The same cannot be said of executives in small and medium-sized organizations, especially when it comes to loss of personal information, including credit card data, patient records or other financial information, stored by the company. Data breaches happen and information is lost every day due to small mistakes that could have been avoided. For small businesses, these events can be devastating.

With news makers such as Wiki Leaks and other high-profile breaches over the last several months, you never know where your information will end up if it lands in the wrong hands – so of course, you must protect it.

With the advances in technology, it is not uncommon to find a user lugging around a laptop with 500GB of hard drive space. That is a lot of  space for corporate data and with the breaches like we have witnessed recently – Wiki Leaks, HBGary, etc. you never really know who will end up with your corporate data should it get stolen.

Couple that with the fact that small organizations do not have the resources to set up a sophisticated VPN architecture that would require a user to log in the mother-ship before accessing data. They cannot afford expensive data plans.

Research records from the Ponemon Institute show that over 75% of organizations are aware of an incident in the organization where confidential or sensitive information was at risk as a result of a lost or stolen laptop.

It is assumed that presently, almost 40% of sensitive and confidential corporate information is being accessed at any given time by remote workers, including corporate execs.

It is strongly believed in the IT security field that humans are the weakest link in the area of data security and that employees are careless. Moreover, in many small businesses and organizations there is no IT personnel to take ownership of securing corporate data.

It is not uncommon to find contents on the laptops of executives that could put the company at risk should it get on the wrong hands – pictures and videos of a wild night out, for example.

While most modern laptops contain whole-disk encryption software, not many users are aware of them. The are also location tracking, and file-level encryption.

Expanded use of encryption has become the most popular technology solution to data protection. So here is a round-up a few tools that could be useful for the traveling executive:

AxCrypt:

AxCrypt – Personal Privacy and Security with AES-128 File Encryption and Compression for Windows 2000/2003/XP/Vista/2008/7. Double-click to automatically decrypt and open documents. Store strong keys on removable USB-devices.

Features:
Seamless integration with Windows Explorer.
Double-click to decrypt, open and re-encrypt.
No configuration required.
Many languages supported.
Extensive command-line interface for scripting and programming.

TrueCrypt:

Main Features:

• Creates a virtual encrypted disk within a file and mounts it as a real disk.
• Encrypts an entire partition or storage device such as USB flash drive or hard drive.
• Encrypts a partition or drive where Windows is installed (pre-boot authentication).
• Encryption is automatic, real-time (on-the-fly) and transparent.
• Provides plausible deniability, in case an adversary forces you to reveal the password
• Hidden volume (steganography) and hidden operating system.
• Encryption algorithms: AES-256, Serpent, and Twofish.

Personally, I believe this should be your first choice. What you can do is create an encrypted file on your system that the software mounts as an encrypted virtual hard drive and you can dump all your critical documents in there. It is possible to use a folder, file or image as a key (password). So for example, you can create a text file of your favorite movies and use that as your key – one less password to remember.

The nice thing about TrueCrypt  is that depending on how paranoid you are, the options are endless.

MyTextIsTreasure:

I stumbled on this during a frustrated search for a password “holding cell”. With so many passwords, login credentials, online subscriptions etc. to manage, I was getting irritated by the limitations of an Excel spreadsheet and a plain text file was dangerous at best.

It is a simple password manager for your PC and Smartphone. It works like a text editor and uses a strong cryptography algorithm to generate the end file.

What MyTextIsTreasure (MTT) does is give you a notepad-like page that you can type your sensitive data in and secure with a password. It has been an awesome tool because I can save it on an FTP site, a USB flash disk or a Synced online folder without worrying about unauthorized access.

Features:

• It is a password manager
• It works like a simple text editor
• It protects your private information using the known crypt algorithm AES
• It can be installed in your PC and in your Smartphone
• You can organize passwords by categories like credit cards, websites, forums, internet banking, personal life, and so on.

You don´t have to fill a lot of fields and follow a square structure.

SecureFolder Portable:

This is another application that allows you to hide, lock and encrypt folders using 256-bit AES encryption through an intuitive and simple interface. If you had the app installed on a laptop, you can password protect a specific folder use the tool to open the folder when you need access to it.

Key Features:

• Unlimited number of folders can be protected.
• Intuitive & easy-to-use interface.
• NTFS, FAT32 and FAT volumes are supported.
• Implements 256-bit AES (Rijndael) to encrypt files.
• Effective password protection.
• System Cleaner, File shredder, Virtual Drive.
• Removing or uninstalling will not uncover locked folders.
• Windows Explorer integration.
• Supports Drag & Drop.

It is compatible with Windows XP, Vista, 7

WinSCP:

WinSCP is a SFTP client and FTP client for Windows. Its main function is the secure file transfer between a local and a remote computer. It uses Secure Shell (SSH) and supports, in addition to Secure FTP, also legacy SCP protocol.

