Apple has two three* ways to secure company data on an iPhone in the event an iPhone is lost or stolen.

If you have a subscription to Apple’s MobileMe you can now find a lost iPhone and/or wipe all of it’s data from the MobileMe website. More info on the MobileMe capabilities are available on the Apple website.

Many corporate users do not use the MobileMe service (which costs $99/year) but still need to protect the data on their iPhones. Well, Apple has you covered there as well. You can enable a four digit passcode on your phone. If the incorrect passcode is entered 10 times in a row, then all the data on your phone will be erased. If the data is erased accidentally or the code is forgotten you can restore the phone from iTunes.

Here’s how you would enable the setting to wipe your phone after 10 incorrect passcode attempts. From your phone choose:

1. Settings – General – Passcode Lock
2. Enter a 4 digit passcode twice to confirm. Be sure you won’t forget this passcode!
3. From the next menu click on Require Passcode and choose a timeout. A shorter time is more secure.
4. Make sure Erase Data is set to On. Screen should like the image below.

That’s it! Your iPhone will now wipe all data if an incorrect passcode is entered 10 times in a row.

Each method has it’s own advantages and disadvantages. We feel the built-in feature of using a passcode is the most straight forward solution and provides a high level of security.

*Companies running Microsoft Exchange Server can remotely wipe an iPhone. Please see your company’s system administrator for details.

CRN writes the following about Social Networking Threats. For the full article head over to State Of Technology Security: Top 10 Biggest Security Threats

Social Networking Threats made the Top 10 list for the first time, coming in third place with 34.4 percent of the partner vote. But partners have acknowledged that social networking attacks pose a very real and serious threat. End users have been exposed to countless Trojans, Internet worms and phishing attacks targeting social networking sites such as Facebook and Twitter. Attackers have exploited a wealth of personal and identifying information that users freely share online to commit identity theft crimes. In addition, social networking sites carry with them a strong trust component. Unlike spam attacks, which typically originate from an unfamiliar or suspicious source, social networking attacks often appear to come from someone the user knows and trusts, compelling them to click on infected links or malicious files that ultimately download malware onto their systems.
The market for hackers has also been flung wide open as more businesses utilize social networking sites to promote their business and establish important contacts. And there appears to be no reprieve in sight as the social networking market continues to expand.

While we promote Network Velocity on Twitter, we also advise clients to filter employee web surfing to protect sensitive company data and reduce expensive malware cleanup. Social Networking can be a great marketing tool, but due to the rampant popularity of sites like Facebook, hackers are increasingly targeting Social Networking sites with malicious software. Social Networking can be used as a tool to communicate to your clients, peers and vendors but be sure you are in control and using Social Networking to your advantage. In the work environment, restricted access for is still the best policy to avoid productivity problems and security/malware breaches.

For most businesses, we believe the best Social Networking strategy is to blog frequently and use Twitter and other sites to point traffic to your blog. In this way control of your message stays in your hands and Social Networking is used to drive traffic to your site where visits can be measured and ROI calculated. Keep in mind the Social aspect of Social Media. Communication should not be one way. When a person engages with your online presence, respond!

Mashable cited this information from the study:

Only 10% of those surveyed let employees use social networks however they please, while the remainder all impose at least some restrictions on usage, like limiting it to business purposes only.

The survey, which was developed by Robert Half Technology, is consistent with other recent reports that show companies are quickly moving to block social media in the workplace. Of course, even when companies allow social media, it doesn’t always end well for employees. Another recent report indicated that 8% of companies in the US have fired staff over social media misuse.

Network Velocity uses Fortinet Firewalls to provide custom Web Filtering for our clients. Contact us to learn how we can help your business setup a flexible, yet secure, policy that fits your needs.

In their review, SC Magazine stated:

The FortiGate-310B appliance integrates firewall, AV, IPS, VPN, content filtering, anti-spam and traffic-shaping functions, or any combination thereof on a single, integrated security appliance. The multi-threat integrated security approach protects against threats both at the network and the application layer – eliminating the need for separate standalone solutions.

The FortiGate-310B delivers a strong price/performance ratio with firewall/VPN speeds that rival competitors’ high-end enterprise products, yet is priced significantly lower.

The full SC Magazine article is available here. Congrats Fortinet!

It was feared that Conficker was programmed to become active on April 1st, potentially causing problems across millions of PC’s. While this date passed with no noticeable impact, many sites across the web are reporting that Conficker is still a threat and in many cases causing problems. Yahoo reports that Conficker is being used to install additional software, hijacking PC’s to send out SPAM email. ZDNet reports Conficker installs malware that masquerades as AntiVirus Software.

Network Velocity has many strategies to protect client systems from these threats. For more information please contact us.

We wrote about this vulnerability back in October of 2008. We rolled out proactive patches to all clients at that time.

Viruses tend to mutate quickly. Even with current virus protection, it’s advisable to always be wary of what files, links or videos you may receive. For viruses, the best defense is common sense. Even though our clients are patched, do not open any attachments you do not expect to receive, even if they are from a trusted source.

If you have any questions feel free to contact us.

From the moment people started using passwords, it didn’t take long to realize how many people picked the very same passwords over and over. Even the way people misspell words is consistent. In fact, people are so predictable that most hackers make use of lists of common passwords just like these. To give you some insight into how predictable humans are, the following is a list of the 500 most common passwords. If you see your password on this list, please change it immediately. Keep in mind that every password listed here has been used by at least hundreds if not thousands of other people.

