Corrections or additions?
This article by Bart Jackson was prepared for the November 20, 2002 edition of U.S. 1 Newspaper. All rights reserved.
Defying the Data Invaders
Send a certified letter to your lover and you may safely
assume it will arrive, untampered, to only those eyes intended. Post
that note on the back porch door and you can scarcely be surprised
when her husband comes by to crush your bones. Question is, can cyberspace
achieve the high privacy expectations of the U.S. mails, or must it
ever be relegated to the back porch of communication security? How
— and how much — of our data and missives can we guard? And
at what price?
Answers to these costly computer issues will be discussed in the seminar
"How Safe is Your Data?" sponsored by the New Jersey Bankers
Association (NJBA) to be held Monday, November 25, at 9 a.m. Cost:
$125; walk-ins are accepted, but pre-registration is preferred. Call
609-520-1221 or e-mail RDesch@NJBankers.com
The panel includes
director of sales and marketing for Entium Technology Partners;
Read, senior vice president of Pifer Financial Systems in Barrnington;
compare practical security methods, both in-house and outsourced,
as well as the FBI’s Infraguard system.
The New Jersey Bankers Association (NJBA) is comprised of the state’s
80 commercial banks, plus a host of affiliate members and endorsed
vendors. Affiliates, typically insurance and high tech firms, join
to place themselves in the state’s financial loop via meetings, seminars,
and continual updates. Endorsed vendors receive the business-enhancing
approval of the association.
"Computer data, at this point, can not only be put in a sealed
envelope," says seminar speaker Read, " but via encryption
it can be placed in a fairly secure safe." His confidence is qualified
and comes from decades of experience. Growing up in Woodbury, New
Jersey, with a dad who labored over computers for Xerox, Read swore
he would never touch the silly machines. Yet right after graduating
from Camden County College, he joined Elwood Pifer’s new computer
security firm and for the past 26 years has helped financial businesses
keep one step ahead of the hackers. While actually a partner in Pifer
Financial Systems, Read prefers the title of Head Geek. "I have
four computers in this mess of an office, play all day — and love
it," he says.
Rooted staunchly in practicality, Read feels that any business should
focus on what he calls the 80/20 rule. Eighty percent of data invasions
can be thoroughly thwarted by a basic security-awareness program established
in-house. This much is a necessity. More elaborate solutions for the
20 percent more rare and exotic schemes are elective. Such a basic
data security program, Read insists, depends primarily on the employees,
particularly the accounting staff. No software or hardware, however
expensive and splendidly advertised, beats an informed and watchful
a bank and see passwords sticky taped to the side of computers,"
says Read, shaking his head. "It’s like leaving a note on the
door that the house key is under the mat." Then of course there
is the famous line heard frequently around the office: "Oh, here’s
my password, just borrow it, it’ll get you in." The hasty pace
of business demands shortcuts. But passwords are simply keys to very
expensive treasure chests and should be treated as such. The best
procedure is to set up a screensaver requiring a password, thus preventing
others from casually browsing though your files or downloading trouble.
call up any employee and ask for her password so he can fix a little
problem. Be suspicious. If it truly is your firm’s technical help
desk, they already know how to enter your system and in fact should
be changing passwords company-wide at frequent, random intervals.
Other invaders can Trojan Horse their way in on floppy disks or even
borrowed zip drives. Like chewing gum, if used, you don’t know where
the discs have been and what viruses they may carry.
currently in use are misconfigured," claims Read. "People
install them right out of the box, which is about like locking a hefty
deadbolt into dry wall." Installers need to customize them to
their current and future systems. In addition, firewalls and all security
systems require constant updating. Microsoft, for example, sends out
approximately two security patches on its systems each week. These
cover up various coding errors or breachable holes in your data’s
protection. Yet most companies and their employees regularly dump
these upgraded patches into the trash with the daily doses of spam.
fill 51 percent of America’s households. Forty-one percent have Internet
capability. With an increasing number of workers telecommuting from
the family den, network vulnerability broadens exponentially. Too
often employees not only phone in their labors, but their data invaders
as well. Dial-up Internet systems, while slower, Read explains, are
more secure than cable providers, such as Comcast, which operate continuously.
Recently, one of his cohorts complained that his computer was suddenly
sluggish and his hard drive icon was frequently flashing. "Elementary,
my dear friend," replied Read. "Your computer has been egregiously
hacked, loaded with mega-chunks of furtive data, and the flashing
indicates you are being pinged." His solution — and warning
for most PC owners — is to install a good firewall. The more rare,
but more unfriendly act, of "getting gatored" by silently
browsing spyware can be countered by installation of a basic, easily
available code changer, such as AdAware.
with numerous computers use some form of very handy micro-resource
kit. It is obviously necessary for at least one executive to be able
to swiftly open and access the entire network through several ports.
Yet hackers are expert at wriggling into such ports right behind the
pirates. Sailing the same waters are a consortium of good hackers
who try to stay one step ahead of the malicious invaders. "Most
of these guardian angels are linked into the major hacker sites and
chat rooms," says Read. They learn the latest illegal boarding
procedures and forewarn various firms. If the attack involves "critical
targets" such as utilities, transportation centers, and banks,
the angels may even alert the FBI’s National Infra Protection Center
(NIPC), which boasts a frighteningly thorough enforcement arm.
