Security risks associated with backups

Similar Messages

• Iphone 3G Software Update Fixes security vulnerability associated with viewing malicious PDF files?

  Is there an Iphone 3G Software Update Fixes security vulnerability associated with viewing malicious PDF files?  Latest version I can download is 4.2.1
  I assume no fix is available, does anyone know if I'm still vulnerable to the security bug?

  No fix is needed since that vulnarability isn't in 4.2.1.

• Risks associated with digital signatures

  We are looking to develop a process to use digital signatures on PDF documents, send them via email to a line manager, who adds his digital signature as a "stamp of approval" who then emails them to a specific department for processing. Are there any risks associated with using digital signatures in adobe, and general best practices for their usage, or best practices to mitigate the risks associated with them.

  If you procure and use commercially-issued credentials (not self-signed), digital signatures are much safer than any other signatures.
  1. They tell you whether the signed document has been altered. The document's author may specify which alterations (like form fill or signing) are acceptable. A digital signature tells you what kind of alterations in the document occurred after signing. In Acrobat you can always get the signed version before any alterations occurred.
  2. The digital signature tells you who the signer is (not only from the appearance but from the signing credential which is present in the signatures).
  3. The signing credential of a digital signature can be verified on-line that it has not been revoked and is still good. Acrobat has a feature to embed revocation information in the document, so that you can get verification that the signing credential was good at the signing time even if you do not have Internet access.
  4. In Acrobat the last signer can lock the signature, so that no other modifications of the document are allowed.
  So, there are many advantages to using digital signatures. The only risk that you have is that a signing credential can be stolen if someone has an access to the computer or token where the credential is stored AND gets hold of the credential's password. Each credential is password protected, so you guard this password as you guard any other password. If you suspect that someone got hold of your credential and password you can always ask the credential's issuer to revoke this credential and to issue you a new one. In this case the only time span when someone may use your credential is the time lag between the time the credential was stolen and the time the issuer revoked it.

• CUP 5.3 is coming back with all risks associated with a user

  HI, i know this has probably come up in the past but i'm not finding it anywhere in the forum.  we are having a problem with CUP 5.3 provisioning as it's bringing up all risks associated with a user rather than the new ones for the role being requested.  this is especially aggravating for roles that do not have a conflict.  i'm thinking this might be a very simple answer but i'm not finding it anywhere.
  thanks
  ryan

  Ryan,
  Excuse me for the link. the problem was because a 'P' at the end
  This is the correct one: Did CUP risk analysis change with SP7?
  And, as per my knodelge, There's no way to show only the "new risks" in CUP risk analysis.
  If you want to use GRC succesfully, first you have to "get clean". Check here (Note 1593056 - Best Practices for Remediation of
  Segregation of Duties risk):
  The Risk Analysis and Remediation (RAR) application is part of the "Get Clean" methodology which is at the core of GRC Access Control. The first step of any Access Control project should be to "Get Clean" of any segregation of duties violations through the use of RAR. Once clean, Compliant User Provisioning, Enterprise Role Management and SuperUser Privilege Management are tools used to "Stay Clean".
  If you've already identified the risk, mitigate them. This is the best practise. I undertand your problem, but until you finish the "clean procedure" you should use an alternative workflow for CUP.
  Cheers,
  Diego.

• Risks associated with database refresh.

  Hi experts,
  I need to clarify a  doubt .I have a cloned SAP BW system (from another system i.e SAn to SAN copy)and then after few months after the first clone I need to refresh the database(Oracle 10 G).The reason being I will have some changes in data at the source system from where it was copied earlier.I shall be applying the application changes by tracking the transport requests(from the original system).
  I need to clarify if we don't refresh the whole system again  by SAN to SAN copy and then do  a database refresh will there be any problem .Is there any risk associated with it.
  Will the requests be available to me on the monitor with the new data or there will be some issues.
  A quick response shall be very useful.
  Shailja.

