From the Trenches: Worst IT Mistakes, Part 3

By Chuck Romano Concluding my series about the worst IT mistakes I’ve witnessed in my 10+ years as a technician, I’ll highlight two notable IT atrocities I’ve seen people make. So let’s dive right in: Not Logging Off the Remote Network Remote desktop applications enable easy access to the corporate network, but failing to log out of a session can wreak havoc, leaving a connection to a corporate network wide-open to anyone who happens upon the device, not to mention if the user starts to wonder into the shady depths of the internet unknowing still connected to a company network that can be at risk of malicious data. Ignoring the Social Engineering Threat All the greatest security technology in the world is no match for good social engineering tactics.  Millions of dollars can be spent to prevent hackers from compromising a system, yet a simple phishing techniques can easily hand over passwords over to the bad guys (or gals).  Social engineering is an all around security threat, not just a remote access threat, but again, with the high usage of mobile devices in public places, a simple “over-the-shoulder” technique can compromise an entire network. Anybody else have “war stories” to share? I’d like to hear about it in the comments. Chuck Romano is owner of MoonCat Computer Repair and has more than 10 years experience in the IT...

From the Trenches: Worst IT Mistakes, Part 2

By Chuck Romano This week, I continue on the worst IT mistakes I’ve seen in my 10+ years as a repair tech, building on last week’s tip about always being cognizant of the vulnerabilities of SSL VPNs. Taking that a step further, it’s critical to know the difference between VNC and RDPs. Let me explain. Not knowing the difference between VNC vs RDP Coming from a computer repair background, I have used both VNC (Virtual Network Computing) and RDP (Remote Desktop Protocol, software protocol developed and owned by Microsoft) to gain remote access to a client’s computer for support. But there are important differences between the two that should be kept in mind. Here’s some important things to remember about VNC:             1) It is not secure by default- you need to use add an encryption method to make it secure   2) VNC ports over mouse and keyboard commands and does not create a new user session, meaning you take over control of the desktop as-is.  If you are helping a customer with support, they can see everything you are doing. 3) VNC needs a client running at both endpoints As to RDP:             1) It has limited security and additional protocols are recommended.  2) RDP creates a new session, meaning only one user can access a machine at a time. This will boot off any current users logged in and close programs, unless the same user that is accessing remotely is the current user.  This is a key point to remember especially when developing remote access solutions for customers.             3) RDP is Microsoft specific, it can connect...

NCP News: Android client and Windows 8 compatibility now available

Lots of news from NCP engineering, as we gear up for Interop 2012. Today,  NCP announced the preview release of the first third-party IPsec VPN client available for Android 4.0.  Now available for free download in the Google Play store, the client represents the next step forward in enterprise network security for workers using Android devices. The VPN supports the Android 4.0 (“Ice Cream Sandwich”) platform, and will be available for preview through June 30, with further versions released later this year that include a number of other important features, such as central management capabilities for enterprise network administrators. Earlier this week, NCP announced its Entry and Juniper Edition VPN clients now support Windows 8. The Windows 8-compatible clients boast identical benefits to NCP’s other IPsec clients, including being equipped with an intuitive graphical user interface, simple enough for any employee to understand and control.  In fact, Microsoft too, is making usability a core component of Windows 8, outfitting its newest operating system with a revamped user interface optimized for both mobile and touch screen...