6. DON'T KEEP CARDBOARD BOXES OF UNINVENTORIED OLD DOCUMENTS LYING AROUND.

Part II.

Remember, James Bond is not interested in your secrets.

That being said, competitors, disgruntled employees, ex-spouses and other wreakers of havoc are interested in your secrets.

There are many methods of "bugging" out there.

The five main categories are, in alphabetical order: Acoustic, Optical, RF, Tie-In, and Ultrasonic.

1. Acoustic - low tech glass to the wall, ventilation, electrical out-let, out side the window, stand by the door, close proximity listening.

2. Optical - high end and expensive.

3. RF - radio frequency and receiver devices.

4. Tie-in - hooking directly in to a phone line. The box is usually easily accessible on an exterior wall.

5. Ultrasonic - think transmitter, receiver but with audio pressure rather than radio waves.

The most prevalent and dangerous of this is alphabetically and most destructively listed first. Always be aware of your immediate surrounding when discussing confidential information.

Part III

How can this be? Simple, they are guarding the air conditioner duct instead of the front door.

So, what do I know about it? My knowledge of the field is pretty backdoor in nature.

First of all, I work a lot with people who love nothing more than to stir up hate and discontent wherever they go. They will intentionally uncover and publish sensitive information. It is fun for them. In order to find out why they do these things I do a lot of debriefing with them when an incident occurs.

Second, I have two brothers who made carriers out of law enforcement. One of my brothers served many years as a state trooper and another as a sheriff’s deputy. They were both extremely successful in the investigation facet of the job and I am about to tell you why. Then you can see if you are vulnerable to the same kind of attack.

The sources of data loss, in no particular order, are as follows.

1. Waste Archeology. Simply speaking, someone who really wants to know your secrets will go through your trash. And guess what? It is completely legal. Buy a $20.00 shredder, and use it.

2. Taps. Seriously, if you have a wireless system it is pretty simple to eaves drop via laptop from the coffee shop next door.

3. Pop-ins. Be extremely wary of maintenance crews and repair staff you haven't called in. Check ID's. Also, be aware of someone who comes in asking a lot of questions. You may be surprised what the reception staff will tell someone who smiles and asks nicely.

4. Hacking in. Do you know the easiest way to hack in to a secure system? Steal the password taped to the computer screen at Ed's work station. Trust me, I see it every day. You know what else? Most people use the same password for every system they need to access.

5. Cordless phones. Remember most cordless phones and cells are basically fancy radios. If it puts out a signal, the signal can be picked up with a scanner.

6. Ticking bombs. Answering machines, voice mail, fax machines anything that requires an access code can be beaten (remember the password taped to the computer?).

7. Starbucks. Never discuss sensitive information in a public restaurant! If I wanted to know about a corporations business, I go to the snack bar at lunch and read the paper over coffee. You won't believe the things you hear (if you're in education, teacher lounges are hair raising!).

8. Brain cramps. Unlocked cabinets, offices, desks, paper work left out, answering stupid questions over the phone. Hello?

9. Traitors. Face it, some folks will sell you out for the right price. The right price might be as simple as someone asking, "So, what confidential things are you working on these days?" You really wouldn't believe what people have told me in answer to that question. Keep sensitive information on a need to know basis.

10. Describing a spy. The typical spy is a short, fat, tall, thin man, with curly, bald hair. She often wears provocatively conservative clothing and is liberally conservative. In other words, ANYBODY is the typical spy.

Now I will expound upon each section individually.

Part 1

One of the first areas I mentioned in breaches in security was "rifled" trash. I believe this to be foremost method of stealing confidential information. In reality it isn't even stealing. In California Versus Greenwood the Supreme Court held the Constitution does not prohibit warrant less search and seizure of garbage left for collection outside the curtilage (the enclosed area immediately surrounding a home or dwelling) of a home. This could include places of business.

Here are some pro-active steps you can take.

1. Don't transfer confidential documents to recycling vendors.

2. If you have a copier, install a shredder next to it.

3. Purchase a cross-cut shredder for extremely sensitive documents.

4. Destroy all waste paper.

5. Get shredders for each individual. People won't wait in line to use a bulk shredder.

6. DON'T KEEP CARDBOARD BOXES OF UNINVENTORIED OLD DOCUMENTS LYING AROUND.

Part II.

Remember, James Bond is not interested in your secrets.

