Ensuring data integrity and security

It’s important to note that while 100% is not a practical number in technology terms, we intend to get as close to 100% perfect. Nearer 100% means less interruptions and more performance. The closer to 100% we are – the faster software runs, the longer hardware survives without needing repairs or replacement, and the more efficiently one’s work can be.

What is cyber security?

It seems that everything relies on computers and the internet now — communication (email, cellphones), entertainment (digital cable, mp3s), transportation (car engine systems, airplane navigation), shopping (online stores, credit cards), medicine (equipment, medical records), and the list goes on. How much of your daily life relies on computers? How much of your personal information is stored either on your own computer or on someone else’s system?

Cyber security involves protecting that information by preventing, detecting, and responding to attacks.

What are the risks?

There are many risks, some more serious than others. Among these dangers are viruses erasing your entire system, someone breaking into your system and altering files, someone using your computer to attack others, or someone stealing your credit card information and making unauthorized purchases. Unfortunately, there’s no 100% guarantee that even with the best precautions some of these things won’t happen to you, but there are steps you can take to minimize the chances.

What can you do?

The first step in protecting yourself is to recognize the risks and become familiar with some of the terminology associated with them.

Hacker, attacker, or intruder – These terms are applied to the people who seek to exploit weaknesses in software and computer systems for their own gain.

Malicious code – Malicious code, sometimes called malware, is a broad category that includes any code that could be used to attack your computer. Malicious code can have the following characteristics:

It might require you to actually do something before it infects your computer. This action could be opening an email attachment or going to a particular web page.

Some forms propagate without user intervention and typically start by exploiting software vulnerability. Once the victim computer has been infected, the malicious code will attempt to find and infect other computers. This code can also propagate via email, websites, or network-based software.

Some malicious code claims to be one thing while in fact doing something different behind the scenes. For example, a program that claims it will speed up your computer may actually be sending confidential information to a remote intruder.

Viruses and worms are examples of malicious code.

How to keep yourself (and your company data) safe


Why isn’t “more” better?

Maybe there is an extra software program included with a program you bought. Or perhaps you found a free download online. You may be tempted to install the programs just because you can, or because you think you might use them later. However, even if the source and the software are legitimate, there may be hidden risks. And if other people use your computer, there are additional risks.

These risks become especially important if you use your computer to manage your personal finances (banking, taxes, online bill payment, etc.), store sensitive personal data, or perform work-related activities away from the office. However, there are steps you can take to protect yourself.

Ideally in the event of any doubt, you should speak with your IT Manager/CIO to ensure everything works as it should before trying out software, or file-share programs – or in general using anything out-of-office with regard to company data.

How can you protect both your personal and work-related data?

Use and maintain anti-virus software and a firewall – Protect yourself against viruses and Trojan horses that may steal or modify the data on your own computer and leave you vulnerable by using anti-virus software and a firewall. Make sure to keep your virus definitions up to date.

Regularly scan your computer for spyware – Spyware or adware hidden in software programs may affect the performance of your computer and give attackers access to your data. Use a legitimate anti-spyware program to scan your computer and remove any of these files. Many anti-virus products have incorporated spyware detection.

Keep software up to date – Install software patches so that attackers cannot take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should turn it on.

Evaluate your software’s settings – The default settings of most software enable all available functionality. However, attackers may be able to take advantage of this functionality to access your computer. It is especially important to check the settings for software that connects to the internet (browsers, email clients, etc.). Apply the highest level of security available that still gives you the functionality you need.

Avoid unused software programs – Do not clutter your computer with unnecessary software programs. If you have programs on your computer that you do not use, consider uninstalling them. In addition to consuming system resources, these programs may contain vulnerabilities that, if not patched, may allow an attacker to access your computer.

If you feel this could be the cause of a computer slow-down; you must inform you IT Manager/CIO and have the offending software eliminated at once.

Establish guidelines for computer use – If there are multiple people using your computer, especially children, make sure they understand how to use the computer and internet safely. Setting boundaries and guidelines will help to protect your data.

Use passwords and encrypt sensitive files – Passwords and other security features add layers of protection if used appropriately. By encrypting files, you ensure that unauthorized people can’t view data even if they can physically access it. You may also want to consider options for full disk encryption, which prevents a thief from even starting your laptop without a passphrase. When you use encryption, it is important to remember your passwords and passphrases; if you forget or lose them, you may lose your data.

If distributing vital data via the internet you must ALWAYS sign it using PGP or similar, so the raw data cannot be hacked.

Follow corporate policies for handling and storing work-related information – If you use your computer for work-related purposes, make sure to follow any corporate policies for handling and storing the information. These policies were likely established to protect proprietary information and customer data, as well as to protect you and the company from liability. Even if it is not explicitly stated in your corporate policy, you should avoid allowing other people, including family members, to use a computer that contains corporate data.

