Raj Goel, CISSP, is an IT and information security expert with over 21 years of experience developing security solutions for the banking, financial services, health care, and pharmaceutical industries.
A well-known authority on regulations and compliance issues, Raj has presented at information security conferences across the USA and Canada. He is a regular speaker on PCI/CISP, HIPAA, Sarbanes-Oxley, and other technology and business issues, and he has addressed a diverse audience of technologists, policy-makers, front-line workers, and corporate executives.
Raj works with Small-to-Medium Businesses (SMBs 10-200 employees) to grow their revenues & profitability. He also works with hospitals and regional medical centers across the north east (NY, Vermont, New Hampshire, Maine, Pennsylvania) in helping them meet HIPAA compliance requirements and utilizing Health Information Systems (HIS) effectively.
His articles have appeared in Information Security Magazine, published by ISC2 and Commercial Property News
Episode Transcript:
Bill: Good morning, everyone. We’re glad you joined us today on the Cyberhood Watch live radio show. Lots of good stuff going on in the hood today. We’ve got a lot of things planned out for this summer coming up, so we’re pretty excited about all of the informational shows that we’ve had coming on recently, especially with the IT information world. There’s so many things that are changing, and it’s changing so quickly that Dave and I are just absolutely amazed at how much information and the technology that is available in today’s world and how quickly it’s changing. I know that even 10 years ago people talked about a lot of the things they were happening and moving forward. And one of the things that really makes it interesting to me is that when these changes happen, it seems to be that the security end of technology kind of lags behind. And so hopefully today our guest can kind of shed some light on that. I know that it’s a daunting task. There’s so much things that are happening, especially with malware and all of the things that happen on a personal level. But it’s really about a lot of the things that are happening from a corporate level that are scaring, not only the American public, but users worldwide that the technology that is handling all of our data and is keeping everything safe that way is at such a risk. So we’re going to ask Raj about that here in just a couple of minutes. I want to introduce our guest today. I know, Raj, you’ve got to step out at 11:30 so we’re going to try and get as much show in before then as we can. So he has worked in the security world for a while and really focusing in on IT technology and brainlink. We want to make sure that you talk a little bit about yourself real quickly, and then we’ll just jump right into the questions and answers. I know Dave’s got a lot of questions set up. So welcome to our show.
Raj: Thank you. It’s good to be here.
Bill: We’re glad to have you. If you don’t mind, really quickly just tell a little bit about your background and some of the things that have brought you here today. I know that the technology world is… I mean, we can’t keep up. So I’m sure from a corporate IT world, every single day it’s something brand-new.
Raj: Well, I’ve been in IT for about 25 years. Brainlink is a 15-year-old consulting company out of New York, and we work with the healthcare organizations, large, and small businesses. Anything from a 5-person accounting firm to a multi-billion dollar retailer. And we help them meet and stay in compliance with the information security laws out there, but mostly important, we help our clients stay in business and grow their business by using technology appropriately, safely, and effectively. We help our clients grow their businesses on a daily basis.
Dave: Hi, Raj, this is David. You know, at this time, it’s really sometimes interesting to have an individual like yourself on our show because it’s almost like, “Where do you start to ask the questions that are really going to help our listeners?” I know one of your key areas in information your personal identifiable information, and how important that is. You actually even referred to it as being ‘cash’, the new cash of the
new net generation. The value of your information, how it’s used, misused, or stored in databases. Why don’t you tell us a little but about what’s going on currently and some of the concerns you have when it comes to your personal information and being given away so easily?