That being said, competitors, disgruntled employees, ex-spouses and other wreakers of havoc are interested in your secrets.

There are many methods of "bugging" out there.

The five main categories are, in alphabetical order: Acoustic, Optical, RF, Tie-In, and Ultrasonic.

1. Acoustic - low tech glass to the wall, ventilation, electrical out-let, out side the window, stand by the door, close proximity listening.

2. Optical - high end and expensive.

3. RF - radio frequency and receiver devices.

4. Tie-in - hooking directly in to a phone line. The box is usually easily accessible on an exterior wall.

5. Ultrasonic - think transmitter, receiver but with audio pressure rather than radio waves.

The most prevalent and dangerous of this is alphabetically and most destructively listed first. Always be aware of your immediate surrounding when discussing confidential information.

Part III

The sources of data loss, in no particular order, are as follows.

1. Waste Archeology. Simply speaking, someone who really wants to know your secrets will go through your trash. And guess what? It is completely legal. Buy a $20.00 shredder, and use it.

2. Taps. Seriously, if you have a wireless system it is pretty simple to eaves drop via laptop from the coffee shop next door.

3. Pop-ins. Be extremely wary of maintenance crews and repair staff you haven't called in. Check ID's. Also, be aware of someone who comes in asking a lot of questions. You may be surprised what the reception staff will tell someone who smiles and asks nicely.

4. Hacking in. Do you know the easiest way to hack in to a secure system? Steal the password taped to the computer screen at Ed's work station. Trust me, I see it every day. You know what else? Most people use the same password for every system they need to access.

5. Cordless phones. Remember most cordless phones and cells are basically fancy radios. If it puts out a signal, the signal can be picked up with a scanner.

6. Ticking bombs. Answering machines, voice mail, fax machines anything that requires an access code can be beaten (remember the password taped to the computer?).

7. Starbucks. Never discuss sensitive information in a public restaurant! If I wanted to know about a corporations business, I go to the snack bar at lunch and read the paper over coffee. You won't believe the things you hear (if you're in education, teacher lounges are hair raising!).

8. Brain cramps. Unlocked cabinets, offices, desks, paper work left out, answering stupid questions over the phone. Hello?

9. Traitors. Face it, some folks will sell you out for the right price. The right price might be as simple as someone asking, "So, what confidential things are you working on these days?" You really wouldn't believe what people have told me in answer to that question. Keep sensitive information on a need to know basis.

10. Describing a spy. The typical spy is a short, fat, tall, thin man, with curly, bald hair. She often wears provocatively conservative clothing and is liberally conservative. In other words, ANYBODY is the typical spy.

Now I will expound upon each section individually.

Part 1

One of the first areas I mentioned in breaches in security was "rifled" trash. I believe this to be foremost method of stealing confidential information. In reality it isn't even stealing. In California Versus Greenwood the Supreme Court held the Constitution does not prohibit warrant less search and seizure of garbage left for collection outside the curtilage (the enclosed area immediately surrounding a home or dwelling) of a home. This could include places of business.

Here are some pro-active steps you can take.

1. Don't transfer confidential documents to recycling vendors.

2. If you have a copier, install a shredder next to it.

3. Purchase a cross-cut shredder for extremely sensitive documents.

4. Destroy all waste paper.

5. Get shredders for each individual. People won't wait in line to use a bulk shredder.

6. DON'T KEEP CARDBOARD BOXES OF UNINVENTORIED OLD DOCUMENTS LYING AROUND.

Part II.

Remember, James Bond is not interested in your secrets.

That being said, competitors, disgruntled employees, ex-spouses and other wreakers of havoc are interested in your secrets.

There are many methods of "bugging" out there.

The five main categories are, in alphabetical order: Acoustic, Optical, RF, Tie-In, and Ultrasonic.

1. Acoustic - low tech glass to the wall, ventilation, electrical out-let, out side the window, stand by the door, close proximity listening.

2. Optical - high end and expensive.

3. RF - radio frequency and receiver devices.

4. Tie-in - hooking directly in to a phone line. The box is usually easily accessible on an exterior wall.

5. Ultrasonic - think transmitter, receiver but with audio pressure rather than radio waves.

The most prevalent and dangerous of this is alphabetically and most destructively listed first. Always be aware of your immediate surrounding when discussing confidential information.

