As expected, the purveyors of various kinds of malware have jumped on the popularity of the latest installment of the popular vampire movie "Twilight; New Moon" that premiered today. They are taking advantage of unsuspecting web searchers who are looking for "free" photos, wallpaper and screensavers for their computers. Instead of being able to download the "free" stuff, they are directed to a website that loads malware onto your computer, tries to get you to buy a fake antivirus program or lunches a phishing attack on you.

Take the time to educate your employees about the dangers of surfing for something for "free" on your company's computers. A dangerous virus, worm or other type of malware running loose on your computer network can have serious operational and financial impacts to your company. The Ultimate Malware Protection Guide will help you protect your computers.

The other day in my computer security class a student asked me if he could test a program that he downloaded off the Internet. Per lab procedure we took a test PC and isolated it from the rest of the network. The program he had scans the PC for information on users that have previously logged on to that PC. The program then displays up to the last ten users and asks if you want to crack their passwords. After receiving my permission he launched the password cracker tool. It took it 4.5 seconds to crack my ten digit numeric password (I have since changed it). That is 10,000,000,000 (ten billion!) different combinations in under five seconds. Other user's passwords took minutes and some hours and it still didn't have anything after chugging all night.

In order to protect your computer systems and networks, make sure your users create strong passwords. Not only do these protect your data, but they may end up protecting the reputation of your company.

• More on Creating Strong Passwords

There are a lot of good antivirus programs that perform very well at catching and stopping viruses and other malware before they infect your computer. But what do you if your computer does get infected? How do you remove the malware?

AV-Comparatives.org recently published a Malware Test Removal report on sixteen of the most popular antivirus programs and their ability to remove malware and potentially dangerous "leftovers" from an infected system. The results were disappointing in that none of the antivirus systems performed very well in this respect.

None of the products performed "very good" in malware removal or removal of leftovers, based on those 10 samples. eScan, Symantec and Microsoft (MSE) were the only products to be good in removal of malware AND removal of leftovers.

Until the removal piece of the antivirus software catches up to the detection piece, we are left to rely upon the computer professionals and backups to protect our information assets.

Hopefully your business computers are protected by an antivirus program that can stop viruses from spreading and remove them from infected PCs. This is good planning and part of a comprehensive approach to protect your information assets. But have you thought about what you would do if your business was attacked by the H1N1 "swine flu" virus? How would you contain the spread of this disease?

Your comprehensive disaster recovery plan addresses how to continue business operations if a fire or other disaster interrupts normal operations. It should also address a pandemic as well. Just like you have backups of your computer files, you should have backups for your personnel. Cross training employees to perform different job functions will provide the backup you need. Do it now before people start getting sick.

But how about employees that are not sick but don't want to (nor should they) come to work when everyone else is dropping-like-flies? Telecommuting can save your business and protect your employees that are still healthy. Telecommuting takes some planning and practice but it can be done with a small investment in equipment and software. Even if you don't buy it right away, developing a list of equipment, software and a project plan for implementation can save days of down-time.

• How to Write a Disaster Recovery Plan
• Work From Home - Is Telecommuting Right for Your Office?
• How to Decide If You Can Work At Home

Mozilla's Internet browser, Firefox has at least eleven critical security vulnerabilities that must be patched as soon as possible. Most of these security flaws exploit programming bugs in the Firefox software that expose users to drive-by downloads. These drive-by downloads require no user interaction and will allow a hacker that has attacked an existing site or created a fake website in order to entice unsuspecting web surfers to visit it and run his nasty code on your computer.

If you are running Firefox, you should update your software as soon as possible. If you have enabled the browser's automatic update feature, the software has already been patched. If your firewall or network is preventing the automatic updates, then in order to get the latest patches, start Firefox, click on "Help" and follow the directions provided by Mozilla.

Amongst all the whoop-la with the launch of Microsoft's latest operating system, Windows 7, there was another record set by Microsoft. On Tuesday, October 13th, Microsoft released its biggest group of patches ever. There were a total of 34 security holes fixed across a variety of operating systems and applications. As the world and the press raves about Windows 7, let's not forget to maintain the systems that are currently running our businesses.

Two of the biggest applications that need updating are Internet Explorer (IE) and Windows Media Player. Most people realize that Internet explorer is used to surf the Internet. But what most people don't realize is that Windows Media Player also acts as a plug-in for IE and is used frequently to play multimedia clips and sound bites while you are surfing. Both of these applications have security holes that could allow a hacker to take over your computer. Be smart and run Windows Update.

If your business is planning on rolling out Windows 7 throughout your organization, then there are three things you need to do: Prototype! Prototype! Prototype! I have been experimenting in our lab at the college. It's not going to be an issue of "if" we are going to go to Windows 7; it is a matter of "when".

In my first attempt to install Windows 7 on one of the lab computers, the Upgrade Checker told me the on-board video card was not powerful enough to run Windows 7. I purchased our "standard" ATI video card that we use on PCs that need more video horse-power. Windows 7 installed just fine except there is not a Windows 7 driver for that video card and we cannot take full advantage of all the features that the video card has to offer. We are currently searching for a suitable drive now.

Before you make the move to Windows 7, it is to your advantage to prototype the installation on every basic type of computer in your company. We did and at least we know up front that there is going to be an additional $150 expense for each PC we want to upgrade.

In light of this month's massive data loss for users of T-Mobile Sidekick smartphone, I started to wonder if people really know who is storing their data. T-Mobile partnered with a company called Danger to provide a cell phone with tons of features. You can store your contact list, calendar appointments and photos. Fortunately, or unfortunately (now that its gone), your data was not stored on your phone but on a series of servers somewhere on the Internet. This is known as "cloud computing" and is the latest trend of Internet and wireless services.

I will not point any fingers, but I think Danger assumed T-Mobile was backing up the data, T-Mobile thought Danger was, and every Sidekick user thought one of those two "must" be backing up their data. Several weeks later, T-Mobile announced that it may be able to retrieve some of the data. This is little consolation for the business people who have already spent endless hours recreating their contact lists and calendars. It may be of some comfort to those who lost photos of once in a lifetime event (i.e. the birth of their first child, etc.) but all Sidekick users should be a little bit more wary about who has their data.

As more and more people and businesses start using cloud computing services like Google Apps and Microsoft Office Web Apps because they are easily accessible and "free," you may want to ask "Who is backing up your data?" and (more importantly) "Who else is looking at your data?"

Last week I reported that Apple Mac PCs were being attacked. Now the BlackBerry is being targeted too. The good news is that the BlackBerry's manufacturer, Research In Motion (RIM), already has a fix for it and BlackBerry users should download the patch and apply it as soon as possible. You can check for updates to your BlackBerry at RIM's website.

In the mean time, you can protect yourself by exercising caution when visiting websites or selecting links contained in email messages. If you get a "certificate error" when you visit a website, you are advised to click on "Close Connection" rather than continuing on to the website.

I was watching a webcast that was recorded last month where Steve Ballmer and other Microsoft executives were discussing the business aspects of their new platform of operating systems. What I noticed this time around (as opposed to the last time, AKA: Windows Vista) is there is not a lot of cocky Microsoft attitude of "let me tell you how to run your business' Information Technology department." I actually felt that Microsoft was extending their hand to the IT professionals of the world and asking "How can we help you."

At one point Ballmer said, "We have to help you make the business case." Wow! Microsoft has finally realized that "Because I said so" does not cut it in the business world. So far this is the right attitude that business leaders want to hear from Microsoft. What remains to be seen is, will Microsoft really deliver on the promise of helping IT professionals analyze and decide if Windows 7 and Server 2008 R2 is right for your business.