Sep 27, 2011

Don’t Remind Me Later

Imagine a bunch of scammers and hackers sitting around in a dark room together. They’ve just created brand new viruses that will invade your life by invading your computer to steal your banking information, take all your passwords, send threatening emails to all your friends, make all your personal photos public, and….. And, they’ve devised a simple and yet genius way to get it into your laptop or smartphone that’s always connected to the Internet using some of the hundreds of software pieces that run on your computer.

Amazingly, software providers have also just figured out a way to block these viruses. But the only way this will work is if you update your laptop or smartphone with the latest security updates they have just sent you. And out of sheer courtesy, they are asking you if you want to update now or “Remind Me Later.”

What are you going to do? What do you do nearly every time you see that nice “Remind Me Later” button looking so sweetly at you while you’re busy updating your Facebook or sending an IM or working on a work email? We all do it. We all tell our friends who are trying to protect us to come back another time. You’re OK leaving all the doors and windows wide open for the bad guys to break into your life. You’re OK with giving your life away to some stranger in a dark room on the other side of the world.

This scenario might sound dramatic, but, it’s really not. The “Remind Me Later” button is not your friend. In fact, it is probably the most dangerous ‘button’ you can push.

Let’s put this in perspective. If robbers had figured out how to turn off your home alarms or break into your house, would you fix it right away or put a note in your calendar to “Remind Me Later?” Similarly, we don’t ask someone to remind us to lock our car later if we know we have left it unlocked. The same is true for every security measure we take in our real lives.

And yet, we hit that “Remind Me Later” button as quickly as we can, like we’re playing whack a mole at an arcade.

Some people complain that security updates take too long, are too cumbersome, and bog down their computers. That was true…about 10 years ago. With today’s high speed systems, security updates can run quietly in the background. Kind of like the locksmith who can do his thing, while you’re busy doing yours in the house.

Hackers are literally creating and launching new viruses every day. That means that these invaluable updates are needed frequently. Every time a software provider figures out a way to block the bad guys, they send out an update. They have effectively put a new lock in an existing door, ensuring the safety of your personal life.

So, next time the dialogue box appears asking if you want to run a security update now, just remember the “Remind Me Later” button is not your friend.

Sep 13, 2011

When Hackers Attack, Earthquakes Follow

Hackers of the world have gone wild, infiltrating a variety of sites such as those of the CIA, PBS, and just the other day, NBC.  Supposedly “secure” servers of companies as notable as JP Morgan Chase and Sony have been hacked to get credit card or customer information.

In fact, hacking has had such a substantial effect on the business world that Rupert Murdoch was recently forced to close an English tabloid as a result of the paper’s hacking of celebrity phones. Stories of massive and embarrassing hackings are popping up everywhere letting us know that these hackers mean business.

And if you’re a business, being ready means more than having an IT emergency response plan.  In today’s hacker environment, a company’s response plan must be holistic in nature, agile in execution, and grounded in reality.  The right response must include technical, legal, educational, and public affairs components.  Each area has a significant role to play and one that if executed incorrectly can make the difference between disaster and recovery.  And we’re talking just security.  The problems compound when you throw in safety and privacy as well since the three are interconnected and not mutually exclusive.

Having been at the forefront of safety, security, and privacy (SSP) crises many times over in my previous roles in corporate America, and now as the founder of an online security consulting company, I can tell you that many company executives often think of the public relations (PR) aspect of responding to a hacker crisis as ‘fluff’ or coming from the ‘group that spins’.

In fact, PR is at the epicenter of this type of crisis and how it is handled can make the difference between minor aftershocks or more devastating quakes.

The right PR team will have to navigate with agility, acumen, and diplomacy while still grounded in relevant experience with safety, security, and privacy.  The challenges presented are far ranging and come in multiple forms.  Questions abound such as:

-who should be the spokesperson

-what is better, a reactive or proactive media strategy

-when should the affected consumers be informed

-where is the place to release information

-how should employees be informed about what is happening

-when should a safety, security, and privacy crisis plan be implemented

-who makes the final call on what goes out

Given the sudden onslaught of hackers, traditional PR firms are facing quite the challenge in helping clients respond.  The problem – many of these firms aren’t yet equipped or experienced to handle the unique challenges SSP PR brings even if they have handled other types of crisis in the past.