Yet all these in-house and good-hacker safeguards will probably present
very few obstacles to the other 20 percent of data thieves. "For
example," says Lenkey, the founder of Eye of Ra Security, "most
break-ins to agencies such as banks or mid-size firms take place after
Lenkey says he left college because his instructors told him they
had nothing more to teach him. After wandering the country for an
extended time, he fell into computer consulting and ended up assisting
the FBI in establishing its Infraguard program, which hunts down the
whole range of computer criminals. In 1994 he incorporated his company,
which is located in Whitehouse.
"The problem," Lenkey notes, "is that computer break-ins
are subtle. It is not like a suspicious character who can be easily
spotted by a well trained teller." To extend protection beyond
the basic in-house staff awareness that Read preaches, small to mid-size
firms might need the help of an outsourced data security service.
Such an outside service provides various price levels for continuous
protection depending on business size and personal paranoia.
Typically, their technical representatives analyze the normal flow
of transactions and protocol levels and thereafter monitor for suspicious
irregularities. They check for appropriate changes during employee
vacation times. (A good reason to have each employee take his full
vacation.) If hackers should penetrate the first level of defense,
succeeding layers will immediately be beefed up and the hacker will
Eye of Ra will corral and safeguard your entire herd of data for anywhere
from $25,000 to $125,000 annually, a price that Lenkey claims replaces
up to five security agents. Pifer Financial Security charges an $800
to $4,000 monthly fee. Read warns against overkill. "You don’t
arm your small branch bank to resist a Panzer tank assault," he
says. "By the same token, hiring a full-time data security professional
is unnecessary for all but the largest of companies."
On the other hand, the cost of security neglect can be devastating.
Three months ago, Ford Motors was invaded and more than 20,000 people
suffered identity theft: bank statement information, credit card numbers,
and credit histories, all were stolen for resale. This is the kind
of hit from which a firm may never recover. Computers and E-commerce
are definite godsends. But they force us to face an old financial
maxim that we must obey: With every new business-expanding tool comes
an increased cost of doing business.
— Bart Jackson
<d>Weidel Lambertville was a Gold level sponsor in
the third annual F.A.C.T. (Fighting AIDS Continuously Together) New
Hope/Lambertville AIDS Walk. F.A.C.T. Bucks County is an all-volunteer,
non-profit organization with two missions — to maintain the quality
of life for those infected by HIV/AIDS, and to educate and promote
awareness of this disease. The organization provides essential funding
to needy individuals living in Bucks and Hunterdon counties, and their
families, for medication, utility bills, rent, mortgage payments,
transportation, and other personal needs.
Sobriety Community Service Award for its contributions to the community,
including raising more than $2 million in nine seasons for area organizations
Through its "Grand Slam/We Care" community programs and fundraising
efforts, the Trenton Thunder partners with other local and national
organizations, including First Union National Bank, Johnson & Johnson,
Major League Baseball, New Jersey Education Association, Princeton
University, PSE&G, Merlino’s Waterfront Restaurant, and WaWa.
Through Boomer’s Book Buddies, in partnership with the NJEA, the team
sends its mascot, Boomer, to schools to enact the poem "Casey
at Bat" and to give youngsters a bookmark asking that they read
10 books outside of their required reading. Children who complete
the task are given two free tickets to a Thunder home game.
Also in conjunction with the NJEA, the Thunder hosts a Holiday Food
and Clothing Drive to benefit the Trenton Area Soup Kitchen and the
Trenton Salvation Army. The school raising the highest amount for
the charities receives 100 tickets to a Thunder game.
Other Thunder community and charitable programs include a Super 50/50
raffle at home games, through which a charity receives half the proceeds
of the raffle tickets and the fan holding the ticket receives the
other half; and the Educational Winners Circle, through which the
Thunder and First Union Bank each give five cents for every ticket
sold to a pool that is donated to a number of area charities, including
Project Learn and the Educational Talent Search.
collected new or used hats, gloves, and coats in good condition, and
are distributing them to individuals in need.
Coffee Company, has given the YWCA of Princeton’s Family Literacy
Program a grant of $10,000.
hosted the first annual Corporate Bowl to benefit Big Brothers and
Big Sisters of Mercer County. The event was held at Colonial Lanes.
Each person bowling collected or donated a minimum of $50.
America’s Walk for Diabetes. Six walkers took part and raised a total
of $1,700. Led by Alfred Santaniello, the company’s hiring/training
supervisor, A-1 has been involved in the annual event since 1997.
to the annual CONTACT of Mercer County gala, which was held on Saturday,
November 16, at the Chauncey Conference Center on the ETS campus.
CONTACT is a 24-hour crisis and suicide hotline. Its mission is to
provide compassionate and confidential telephone support and referral
services to people in need. CONTACT volunteers receive extensive training
that enables them to handle a myriad of caller crises, from child
or spousal abuse and drug addiction to loneliness, depression, and
suicide. It serves all members of the community, from children to
of $300,000 to Crawford House. Located in Skillman, Crawford House
provides transitional housing to women in early recovery from alcohol
or drugs. In addition, Crawford House, using the Twelve Step recovery
model, provides residents with the tools necessary to continue their
recovery and to continue on to independent living.
The funds committed from the Robert Wood Johnson Foundation will be
used to construct a new transitional housing facility on the agency’s
current site. The new structure will replace the current residence
and will allow Crawford House to expand its capacity to serve women
in need from 14 to 22.
Services Group, was a major corporate sponsor of the Historical Society
of Princeton’s annual dinner dance fundraiser held at Princeton Day
School on Saturday, November 16.
Corrections or additions?
This page is published by PrincetonInfo.com
— the web site for U.S. 1 Newspaper in Princeton, New Jersey.