Comments for Kanguru Solutions

Comment on The Importance of Software Updating by Kanguru

Kanguru — Thu, 24 Nov 2011 14:09:34 +0000

Thanks for the feedback.

You are absolutely right, patching is only part of the solution. But it often gets overlooked.

The RSA issue was reported as an unpatched Adobe vulnerability… do you have a source you can refer me to about that? Thanks!

Comment on The Importance of Software Updating by anonymous

anonymous — Thu, 24 Nov 2011 02:03:03 +0000

While patching is a PART of a comprehensive information security strategy, your RSA example falls flat. At the time RSA was compromised, Adobe had not yet released a patch for the Flash vulnerability in question, so patching would have been ABSOLUTELY NO HELP. Other layers of defense — better security awareness training (”Hey, don’t open attachments in your Junk Email folder”), better network segregation, better email scanning software, etc. — would have served RSA better than patching.

Comment on Flexible pricing for Non-Profits by Rick Richter

Rick Richter — Thu, 13 Oct 2011 22:04:39 +0000

We are a non-profit org operating in many locations around the world. Our biggest problem is a write-protected flash drive since information is passed around with flash drives. It is the best way to pass around viruses. I would like to purchase between 30 to 100 drives depending on the price. I am especially interested in the 4gb flashblu since it seems to be reasonably priced. Please let me know what you can give in non-profit pricing.

Comment on The Dangers of Second Hand Hard Drives by Kanguru

Kanguru — Wed, 31 Aug 2011 15:09:50 +0000

Thanks for the feedback. I will definitely check out that link.

I believe the DOD recommendation for destroying drives is meant for storage devices containing classified data. (Which I would agree with). For all others, I believe wiping is still a valid option. A 7x wipe may be overkill, but better safe than sorry I guess. And using a physical duplicator to wipe the drive(s) takes some of the difficulty out of the manual process and allows the drives, once wiped, to be resold. (Again, not a good idea for classified info, but for others, okay).

Comment on The Dangers of Second Hand Hard Drives by James Wilson

James Wilson — Thu, 25 Aug 2011 22:24:05 +0000

Feel free to delete this comment. I would have rather sent this to you in an email for discussion rather than posting here as a comment, but I could not find your email address.

I recently read the DoD 5220.22-M standard and while it mentions wiping as an option it does not specify the 7 time wipe. I believe this is a case of software manufacturers incorrectly referencing the DOD standard. The DOD standard appears to not recommend wiping drives but rather destroying the data. For the home user wiping is probably a good alternative but for corporations it is not an effective method and being a manual process is prone to errors.

A bit of searching I found this site which explains the DoD 5220.22-M myth: http://thestarman.pcministry.com/asm/5220/index.html

Comment on Talk of Password Demise Greatly Exaggerated by Emmett

Emmett — Thu, 11 Aug 2011 19:35:56 +0000

Follow up:

Shortly after writing this article I found an interesting (and humorous) piece on password strength. Wanted to share.

http://www.xkcd.com/936/

Comment on Talk of Password Demise Greatly Exaggerated by Kanguru

Kanguru — Thu, 11 Aug 2011 17:33:38 +0000

Great comment! Completely agree that password implementation is key.

Comment on Talk of Password Demise Greatly Exaggerated by Per Thorsheim

Per Thorsheim — Tue, 09 Aug 2011 10:45:06 +0000

Awareness towards end users is important, awareness on password implementation schemes towards developers and service providers is, IMHO even more important. Unless they implement proper password protection schemes, there are no passwords that will ever be good enough.

Comment on Ahead in the Cloud by DB

DB — Wed, 13 Jul 2011 15:39:31 +0000

Good article!! While I understand a use for cloud storage, I personally like local storage and backup. I do keep my data in two locations between work and home but I understand that may not be an option for all. I work with big audio files so a local drive makes the most sense for me. One thing not mentioned is that you can also store your information on an encrypted hard drive. I know some companies that currently offer secure encrypted flash drives are coming out with encrypted hard drives/SSDs. That’s what I’m personally looking for because much of the data I store is quite sensitive; like artist’s unreleased audio tracks, names and contact information, excel spreadsheets with financial information, etc. that I would not want to fall into strange hands. Sorry for the long comment but this article inspired me because it’s where my head is right now for my storage needs:)

Comment on About by Kanguru

Kanguru — Thu, 03 Jun 2010 14:55:29 +0000

For contact info and more: https://www.kanguru.com/index.php/about#contact