IS your company cyber-vulnerable?

[mycrofft]

Could an internet attack degrade or wipe out your company's operations? What can you and others do to prevent this?

NOTE: internet attack can be brought to offline computers via jump drives or other media, and through computers/printers sharing a wireless server. Also, remember other wireless devices such as iPhones and the like.

 

[unit12]

a few suggestions

store your important data on a remote (offsite) and disconnected machine AND burn data to CDs and then lock them to further entries.

At the same time digitize all of your important paper records (even important photos & certificates) and store these as well (as above) in case some calamity hits your facility.

Here is an article about protecting your agency:

http://www.emsworld.com/article/10321102/in-the-danger-zone

Could an internet attack degrade or wipe out your company's operations? What can you and others do to prevent this?

NOTE: internet attack can be brought to offline computers via jump drives or other media, and through computers/printers sharing a wireless server. Also, remember other wireless devices such as iPhones and the like.

 

[mycrofft]

How about wireless printers and computers in a LAN? People bringing in games on thumb drives?

 

[Christopher]

Could an internet attack degrade or wipe out your company's operations? What can you and others do to prevent this?

NOTE: internet attack can be brought to offline computers via jump drives or other media, and through computers/printers sharing a wireless server. Also, remember other wireless devices such as iPhones and the like.

As a software engineer I'd say most of this is overblown...but hey, it's been an easy way to get money for projects from my company. Just wave the "cyber security" flag and everybody goes running.

If you're going to be serious about computer security, it's best to keep the following in mind:

• If a person has physical access to a machine, it is compromised
• If someone has an account on a machine, it is compromised
• If a machine is connected to a network, it is compromised
• If a network has access to the Internet, it is compromised
• Unless the computer is sitting in a cage in full isolation, it is compromised

Knowing that, plan accordingly ^_^

My suggestions to running a set of computers effectively, without getting narfled by the garthog:

• If you have web based PCR's, use Linux dumb terminals at the station
• If you have to use a PC, use Windows 7 and do not run anything as Administrator, setup independent user accounts for everybody and run them as Standard User (or less if possible)
• Set Windows, OS X, or Linux (Ubuntu is friendly enough) to auto-update
• Use Chrome, FireFox, or IE9 (all earlier versions of IE are trash) where feasible
• Deny ActiveX on websites, if a website needs it the owners are from the 90's and are incompetent
• If you really have some savvy a Citrix or virtual desktop approach limits exposure greatly
• The more you restrict, the more likely folks will be to try and get around it, so provide unencumbered WiFi (WPA/WPA2 protected) at stations
• Move email to a hosted solution, like Google for Apps
• Favor Office 2010 and run without macros enabled by default
• Have an SOG in place to discipline employees who introduce viruses/malware/adware/spyware knowingly or unknowningly
• Fire repeat offenders; this is 2012, if you can't use a computer without getting it gummed up by viruses, you probably need to get into landscaping

The simple answer is keeping a computer clean does not take a lot of work. Don't visit suspect websites, don't trawl for porn on a company machine, don't install torrent clients, etc etc etc. You don't need AntiVirus, you just need common sense.

Unfortunately, a lot of software needed in EMS is written by incompetent folks (our CAD software is so awful it not only must run as Administrator, the account has to be named Administrator as well). Or worse, your business decides to use ancient crap because people hate change and you likely have to run with elevated rights. If this is the case I highly recommend running a virtual machine or virtual desktop scenario. Both of these are relatively easy to get functioning and you don't need to be a rocket surgeon to accomplish it.

 

[Christopher]

store your important data on a remote (offsite) and disconnected machine AND burn data to CDs and then lock them to further entries.

At the same time digitize all of your important paper records (even important photos & certificates) and store these as well (as above) in case some calamity hits your facility.

You raise a good point about disaster recovery, because many people confuse Backups with Disaster Recovery.

A lot of the time backups are not tested, so you have no idea if they will work.

A lot of the time disaster recovery plans are never exercised, so when you actually have a disaster, nobody knows how to get the data...or worse the tapes are all corrupted.

The simple answer costs more money, which is to use a company to help you out. Once a year these companies will coordinate a "dry run" with you to make sure it all works.

