Puppy Linux updates the OS and the browser as soon as you boot to the network. However, it doesn’t hurt to refresh the disc every so often, so there isn’t so much to update.

On Disc sells USB drives with the latest version on board, and it has several browsers to choose from, and a complete range of word-processors, spread sheets, and image editors. This way you know you are getting a reliable copy of the OS, and no checksum is necessary.

Like or Dislike: 0  0

Once a holistic risk management review has been conducted (management/staff buy-in, policies & procedures, technological & human controls, vendor/supplier analysis, contractual review, indemnification recommendations, etc.), client leadership is in a much better position to answer seemingly simple questions such as “Where is our data right now?”, “Who has access to what?” and “What is our duty to our stakeholders?”. Once proper internal/external solutions have been implemented and a reasonable comfort level has been established, then a meaningful review of insurance options should occur.

It should be noted that while most larger insurance companies and brokers have offered this coverage for over a decade, very few have firsthand knowledge of real world claims scenarios, many of which may be located online. I don’t intend to plug anyone’s database or blog, but the FTC can recommend sites where actual losses are detailed.

Don’t buy in to the 1% world of horror stories and fear mongering. Most data breach claims are low-tech and involve what Cisco calls “The Human Firewall”. Review the public information available to your company from the FTC, implement a program internally or with a trusted partner, verify your trading partners are doing the same and then discuss the need for insurance with experienced professionals. While the risk is real and your technology cannot close all the loops, you have the power to protect your current assets and future earnings through consultation and implementation of proactive measures.

Like or Dislike: 0  0

I also use Quicken for my banking but they are off line on a thumb drive or a SD with a CD for back up in case something happens (corrupted files or the like). In no way will I ever use Quicken to access my bank account online!

For the banking part I log in separately and work from there and log off immediately after I am finish.

Like or Dislike: 2  0

Actually, it isn’t that each loss is too great, but the potential for loss is too great. Eating the loss for one or two fraud transactions would not only cost the bank the funds compromised, but would also ensure that their customers continue to do two things:

1) Not properly protect their systems from threats
2) Expect the Financial Institution to cover all losses.

By not drawing a line in the sand and forcing customers to take responsibility for their (in)actions, banks would essentially be saying, “Don’t bother protecting yourself from loss. We’ll pay for any fraud that comes your way.”

In addition, if you assume that customers who are compromised are more likely to be the customers who are not properly securing their systems, then losing them as customers may not be such a bad thing. Granted, not all customers who experience fraud are opening random attachments or saving their passwords on their PC’s, but a customer who visits a site which plants a bot will most likely visit that same site again and again.

There are very good reasons banks don’t cover losses like this for businesses, and most of them do not involve the direct cost of covering the loss. Most of them involve the risk of potential future losses.

Like or Dislike: 0  0

And I can totally imagine scammers convincing users to “jailbreak” their bank-supplied netbooks to play cool games at work. Sometimes the entity bearing the risk of loss (the employer) isn’t the one spending all day with control of the hardware. Every employee thinks he/she is savvy enough to get away with goofing off on company time and equipment. There’s plenty of precedent for time-wasting downloads being used as vectors for trojans.

Like or Dislike: 2  0

The many corporate websites that only function with Internet Explorer (and perhaps only work with IE7 or less) don’t seem to have a problem with imposing their preference on their visitors.

Are there any websites that only work with non-IE browsers?

Like or Dislike: 1  2

I worked for a company whose product price was high enough that we considered tossing in a box to run it on. We hadn’t done it when I left the company, but for a business charging >10,000 USD annually (the insurance value you mentioned in your article), including a 2,000 USD computer isn’t really a big deal. It simplifies troubleshooting, tech support and reduces variables.

Like or Dislike: 0  1