Corporate Angels

Corrections or additions?

This article by Bart Jackson was prepared for the November 20, 2002 edition of U.S. 1 Newspaper. All rights reserved.

Defying the Data Invaders

Send a certified letter to your lover and you may safely

assume it will arrive, untampered, to only those eyes intended. Post

that note on the back porch door and you can scarcely be surprised

when her husband comes by to crush your bones. Question is, can cyberspace

achieve the high privacy expectations of the U.S. mails, or must it

ever be relegated to the back porch of communication security? How

— and how much — of our data and missives can we guard? And

at what price?

Answers to these costly computer issues will be discussed in the seminar

"How Safe is Your Data?" sponsored by the New Jersey Bankers

Association (NJBA) to be held Monday, November 25, at 9 a.m. Cost:

$125; walk-ins are accepted, but pre-registration is preferred. Call

609-520-1221 or e-mail RDesch@NJBankers.com

The panel includes Tim Nestor from the FBI; Don Burt,

director of sales and marketing for Entium Technology Partners; James

Read, senior vice president of Pifer Financial Systems in Barrnington;

Scott Christie, special prosecutor for the U.S. Attorney’s Office;

and Gideon Lenkey, founder of Eye of Ra Security Systems. Discussions

compare practical security methods, both in-house and outsourced,

as well as the FBI’s Infraguard system.

The New Jersey Bankers Association (NJBA) is comprised of the state’s

80 commercial banks, plus a host of affiliate members and endorsed

vendors. Affiliates, typically insurance and high tech firms, join

to place themselves in the state’s financial loop via meetings, seminars,

and continual updates. Endorsed vendors receive the business-enhancing

approval of the association.

"Computer data, at this point, can not only be put in a sealed

envelope," says seminar speaker Read, " but via encryption

it can be placed in a fairly secure safe." His confidence is qualified

and comes from decades of experience. Growing up in Woodbury, New

Jersey, with a dad who labored over computers for Xerox, Read swore

he would never touch the silly machines. Yet right after graduating

from Camden County College, he joined Elwood Pifer’s new computer

security firm and for the past 26 years has helped financial businesses

keep one step ahead of the hackers. While actually a partner in Pifer

Financial Systems, Read prefers the title of Head Geek. "I have

four computers in this mess of an office, play all day — and love

it," he says.

Rooted staunchly in practicality, Read feels that any business should

focus on what he calls the 80/20 rule. Eighty percent of data invasions

can be thoroughly thwarted by a basic security-awareness program established

in-house. This much is a necessity. More elaborate solutions for the

20 percent more rare and exotic schemes are elective. Such a basic

data security program, Read insists, depends primarily on the employees,

particularly the accounting staff. No software or hardware, however

expensive and splendidly advertised, beats an informed and watchful

workforce.

Password common sense. "Time and again, I walk into

a bank and see passwords sticky taped to the side of computers,"

says Read, shaking his head. "It’s like leaving a note on the

door that the house key is under the mat." Then of course there

is the famous line heard frequently around the office: "Oh, here’s

my password, just borrow it, it’ll get you in." The hasty pace

of business demands shortcuts. But passwords are simply keys to very

expensive treasure chests and should be treated as such. The best

procedure is to set up a screensaver requiring a password, thus preventing

others from casually browsing though your files or downloading trouble.

Guarding the front door. Joe from the help desk will never

call up any employee and ask for her password so he can fix a little

problem. Be suspicious. If it truly is your firm’s technical help

desk, they already know how to enter your system and in fact should

be changing passwords company-wide at frequent, random intervals.

Other invaders can Trojan Horse their way in on floppy disks or even

borrowed zip drives. Like chewing gum, if used, you don’t know where

the discs have been and what viruses they may carry.

Firming up firewalls. "Eighty percent of all firewalls

currently in use are misconfigured," claims Read. "People

install them right out of the box, which is about like locking a hefty

deadbolt into dry wall." Installers need to customize them to

their current and future systems. In addition, firewalls and all security

systems require constant updating. Microsoft, for example, sends out

approximately two security patches on its systems each week. These

cover up various coding errors or breachable holes in your data’s

protection. Yet most companies and their employees regularly dump

these upgraded patches into the trash with the daily doses of spam.