Portable PGP:

Portable PGP is a fully featured, lightweight, java based, open source PGP tool.
It allows to encrypt,decrypt,sign and verify text and files with a nice and absolutely straight graphical interface.
It’s absolutely simple to use and provides everything you need to get started with PGP cryptography.

There is a USB-Stick version of PortablePGP which comes as a simple zip file that you can decompress on the root folder of your USB drive and allows to run PortablePGP on both Window and Linux platforms without the need of installing it and without the need to have a Java virtual machine installed(a private JRE is bundled in)

Requirements:
Java Runtime Environment 6 (or greater)
Java(TM) Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files

HaDES:

HaDES (Short for Hard Disk Encryption System) is an enterprise level open source hard disk encryption tool, which enhances TrueCrypt by adding functionality that enables TrueCrypt for enterprise use, for example multi-user capability and recovery

HaDES Additional Features:Creates a virtual encrypted disk within a file and mounts it as a real disk

• several users have access to the encrypted disk via username and password
• Encrypts a partition or drive where Windows is installed (pre-boot authentication)
• Users can be administrated in volumes and partitions with multi-user capability:
  • users can be created
  • users can be deleted and
  • every user has the possibility to change his or her password.

Ultimately, the best way to protect corporate data is to assess risks by identifying and classifying confidential information and them implementing the following:

• Educate employees on information protection policies and procedures, then hold them accountable
• Deploy data loss prevention technologies which enable policy compliance and enforcement
• Proactively encrypt laptops to minimize consequences of a lost device
• Integrate information protection practices into businesses processes

FreeOTFE:

FreeOTFE is a free, open source, “on-the-fly” transparent disk encryption program for PCs and PDAs with a simple goal: the secure storage of bulk data, while making it readily accessible to authorized users.

With this software, you can create one or more “virtual disks” on your PC/PDA. These disks operate exactly like a normal disk, with the exception that anything written to one of them is transparently, and securely, encrypted before being stored on your computer’s hard drive.

Features include:

Highly portable – Not only does FreeOTFE offer “portable mode”, eliminating the need for it to be installed before use, it also offers FreeOTFE Explorer – a system which allows FreeOTFE volumes to be accessed not only without installing any software, but also on PCs where no administrator rights are available. This makes it ideal for use (for example) with USB flash drives, and when visiting Internet Cafés (AKA Cybercafés), where PCs are available for use, but only as a “standard” user.

TAILS LiveCD:

The Amnesiac and Incognito LiveCD System is a secure web browsing platform that is ideal for travelers who frequent Internet Cafés and want to prevent the possibility of their systems being compromised.

From the website:

The Amnesic Incognito Live System (Live CD, Live USB) is aimed at preserving your privacy and anonymity by forcing all outgoing connections to the Internet to go through the Tor network; and not leaving any trace on local storage devices unless explicitly asked.

It’s a LiveCD which means that you do not have to install it. You set your laptop’s BIOS to boot from CD and no changes are made to your operating system. The software can also be to run off of a USB stick.

Some important features of TAILS include:

• Tor and the Vidalia graphical front-end
• Firefox preconfigured with: Torbutton for anonymity and protection against evil JavaScript
• FireGPG for e-mail encryption
• All cookies are treated as session cookies by default; the CS Lite extension provides more fine-grained cookie control for those who need it
• OnBoard virtual keyboard as a countermeasure against hardware keyloggers
• Shamir’s Secret Sharing – a form of secret sharing, where a secret is divided into parts, giving each participant its own unique part, where some of the parts or all of them are needed in order to reconstruct the secret.
• To prevent cold-boot attacks and various memory forensics, Tails erases memory on shutdown and when the boot media is physically removed.

Of course there other LiveCDs out there like Kiosk from rPath, Webconverger and Ubuntu Kiosk. The difference is that TAILS has the tor software enabled by default.

Necessary Warning:
Please bear in mind that the subject of encryption can get overwhelming at times. If you are not comfortable using these tools, please seek assistance. We must tell you that you bear total responsibility for lost data – seriously. Do not attempt disk/folder encryption if you have no clue on how to go about it.
Enough said.

Shameless Plug:

If you own a small business in the Austin area and have less than 20 employees, see how you can protect your mobile users and data in transit without upfront or out-of-pocket cost here.

The Firefox team pulled together the following infographic to share some cool stats about the first 48 hours following the launch:

From a security perspective, the following interesting features are built into the browser:

The problems is that Joomla!, without the help of some extensions has no built in method for publishing articles or inserting direct links in another article. Each article in Joomla! has a direct system identification number, which shows up in the article manager in the right side column in the list of articles.  These ‘ID’ numbers are unique and no two articles can have the same. For example, “index.php?option=com_content&view=article&id=12″ references an article with id number 12 and you have to use this link (instead of say, recipe.html) if you want to view the page.