Raj: I don’t have a lot of concern with my personal information given away easily because as an adult who has been in the industry a while and who grew up in the pre-net era, I have a pretty strong sense of my privacy and strong common sense around privacy. So I don’t put up details about what I drink, who I slept with, or who I slept with online. My bigger concern with online privacy really deals with the kids who grew up with MySpace, Facebook, and all these social media. We’ve got a whole generation of kids who are being raised with no concept of privacy. They think there’s nothing wrong with putting up on Facebook, “Hey, I hooked up with Amy last weekend,” or “We got stoned again last night.” And what the kids don’t realize and their parents don’t realize is A) nothing on the Internet will ever get deleted and B) there are companies making billions and billions of dollars each year marketing and selling this data. And the real impact this is going to have on the kids because it’s already happened to a bunch of them is… For example, there are kids who have texted each other naked or half naked pictures of each other. They’ve got cameras, they’re sending pictures of each other. Is it approved? No. As a parent, am I concerned? Yes. But there are district attorneys in this country who have jailed kids and have labeled them sexual predators for life even when they were in a consensual relationship with each other with parental approval. So now they’re branded as sex predators for life. They will not get certain jobs. They will not live in most neighborhoods, and Joe Average really doesn’t distinguish between 2 kids who are stupid at 16 who sent naked pictures of each other and a 40-year-old creep who rapes little girls. We also have cases where some kid put up on his Facebook profile, and this was a high-profile, very intelligent honor student from Harvard, he posted on his Facebook or MySpace profile that he liked to smoke blunts on the weekends and slam the bitches. He was a stupid white kid. Because of what was on his Facebook profile, he was denied job interviews. Forget about getting a job. Recruiters wouldn’t let him into the interview. We’ve seen a lot of people put stupid stuff on their Facebook profiles not realizing this is global, this is public, and this will come back and haunt you. In New York, about 2 years ago, a very wealthy couple was accused of holding their maids as slaves. They lived in a gated community, had a very clean profile; you could get nothing on them, no dirt whatsoever. They went to Facebook, they friended one of the girl’s friends. And through that got access to the sweet 16 birthday parties. So you got to look inside the mention of this couple from their kid’s Facebook profiles. This problem is not just US related. Internationally, my 2 favorite cases, one was out of New Zealand where a couple went to their bank, their bank had screwed up and given them something like a half a million dollars accidentally. They took the money, and they ran. The cops tried finding them, couldn’t find them. They put out an international arrest warrant. They couldn’t find them and a couple weeks later, the husband’s sister put on her Facebook profile that she was going to go to Hong Kong for a family reunion, all expenses paid, and that’s how the cops were able to locate this couple in Hong Kong and get some of the
money back. And one of the biggest, most high profile, stupid Facebook issues happened in UK early this year. [Someone at 08:09] went on a vacation with his family, his wife. This is a woman in her middle ages, late 40’s, early 50’s, don’t know her exact age. She put up on her Facebook page pictures of the head of her Secret Service in his bathing suit, pictures of all their friends, and their kids. As a result, the British government had to get all the bodyguards to change their routes to school, change their vehicles. They spent millions of dollars changing security because a middle-aged woman who should’ve known better, was stupid enough to put on Facebook pictures of her vacation.
Bill: That’s absolutely amazing. I know that we’ve actually covered a little bit of that recently a year or so ago when the Olympic swimmer had that happen to him. Your personal information is your cash. I love the way that you state that. What are your thoughts as far as the future of this exact same problem? Do you see this escalating to the point where it’s just going to be rampant where people are not going to be aware of that? Do you really see the trend shifting a little bit and people are becoming wiser with the information? Or are they really still naive and don’t believe that it’s there forever?