Dispose of sensitive information properly – Simply deleting a file does not completely erase it. To ensure that an attacker cannot access these files, make sure that you adequately erase sensitive files.

Follow good security habits – Review other security tips for ways to protect yourself and your data.

The vCIO perspective:

Security is of immense importance in today’s day and age – it’s CRITICAL for a CIO (whether part-time as a vCIO or otherwise) to keep in touch with the latest in cyber crime, cyber law, and cyber warfare. You never know when your company’s IT infrastructure may come under attack – wait for the first signs of a DOS and it’s already too late.

Tablets & Tourism

Albeit fiction today, this article simply aims to express possibilities using today’s technologies.

With the latest rave about the i-pad, the streak and other such tablet/touchpad based computers, one wonders if it would make anything really ‘easy’ for people in the travel sector – one where there is much of data crunching simply in the process of making one tour dream into a reality. Basically, tablet pcs utilize simplified versions of their regular PC/laptop software, and are mostly very capable for simple tasks. Given that the repetitiveness of travel related tasks fit under one heading, it is likely very possible to have a touch interface that gives the user access to the world, all on one little 5″ or 7″ screen.

As a matter of fact touch-based interfaces are – even NOW – being used all over. You see them in bank ATMs, in coupon stamping terminals in most Indian Railways’ stations, even in mobiles. There are programs from as simplistic as calculators and memo pads, to the extensive as games, music/movie players, and so on. Travel and tourism isn’t something very complex to work out and book. There are of course certain assumptions to be made, and once these are in place a very practical system can indeed be implemented.

We assume the following are already in place, fully functional and usable:

Tablet sync with Phone

  1. Database. A backend of current clients; names numbers, etc. Also a pre-set collection of routes, packages, pricing, and finally, agents and facilitators.
  2. Mobile phones and tablet devices. Each individual involved with a trial of the program would be intended to have one mobile phone and tablet device that talk to one-another.

 And now that the assumptions are in place, here is what the tablet can do for you.


You receive a call. The tablet device recognizes the number before you pick up the call, and tells you whether this is a client or not, and possible location they’re calling from. The caller this time is a past agent/customer, and the tablet shows you these details, plus possibly a decent photograph of the person calling right on screen. It also tells you the person’s name, general location, a very concise history of customers brought in, latest trips taken, most preferred locations for a tour, etc.

The caller wishes to make a fresh booking, which will no doubt need a fair bit of handholding across 3rd party services; flight, taxi, accommodation and meal bookings, possibly more. You simply enter the person’s selection. A 3 day tour of their most preferred location, for the person calling plus two. You can select the names of these two travelers from a list of past travelers if so available; or fill them in later. You’re informed that the details of the travelers will be emailed to you in a short while. As you pick through options, selecting their past favorite taxi service, meal choices and confirming the same on the spot, you come across a Spa special offer that can be offer that can be offered at no extra cost to the client – and of course the caller is most delighted to hear of this. Meantime the database updates the office staff that may need to follow up on various points; and they can do so while you close the deal.

Barely seconds later, the software notifies you of the bookings being done – for one known and two unknown travelers – i.e. arranged the selected taxis for pickup and drop off, flights, accommodation and meals. Then, the software points out names, emails and numbers of the related 3rd party agencies, who you may optionally email with a ready-made message with all the discussed details that correspond to their area of expertise, or maybe you choose to call and work out the details over the phone. You hit the buttons on the tablet, and it does the work, all you need to do is look at the tablet screen and talk! Updates if any can be updated in the software in real time, and reflect instantly on the website.

Meantime the client’s email comes through – the software recognizes the sender and picks up the email; then asks you to select information relevant to the booking to be able to complete the previously unknown names. Booking done, complete and confirmed – all in a matter of minutes! A response to that effect is sent to the client with a regular company letterhead and all related booking details and confirmations; plus additional information if any can be entered rather quickly using the tablet’s writing recognition and fast word-completion facilities.

Throughout, there is no need for you to remember which phase of the booking is done/incomplete, or what ‘code’ stands for what service/facility, or who to call with regard to a particular service. The tablet (and it’s matching database) knows all. The added advantage is the reduced complexity of the system – making things easy to understand and recognize using clear and precise labeling makes things easier to take bookings – and reduced time per transaction.

The client can then manage their bookings entirely online; alterations and cancellations can be managed on an as-needed basis with a similarly simplified approach. Similar modifications may be done for a request via email; with the option of callbacks, etc.


The vCIO perspective:

Such conceptualization is part of what a vCIO would do – a more detailed concept would include diagrams and flow charts illustrating exactly how the system should work, where it would pick up what bit of data, and what it would do once it has the data worked out.

Naturally even in concept this is a large project, nevertheless it’s very practical for a team of 5 efficient programmers to program _and_ implement in under 6 months. Using very economical tech – so the entire cost of the project would come in well under USD 10,000 – and would be sustained in-house with the same in-house staff.