Ok - this is one bad ass piece of malware on this computer. The issue here is that I don't truly know what the malware on this computer will do now. It could contain a keylogger which is capturing every keystroke I type. Hmm - this is a risk now as anything I do it may be logged. The malware was also obviously preventing me from getting to the known sites to get the things I needed to fix this problem. So I thought I'll connect back to my SBS server which is fully protected and I guessed that the malware would not know about my URLs etc. The risk though was that the keylogger might capture my passwords! Again this did not bother me as my servers are protected with two factor authentication by AuthAnvil. I have a cool key token which generates one time password that means even if the keylogger captures my password it is totally useless.

Wayne brings up a good point. When working at servers and workstations that you cannot trust, you have to expect that your keystrokes may be monitored. Have you considered just how many places that may be in any given day? Think about it... how many times have you logged onto a trusted system from an untrusted host? How are you defending against this threat?

Wayne mentioned one part which I think is a great testimonial for AuthAnvil...

AuthAnvil made it easy today for me to ensure that my password was protected while I was dealing with a spyware infected system.

Thanks for the testimonial Wayne! If you meant it or not... we really appreciate it.

Why didn't I know about you years ago... AuthAnvil is awesome.

or

What a simple and elegant solution!

You don't normally think of security solutions like two-factor authentication as simple and elegant. But our clients say time and time again about how easy it is to deploy and use. I just love this sort of feedback!

If there is one criticism I think I can make about Scorpion Software, it is the fact we haven't been doing a good job leveraging this. We do most of our business through word of mouth, but we haven't put the right effort to make sure OTHER people know about what is going on.

So we are going to do something about that. This summer you will see a shift as we start talking more with our customers and getting THEM to talk about their experience. How? We aren't entirely sure yet. It is a great experiment. We are going to try everything from blogs and case studies to customer testimonals and video interviews.

The first thing we are going to do is see how social networking applies to business. So starting today, I am announcing the AuthAnvil Fan Page on Facebook. In sync with our efforts with the Visa Business Network for Small Business on Facebook, it is a place for the AuthAnvil community to gather and share their experiences with our product. With the capacity to post videos, write notes and share pictures, I am hoping you will join us in letting the world at large know what AuthAnvil is about. How it helps you. And why you're a fan.

So are you a fan? If so, become a fan of AuthAnvil on Facebook!

I want to extend an apology to the people that attended today's Birds of a Feather lunch at SMB Summit and were looking for me. Apparently there was a table set aside for me, but I came in late and didn't find it until it was much too late.

Mike Iem has mentioned that they will do it again tomorrow. So if you don't get a chance to hear me speak in my session tomorrow, please feel free to come join me for lunch.

Of course, feel free to come introduce yourself before then. I would love to talk to you!

I like to see this sort of play. Vlad codes Shockey Monkey in PHP, and he realizes how easy it would be to use something like NuSOAP to consume AuthAnvil authentication services directly in his code. He can offer a heightened level of identity assurance for his clients, requiring them to present their token and deliver the unique one-time password that is dynamically generated each time his customers would log in.

Protecting customer data in this day and age is vital, and a responsibility of all business owners. If you are a client using Shockey Monkey and AuthAnvil, consider talking to Vlad. My recommendation to Vlad is to code it in the same way AuthAnvil uses "Proxied Delegation"... have the user logon configuration point to the AuthAnvil Web Service URL they wish to authenticate against, and let the infrastructure do the rest. In this way, Vlad doesn't become responsible for managing tokens. Each user could use their existing tokens belonging to their own business.

Of course, if you are going to be attending this year's SMB Nation, make sure you come to the AuthAnvil Community Release Party. I will have an exciting announcement that will make it even easier to work with Own Web Now and AuthAnvil.

Today I was pleased to see him write a blog post on two factor authentication, and his experiences with AuthAnvil. One of the best quotes I could pull from his post was this:

So, if you're concerned about the security of your network, and especially of your remote users and the valuable information they have, you really should be using TFA. And AuthAnvil is an excellent form of TFA.

What more is there to say, except thanks for the kind words Charlie!

Of course Charlie brings up the fact he can't wait for us to release a 64bit version. We have been limited in our ability to do so with the API we were originally using from the vendor of the tokens we license. However, we recently wrote our own library from scratch to replace theirs in an effort to eliminate an entire class of bugs and now gain the benefit that we are not shackled to 32bit binaries anymore.

But it opens up a question I would like to turn to our customers. Do you WANT a 64bit version? 64bit hasn't been our highest priority on our list of work we can be doing. There are plenty of 32bit agents we want to deliver. However, if customer need and demand requires it, we can obviously realign some development processes to ensure it gets out sooner. So speak up. Send an email to dana@scorpionsoft.com and let us know how you feel. If enough customers demand it, I will personally make sure to give it the attention it deserves.

Thanks for starting the conversation Charlie. If customer demand requires it... we will be sure to get you the 64bit agents so you can "move all [your] business to require it for all logins".

