TriCom Technical Services

Archive for the ‘data’ Category

Pace of IT Employment Growth Accelerates in June

In 2013, data, employment, IT news, job seekers, jobs, TechServe Alliance on July 11, 2013 at 4:00 pm

The rate of growth of IT employment further accelerated in June, posting another all-time high.

The number of IT jobs grew 0.51 percent sequentially last month to 4,473,300, according to TechServe Alliance, a collaboration of IT & Engineering Staffing and Solutions firms, clients, consultants and suppliers. On year-over-year basis, IT employment has grown by 5.71% since June 2012 adding almost 241,700 IT workers.

“While IT employment has been on the upswing for some time, June’s numbers are clearly evidence that pace is accelerating,” stated Mark Roberts, the CEO of TechServe Alliance. “While I have said it before, it bears repeating because of its importance: an inadequate supply of talent, not demand, represents our greatest challenge to achieving the full potential for IT employment growth in the U.S.,” added Roberts.




Really, LinkedIn?

In breach, data, LinkedIn, password, security, spam on June 7, 2012 at 2:33 pm

Suspicion that LinkedIn would be susceptible to a data security breach never crossed my mind and apparently LinkedIn hadn’t thought about it either. A Russian forum is supposedly responsible for the hack – a breach of nearly 6.5 million hashed user passwords.

This sensitive data has been posted over the last 3 days, of which 60% of the passwords listed have been cracked. So far, no usernames have been posted, which could mean one of two things. Either the hacker didn’t obtain this information, or they are keeping the usernames to themselves.

To avoid allowing hackers access to your account and connections, change your password. In fact, any other online accounts with the same password could also be compromised – experts recommend changing those passwords as well to be on the safe side.

As for Pro users who supply credit card information to upgrade their accounts, it is yet to be revealed if this information has also been jeopardized.

According to, “LinkedIn says that it will email all the users whose accounts were affected by the hack and give them instructions as to what to do next. The company warns that you should not click on any email links asking you to change your password, as that could be someone attempting to steal your information.”

Spam campaigns have begun to produce from this incident, trying to take advantage of LinkedIn users worried about passwords.

PCWorld reports, “the bogus LinkedIn message [right], crafted to look like a genuine communication from the site, asks the recipient to confirm his or her e-mail address and contains a link for doing so. Clicking the link spirits the target to an illegal online pharmacy selling Viagra and other medications.”

If you haven’t already, change your password now!

As mentioned in previous blogs, we have visited this issue before. Online security is a big deal, and we have witnessed many security breaches in the last year (Apple, Sony PlayStation, and all major credit card brands, just to name a few).

Have we not learned our lesson? Hackers are getting better and smarter every day. When can we safely provide personal information on online platforms without fear of losing it to a hacker?

Here We Go Again…

In Apple, breach, data, employers, I.T. crisis plan, information, PlayStation on May 7, 2012 at 2:27 pm

Didn’t we learn our lesson during Sony Playstation’s data breach in April 2011?

Or even just months ago when all major credit card brands suffered a massive data breach?

Now Apple joins a group of elite mishaps that seem to have overlooked a huge data security issue. In an apparent accident, a programmer’s oversight rendered helpless the login passwords of every user who has logged in since the OS X Lion update 10.7.3 update was applied.

According to ZDNet, “Anyone who used FileVault encryption on their Mac prior to Lion, upgraded to Lion, but kept the folders encrypted using the legacy version of FileVault is vulnerable.”

This begs the question – Are we all too willing to turn over our personal information, credit card numbers, username/passwords, etc. in such a trusting manner to corporations who obviously cannot fully secure our private data?

Are companies not double or triple-checking their work, being sure to dot all i’s and cross all t’s?

Want to prevent a data breach? Follow these 6 steps:

  1. Stop incursion by targeted attacks
    The top four means of hacker incursion into a company’s network are through exploiting system vulnerabilities, default password violations, SQL injections, and targeted malware attacks. To prevent incursions, it is necessary to shut down each of these avenues into the organization’s information assets. Core systems protection, IT compliance controls assessment automation, and endpoint management, in addition to endpoint, Web, and messaging security solutions, should be combined to stop targeted attacks.
  2. Identify threats by correlating real-time alerts with global intelligence
    To help identify and respond to the threat of a targeted attack, security information and event management systems can flag suspicious network activity for investigation. The value of such real-time alerts is much greater when the information they provide can be correlated in real time with current research and analysis of the worldwide threat environment.
  3. Proactively protect information
    In today’s connected world, it is no longer enough to defend the perimeter. Now you must accurately identify and proactively protect your most sensitive information wherever it is stored, sent, or used. By enforcing unified data protection policies across servers, networks, and endpoints throughout the enterprise, you can progressively reduce the risk of a data breach.
  4. Automate security through IT compliance controls
    To prevent a data breach caused by a hacker or a well-meaning or malicious insider, organizations must start by developing and enforcing IT policies across their networks and data protection systems. By assessing the effectiveness of the procedural and technical controls in place and automating regular checks on technical controls such as password settings, server and firewall configurations, and patch management, organizations can reduce the risk of exposing sensitive information.
  5. Prevent data exfiltration
    In the event a hacker incursion is successful, it is still possible to prevent a data breach by using network software to detect and block the exfiltration of confidential data. Well-meaning insider breaches that are caused by broken business processes can likewise be identified and stopped. Data loss prevention and security event management solutions can combine to prevent data breaches during the outbound transmission phase.
  6. Integrate prevention and response strategies into security operations
    In order to prevent data breaches, it is essential to have a breach prevention and response plan that is integrated into the day-to-day operations of the security team. The use of technology to monitor and protect information should enable the security team to continuously improve their strategy and progressively reduce risk, based on a constantly expanding knowledge of threats and vulnerabilities.