Gifts from home. Today more than 54 million computers

fill 51 percent of America’s households. Forty-one percent have Internet

capability. With an increasing number of workers telecommuting from

the family den, network vulnerability broadens exponentially. Too

often employees not only phone in their labors, but their data invaders

as well. Dial-up Internet systems, while slower, Read explains, are

more secure than cable providers, such as Comcast, which operate continuously.

Recently, one of his cohorts complained that his computer was suddenly

sluggish and his hard drive icon was frequently flashing. "Elementary,

my dear friend," replied Read. "Your computer has been egregiously

hacked, loaded with mega-chunks of furtive data, and the flashing

indicates you are being pinged." His solution — and warning

for most PC owners — is to install a good firewall. The more rare,

but more unfriendly act, of "getting gatored" by silently

browsing spyware can be countered by installation of a basic, easily

available code changer, such as AdAware.

Bolting back doors. Most administrators overseeing systems

with numerous computers use some form of very handy micro-resource

kit. It is obviously necessary for at least one executive to be able

to swiftly open and access the entire network through several ports.

Yet hackers are expert at wriggling into such ports right behind the

legitimate user.

Interestingly, the cyber seas are not only infested with treacherous

pirates. Sailing the same waters are a consortium of good hackers

who try to stay one step ahead of the malicious invaders. "Most

of these guardian angels are linked into the major hacker sites and

chat rooms," says Read. They learn the latest illegal boarding

procedures and forewarn various firms. If the attack involves "critical

targets" such as utilities, transportation centers, and banks,

the angels may even alert the FBI’s National Infra Protection Center

(NIPC), which boasts a frighteningly thorough enforcement arm.

Yet all these in-house and good-hacker safeguards will probably present

very few obstacles to the other 20 percent of data thieves. "For

example," says Lenkey, the founder of Eye of Ra Security, "most

break-ins to agencies such as banks or mid-size firms take place after

hours."

Lenkey says he left college because his instructors told him they

had nothing more to teach him. After wandering the country for an

extended time, he fell into computer consulting and ended up assisting

the FBI in establishing its Infraguard program, which hunts down the

whole range of computer criminals. In 1994 he incorporated his company,

which is located in Whitehouse.

"The problem," Lenkey notes, "is that computer break-ins

are subtle. It is not like a suspicious character who can be easily

spotted by a well trained teller." To extend protection beyond

the basic in-house staff awareness that Read preaches, small to mid-size

firms might need the help of an outsourced data security service.

Such an outside service provides various price levels for continuous

protection depending on business size and personal paranoia.

Typically, their technical representatives analyze the normal flow

of transactions and protocol levels and thereafter monitor for suspicious

irregularities. They check for appropriate changes during employee

vacation times. (A good reason to have each employee take his full

vacation.) If hackers should penetrate the first level of defense,

succeeding layers will immediately be beefed up and the hacker will

be traced.

Eye of Ra will corral and safeguard your entire herd of data for anywhere

from $25,000 to $125,000 annually, a price that Lenkey claims replaces

up to five security agents. Pifer Financial Security charges an $800

to $4,000 monthly fee. Read warns against overkill. "You don’t

arm your small branch bank to resist a Panzer tank assault," he

says. "By the same token, hiring a full-time data security professional

is unnecessary for all but the largest of companies."

On the other hand, the cost of security neglect can be devastating.

Three months ago, Ford Motors was invaded and more than 20,000 people

suffered identity theft: bank statement information, credit card numbers,

and credit histories, all were stolen for resale. This is the kind

of hit from which a firm may never recover. Computers and E-commerce

are definite godsends. But they force us to face an old financial

maxim that we must obey: With every new business-expanding tool comes

an increased cost of doing business.

