Patch applications such as PDF readers, Microsoft Office, Java, Flash Player, and web browsers. Patching schedules need to be vastly accelerated for most organisations. Having 2 or 3 “updates” a year leaves vast open security holes in enterprise infrastructure that is just asking to be compromised. Patching of key applications such as those listed here needs to happen weekly at least, as soon as possible is best. The bad guys aren’t waiting, they change their toolkits within hours to exploit newly found vulnerabilities.
Patch operating system vulnerabilities, for the same reasons discussed above.
Minimize the number of users with administrative privileges, the highest level of authority to make changes or undertake actions on a network. Users with administrative privileges are the goldmine for the bad guys. They are the easy back door into the heart of your enterprise systems.
According to these papers, following these simple rules is likely to protect 80-100% of common enterprise attacks right now.
For the latest on the underbelly of the Internet and the current threats, take a look at the blog of Brian Krebbs – Krebbs on Security. In particular, I strongly recommend reading and paying attention to his article: Tools for a Safer PC. Also pay attention to his article The Scrap Value of a Hacked PC that describes just why the bad guys want your PC even though you think there is nothing of value on it.
So I have a brand-new, shiny 17″ HP laptop. 64-bit throughout. 6GB of RAM and comes pre-installed with 64-bit Windows.
You would think, then, that you would want to use 64-bit applications right? Wrong!!
I automatically use the 64-bit version of Internet Explorer to access some Microsoft specific sites (Outlook Web Access and SharePoint 2007). I install and use the 64-bit version of Microsoft Office. Does this work well with SharePoint (from Microsoft)? No!
For starters, you cannot upload an Excel spreadsheet to a SharePoint list like you should be able to. You get an error:
Next you try to switch a list into a “Datasheet” view – which looks a bit like a spreadsheet. Inevitably, you get another error:
The upgrade of this blog from WordPress 3.3 to 3.4 on Dreamhost didn’t go as smoothly as planned. In fact it failed fairly spectacularly – unable to complete the required database upgrade.
However, many clouds have silver linings. In this case it meant that I brought forward my plans to ditch the horribly slow hosting provided by Dreamhost in the USA and switch over to the new VPS provided by BHost in the UK.
If you have had the chance to compare the two sites, you’ll know that it now runs a lot faster. It will improve again when I do some tweaking. I can now use a proper opcode cache for PHP, something that Dreamhost wasn’t able to provide.
I’ll be doing further optimisations now that I have full control, I should be able to do away with a whole load of WordPress plugins.
At home, we’ve just switched from a slow (2mbps) ADSL connection to a wonderfully fast 40mbps connection provided by the excellent Origin Broadband using the South Yorkshire fibre network provided by Digital Region.
I did have a small problem though that has taken some searching to resolve so I’ll detail it here in case others find it useful. Continue reading →
“XDI.ORG is an international non-profit public trust organization governing open public XRI and XDI infrastructure. XRI (Extensible Resource Identifier) and XDI (XRI Data Interchange) are open standards for digital identity addressing and trusted data sharing developed at OASIS, the leading XML e-business standards body. XRI and XDI infrastructure enables individuals and organizations to establish persistent, privacy-protected Internet identities and form long-term, trusted peer-to-peer data sharing relationships.”
Although much of the work I do is for very large organisations and extremely costly projects, being an adopted Yorkshire-man, I’ve always an eye open for a bargain! More seriously, there are many small to medium sized businesses and charities that cannot afford big IT budgets but that still are crying out for good information management, communications and collaboration tools. In this article, I’ve tried to highlight a few tools that I think are worth looking at.
I’ve not included anything in this article that requires a monthly or annual cost. All the tools here are available for free at least with limited features. The feature lists given are for the free versions with paid-for key features noted where appropriate. I also note if any of the web sites are blocked by typical enterprise firewalls.
There is a lot more than what I’ve shared here, I’ll try to update this article from time-to-time. Continue reading →
Content in the visual post editor (TinyMCE) in WordPress doesn’t look that much like the finished article by default. Thankfully WordPress includes a style sheet that we can use to make things better. Continue reading →