Thursday, October 6, 2016

Top 10 database security threats

Databases are among the most valuable assets in the information system as they store valuable and vital data and records of the business. As such, they are also among the most interested place of intrusion for hackers, attempting to gain access to confidential and sensitive information from within.

California based cyber security solution provider Imperva has been consistently publishing the Top 10 Database Security Threats white paper every year.

From year 2013 until 2015, this top 10 database security threats remained as the same listing, with the same ranking, as below:

  • 1. Excessive and Unused Privileges
  • 2. Privilege Abuse
  • 3. Input Injection (SQL Injection)
  • 4. Malware
  • 5. Weak Audit Trail
  • 6. Storage Media Exposure
  • 7. Exploitation of Vulnerabilities and Misconfigured Databases
  • 8. Unmanaged Sensitive Data
  • 9. Denial of Service (DoS)
  • 10. Limited Security Expertise and Education
According to Imperva, the top 9 threats above can be addressed by using an automated Database Auditing and Protection (DAP) platform, which is an approach that improves security, simplifies compliance, and increases operational efficiency. The 10th threat is "human factor" by negligent employee or contractor.

The white paper outlined a multi-layered database security defence strategy encompassing:
  • Discovery and Assessment: to locate where database vulnerabilities and critical data reside.
  • User Rights Management: to identify excessive rights over sensitive data.
  • Monitoring and Blocking: to protect databases from attacks, unauthorized access, and theft of data.
  • Auditing: helps to demonstrate compliance with industry regulations.
  • Data Protection: to ensure data integrity and confidentiality.
  • Non-Technical Security: to instil and reinforce a culture of security awareness and preparedness.
"Failing to safeguard databases that store sensitive data can cripple your operations, result inregulatory violations, and destroy your brand. Understanding the top database threats and implementing the solutions outlined in this paper will enable you to recognize when you’re vulnerable or being attacked, maintain security best practices, and ensure that your most valuable assets are protected." -- Imperva, 2015

You can download the complete white paper to find out more detail of this interesting defence strategy.
 

Friday, September 30, 2016

Pisen TS-D192 4-in-1 presentation laser pointer pen and power bank (2nd generation)

If you do a lot of public presentation or classroom lecturing, you will find a presentation laser pointer pen as a very useful gadget for you to remotely control the flow of your presentation which run from your laptop and projected on a screen, as well as using its laser pointer to draw the audients' focus onto a particular area in your presentation screen.

I am using the Pisen TS-D192 4-in-1 presentation laser pointer pen and power bank for that purpose. In fact, it is more than just a presenter pen, it is also a 2,500 mAh power bank. It cost around RM70.


The Pisen TS-D192 has 3 buttons and can serve 4 features:
  • Laser pointer
  • Presentation remote controller
  • Video remote controller
  • Power bank


When you press its middle button, it will shoot up a red laser beam, with a long shooting range of up to 100 meters.

This Pisen TS-D192 comes with a nano USB receiver, which you can plug into your computer's USB port. It is really plug-and-play and can function immediately in Windows XP and above, even without the need of installing driver.

Its wireless transmission is using 2.4 GHz frequency band, with effective transmission range of about 10 meters. Unlike those infrared presenters that you need to aim the pen to the receiver, this Pisen TS-D192 which use 2.4 GHz wireless technology can work well regardless of its angle and direction, as long as it is within the 10 meters transmission range.

When your computer is running PowerPoint or Adobe PDF Reader, its buttons function like this:
  • Press top button to Page Up (go to previous slide)
  • Press bottom button to Page Down (go to next slide)
  • Long press top button will toggle full screen presentation
  • Long press bottom button will toggle a black screen on the display
  • The middle button will trigger its laser beam
When your computer is running Windows Movie Player or VLC Media Player, its buttons function like this:
  • Double press middle button to toggle between Play and Pause
  • Press top button for Forward
  • Press bottom button for Reverse

Most of the presenter pens in the market are powered by either AA or AAA size normal battery. This Pisen TS-D192 is powered by an internal rechargeable 18650 Li-ion battery with capacity of 2,500 mAh.

It can be recharged using a normal USB charging cable connecting its micro USB charging port to either your computer or a USB charger. There is a USB charging cable included in its packaging.

It is said that you can use it as a presenter pen for about one year with just a single charge. With its abundant power, it can also serve as your emergency power bank with 5V 1A output to charge up your phone or gadgets.


This is an interesting USP for the product, as you can still making use of it as a power bank when you are not using it for presentation.


Tuesday, September 20, 2016

Malaysia year 2017 national and state public holidays announced

The official 2017 national and state public holidays in Malaysia has been announced by Cabinet, Constitution and Inter-Government Relation Division (BKPP), Prime Minister Department.

There are 14 days of national holiday, and 2 of them fall on Friday, 4 fall on Saturday, 2 fall on Sunday, and another 3 fall on Monday. Most of the states will have around 4 state holidays in addition to the national holidays.

 
Chinese New Year falls on Saturday and Sunday (28th and 29th January 2017). Hari Raya Puasa falls on Sunday and Monday (25th and 26th June 2017). Deepavali falls on Wednesday (18 October 2017).
 
Click here to download the table of Malaysia year 2017 gazetted national and state public holidays.


Hint: Click on the "Older Posts" link to continue reading, or click here for a listing of all my past 3 months articles.