— Bart Jackson

Top Of Page
Corporate Angels

<d>Weidel Lambertville was a Gold level sponsor in

the third annual F.A.C.T. (Fighting AIDS Continuously Together) New

Hope/Lambertville AIDS Walk. F.A.C.T. Bucks County is an all-volunteer,

non-profit organization with two missions — to maintain the quality

of life for those infected by HIV/AIDS, and to educate and promote

awareness of this disease. The organization provides essential funding

to needy individuals living in Bucks and Hunterdon counties, and their

families, for medication, utility bills, rent, mortgage payments,

transportation, and other personal needs.

The Trenton Thunder has received the inaugural Signs of

Sobriety Community Service Award for its contributions to the community,

including raising more than $2 million in nine seasons for area organizations

and foundations.

Through its "Grand Slam/We Care" community programs and fundraising

efforts, the Trenton Thunder partners with other local and national

organizations, including First Union National Bank, Johnson & Johnson,

Major League Baseball, New Jersey Education Association, Princeton

University, PSE&G, Merlino’s Waterfront Restaurant, and WaWa.

Through Boomer’s Book Buddies, in partnership with the NJEA, the team

sends its mascot, Boomer, to schools to enact the poem "Casey

at Bat" and to give youngsters a bookmark asking that they read

10 books outside of their required reading. Children who complete

the task are given two free tickets to a Thunder home game.

Also in conjunction with the NJEA, the Thunder hosts a Holiday Food

and Clothing Drive to benefit the Trenton Area Soup Kitchen and the

Trenton Salvation Army. The school raising the highest amount for

the charities receives 100 tickets to a Thunder game.

Other Thunder community and charitable programs include a Super 50/50

raffle at home games, through which a charity receives half the proceeds

of the raffle tickets and the fan holding the ticket receives the

other half; and the Educational Winners Circle, through which the

Thunder and First Union Bank each give five cents for every ticket

sold to a pool that is donated to a number of area charities, including

Project Learn and the Educational Talent Search.

Sun National Bank and the Mercer County Bar Association

collected new or used hats, gloves, and coats in good condition, and

are distributing them to individuals in need.

The Starbucks Foundation , the charitable arm of the Starbucks

Coffee Company, has given the YWCA of Princeton’s Family Literacy

Program a grant of $10,000.

On Wednesday, October 23, Merrill Lynch, Private Wealth Management

hosted the first annual Corporate Bowl to benefit Big Brothers and

Big Sisters of Mercer County. The event was held at Colonial Lanes.

Each person bowling collected or donated a minimum of $50.

A-1 Limousine participated in the American Diabetes Association’s

America’s Walk for Diabetes. Six walkers took part and raised a total

of $1,700. Led by Alfred Santaniello, the company’s hiring/training

supervisor, A-1 has been involved in the annual event since 1997.

The Verizon Foundation has given a $2,000 contribution

to the annual CONTACT of Mercer County gala, which was held on Saturday,

November 16, at the Chauncey Conference Center on the ETS campus.

CONTACT is a 24-hour crisis and suicide hotline. Its mission is to

provide compassionate and confidential telephone support and referral

services to people in need. CONTACT volunteers receive extensive training

that enables them to handle a myriad of caller crises, from child

or spousal abuse and drug addiction to loneliness, depression, and

suicide. It serves all members of the community, from children to

senior citizens.

The Robert Wood Johnson Foundation has awarded a grant

of $300,000 to Crawford House. Located in Skillman, Crawford House

provides transitional housing to women in early recovery from alcohol

or drugs. In addition, Crawford House, using the Twelve Step recovery

model, provides residents with the tools necessary to continue their

recovery and to continue on to independent living.

The funds committed from the Robert Wood Johnson Foundation will be

used to construct a new transitional housing facility on the agency’s

current site. The new structure will replace the current residence

and will allow Crawford House to expand its capacity to serve women

in need from 14 to 22.

PNC Advisors , the wealth management division of PNC Financial

Services Group, was a major corporate sponsor of the Historical Society

of Princeton’s annual dinner dance fundraiser held at Princeton Day

School on Saturday, November 16.


Previous Story


Corrections or additions?


This page is published by PrincetonInfo.com

— the web site for U.S. 1 Newspaper in Princeton, New Jersey.

Facebook Comments