Part III

6. Ticking bombs. Answering machines, voice mail, fax machines anything that requires an access code can be beaten (remember the password taped to the computer?).

7. Starbucks. Never discuss sensitive information in a public restaurant! If I wanted to know about a corporations business, I go to the snack bar at lunch and read the paper over coffee. You won't believe the things you hear (if you're in education, teacher lounges are hair raising!).

8. Brain cramps. Unlocked cabinets, offices, desks, paper work left out, answering stupid questions over the phone. Hello?

9. Traitors. Face it, some folks will sell you out for the right price. The right price might be as simple as someone asking, "So, what confidential things are you working on these days?" You really wouldn't believe what people have told me in answer to that question. Keep sensitive information on a need to know basis.

10. Describing a spy. The typical spy is a short, fat, tall, thin man, with curly, bald hair. She often wears provocatively conservative clothing and is liberally conservative. In other words, ANYBODY is the typical spy.

Now I will expound upon each section individually.

Part 1

One of the first areas I mentioned in breaches in security was "rifled" trash. I believe this to be foremost method of stealing confidential information. In reality it isn't even stealing. In California Versus Greenwood the Supreme Court held the Constitution does not prohibit warrant less search and seizure of garbage left for collection outside the curtilage (the enclosed area immediately surrounding a home or dwelling) of a home. This could include places of business.

Here are some pro-active steps you can take.

1. Don't transfer confidential documents to recycling vendors.

2. If you have a copier, install a shredder next to it.

3. Purchase a cross-cut shredder for extremely sensitive documents.

4. Destroy all waste paper.

5. Get shredders for each individual. People won't wait in line to use a bulk shredder.

6. DON'T KEEP CARDBOARD BOXES OF UNINVENTORIED OLD DOCUMENTS LYING AROUND.

Part II.

Remember, James Bond is not interested in your secrets.

That being said, competitors, disgruntled employees, ex-spouses and other wreakers of havoc are interested in your secrets.

There are many methods of "bugging" out there.

The five main categories are, in alphabetical order: Acoustic, Optical, RF, Tie-In, and Ultrasonic.

1. Acoustic - low tech glass to the wall, ventilation, electrical out-let, out side the window, stand by the door, close proximity listening.

2. Optical - high end and expensive.

3. RF - radio frequency and receiver devices.

4. Tie-in - hooking directly in to a phone line. The box is usually easily accessible on an exterior wall.

5. Ultrasonic - think transmitter, receiver but with audio pressure rather than radio waves.

The most prevalent and dangerous of this is alphabetically and most destructively listed first. Always be aware of your immediate surrounding when discussing confidential information.

Part III

Now I will expound upon each section individually.

Part 1

One of the first areas I mentioned in breaches in security was "rifled" trash. I believe this to be foremost method of stealing confidential information. In reality it isn't even stealing. In California Versus Greenwood the Supreme Court held the Constitution does not prohibit warrant less search and seizure of garbage left for collection outside the curtilage (the enclosed area immediately surrounding a home or dwelling) of a home. This could include places of business.

Here are some pro-active steps you can take.

1. Don't transfer confidential documents to recycling vendors.

2. If you have a copier, install a shredder next to it.

3. Purchase a cross-cut shredder for extremely sensitive documents.

4. Destroy all waste paper.

5. Get shredders for each individual. People won't wait in line to use a bulk shredder.

6. DON'T KEEP CARDBOARD BOXES OF UNINVENTORIED OLD DOCUMENTS LYING AROUND.

Part II.

Remember, James Bond is not interested in your secrets.

That being said, competitors, disgruntled employees, ex-spouses and other wreakers of havoc are interested in your secrets.

There are many methods of "bugging" out there.

The five main categories are, in alphabetical order: Acoustic, Optical, RF, Tie-In, and Ultrasonic.

1. Acoustic - low tech glass to the wall, ventilation, electrical out-let, out side the window, stand by the door, close proximity listening.

2. Optical - high end and expensive.

3. RF - radio frequency and receiver devices.

4. Tie-in - hooking directly in to a phone line. The box is usually easily accessible on an exterior wall.

5. Ultrasonic - think transmitter, receiver but with audio pressure rather than radio waves.

The most prevalent and dangerous of this is alphabetically and most destructively listed first. Always be aware of your immediate surrounding when discussing confidential information.

Part III

6. DON'T KEEP CARDBOARD BOXES OF UNINVENTORIED OLD DOCUMENTS LYING AROUND.

Part II.