  Hello,
  Orders for Production , Maintenance, Deliveries, Transfer Order  etc. are created according to the factory calendar .
  You must be sure that all operations can be carried out in the seven days of the week (e.g. deliveries), because SAP can be scheduling aTransfer Order for a Sunday and somebody can be calling you for fixing the issue!
  The normal case is that some operations can take place in the weekend (Production, Maintenance) but other Logistic Operations ( Deliveries) are done only from Mo to Fr. If this is your case, I would create an additional seven days calendar and assign it to the work centers in Production and maintenance, but the Plant would remain linked to the old five days calendar
  Hope this can solve your issue.
  Dario

• Risks associated with changing to new Plant Calendar assigned in OX10

  Our site is considering changing the factor calendar from 5 days a week to 7 days a week in OX10 for the plant.  We curently use all supply chain modules and otc.  Can anyone tell me the warnings/risks associated with doing this?
  Thank you.

  Hello,
  Orders for Production , Maintenance, Deliveries, Transfer Order  etc. are created according to the factory calendar .
  You must be sure that all operations can be carried out in the seven days of the week (e.g. deliveries), because SAP can be scheduling aTransfer Order for a Sunday and somebody can be calling you for fixing the issue!
  The normal case is that some operations can take place in the weekend (Production, Maintenance) but other Logistic Operations ( Deliveries) are done only from Mo to Fr. If this is your case, I would create an additional seven days calendar and assign it to the work centers in Production and maintenance, but the Plant would remain linked to the old five days calendar
  Hope this can solve your issue.
  Dario

• Risk associated with AUTH_SWITCH_OBJECTS

  As discussed in previous threads the following was indicated wrt auth/object_disabling_active:
  The auth/object_disabling_active parameter is a prerequisite for globally deactivating checks on individual authorisation objects.
  If the paramter is set to "Y", the disabling of checking of authorisation objects globally through transaction u201CAUTH_SWITCH_OBJECTSu201D is not prevented.
  My question:
  What is the risk associated, if the transaction AUTH_SWITCH_OBJECTS is not contained within any role or assigned to any user including the authorisations team? Due to this transaction not being assigned or even in existence within our productive environment, no auth object has been disabled from auth relevancy.
  Thank you!

  Even auth_switch_objects on it's own is not enough.
  But if there is no intention to turn objects off globally and none are turned off then it cannot harm much to turn it off, no?
  Some folks got a bit nervous when transaction SU24_CHECK flew up, but that has been deactivated and I am not aware of any other dark horses which globally disable checks client specifically (except of course the usual table editing tools....).
  Cheers,
  Julius

• Are there health risks associated with WiFi?

  Hi folks, i've become tired of my ethernet cable unplugging from my mac. So i'm thinking of going wireless.
  Now here is my question...is WiFi safe? I'm going to bestbuy tonight to check out their wireless routers, (Lynksis WRT54GS-CA), but i'm wondering if these things are safe. It will be located in my office which is the next room to my bedroom.
  Any info you guys have would be appreciated. It seems I can't find a consistent answer regarding this question.
  Thanks

  Not to sound cynical, but unless you live out in the middle of nowhere, you're being bombarded with RF signals on a constant basis from cell phone microwave towers, and lower energy radio and TV signals, and natural background radiation. Do any of your neighbors have wifi? You may be exposed to the 2Ghz+ RF signals already. At any rate, the power output is likely on the order of milliwatts - pretty negligable.
  Physicists corrrect me if I'm wrong, but ionizing radiation isn't "additive" - in other words, an energy wave needs to have a minimum amount of energy to displace an electron form a lower energy state. The energy from multiple waves that don't have this minimum don't "add" their energy together, so it's an all or nothing event.
  I wouldn't sweat it - I'd be more concerned about securing your wireless network from intruders and eavesdroppers.

• Not able to sign into Blackberry Protect. Backup and Restore function not working. "Your device isn't associated with a Blackberry ID"

  Not able to sign into Blackberry Protect.  Backup and Restore function not working. Message is: "Your device isn't associated with a Blackberry ID."  My Blackberry Messenger and Blackberry World is working fine so I am sure its not an ID issue on the phone.  I can sign into Link, Blackberry.com and Protect.  I see my device in Protect but cannot send messages or view it on a map.  Times out with cannot reach device message.  BB Protect on Device has a swirling circle beside the on/of switch.  Cannot turn off.  
  I have deleted Link and re-installed.
  I have reset phone to default(factory) and signed in. 
  OS level is 10.2.1.3062
  BB Link is 1.2.3.56
  Solved!
  Go to Solution.