The harder answer is rolling your own setup, which requires software, hardware, procedures, and coordination. At the Fortune 5 company I work for I can tell you we get backups right about 9 times of 10. The other 10% of the time, "tough luck, the tape was bad."

 

[wyomingearth]

PC security

I have found it concerning that at the private company I work for not only is the security and software obsolete but a couple of the computers have expired antivirus that is no longer protecting the files and one has no firewall and no antivirus. I did bring it up....it did get ignored.....(sigh).

 

[DrParasite]

Christopher is 100% accurate.

15 years ago, my former volunteer agency had a fire. we have some pretty good IT guys, who did back ups of all the systems every week, to an external hard drive, which was not left connected to the computer when it wasn't being used.. and they did it like clock work, so in case the computer crashed, or got infected with a virus, they could wipe it and restore the older version, and onyl be a week behind.

it was a great plan, except they stored the external drives next to the computer, in the locked office, so when the building caught fire, all was lost.

remember, a back up is great, but you should have an OFF-SITE backup in case your site becomes non-conductive for maintaining PC software.

 

[unit12]

PC Security & Disaster Recovery

What a lively and informative discussion this is.

Just wanted to add a statement here, I've gotten previous arguments when I've recommended digitizing important documents (whether important for business or important for memories) - even though many documents need to be originals with raised seals, etc, in case of disaster recovery, the copies can help you with records and ease getting genuine replacements.

And yes, off-site and even away from the main location - as agencies in earthquake, tornado and flood prone zones have discovered; not only your building may be damaged or inaccessible, but the entire neighborhood may be.

 

[mycrofft]

Around Sacramento, as well as some other places, in the early Nineties they started building computer fortresses, huge servers with passive cooling systems and strong physical security, double redundant uninterruptible electricity, to safeguard daily or quicker backups from major companies...then big mainframes went kaput, distributed computing took off, and the buildings were gutted and renovated into offices. Now they are being resurrected.

We had problems after problem with my work's computer systems, and it was always due to abuse by users, either web surfing, or bringing in games, and once with frank sabotage.

Things we as users can do: bring nothing regarding computers to worok, take nothing home (like the laptop they stole from the Los Alamos scientist's CAR?!).

 

[mycrofft]

How about wireless devices to transfer pt info, vehicle location, etc? Dispatch features?

 

[Christopher]

How about wireless devices to transfer pt info, vehicle location, etc? Dispatch features?

• Wireless: usually these are secured "as-is" through protocols, although adding a VPN or a higher level of wireless security (e.g. public-keys, hard-tokens) never hurts.
• It is my opinion that MITM (man-in-the-middle) attacks are not terribly feasible due to the obscure and varied interfacing between medical devices (e.g. I had to reverse engineer Philips equipment to just view a 12-Lead). Obviously targetted attacks against industrial control systems proved feasible. However, I think given the ridiculous variety in systems and setups and the absolute lack of adherence to software standards this is a non-issue for most agencies.
• Vehicle locators: if you get used to the idea that the location of your vehicles should be public, this is a non-issue. Otherwise, if your vehicle locator reports back to dispatch, just make sure this information is sent over a VPN.
• Dispatch features: I say make it all public, one less thing to worry about protecting.

 

[Christopher]

What a lively and informative discussion this is.

Just wanted to add a statement here, I've gotten previous arguments when I've recommended digitizing important documents (whether important for business or important for memories) - even though many documents need to be originals with raised seals, etc, in case of disaster recovery, the copies can help you with records and ease getting genuine replacements.

And yes, off-site and even away from the main location - as agencies in earthquake, tornado and flood prone zones have discovered; not only your building may be damaged or inaccessible, but the entire neighborhood may be.

We call this shipping out to the Salt Mines. Absolute pain in the *** to get your paper documents back, but I'll be damned if they're not going to be around long after I'm gone.

 

[mycrofft]

Salt Mines? We used to use Iron Mountain (literally, that's their name!).

 

[Christopher]

Salt Mines? We used to use Iron Mountain (literally, that's their name!).

I think Iron Mountain uses old limestone mines for its underground facilities, other companies use old salt mines.