Ask Marian

Note: this blog entry was written and posted before Monday's devastating tornado in Oklahoma. My family has been in Oklahoma since before Statehood and I care deeply for its people. Please join me in sending thoughts and prayers to those hurt by the storm's fury. And if you are moved to donate financially, please be sure to select charities with care and avoid falling for Internet scam efforts. 

Small businesses are the economic backbone of this country. Yet, in the aftermath of manmade or natural disasters, an astounding 40% of small businesses never reopen. It doesn’t have to be this way; with preparation, organization and practice, owners and employees of small businesses can secure their future, despite what may come their way. In this 50th year of National Small Business Week, it’s the right time to put your plan together and into practice. The tips and advice here and at the websites I link to are also terrific resources and ideas for your home life, to make sure your family is safe and your important personal information secured.

56% of small businesses lack an emergency plan (source 2012 Ad Council survey)

Earth Day is celebrated around the world each year on April 22^nd. It’s a great opportunity to consider what we each do in our daily lives that may negatively impact the environment, either through pollution, excess use of precious natural resources, or other unthinking actions. None of us would purposely damage our home but it’s easy to get busy living life and working hard and missing the small ways we can each make a difference.

Given the amount of time I spend in airplanes, I know that my street “cred” in the environmental world is likely null. I do enjoy my work and vacation travels so I do what I can to offset all that jet fuel being burned. I’ve always been interested in the technology of electric cars and went on my first test drive of one back in 1997. I finally got one last year, selecting the zippy little Nissan Leaf. I’m the first to admit that having an electric car, with its limited range, might not be for everyone. Yet, I love it! And in 12 months, I haven’t had to visit a gas station except for refueling a rental car on a trip. We estimate it costs us about $5/week to charge it, assuming I charge it twice. We also supplement our family’s power needs with solar panels on our roof, so I like to think I drive California sunshine to work. And the solar panels supply nearly 50% of our total energy need.

Cyberbullying - the scourge of today's Internet connected teen but what can you do about it? 

In this hyper-connected world, even if you were thousands of miles from Boston, you were impacted by the blast of vicious bombs at this week’s Boston Marathon attack. Many of us were riveted by television coverage or online reporting of the terrible tragedy. Undoubtedly, some of you may have already received malicious spam emails that started flooding global inboxes, and malicious links appearing in your social networks. Be cautious and be careful about what you open, link, promote or click on! (In the case of the malware-laden emails we’ve seen, you can be sure your Norton and Symantec products will protect you!)

Imagine you are graduating high school and you’ve just celebrated your 18^th birthday. In anticipation of starting college in the fall, you begin applying for student loans. The first loan application is returned as “denied” because apparently you have too much debt already. You think it must be a mistake and with your parent’s guidance, you order your very first credit report to see what is going on. What you find chills you to the bone; someone has been using your credit information to take out loans, purchase cars, and use credit cards. Several accounts are in collection and the score is very, very low. Your credit is ruined!

Child identity theft is a growing problem yet one with a solution. Let’s consider how the stage is set for such bad actors to perform against us. Since 1986, with the passing of the Tax Reform Act, a child over the age of 5 claimed as a dependent on your income tax required a Social Security number. In 1990, the age was lowered to 1 year, and now most parents apply for the Social Security number via the birth certificate paperwork. As the child grows up, various organizations and institutions require the parents to provide the Social Security number to prove the identity of the child. Elementary schools, doctors’ offices, summer camps and banks all may ask for this information on their documents. This increases the number of hands through which this very private information flows, allowing people with criminal intent to gain all the private information necessary to access your minor child’s information and untapped credit file.

How did you decide where to live? You probably wanted a good neighborhood close to your work or local shops, maybe in a top school district. I’ll bet you gave it a lot of thought and did your research. But, even if you are lucky enough to live in a safe area with low crime rates, you probably still lock your house when you go out and check the door before you open it to a stranger. We take certain precautions to ensure our safety.

It’s the same for our lives online. There are Internet “street smarts” you have to learn in order to stay safe and protected from the growing threat of cybercrime. What many of us believe about cybercrime is often hearsay, and can be out-of-date or simply untrue, and believing those cyber security myths can lead to big security problems. The latest version of Symantec’s Internet Security Threat Report is out today, bringing new insights on the latest online threats and debunking some persistent myths about cyber security.