  I managed to figure this out myself. I had to delete the device from the Blackberry Protect website.  protect.blackberry.com.  I wiped my device again and signed in with my Blackberry ID.  I dont know if the step of wiping was necessary as I did not try my backup with the current configuration on the device following the delete.  Restore is in progress for me!

• HT1911 How do you change the email address associated with forgetting your security answers

  Trying purcahse a song on iTunes and have been prompted to answer security questions.  Since I do not remember setting up these security questions, I do not remember the answers.
  I can click a link that will send instructions to resetting the security questions, but the email address associated with this link is no longer active.  How do I change this email address?

  Just where are you going?
  and what do you see? A screen shot with personal info redacted would be great.
  I no longer have an email address that was also my Apple ID. Can I still use the email address as my Apple ID?
  Apple recommends you change your Apple ID to your current, working email address. This will not create another Apple ID, it will only change it to your working email address. See Changing the name you use for your Apple ID if you'd like more information.

• HT204053 I no longer have the e-mail address associated with the apple ID for iCloud.  The password I have written for that account is deemed wrong, as is the security information (i.e. my birthdate).  How do I eliminate this incorrect account and start a

  I no longer have the e-mail address associated with an Apple ID.  I do not know the password for that account, nor are the security questions correct (e.g. it asked my birth date, but, when I listed it, I was told it was not correct).  I have no way to get into the program, to correct an information.  How do I delete this account and start anew?

  If you still have access to your old email address, go to https//appleid.apple.com, click Manage my Apple ID and sign in with your iCloud ID.  Tap edit next to the primary email account, tap Edit, change it back to your old email account and verify it.  Then edit the name of the account to change it back to your old email address.  You can now use your current password to turn off Find My iPhone on your device. Then go to Settings>iCloud, tap Delete Account and choose Delete from My iDevice when prompted (your iCloud data will still be in iCloud).  Next, go back to https//appleid.apple.com and change your primary email address and iCloud ID name back to the way it was.  You can now go to Settings>iCloud and sign in with your correct iCloud ID and password.
  If you don't have access to your old email address, you will have to contact Apple to have them reset the password so you can disable Find My iPhone and sign into your iCloud account.  You can either go to https://expresslane.apple.com, select "More Products and Services", then "Apple ID", then  on the next page select "Other Apple ID Topics", then "Lost or forgotten Apple ID password" and click "Continue"; or you can contact Apple Support (http://www.apple.com/support/icloud/contact/).

• I just created an iCloud email and I want to use that email for my iTunes account as well. I need help suiting the old apple I'd because I do not remember anything associated with that email and I don't know the security questions

  I just created an iCloud email and I want to use that email for my iTunes account as well. I need help switching the old apple ID because I do not remember anything associated with that email and I don't know the security questions or the login for that old email.

  You cannot do that.  The AppleID you used to create the iCloud account is an active primary email address.  The email address you created with the iCloud account is also an active primary email address (all Apple domain email address automatically become AppleIDs as well).  You cannot replace the primary email address on one active AppleID with the primary email address on another, active AppleID.
  You can use your iCloud email/AppleID with iTunes, but it will be a separate account, so all your previous purchases remain tied to the other AppleID you have.
  I don't understand your statement that you could not remeber your old AppleID password, as you would have had to use it to create the iCloud account in the first place (the first step of creating the iCloud account required you to login with your existing AppleID and password)?

• I forgot my password for my iTunes account and the email that is associated with my iTunes account no longer works. How do I recover my password and be able to change my security questions?

  I forgot my password for my iTunes account and the email that is associated with my iTunes account no longer works. How do I recover my password and be able to change my security questions?

  Forgotten Security Questions / Answers...
  See Here > Apple ID: Contacting Apple for help with Apple ID account security
            Ask to speak with the Account Security Team...
  Or Email Here  >  Apple  Support  iTunes Store  Contact
  More Info >  Apple ID: All about Apple ID security questions
  Note:
  You can only set up and/or change a Rescue Email Before you forget the questions/answers

• Firefox starts with old tabs and windows I had visited ages ago, not a new blank window. It is opening up a tab containing a credit card transaction I had completed last week, so I am worried about the security risks your browser is posing right now.

