a web site link. If the web site is removed from the internet, the worm no longer operates.

Your best defense is to assume any links passed on via instant messaging are suspect. Make certain you know what site you are accessing before you click.

Komori Press
When Rink Printing acquired a new six-color, 40-inch Komori LS-640 printing press, one of the first steps the company took was to make certain it was monitored directly by Cebic Technologies, Inc.

“The Komori, like most newer equipment produced today, is plugged directly into our network,” explains Joseph Castenando. “In exchange for greater efficiencies and the ability to eliminate redundancies in our operations, however, the press is vulnerable to all the security problems that come with computers and networks.

“The Komori is a vital contributing part of our revenue stream. If it goes down, we could lose hundreds of dollars an hour. But even more important is our ability to meet our customer’s needs,” said Castenando. Rink produces time-sensitive printing for financial institutions and marketing roll outs where there is a very short cycle time from inception to print production and end user delivery. There’s no fudge time in the event a machine fails to operate.

Cebic has monitored the company’s computer network since 2004, much to Rink’s satisfaction. One of the greatest benefits, according to Castenando is having Microsoft and other software providers’ patches, upgrades and fixes installed as soon as they become available.

“Cebic keeps all of our machines up to speed, updated, cleaned any viruses and in compliance with legal requirements. They allow us to use the computer for just the purposes we want to without worrying about security or updates,” he said. “ They also give us great Windows® support.”

Rink Printing doesn’t have a full time Windows person on staff, but relies on Cebic technicians to help with software installation and troubleshooting. Cebic also provides hardware and software health monitoring. “These managed services are no longer a luxury but a very necessary precaution to keep the network and equipment running smoothly,” explained Cebic CEO Beate Hybinette.

Computer Technician
Todays computer networks are typically the result of years of expanding technical capabilities - new security measures, systems and software merged into existing IT. In the process, vulnerabilities and security lapses develop.

Over the past year, Cebic Technologies has designed and implemented a new Independent Security Assessment (ISA) program to help organizations detect weaknesses in their computer defenses and take steps to prevent IT problems from threatening the survival of your business.

An Independent Security Assessment helps
  • Find security problems before they impact the computer network.
  • Determine whether network security is up-to-date and effective.
  • Know if IT security conforms to legal requirements.
  • Identify security policy and procedure shortcomings.
  • Provide practical guidance on how to protect and defend the IT network, company information, and customers.
Cebics ISA program meets the strict standards of the INFOSEC and National Security Agency (NSA) Information Assurance Methodology (IAM), and the NSA Information Evaluation Methodology (IEM). These approaches have been endorsed by the Critical Infrastructure Assurance Office (CIAO) for compliance with Presidential Decision Directive 63 to provide security assessments for all federal agencies classified systems.

Cebics ISA encompasses enterprise security issues in six critical focus areas: (1) Security policies and procedures, (2) LAN, WAN and SAN networks, (2) Servers, Storage and Workstations, (3) External, (4) Wireless, (5) Telecommunications infrastructure, and (6) Physical security. Client companies can choose to have assessments conducted in one or more focus areas. Some tests can be conducted externally via internet access while others require on-site access, enabling Cebic technicians to evaluate administrative controls and the physical design of the network.

A customized ISA is available for a variety of specialized institutions  tailored to security aspects of the FFIEC, GLBA, SBOX, HIPPA, NIST and ISO examination compliance  as well as a Micro-ISA for smaller businesses. Assessments are also adaptable to the needs of larger organizations including government and federal agencies with unique requirements.

For more information on Cebics ISA program, contact Beate Hybinette at 1-888-CEBIC-CO (232-4226) or 303-987-3679, ext 305.

We are pleased to announce the addition of Bray Weaver to the Cebic technical staff as a Senior Systems Analyst. Bray has more than 11 years of hands-on IT, security and data recovery experience. He is a certified computer forensics examiner and private investigator (EnCase Certified Examiner EnCE #15-1204-1470). His experience ranges over many areas of computer security and forensics.

Bray's experience will play an important role in expanding Cebics auditing and forensic capabilities.

Bray has been an expert witness to several court cases and has taught law enforcement on e- discovery, incident response, data recovery, proper e-evidence handling procedures, Intrusion Detection and Monitoring Systems, Virus and Anti-Virus detection, investigation, de-compilation, analysis, removal and recover. As a security consultant since 1997, he has worked with Dept. of Defense, HIPPA and GLBA security standards to implement security policies and procedures using international security standards for best industry practices.

His networking experience covers designing, building, programming, administration and auditing of LANs, WANs and VPNs, Security Event Management (SEM/SIM) systems, firewalls, proxies and server environments from Microsoft, Unix, Solaris, AIX, AS400s, Linux, Macintosh to Novell and Citrix for all size of organizations. Bray has been responsible for designing networks as well as securing architecture and database design for website environments taking over a million hits per week.

Brays excellent communications skills with simplification of key technical concepts and experience in public speaking and teaching are a great compliment to his attention to detail.

Bray holds Bachelor, Masters and Doctorate degrees and is currently working on his CISSP (Certified Information Systems Security Professional) and CISA (Certified Information Systems Auditor) Certifications.

Reflections on the WPO Annual Conference

Last month, I had the pleasure of attending my first national WPO (Women Presidents Organization) annual conference in Chicago and wanted to pass on what a great experience this was. All too often, as business owners and managers, we become tied to the daily demands of the job and fail to take the time to recharge our minds. This opportunity to get away not just for breakfast, lunch or even a one-day seminar, but to spend three days talking with very dynamic, creative women from all industries was a wonderful experience.

I would encourage everyone to find an organization that truly challenges them with new ideas and to attend the national conferences. The new ideas and reinforcement I gained in the value of our own programs has tremendous value to Cebic Technologies and ultimately for our customers.

Sincerely,


Beate Hybinette
Cebic Technology, Inc.

phone: 1-888-232-4226 | 303-987-3679

Forward email