The alternative is to create a menu and give it a “normal” because the Joomla! 1.5 default SEF URL creates search friendly URL based off of the menu items or links.  So, if you do not have a menu item, it is impossible for the software to create Search Engine Friendly link. This can quickly become a problem if you want to publish an article but do not want it to show up on a menu

To avoid having to create a visible menu item for every article, here’s a simple solution:

• Go to the Menu Manager and create a new menu with any name (a unique name like Offline Menu worked for me).
• Go into the module manager and locate the Offline Menu module that was automatically created and either disable it, or set it to a non-existent module position. My preference is to disable it.
• Create a link to your article using the single article layout method.
• Change the alias to whatever you want to have as your SEF URL (network-monitoring, for example).
• Link to the new article with http://www.yoursite.com/link-alias.html.

This method works well for me. There are other tricks that involve making changes to the CSS stylesheet etc., but this one is simple and very easily gets the job done. The goal is to be able to create articles or link to them without creating visible menu items for each one.

Happy computing.

As a result of wider economic pressures, IT in general today is shaped by one dictate: reducing costs. This is why more and more businesses, especially small and medium sized organisations, are currently using cheap solutions, or even consumer products, to protect their IT environments. The imperative to reduce costs also results in many postponed projects and more careful spending of budgets. The free Essential Firewall edition from Astaro aims to support small and medium business owners with the necessary functionality to be secure today at no cost, as well as expanding as their needs grow.

The Essential Firewall edition is based on the Astaro Security Gateway and delivers the fundamental functionality required to protect customers and their networks. If more functionality is needed over time, the customer can upgrade to the full Astaro Security Gateway.

As a free edition of the Astaro Security Gateway, the Essential Firewall offers the same easy-to-use Graphical User Interface and is available as Software and Virtual Appliance. Additionally, the Essential Firewall edition will come with the ability to receive support through Astaro’s user forum (www.astaro.org).

Features included in the Essential Firewall edition:

• Networking: Internet Router, Bridging, DNS server & proxy, DynDNS, DHCP server & relay, NTP support, automatic QoS
• Network Security: Stateful Packet Inspection Firewall & Network Address translation (DNAT/SNAT/Masquerading)
• Remote Access: PPTP and L2TP over IPSec support (including iPhone support)
• Logging/Reporting: Full logging on local hard drive, searching, real-time reports for hardware, network usage and network security, daily executive reports
• Management: Web-based GUI in local languages, setup wizard, configuration backup & restore, administrator notifications, SNMP support, centralized management via Astaro Command Center (also free of charge)

While this is a good move which will allow IT admins who have been “secretly” using the home version to protect their businesses breath a sigh of relief, we must note that the free business version drops the ball in providing the “essentials” that small and medium businesses need – web, mail and malware security are glaringly absent in this version.

This is a big mistake. The home edition provides more security than the business version – a reversed situation. Of course, the ultimate goal is to ease business owners in and allow them to see the business value and the need to get the “full” version.
I do not believe in teaser software especially for critical environments like businesses. If you want to give it away free, then make it truly free. Moreover, it goes counter to the statement by the CEO of Astaro, Jan Hichert, as to the company’s motivation for this release:

Small and medium sized businesses are the backbone of the world economy. They act more cautious, they maintain a stable business and they are not subject to the high demands of investors. But nevertheless, SMBs are affected by the current economic climate even more so than larger businesses. This is why we see more and more businesses fall back to consumer products to secure their IT environment (emphasis mine) – in order to reduce costs, they lower their level of security. This is a dangerous compromise. By launching the Essential Firewall edition we aim to provide those companies a professional alternative.

Terribly crippling the so-called business version, runs counter to the stated objective and seriously dampens the incentive to even try the software, especially when there are comparable products out there like Untangle, Smoothwall, ClearOS – formerly ClarkConnect, IPCop, and pfSense to name a few.

To remove the title on the front page of a Joomla! website, do this:

1. Log in as admin on the backend,
2. go to “Menus” and choose “Main Menu”.
3. Look for a menu item called “Home” and click on it to edit.
4. On the right side, there are a few “Parameters” settings. Look for the one that says “Parameters (System)” and click on it to expand.
5. Look for the “Show Page Title” option and select the “No” radio button and save.

That will hide the “Welcome to Joomla or Whatever” on the front page.

On the other hand, if you are trying to change the title or greeting from “Welcome to Joomla!” to “Welcome to Our site”, you can do that here too. Instead of hiding the title page, just change the title to reflect the new greeting.

It worked great for me and I hope this helps. It drove me crazy for a while.