When I was a young working mother and email was still relatively new, there was a popular e-newsletter with easy household cleaning ideas for harried moms (and dads). Each day, you’d get a tip or an idea of something in the house to clean or organize. The idea was if you addressed one or two items per day, you’d never get overwhelmed and your house would have minimal clutter and mess. At least that was the idea, since I’d usually ignore the emails for days at a time and then go overboard in a frenzy of once-a-month cleaning.

These days, we’re a much more organized family, and with the kids helping us (and the regular weekly visit from our cleaning person), we’ve got the dust bunnies and cobwebs at bay, the laundry folded and put away and the hint of lemon scented furniture polish in the air. Where I still need to stay on top of household chores is with our computers and our so-called “digital life.” Whether it’s emptying my trash folder, running a full security scan or making sure our family photos are backed up, I try not to let digital devices slip off my list of things to clean and maintain.

I can feel it, can’t you? Spring is coming! We’ve reset our clocks, had the official first day of spring and I’ve even seen a few tulips blooming in the front yard. For some of you lucky folks, that might also mean you have some family travel coming up for Spring Break. Whether you’re headed for beach fun, snow slopes or a city break – and whether you’re going with friends, family or on your own – a little research and some preparation can make traveling with your technology a breeze.  

A few weeks ago, I traveled to meet with cyber bullying experts and media in three Asian cities: Tokyo, Hong Kong and Beijing. I also had several conversations with parents in each market that furthered my knowledge of just how similar the online safety issues are around the world. For example, in each city, at least one parent had cause to state a version of “my child knows more about technology than I do.” Even in the high-tech capital of the world, Tokyo, I met parents who were unsure of how to manage the devices and mobile access their children have to the Internet. At the very least, maybe we can all stop beating ourselves up at failing to be full time experts with technology and reassure ourselves that through application of time-tested parenting techniques, we can get a handle on this 21^st century issue.

I know I’m blessed and lucky to have been born in the United States. Our country, though far from perfect, offers so many wonderful opportunities for women. I’ve certainly benefitted from these freedoms:  I attended public schools through high school; had thousands of colleges and universities to consider for my higher education and was able to move into a new career as my interests evolved. And I’m indebted to the women who preceded me who fought for the vote and for equal rights in the workplace. As a woman with a family and a full time career in the high tech industry, I have a front row seat to the changes the Internet has brought in our lives.  I can order groceries from a website and have them delivered to my home. I can search for a new job online. The economic impact of having the Internet at home, on my mobile devices and at work is significant. I can be more productive using my computer to work; I have a wider network of colleagues using social, alumni and professional networks; I’m able to be a smarter consumer by researching purchases and investment opportunities; and potentially I can learn to be a better parent, simply by accessing the wealth of information available online.

If you were to think of software like you would a houseplant, maybe it would be more natural to keep it patched and up-to-date. To take care of your plant, you’re supposed to water it, turn it in the sun for it to grow evenly and occasionally mist the plant’s leaves or add fertilizer.  And when I say “software,” I don’t just mean security software, which most users understand  will only keep you safe  when it has the latest protection files. No, all software is, by its very nature, imperfect. Software is almost like a living thing. Program code is written by one person, the Developer, and then tested by another person in Quality Assurance. And later, after the software is in the hands of the user, it may need updates to add support for newly introduced operating systems. An updated version of the software may have new features or fixes to bugs missed in earlier versions. One way to deliver fixes and updates is to issue a software patch.  If software were a houseplant, patches would be the ongoing care and feeding you provide; the water, sunlight and other treatments.

For every parent who has ever felt frustrated at understanding technology, there's a teen who looks on in amusement. Or does that version of the digital divide feel foreign to you? In any event, a study from Young And Well in Australia titled "Enhancing Parents' Knowledge and Practice of Online Safety" has just come out and includes a list I just had to share with all of you. Be sure to read the full report, filled with ideas about how parents can do a better job understanding online risk for their kids and improving trust through communication. (Sounds like "The Talk" is still in vogue!)

Add the name “Bamital” to the list of oddball terms like Waledec, Rustock, Kelihos, Zeus and Nitol. All are bot networks taken down over the past 2 and a half years by Microsoft in partnership with law enforcement and security companies like Norton by Symantec.  You can read about the event here or on our Symantec Response blog.

