Saturday, November 3, 2012

Beware of Sandy Spam and Scams

It did not take long for the spam capitalizing on "relief efforts" for hurricane Sandy to start hitting my inbox.  Further, in my area, actual scams have been taking place.  For example, FEMA has only entered the area.  Yet, some residents report being contacted by FEMA representatives.  Also, we have "tree companies" casing the area ostensibly looking for work - and in reality, looking for empty houses.

Be careful on what you click.

Make sure who you are dealing with is who they actually represent.

Leaving phones/laptops unattended while charging

Like many places, we got hit hard by the hurricane.  We're without power, heat, and hot water.  We don't have a generator, so charging the myriad of gadgets has been problematic at best.  Some neighbors and friends who have power have been great.  And a couple of the local businesses and the local library have set up temporary "charging stations."  It has been a huge blessing.

However, some people haven't taken the security of the phones or laptops very seriously.  While in Walgreens charging my phone, I watched people hook their phones up to charge, then go shop; leaving the phones unattended.  While it would be hugely crass to take advantage of people in this situation, the security side of me can't help but cringe.  With so much of our lives tied into our phones (and laptops) it seems extremely foreign to me that I would leave my device unattended.

So please, take care of your phones and laptops...make sure that they are secure.

Putting a disaster recovery plan into practice

As a DoD auditor, I hammer DoD sites and entities for not having or not having adequate disaster recovery plans.  I got to put words to practice in my own life with the impact of hurricane Sandy directly impacting me.  In light of what happened, we are revamping our procedures and amending the plans that we already had.

For example, we had planned for wind damage, and the possibility of a power outage.  We didn't plan on evacuating...data from previous storms didn't indicate that we might have to worry about rising water.  However, with the storm picking up steam, hitting us three hours earlier than anticipated and during a high tide; the stream around us was 13' above normal.  Water poured all around the house, which led to a prompt evacuation.

So, with a new threat to add to the threat model, we are revamping our plan.  We are including many of the lessons learned from this event so that we are not caught off guard in the future.  Further, we're keeping the plan in a central location so that everyone can benefit from seeing it and putting it into place.

It would figure that we would not get a hurricane until the very end of hurricane season.  And we know that Winter is just beginning....we're bound to have a snow/ice event.