There are some interesting passwords on this list that show how people try to be clever, but even human cleverness is predictable. For example, look at these passwords that I found interesting:

ncc1701 The ship number for the Starship Enterprise
thx1138 The name of George Lucas’s first movie, a 1971 remake of an earlier student project
qazwsx Follows a simple pattern when typed on a typical keyboard
666666 Six sixes
7777777 Seven sevens
ou812 The title of a 1988 Van Halen album
8675309 The number mentioned in the 1982 Tommy Tutone song. The song supposedly caused an epidemic of people dialing 867- 5309 and asking for “Jenny”

“…Approximately one out of every nine people uses at least one password on the list shown in Table 9.1! And one out of every 50 people uses one of the top 20 worst passwords..”

Lists the top 500 worst passwords of all time, not considering character case. Don’t blame me for the offensive words; you were the ones who picked these, not me.

123456 porsche firebird prince rosebud
password guitar butter beach jaguar
12345678 chelsea united amateur great
1234 black turtle 7777777 cool
pussy diamond steelers muffin cooper
12345 nascar tiffany redsox 1313
dragon jackson zxcvbn star scorpio
qwerty cameron tomcat testing mountain
696969 654321 golf shannon madison
mustang computer bond007 murphy 987654
letmein amanda bear frank brazil
baseball wizard tiger hannah lauren
master xxxxxxxx doctor dave japan
michael money gateway eagle1 naked
football phoenix gators 11111 squirt
shadow mickey angel mother stars
monkey bailey junior nathan apple
abc123 knight thx1138 raiders alexis
pass iceman porno steve aaaa
fuckme tigers badboy forever bonnie
6969 purple debbie angela peaches
jordan andrea spider viper jasmine
harley horny melissa ou812 kevin
ranger dakota booger jake matt
iwantu aaaaaa 1212 lovers qwertyui
jennifer player flyers suckit danielle
hunter sunshine fish gregory beaver
fuck morgan porn buddy 4321
2000 starwars matrix whatever 4128
test boomer teens young runner
batman cowboys scooby nicholas swimming
trustno1 edward jason lucky dolphin
thomas charles walter helpme gordon
tigger girls cumshot jackie casper
robert booboo boston monica stupid
access coffee braves midnight shit
love xxxxxx yankee college saturn
buster bulldog lover baby gemini
1234567 ncc1701 barney cunt apples
soccer rabbit victor brian august
hockey peanut tucker mark 3333
killer john princess startrek canada
george johnny mercedes sierra blazer
sexy gandalf 5150 leather cumming
andrew spanky doggie 232323 hunting
charlie winter zzzzzz 4444 kitty
superman brandy gunner beavis rainbow
asshole compaq horney bigcock 112233
fuckyou carlos bubba happy arthur
dallas tennis 2112 sophie cream
jessica james fred ladies calvin
panties mike johnson naughty shaved
pepper brandon xxxxx giants surfer
1111 fender tits booty samson
austin anthony member blonde kelly
william blowme boobs fucked paul
daniel ferrari donald golden mine
golfer cookie bigdaddy 0 king
summer chicken bronco fire racing
heather maverick penis sandra 5555
hammer chicago voyager pookie eagle
yankees joseph rangers packers hentai
joshua diablo birdie einstein newyork
maggie sexsex trouble dolphins little
biteme hardcore white 0 redwings
enter 666666 topgun chevy smith
ashley willie bigtits winston sticky
thunder welcome bitches warrior cocacola
cowboy chris green sammy animal
silver panther super slut broncos
richard yamaha qazwsx 8675309 private
fucker justin magic zxcvbnm skippy
orange banana lakers nipples marvin
merlin driver rachel power blondes
michelle marine slayer victoria enjoy
corvette angels scott asdfgh girl
bigdog fishing 2222 vagina apollo
cheese david asdf toyota parker
matthew maddog video travis qwert
121212 hooters london hotdog time
patrick wilson 7777 paris sydney
martin butthead marlboro rock women
freedom dennis srinivas xxxx voodoo
ginger fucking internet extreme magnum
blowjob captain action redskins juice
nicole bigdick carter erotic abgrtyu
sparky chester jasper dirty 777777
yellow smokey monster ford dreams
camaro xavier teresa freddy maxwell
secret steven jeremy arsenal music
dick viking 11111111 access14 rush2112
falcon snoopy bill wolf russia
taylor blue crystal nipple scorpion
111111 eagles peter iloveyou rebecca
131313 winner pussies alex tester
123123 samantha cock florida mistress
bitch house beer eric phantom
hello miller rocket legend billy
scooter flower theman movie 6666
please jack oliver success albert

We will begin rolling out this patch tonight and plan to have all machines updated by the weekend. As always, feel free to contact us with any questions.

While web scams are nothing new, this latest story underscores the importance of adhering to strong password policies and using common sense on the web. Twitter users who entered their credentials on this bogus site have put their web based accounts that share the same credentials in jeopardy.

Network Velocity recommends using a password manager such as RoboForm to securely create and store random passwords.

And a final reminder about passwords, longer passwords are more secure than short passwords, no matter how difficult the short password may seem. For instance, “thisverylongandsimplepassword” is more secure than a short password that uses random characters like $#@^.

Always use common sense and, if possible, always use RoboForm!

Wireless security has gone through several changes and protocols in efforts to remain secure, but as computers have become faster hackers have been able to decode encrypted wireless traffic at faster and faster speeds. The WPA protocol used to secure wireless traffic, once thought to be uncrackable, can now be decoded and wireless traffic reviewed (or even worse altered) in flight in 15 minutes.

WPA2, a newer and more secure version of the recently hacked WPA, remains secure (for now). For true wireless security Network Velocity recommends separating your Wireless network from your Corporate Network. If the Wireless network must reach your Corporate Network we recommend a client VPN in addition to WPA2 to secure all traffic.