At last week’s Refuse To Be A Victim class we had a brief discussion regarding passwords. During that talk I mentioned a tool called LastPass. This tool helps you to maintain a collection of complex passwords which are hard for attackers to obtain via “brute force”. It also helps you have a different password for every place you need one. As we discussed in class, this is critical for keeping your accounts secure. If you have the same password in different locations then when one of those locations/companies is compromised you are at risk. This happens because the bad guys take all of the usernames/passwords that they get, and they use them to login to every other site that they can find. You can prevent this either by having different usernames or by having different passwords. A program like LastPast helps you do either one. Usually having different passwords is the easier method, but either way works.

There are other programs that do what LastPass does. KeePass is one. My personal favorite is PasswordSafe, but – as I mentioned in class – I am pretty far toward the “cautious” end of the spectrum, and the way I operate computers is not for everyone. LastPass is one of the programs that makes this easy for everyone to use, while still maintaining a good level of security.

Effective 9/1/17, MEI Security has relocated to 5 Cabot Place, Stoughton, MA, 02072

Lessons From Infosec, Martial Arts, Firearms, and Parenthood

Hard work, Hard thoughts, Tough decisions, Immense Rewards

Presented by Vik Solem at Source Boston 2017

FOR IMMEDIATE RELEASE

Contact: Vik Solem
MEI Security, Inc.
630 Park Street
Stoughton, MA 02072
Phone: 617-544-7233
E-mail: vsolem@meisecurity.com

Stoughton, MA – May 18, 2017 – MEI Security, a specialist in Cyber Security and Physical Security Consulting for small and medium sized businesses and institutions today announces the hiring of Phil Barrows as Vice President of Business Development. Phil will be responsible for managing all customer business interactions and for enhancing MEI’s performance in the Cyber Security and Physical Security consulting sectors. “We are very pleased to have someone of Phil’s background and expertise come on board,” said Vik Solem, President of MEI Security. “Phil’s extensive experience managing technology-focused organizations makes him an ideal fit at MEI Security as we devote our attention to addressing the urgent and growing needs for improving cyber security, physical security, and the critical areas where the two intersect.  Phil’s addition to the team enables us to help more customers understand and increase their level of security both at the office and at home.” said Mr. Solem.

For more information on MEI Security’s skill sets and capabilities please contact Phil Barrows by telephone at 617-544-7233 or via email to pbarrows@meisecurity.com

MEI Security is sponsoring the New England Small Business Security Meetup. Join us in Stoughton on May 11 at 7:00 PM. This month we’ll have another presentation on security solutions (including free ones) for small to medium sized businesses. As always, there will be time before and after for open discussions.
7:00 – 7:15 : Introductions
7:15 – 8:00 : Presentation:
8:00 – 8:30 : Open Discussion / Closing

Please RSVP, and let us know if you plan to arrive early for light refreshments at 6:30.

As promised, here are the slides from the talk that Pedro Marcano and I gave at BSides Boston on Saturday. I’ve provided both the slides and a copy with the notes pages.

Security In S M L XL_v3.1

Security In S M L XL (with notes pages)

The list of security solutions for small and medium sized businesses is available here or at http://tinyurl.com/MEIbsideS2017.

CC Image courtesy Karlis Dambrans from Latvia

We’ve known for years that things like webcams and microphones can be used to spy on us and steal our passwords.  Now that cool wearable device on your wrist can give attackers your PIN.  Basically the movements of your hand can be recorded by the device and sent to an attacker for analysis.  Looks like that have an 80% chance of getting it on the first try.  From a technical point of view it’s a cool hack.  From a security point of view it’s another reason to be cautious about wearing a computer all the time.

Happy Birthday – MEI Security!

Mabuhay Enterprises Inc. was formed nine years ago, on February 10, 2007.  Since then we have continued to help our customers understand risk and secure their infrastructures.  What started as a small, part-time endeavor has grown to serve multiple customers, and is on a path to serve many more customers in 2016.

In the coming year we have some exciting new offerings most notably our RECA engagements.  We hope to help many more customers jump-start their security programs by helping them understand the threats to their people and their organizations and by providing prioritized, actionable tasks that help control or eliminate those lists.

Please join our mailing list for up-to-date information on our consulting offerings and on our training schedules.

We’ve had our cake.  Time to get back to work!