If your company is at risk of falling victim to a SSP PR nightmare, begin internal discussions ASAP to see if you are equipped to handle such an event holistically.

The more you read about the pain and suffering other companies have gone through, the more daunting the problem may appear.  But, it is one that can be overcome with the right kind of planning, team, and program in place.  Having worked closely with several clients to put in place SSP PR strategic plans, we have seen the positives that come from doing it right the first time.

If there is one thing to keep in mind it is this – hackers don’t follow traditional fault lines.  At any time, you can be the flashing red dot marking the epicenter of a major SSP earthquake.

Aug 31, 2011

So Many Kid Sites, So Little Time

Saying that there are a ton of sites for kids on the Internet is like saying there’s a lot of sand on the beach.  Sifting through all the sites out there to find the good and avoid the bad can be quite the daunting task especially with all the new sites popping up.  Should my kids play games online? Is there a safe place for them to explore the web? How secure are the sites that my kids are visiting?  There are so many questions and so many sites.

We decided to take stab are looking at some of the many sites out there to help you out.  Below are some of the sites we found that cater to kids between the ages of 4 and 13 or so and are worth taking a look at for a variety of reasons.

Togetherville.com: A social networking site for children that is monitored by parents.

  • Parents set up an account and “monitor” their children’s activities, including being in charge of who gets approved for a child’s neighborhood.
  • Lots of interactive games for kids of all skill levels, fun music.
  • Educational videos that are also entertaining.

ePals.com: Educational community bringing together learners from all over the planet.

  • Special areas for parents, families, students and teacher allow for dedicated and well-directed information.
  • Site has projects for classrooms and families, generating learning and a sense of global community.

ClubPenguin.com: Virtual world site that promotes global consciousness, charitable living and sharing.

  • Membership is limited and monitored, allowing for children to roam safely within the penguin world.
  • Interactions between members are promoted, especially in a socially conscious way that encourages children to share, learn to give, and be responsible.

Kids.NationalGeographic.com: Award winning site with vast resources that combine education and entertainment.

  • Specialized content ensures that kids get material that will work for them.
  • Videos, reading, pictures in an easy to navigate space.
  • Collection of fun activities to foster a child’s creativity and enhance their understanding of science.

Askkids.com: Search engine for children.

  • Provides a safe and entertaining way for children to surf the net.
  • All sites being searched by Ask Kids are acceptable for children of most ages.

PBSkids.org: Online version of PBS station for children.

  • Variety of interactive games and interesting videos for kids of various ages.
  • No external ads for kids to click on.

Nickjr.com: Online destination for fans of Nick Jr.

  • Colorful, bright and imaginative content from kids’ favorite characters.
  • Games and interactive areas for music, dance, parties and more.
  • Interactive “craft” area for kids allows them to create online works for art.

Girlscouts.org/forgirls: Branch of the Girl Scouts’ main site that provide age appropriate interactive material.

  • Girls only content increases self-esteem and community involvement
  • Interactive area that allows for girls to create their own works of art or color on pages already provided.

Kidscom.com:  Site for kids that offers safe chatting, safe networking, games, videos and more.

  • Parent monitored area for children to engage in chat rooms and social networking.
  • Exclusive interactive games with various themes and methods.

Thekidzpage.com: Free website with hundreds of resources for children

  • Online and printable coloring pages
  • Information about and activities for holidays and vacations

Disney.go.com: Games site from Disney

  • Kids get to play games based on their favorite Disney characters.
  • Trusted Disney name ensures safety and security for children browsing the site

Seussville.com: Site based on the venerated children’s books by Dr Seuss.

  • Creative and fun content.
  • Videos, books, story telling, game…all tested and kid safe.

Jumpstart.com: Online world with games and interactive action.

  • Children must login, thereby maintaining a safer environment
  • Parental controls and names given by the games make sure that personal information for kids isn’t getting out on the web.

Zoeysroom.com: Interactive website helping girls to learn about technology

  • Content developed especially for girls aged 10-14, helping them to learn math, science and technology.
  • Variety of videos and activities.

Of course, every child is different and not every site will work for every situation. Take the time to visit these sites with your kids using this list as an easy starting point.

For more information on safety, security, and privacy in the online world, check back here weekly or visit my blog.