If you are a loyal Norton customer with fully protected computers, count yourself among the majority of computer users who missed out on the Bamital fun. The million or so folks around the globe who got infected with this malware likely never knew its name before today. Their unprotected computer was probably infected by an unlucky visit to an infected website, a type of infection known as drive-by download. Or they were members of a peer-to-peer network and downloaded the malicious file (probably thinking it was something desirable). Once installed on your computer, Bamital prevents web traffic from operating normally. Instead, if you conduct a web search and try to click on the resulting links, you are taken to fake websites set up by the crooks. The main objective was to generate web traffic and gain revenue from advertising networks. It gets a little confusing so please watch our video to better understand how this might work.

What about the takedown announced today? Did a bunch of GI men burst into a backroom of a bar where the cyber crooks had their lair? That only happens in the movies, my friend. But there is drama of a different sort.

In its 10^th year of observance, Safer Internet Day is a European-led effort, from InSafe, to promote greater awareness and safer use of the internet and mobile devices, especially by youth. This year’s theme is “Online Rights and Responsibilities.” It’s not as well known here in the United States as June’s Internet Safety Month or the related but slightly different Cyber Security Awareness Month in October. Sometimes it feels like the calendar is filling with days or months of celebration or awareness campaigns.  Fortunately, the combined momentum of these programs will likely improve consumer behavior over time and has the potential to teach online skills to folks outside of schools.

If you are interested to learn more about the Safer Internet Day efforts, remember that as it’s a European program much of the content is already live and many of the press conferences have already happened. In the US, Google held a Washington DC event that screened live on their YouTube channel. Fortunately you can watch the recording here and see dignitaries from several companies, government agencies and non-profits share their advice about keeping safe online. You can search for Twitter messages using the hashtag #SID2013.

Every year on January 28^th, we celebrate Data Privacy Day. Throughout Europe and in the US and Canada, people are coming together to raise awareness about how our personal information is being used. Every day, we are asked to “accept” an end user license agreement (EULA) or to provide private information in order to get a service or product. Every day, consumers around the world wonder if they are sharing too much or if those they are entrusting with their private data will guard it as securely as we might want. For more information, please visit the special Data Privacy Day page on the StaySafeOnline.org website of the National Cyber Security Alliance (NCSA) for tips and resources for parents, teens and employees.

No doubt you’ve seen news reports or a post on your social network alerting you to concerns about something called “Java” that could cause trouble on your computer. If you aren’t sure what’s happening or need a straight forward explanation for a friend or loved one, here’s an overview to help you sort this out:

What is Java? Both a language and a platform to run websites and programs, it’s used by many, many computer users, both on the PC and Mac operating systems. It’s also used by many other kinds of technology, from smartphones to parking meters to game systems.

Where is it found on my computer? It was likely installed by the manufacturer. If you have automatic updates for Java on Windows turned on (it’s called Java Auto Update), it’s updating itself.  To configure Auto Update, you will need to open your Java program. For most Windows users it is found within the Control Panel. Java should update itself automatically for Mac users as well, but in case you aren’t sure, you can find information on updating Java for Mac at this page.

Among the end of year holiday tasks like taking down the tree, recycling the wrapping paper and boxes and planning your New Year's fun, you probably are thinking about Resolutions. We don't all cotton to the idea of once a year making ourselves promises we don't intend to keep but there is something wonderful about starting the New Year with a clean slate and banishing bad habits. In the world of computer and mobile phones, there are steps you can take to do things better, smarter and safer. Why not take a moment to consider what you might do to step up your safety game: 

1. Slow Down! – so many computing crises start with a click you live to regret. For example, have you ever sent an email to “Reply All” that should have gone to just one or two people? Yeah, we’ve all been there. Or your email program “helpfully” filled in the wrong name as you typed, you didn’t notice and then you sent a work file to a personal friend. Perhaps you clicked on a link that took you to an unexpected website or to a page where you were asked to log in to your bank, your social network, or email account?  With malware and cybercrime so well engineered to trick you, you’ve got to start treating every incoming email, every SMS, even the links in the comments on message boards as someone knocking on your front door. What do you do when you hear a knock on your front door? You look through the peep hole to see who it is.  Or you ask through the closed door, “who is it?” before you open up. Even those of us who live in relatively safe neighborhoods know you have to be alert to possible harm.  Let’s start thinking of ways we can be equally suspicious but not paranoid about any communication that seems out of character or unexpected. 

