3 Points Regarding Blog and Video Viruses

Evidence

The evidence that I see for blogs and videos to become highly used methods for virus transmittal is mainly the history and evolution of viruses and user handling/training.  The average user becomes accustomed to a particular level of security, then a new variant or method of intrusion comes along.  Right now social networking is gigantic and widely popular.  Users are commenting and writing blogs, watching video content, and participating on message boards as part of their everyday lives.  It only makes sense that virus, worm, and other malware creators are going to target these methods to further their mission.

New Opportunities for IT Technicians

There may not be NEW opportunities necessarily, but there also will not be any fewer positions for IT Technicians.  Despite rigorous security measures taken by organizations and users, there will always be new threats abounding and likely transmitted more so by way of blogs and videos.  IT Technicians will need to continue learning about new threats and threat carriers.

Skills

The most prevalent skills required of the IT Technician are learning and communication.  Learning is paramount so that the technician can stay on top of the upcoming threats and possibly ward them off or block them before they become a reality within the organization.  Communication is very important because transmission via blogs and videos is much more a social engineering technique of which the users need to be trained to be aware of.  The more aware the users are the less of a problem blog and video viruses may turn out to be.

New Routes for Worms

Worms as Dangerous as Ever is an article dated February 28, 2007 on PC World’s website.  While security efforts to combat worms have greatly improved and been successful, worm creators have modified their ways of spreading their disease.  The latest trend has features a worm quietly sitting on a social networking site (message boards, blogs, videos, etc.) until user action prompts activity.  Current worms have reportedly installed malware to track and steal financial information.  Orthers spread variants of themselves across the internet to unsuspecting users.

The worms have been able to remain under the radar of most antivirus software programs, therefore increasing the likelihood that a user’s computer can become infected by a virus transmitted via worm picked up at a recently used message board, blog, video, etc.  This means that blogs and videos have become not just a new route for worms and malware, but also viruses.

Just as users were trained to not open unknown email and attachments, they will have to be trained on safe blogging and video watching.  Just because they’re using an antivirus program does not mean they’re totally safe from worm infestation.

Blog Pollution

PC World’s article Comment and Trackback Span Pollutes Blogs dated March 30, 2007 covers blog spam.  As they point out, the protection available is lacking.  Although spam does not necessarily mean viruses, it is another type of security breach and often acts as a carrier of viruses and other malware.

There are three main ways spammers get their messages into blogs:

1. Content Spam
2. Trackback Spam
3. Spam Blogs, or ‘Splogs’

Blog spamming has become such a major issue for some sites that they must resort to shutting down their site.  This is unfortunate since the blog readers will lose a valuable resource.

3 Points Regarding Social Networks for Business

Evidence

The evidence that I see for social networks to become an everyday component of the business world is the popularity they have achieved, the benefits that they provide, their low cost, and the realization that prior technologies such as IM have become mainstream in the workplace also due to their low cost and heavy use.

New Opportunities for IT Technicians

As business networking expands there will likely be opportunities for IT support technicians at the provider level.  Customer support needs will grow in proportion to the increasing customer base and require additional technicians.

Skills

The most prevalent skills required of the support technicians will be troubleshooting software and hardware compatabilities and good communication skills when working with the end users.  Although they will likely never be face to face with the user, the lifespan of social networking depends on acquiring and keeping a user base that continues to multiply.  Strong technical knowledge and clear, friendly communication will help achieve this goal.

Online Business Networks

This MSNBC article discusses pros and cons of using social networking sites for business purposes:  “Online Social Networks Go to Work“.  Notably it mentions the low cost of using an online social networking site for business and the benefits it can reap.  I agree with the statement that networking technologies nobody uses are of limited value; and that as the popularity of SNS sites grows, so does their value, because a larger number of users mean better odds for productive connections.  This simply makes sense.  The value derived from non-business related sites often diminish over time as users become bored with it or their offline activities increase.  But, the value derived from business-related social networking sites may increase over time as they continue to attract business users and facilitate productive exchanges.  It will all depend on the number of users, value of the exchange and what it’s worth to the user.  My prediction is that the total economic value gained is higher for the business-related sites and they will become more prominent in the work place.