Remember, James Bond is not interested in your secrets.

That being said, competitors, disgruntled employees, ex-spouses and other wreakers of havoc are interested in your secrets.

There are many methods of "bugging" out there.

The five main categories are, in alphabetical order: Acoustic, Optical, RF, Tie-In, and Ultrasonic.

1. Acoustic - low tech glass to the wall, ventilation, electrical out-let, out side the window, stand by the door, close proximity listening.

2. Optical - high end and expensive.

3. RF - radio frequency and receiver devices.

4. Tie-in - hooking directly in to a phone line. The box is usually easily accessible on an exterior wall.

5. Ultrasonic - think transmitter, receiver but with audio pressure rather than radio waves.

The most prevalent and dangerous of this is alphabetically and most destructively listed first. Always be aware of your immediate surrounding when discussing confidential information.

Part III

Always check the identification of persons who pop in to do technical work around your office. This is especially true if you PERSONALLY have not called them for service. These folks are known as "spooks".

You see, "Spooking" is a hide in plain site method of gaining access to confidential information

It seems carrying a clipboard will gain a spook access to most places, even those with confidential data to protect.

But, there are other common tools the spook may carry to increase their appearance of authenticity: 2-way Radio, Maglight, Construction worker hard hat, and my personal favorite the attention tone cell phone. Now, this particular ruse means the spook has a partner but is anything more impressive than that tone from the "base office" checking the technicians’ status?

However, the most powerful, by far, access granting technique (I mean this will get you in anywhere) is a set of Dickies. Yes, Dickies. The same things you wore for summer jobs in high school and college. They are a virtual cloak of invisibility in our culture.

Most common guises:

1. Telephone/communications technicians - (typically wearing blue/grey Dickies)

2. Computer service technicians - (polo shirt and tan Dickies pants)

3. Copy machine technicians - (polo shirt and blue Dickies pants)

4. Custodians - (typically anyone with a set of blue/grey Dickies is granted cart blanche access)

5. Messenger services - (typically wearing brown Dickies)

6. A/C heating technicians - (typically wearing blue-green Dickies)

The beauty of this type of "spooking" is nobody ever challenges these folks. And if some particularly diligent person does question them, the spook goes into his, "fine with me, but it will be at least four weeks until I can get back here. We're really backed up." That is usually enough to intimidate even the most on top of things staff member.

I don't usually recommend testing out these surveillance techniques, the power of the Tricky Dickie is not to be believed unless you actually see it in action. So, get your lazy brother-in-law a set of Dickies and send him through your office. You won't believe the results. Afterwards, get the lazy bum to do your yard work so you get your moneys worth from the Dickie investment.

Part IV

There are many ways of stealing computer files. As a matter of fact there is a whole niche market dedicated to nothing more than developing and distributing new types of spy ware. Then there is another niche market dedicated to selling protection against these pieces of malware. Folks, I talking millions of dollars each year, connected to these two enterprises. Would it surprise you to know that many of the same people writing the protection software also write the malware?

Any who, how to these insidious pieces of data stealing malware get into your systems? Simple, you or one of your associates, put them there.

I know what you're thinking, "Not me! I would never do such a self destructive thing. Neither would anyone I work with." And, at least intentionally, you're right. But, take look at the most common avenues of entry and think through your response again.

Most Common Sources of Spyware: 1. Screen savers 2. Emoticons 3. Clip Art 4. Spam 5. Email attachments 6. Unprotected web browsing (cookies) 7. Peer to Peer applications (mp3 files) 8. Shareware 9. Freeware 10. Involuntary Download (may present as a fictitious error you must click to correct) So, have you EVER added any of this to your system, even to an email? I know me too. Oh well, as MaElla (my grandmother) used to say, "Once bitten, twice shy."

What have we learned?

Basically, don't put anything unverified on your system, even if it is really, really cool.

Bye the way, does anyone know where MaElla got "Once bitten, twice shy"?

Part V

First and foremost, never use a cordless phone for anything other than the convenience of answering a call. Switch to a corded line for any specific communications.

Monitoring cordless and cellular phone calls has become a million dollar hobby in America. Some even sell their monitored conversations on line. Think ex-girlfriend sites.

Mobile phones are an even greater liability. Not only are means available to monitor the conversations, but it is not particularly difficult to trac