  Few times a week, ff opens after boot with random tabs from history open. But today it kept opening the same set of windows (not tabs) from random points of time from history. It stopped after I closed 4 of them and browsed a bit with the last and closed it with tabs open. Then it resumed opening the previously saved tabs. The usual situation with tabs occurs generally after I close firefox with no tabs and no websites loaded and I shut down the computer.
  I do have a large amount of history, I generally clear only sensitive sites from history by searching and clicking forget this site.

  Dear Colbabomb; thankyou for your links.
  So far, I looked at your first solution, Revo Uninstaller and it gives you a 30 free trial. Ergo, it will eventually cost money so I'm leery of using those kinds of programs in general, meaning most "free trials" have unwanted strings attached and often are big probs to get rid of later. Perhaps you can assure me that it is easy and very user friendly, before I proceed. And I already ran malwarebytes and it found nothing tho the program still can't be uninstalled. I downloaded Adw Cleaner and during the install, my Norton's security popped up and warned that there were (low risk) threats with two of their "other offers" and i hadn't even actually clicked to agree either of them. Nonetheless, Norton warned me against the "lyrics finder" and "deal ply." In fact, there was a box already with an x in it, saying that you are accepting deal ply if you x on "next." Well, except I unchecked that box before clicking on next, yet when it went to fully install, it still showed that it was adding itself; so, just before the install was 100% completed, I had to abort the whole thing. I really do hope your other suggestions are programs that you personally know that they don't try and trick you. But right now, I would not suggest Adw Cleaner to anyone. I even read the fine print about what they will try and install and how to decline and it still tried sticking stuff on that i believed I had declined. Anyways, i have to leave now, shall pick up later this evening, if my pc is still functioning.

• Help! Macbook Air lost association with USB Airport hosted Time Machine Backup

  Okay, so my wife's Macbook Air was doing Time Machine backup to USB drive attached to previous generation Airport Extreme...
  We bought a brand new Airport router a couple of weeks ago, I plugged it in and everything went smoothly. Plugged in USN drive that attached to older APE router, and it's still visible on the network. However, ever since we got the new router, the existing backups are not associated with the Macbook Air anymore.
  Yes, I can start over with a new backup file, but I was hoping to use the existing backup (it takes a while to backup wirelessly, and we lose the whole history if we wanted to recover previous versions of files that were backed up—I can't think of anything we'd need right now, but Murphy's Law will probably apply if I go ahead and erase the old and start new).
  I was hoping all I would have to do was drag the old backup file onto the Time Machine icon to re-associate it with this computer, but I can't see any way to tell Time Machine, "hey, here's the backup file you are looking for... it's right here on the same USB drive attached to the new router."
  (Also, before anyone says to make sure I have a backup of the backup, I do. The computer is backed up offsite with Backblaze, too.)
  Perhaps it will be best to just start from scratch with a new Time Machine backup, that just seems like overkill, since there was nothing wrong or corrupt with the existing Time Machine file, I just switched what router it was attached to. Thanks for any advice/enlightenment.

  I guess I have a few comments.
  Apple has an opt out.. they do not support Time Machine backups on older Airport Extreme. Apple have always stated it is unreliable and so refused to support it.. only with Gen6 of the AE have they changed to supporting TM backups.
  From your point of view it should have worked.. it may indeed still work. But the change of network is significant and it will take some work on your part.
  1. I need to know what OS is the MBA running??
  2. Moving a disk from one network location to another, I would strongly recommend a full reset of Time Machine on the computer.
  See A4 here. http://pondini.org/TM/Troubleshooting.html
  3. Pondini in the same reference has some info about inheriting old backups .. slightly different context but it also could help.
  see B5 and B6
  4. It is also possible to move old backups into a new backup.. but this is then going too far.
  I would simply buy a new USB drive.. and keep the old backup drive for a few months until your new one builds up sufficient history to be sure you will not need the old ones.. at that point you can use the old backup drive again after a reformat.
  5. To do the new backup, since wireless is indeed a long and burdensome chore to make that crucial first backup, buy a thunderbolt to ethernet adapter.. assuming your MBA is recent enough. Ethernet is so worthwhile having it is required not optional extra. The cost at $35 is one of the cheapest adapters for a very expensive interface..