Just Delete It

The FBI, Microsoft, and Google Will Never Call Or eMail You

A one-page computer security refresher from the FBI.

https://www.fbi.gov/how-we-can-help-you/safety-resources/scams-and-safety/on-the-internet

Of particular interest is the note in the lower right:

Note: The FBI does not send mass emails to private citizens about cyber scams. If you received an email that claims to be from the FBI Director or other top official, it is most likely a scam.

Replace FBI in that note with ‘Apple’, ‘Dell’, ‘Microsoft’, ‘Google’, etc., and it still holds true. Those companies will never contact you directly via email, browser pop-up, phone, text, carrier pigeon, etc., regarding a security issue. If you think they are contacting you directly with a legitimate communication, they aren’t. Please delete the email, don’t take the phone call, and dismiss the browser popup.

How Much?

Actual Customer Requests
  • My printer will not scan; how much?
  • I have a software problem; how much?
  • I use my computer for important work and am leaving the state tomorrow. I can’t get to my copier either; it’s buried in a mess. Very frustrating! How much?
  • I need to recover data from a USB drive; how much?
  • I am looking to increase my web traffic and inquiries; how much?
  • How much will it cost to build me a website?
  • I want to retrieve photos from a 10 year old Windows 7 computer; how much?

If the above requests seem reasonable to you without additional information before we can provide an estimate, please, please, please don’t contact us.

IT Axioms

Things I’ve learned in 30 years of IT

axioms
  • User convenience wins over IT security
  • Security and compliance are not the same
  • Security and privacy are not the same
  • Authentication and authorization are not the same
  • Trust and verification are not the same
  • If you have ‘nothing to hide’, you have everything to lose
  • Build a 10 foot security wall and users buy a 12 foot ladder
  • A backup is as good as the last tested restore
  • To understand how a decision is made, follow the money
  • Don’t confuse activity with productivity
  • If a user says something isn’t important…it is
  • A missing $50 cable can delay a $1M project…details matter
  • Complex projects take 2x the time of the estimate
  • Technical debt is easy to add and difficult to remove
  • A software sprint is anything but
  • MDM solutions don’t find 10% of your devices
  • Customers don’t pay for documentation
  • If every user is special…no one is
  • If everything is urgent…nothing is
  • Important and urgent are not synonyms
  • An end user problem is not my emergency
  • This will only take a minute…won’t
  • Anyone claiming 100% compliance…won’t pass an audit
  • If you can’t measure it…you probably don’t understand it
  • Complex IT system fail gradually…then suddenly
  • Managing people is convincing you my emergency is yours
  • Work-Life balance does not apply at end of quarter
  • If you have a quota…the number is the number
  • No good deed goes unpunished
  • A manager who is ‘here to help’…isn’t
  • A feature and a bug are all about perspective
  • Your initial project estimate is a client’s final price
  • In a training class of smart IT people…sit next to the quiet one
  • Junior IT people…mouth shut and ears open
  • Smart IT people sit in the back of the room
  • Open source is free…unless you’re the maintainer