Some of us might just be lucky enough to get some new tech toy this holiday season. Be it a new computer or tablet, bringing tech home requires a little bit of effort to set up. Ideally, you’d just open the box and push the start button and everything would be like Goldilocks’ porridge, “just right.” Make sure getting security “just right” is among your new tech priorities.

To begin, I recommend removing any icons or trial versions of software on your new baby that isn’t for a product you intend to use. Multiple security products can conflict with each other. Additionally a limited time trial version can make you forget to get a full version and leave you unprotected in just a few weeks’ time. If the trial product is from Norton, you can just enter in a product key for a subscription to convert it to a full product. If you already have a Norton subscription for that product, visit www.mynortonaccount.com to get the product key, enter it in the Account area of your Norton product, and your new baby will both be protected and covered by your existing subscription. Easy!

Have you seen this in your Facebook “News Feed”? “In response to the new Facebook guidelines, I hereby declare that my copyright is attached to all of my personal details, illustrations, comics, paintings, professional photos and videos, etc. (as a result of the Berner Convention). For commercial use of the above my written consent is needed at all times!”

 Yes, there is such a thing as the Berne (not Berner) Convention. Yes, its an international agreement regarding copyright protection.  No, it doesn’t cover your birthday greetings and status updates on Facebook. When you joined Facebook (or any online service) you accepted the Terms of Use or clicked “Agree” on an End-User License Agreement. I will bet that most of you never read the contract you entered in; you just scrolled down until the button to “Accept” or “Agree” was available to click on. That’s pretty normal behavior in this busy, online world, so don’t feel bad.

Robert Scoble: “If you are posting about copyright on Facebook and you haven't done your research, you are an idiot.” 

It’s a little funny that as we near Thanksgiving, and therefore Black Friday (the big in-store shopping day after the holiday), I’m asked to give holiday shopping advice. Let me be completely honest; I’m a committed online shopper. My favorite shopping expeditions involve a warm laptop, hot cocoa and fuzzy slippers. I don’t like crowds or circling the parking lot to find a space (or worse, forgetting where you left your car and wandering the lot with all the shopping bags when you are ready to just go home.)

I’m certainly not alone.  Cyber Monday, the Monday after Black Friday, is one of the biggest online shopping days of the year. It’s expected that more than 120 million shoppers will go online to take advantage of the one-day only sales. And with innovative technology, the online shopping experience is changing, blending, even overlapping with real-world Black Friday activity.

What are some of the key cyber safety and security news events of the past year? I've tried to summarize some of the big stories in areas such as cybercrime fighting; cyber bullying stories; legislation; and social media news. This might be the only blog entry I ever write that brings together a school bus driver, a K-pop music star and President Obama. 

Many of us at Symantec and Norton have been putting our heads together to predict some of what we can expect to see in 2013, as well. Of the predictions we've come up with (you can read the full list in detail over at Director of Security Technology and Response Kevin Haley's blog) I want to draw your attention in particular to two: the likelihood that cyber terrorism will get highly personal as attacks focus on individuals or minority groups and the possibility that new electronic payment methods could be vulnerable to hacks and breaches. 

The devastation of this week’s horrific hurricane has just begun being enumerated. Destroyed homes, upended and soaked cars, roads washed out and the many thousands of trees felled are the most visible signs of the horror. Too many lives were tragically lost as well. But as with tragedies in the past, such as Katrina and the earthquake/tsunami in Japan, cyber fraud travels in every storm’s wake.

Some of the fraud is just humor gone foul. Doctored photos showing a bizarre cloudy sky above the Statue of Liberty went viral. And then there were several humorous versions, clearly meant to provide a laugh when it was sorely needed. I love this one.

Other images were taken from completely unconnected events, with new titles or misleading headlines. This sort of thing begins to be more malicious, stealing the work of someone and using it as your own is plagiarism. To deceive people with images is disturbing and makes people lose trust in the media and photography.

Have you noticed how dramatically different your online experiences are these days? Not only did we get new services like a Timeline rolled out to all of us, but we’re now seeing sponsored posts in our News Feeds and soon we’ll be able to purchase gifts for our friends’ milestones like birthdays. I like these innovations but I’ve also noticed new malware and dodgy “tricks” going on from cyber-tricksters and scam advertisers alike. And in our mobile devices, there are new and emerging problems like “smishing”,  which is SMS-based phishing attacks and greedy, information-gobbling “app goblins” to watch out for.