Once again, the firewall dashboard stuck something in my face that I don't think I would have noticed otherwise.

In her post, she talks about how the Firewall Dashboard indicated that she was getting ntp attacks from two IP addresses that were foreign to her. She leveraged that information to take action, diagnose the problem, and resolve it in less time than if she went through the ISA logs on her own.

I just love it when I see our products help our customers in such interesting ways :)

She says that "there are times the paranoia meets the blonde....". I think its the reality of firewall analytics coming to play. For a moment she noticed something that SEEMED anomalous and took precautions to investigate it further. Thats what good firewall analytics is about. It lets you focus in on the data that matters, and allow you to then use human heuristics to further determine if that sort of connection pattern is appropriate to meet corporate access and security objectives. The fact that the Firewall Dashboard could sort through thousands of firewall events and let her zone directly into that, makes me ecstatic. It means the dashboard is not only working, its letting her do her job better, faster and more effectively.

So how are YOU using the Firewall Dashboard? I would love to hear about it. Feel free to comment here or send me an email to dana@scorpionsoft.com. In the near future I am going to start collecting information from people who are interested in offering a case study on how the Firewall Dashboard has been useful to you. If you have an interesting story to tell about your usage of the Firewall Dashboard and would like your company featured in a future case study that other users and customers of the product will read, please let me know. I love being surprised about how our products have helped you in unique and different ways.

And not just when you are paranoid and having a blonde moment either. :)

This email is a call to action. I am personally asking that each and every one of you who have been on the beta of the Firewall Dashboard to take a few moments to answer 7 questions to the best of your knowledge and experience. It will help Scorpion Software to formulate the best way to go to market with our product, and allow us to continue to build the best executive firewall dashboard for Small Business Server. We want to service you, and ask that you please take a few moments to let us know how we can best do that. Good or bad, we want to hear from you.

How can you do that? By simply filling in the 7 questions on the online survey that we have prepared. Answering the questions honestly and thoroughly will go a long way to help us understand how you feel about the Firewall Dashboard, and how we can service you and the SBS community going forward.

The survey will be online for the next week, but we would love to hear from you sooner than that. Please take a few moments and take action by filling out the online survey. Your responses will go a long way to help the Firewall Dashboard to reach the SBS community.

Thank you very much for taking the time to help us out. I look forward to having Scorpion Software meet your organization's needs in the near future.

Sincerely,
Dana Epp
President, CEO
Scorpion Software Corp.

It seems that the Firewall Dashboard has exposed Susan to the fact she has a misconfigured router slamming her corporate SBS box with constant RIP routing requests. As her report showed when she used the "Resend Report" to email me a copy directly, it was very quickly apparent that a constant traffic flow every 30 seconds was bombarding her ISA server with over 2800 events each day. I just love the Attackers Time Line Radar chart. It so easily shows patterns like this.

There was another quote in her post that I also liked:

Suddenly I get this overwhelming urge to go stand up ISA servers all over the place to get more data. This is cool. If you haven't checked it out.. do it... and while it works on other firewalls... you know me I'm kinda partial to ISA server.

You go girl. Make Tom proud.

Meanwhile the next beta is shaping up for release. We have been able to take a lot of the great feedback from you guys and make some changes to really make it easier to install and deploy. If you haven't yet had a chance, why don't you go sign up for the beta?

If so, you might be insterested in some work we are doing on a "SBS Firewall Dashboard". We have taken the popular "Daily Carina Performance Reports" engine and are now porting it to an individual code base which we can release to help SBS administrators understand just what is going on with their ISA firewall on Small Business Server.

We could really use your input to make this tool YOUR tool. If you have a few moments, please consider filling out our short 7 question survey over at Zoomerang. The results will help us to make sure we design the right tool to meet your needs. And if you wish to join the beta, please ensure you include your email address in the survey.

The survey will stay running for the next 7 days. I do hope you will participate.

Thanks a lot!

But it doesn't simply end with the publicly held companies. In many cases, small businesses who work with these companies are being pressured into maintaining similar controls to ensure compliancy in the extended environment. Failing to do so limits the small business from opportunities as publicly held companies are obligated to manage ongoing compliance with Section 404 of the Act.

If you are operating a small business that may be affected by this, you might be interested in reading our updated solution brief on Sarbanes-Oxley: Application of Security and Data Integrity for Small Business. In it you will learn how our products can balance the initial cost of security and data integrity safeguards with ongoing maintenance to meet regulatory compliance and significantly improve your ability to demonstrate compliance to your publicly held corporate partners.

Have a Happy Holiday and prosporous New Year. May this entry find you and your family in good health, and great spirits for the season.

We have also integrated this process directly into our support system. You can check it out by heading over to our Online Customer Service System and try it yourself.

Our goal is to continue to refine our communications infrastructure with our customers in an effort to increase our effectiveness and your success. We hope this new software management system will assist in that.