3 Points Regarding Online Data Storage

Evidence

The evidence that I see for for businesses primarily using online data storage (versus onsite data storage) is the already uprising trend of using data storage providers for backup data combined with the increasing complexity of data regulations and security of sensitive data (social security numbers, credit card numbers, etc.).  It’s just a matter of time before companies begin to outsource the storage of all their data and not just their backup data.

New Opportunities for IT Technicians

There could potentially be several new opportunities for computer professionals.  The data storage technicians would need to be well-versed in data regulations and security in order to provide secure, compliant storage solutions.  The storage provider would need to have staff that fully understand a company’s needs and can assure that access to data would never be compromised.  The technicians would need to ensure that stored data maintains its integrity and has a reasonably low probabilty of outside breach.

Skills

The skills required for data storage technicians will involve:

Gaining a knowledge of the data storage, retrieval, and destruction requirements that each regulation entails;

Deploying appropriate technical solutions to meet the above requirements;

Learning and remaining current on network security;

Ability to follow an incident response plan when necessary;

Communication skills adequate to deal with representatives from many companies.

Storage Outsourcing on the Rise

The ComputerWorld article “Storage Outsourcing on the Rise” dated January 23, 2007 discusses company use of storage providers for their backup data.  The article states that one-third of financial service companies outsource their day-to-day backup activities.   While the article is primarily about backup data, I believe that companies will be enticed to allow their data to be stored and managed by storage providers for the reasons discussed in my last blog entry.  To reiterate, the largest reason is regulatory compliance.

It may take five years or more, but I envision this transition taking place.  By outsourcing their data storage and maintenance, companies are relieving themselves of the bulk of regulatory compliance, security issues, and the day-to-day idiosyncrasies of managing data.  This will drastically change the methodology used by information systems (IS) auditors when conducting compliance audits of HIPAA, FERPA, GLBA, Sarbanes-Oxley, PCI, etc., or information security audits.  The IS auditor will need to know the points of entry and exit for the data as it leaves the company network and becomese part of the storage provider’s network.  Audits of this nature will also involve a third-party provider audit of the data storage provider.

Data Storage and Compliance Regulations

One large reason that I see big companies transitioning the storage of their data from local area networks to online data storage providers is regulation compliance.  Stored data, regardless of the storage location, is subject legal, regulatory, and business requirements for its storage, retrieval, and deletion.  Document retention requirements abound and there can be harsh repercussions for a company that does not comply with this or the myriad of other requirements.  Laws such as HIPAA (Health Insurance Portability and AccountabilityAct), FERPA (Family Education Rights and Privacy Act), and GLBA (Gramm-Leach Bliley Act) are just a few of the major data regulations that plague businesses.

One solution is to outsource the storage and maintenance of company data.  This elevates use of online storage providers from that of backup and recovery to storage of mainstream production data.  The company benefits by passing the liabilty for regulatory compliance to the storage provider, at least in part.  The company will still need to provide due diligence in selecting a provider and ensuring that they provide top of the line compliance with all of the regulation surrounding data.  The company will also need to audit the provider on a regular basis to ensure that compliance continues and there are no data breaches or other reasons for concern.

Low Cost and Provision of Service

One reason that I think business-minded customers will pick up on social networking is the economics involved.  Simply put, it is a low-cost method of increasing and maintaining a person’s career contacts.  The article “Five Reasons Social Networking Doesn’t Work”  identifies the major drawbacks that most social networking sites face, along with the highlights that will enable business-social sites to prosper.  I agree that one big problem with the popular, trendy social networking sites is “what do I do when I get there?” whereas the point is pretty obvious with a business-oriented social networking site.   I think that helps to give them lasting power.  That power, coupled with increasing usage by business users, will help build up business-oriented social networking sites as a powerful resource for the business professional.

Blog and Video Viruses

These days just about every website has a blog.  Blogs are used extensively for personal and business use on a regular basis.  They provide a great forum for providing information and gaining feedback by way of online comments.  This makes them a very important web tool.  In fact, the regular use of blogs help a website climb to the top of search engine results.  This is due to updating the web content via blogging.

Sharing videos has also risen in popularity.  Numerous web sites have emerged with the sole purpose of sharing videos.

Blogging is already used quite heavily in the business world and I suspect that using and sharing videos will also find it’s place.  I predict that viruses dessiminated via blog and video will become a prevalent threat to corporate networks.  Universities and colleges will also face this threat at a high degree, thanks to their open environment necessary to support such a wide range of services and users.