Any time we get a new operating system from our friends in Redmond, it’s cause for a nervous kind of celebration. I mean that speaking just as a consumer; innovation is exciting! You have to recognize the enormous effort and design triumph that is Windows 8, even if, like me, you have only a limited experience with it.

I first saw a test version of Windows 8 at an internal Norton meeting. We get to play and work with pre-release versions of all operating systems because our Norton security products are so fundamental to the safe use of computers. And every operating system wants to go out the door with safety elements ready at the same time. So our engineers had been working with Windows 8 for quite a while in order to be sure all of our core Norton security products were compatible in time for last week’s launch. While they were at it, they set up a demo station for the rest of us to take it for a spin.

My first impression?

I recently spoke at a major US financial services firm in the mid west to a large employee audience about a wide variety of cyber security issues. As I was prepping my slides, I noticed that some of the issues we’re dealing with are highly personal, like having your social network account hacked (as has happened to 1 in 6 online adults according to the 2012 Norton Cybercrime Report). And others, like Stuxnet, the malware attack that took the Iranian nuclear facility offline, are the acts of one government (or two) against another.  So the gamut of topics feels wider than ever. I worried that the audience might not be as interested in the big scary international espionage stuff but I was wrong.

This blog first appeared on A Platform for Good's blog. 

1. Password safety! Create a complex and unique password for your social network. Don’t share it with anyone. If you've already shared it with someone, login and change it! If you can register more than one email address to the account, do that too. This can come in handy if your account is ever hacked, giving you another way to recover the account from the hacker. The slideshow that follows after the "Read More" has some great tips for creating and using passwords wisely!

Certainly if you’re going to use “social media” you can understand the need to share personal information with the people you select to have access. It’s not social unless you do some amount of sharing. Yet it’s reasonable for people to express concern when their private information such as location, lists of friends or browsing habits become visible to their friends, or worse, friends of friends without their expressed permission. Sometimes this happens when people don’t really understand how to use the available privacy settings on the services they use. Sometimes the services themselves are sending more personal information than they admit or knew. Lastly, applications such as games or services that work on the social platform can also abuse their permissions and share your data inappropriately.

I see a lot of scary stuff on the Internet. It’s my job to see it, understand it and help people learn to avoid it. When I talk to the media and members of the public, heck, even my own family, sometimes I wish we didn’t have to give the bad guys of the world so much of our time. If we could simply enjoy technology, and the communities we’re forming online; if we could celebrate the myriad ways our global hive mind has expanded our choices in entertainment, education and commerce; if we could recognize that most of what happens online is WONDERFUL for young people and adults, we might develop a more nuanced attitude about online risk. Today, let’s imagine a world where we CELEBRATE the wonders of young people using technology in PRODUCTIVE ways; where we set aside, just for a moment, our fears of cybercrime, predators, online scammers and online cruelty and explore how we can use the Internet to do GOOD. Let’s begin by cheering for the launch of the Family Online Safety Institute’s A Platform for Good.

The Norton Cybercrime Report is out for 2012! Cybercrime continues to have far-reaching effects and is increasingly a problem on mobile devices and in our social networks (where we seem to be less vigilant).

After surveying more than 13,000 consumers in 24 countries, the researchers found that the numbers of online adults increased by 20 percent from last year, and that cybercrime impacted just under ½ of them in the previous 12 months. The total direct consumer cost was calculated to be $110 billion, slightly down from last year’s $114 billion (USD), with the average cost per victim down approximately 20 percent. The reason the overall cost remains so high is that the pool of victimized online adults grew more rapidly - in other words, less money, but from more victims.

Attachments:

NCR 2012 Infogrphic - Mobile and Social.pdf ‏371 KB

Noted author, teacher and speaker Rosalind Wiseman ("Queen Bees and Wannabes") recently presented at a TEDx Teachers College on the topic of bullying in schools. Any parent, teacher or concerned person who is interested in the discussion of how we improve our children's educational environment should watch this video. Even the title is intriguing, "You Raise Your Children; I Will Teach Them French". The phrase originates in a heart-breaking letter Wiseman received from a teacher after she spoke at the teacher's school. 

Love what you saw? Get the book "Queen Bees and Wannabes" (Amazon)

Learn more about Ms. Wiseman including how to hear her speak or arrange training at your school.