Raj: It’s not going to happen. It’s already happened. Without consumers realizing it, people are giving up their privacy and their long-term security for nothing to nothing. In the 90’s and right now, the biggest white-collar crime in this country and the fastest growing crime according to the FBI is ID theft. And people tend to think that ID theft is a new problem created recently by computers. It isn’t. Our ID theft problem today, your stolen credit cards, the mortgage thefts, the billions of dollars lost through credit card fraud, mortgage fraud, real estate fraud, all these things were created in 1934 when they first created Social Security numbers. Under federal law, only the IRS is supposed to use them. But socially, every company in this country started using them as your personal identifier. Try getting a loan without an SS number. You can’t do that. Your Social Security is your credit profile number. It’s a public piece of information we think is private. Back in the 1930’s and in the 70’s when they rewrote the act, no one thought about the long-term impact or couldn’t think of the long-term impact of having all of your financial information tied to a number that is relatively public and that is not unique. And so now we have all this data in databases and people are committing credit theft because it’s so easy to do. And the same kind of problem is happening with social information. Right now, there are people that use foursquare to tell the world where they are. They tweet, “I’m at this new restaurant. I bought a new TV.” And a college kid created it as a goof, a project a couple of weeks ago, where you can actually go online and compare peoples Facebook profiles and their foursquare and figure out when’s the best time to rob them. Just 2 days ago, or maybe even in the last 72 hours, Jamie Hyneman from MythBusters put up a photo on his Facebook page in front of his brand-new truck. He is proud of his truck. What this guy didn’t know, and he’s a really smart guy, is that his digital camera automatically recorded the GPS position of where the picture was taken. And as a result, without meaning to, the world now knows where Jamie Hyneman lives.
Dave: That’s really interesting that you said that. I just, in our Cyberhood Watch community, did a post specifically on that, the geotags. They can identify where the picture is taken, so kids that are putting all these pictures up on MySpace, flickr, slideshow, you can actually determine where that picture was taken. So if you have a picture and you’re in your home and you have this really nice, expensive flat screen HD TV or your kids, they know where they are now. And there is a way to remove those tags, and you can find that in that post. It’s a process to go through. But, you know, you mentioned something I saw in my research when I was looking on the Internet about you. Metadata tags. Is that correct? The significance in those that many of us don’t understand how that works, especially when it comes to… You were using it in Google Health and what they’re doing.
Raj: Correct. Well, metadata means information about information. A really good example… About 2 years ago, one of our clients laid off an employee at 5oclock on a Monday afternoon. You know, they told the kid, “Okay, we don’t need your service anymore. Thank you very much.” By 5:15pm, thousands of people knew the kid had been laid off. Now, okay, we think that’s not a big deal. I get laid off, I’m going to go tell all my friends I need a new job. Here’s the impact to the client they weren’t even aware of. They had had a couple of layoffs and now the world knew without the firm telling anybody that out of a company of 20 people, they had had 4 or 5 layoffs in 10 days. That is a red flag. As a buyer, I want to know, “Is this company going to be in business next month?” As a vendor, I want to know, “Are they going to pay their bills on time? Are they having financial issues? Are they having money issues and firing people or do they have a bad choice in management and they hired the wrong people? What’s going on?” So by a couple of people Facebooking or tweeting, “I’m looking for a job.” I can sit there and go, “Oh, you used to work at Company XYZ. She used to work at Company XYZ,” and we can do analysis in a matter of seconds or minutes, and so can you based on Facebook status updates or Twitter tags or LinkedIn updates what’s going on with a company. If you go to LinkedIn right now and you pull up a company. Search for Microsoft, search for Google, search for Yahoo, search for CH Radio. If you’re big enough to be on their radar, they tell you in the company section: what the company does, the major division the company owns, what kind of people they’re hiring, where do the people they hire come from, and where do the people go after they’ve laid them off. Google has never told the world that they hire people who come from Microsoft and Yahoo. Google doesn’t tell the world that when people leave Google, they go to start ups, Microsoft, or Yahoo. But LinkedIn will tell you that because LinkedIn has done the analysis based on peoples’ LinkedIn profiles and hire and exit dates. This is metadata analysis. Or another example taking about HDTVs. You put up on your Twitter page or Facebook page that you have a new HDTV. Your foursquare says you’re currently in Hawaii on vacation. Your Facebook currently says you’re on Hawaii in vacation. Congratulations, you’ve just told me without meaning to that you’ve got a brand-new TV that I should steal, no one’s in your house for 2 weeks. That’s a good time for me to go in and rob you blind.
Dave: That amazes me how often I see that on tweets or how often you see that on a Facebook comment. “Oh, yeah. We’re on vacation. We’re heading this way. We’ll be gone.” It is. It’s an invite to a criminal or a thief.
Raj: Not only that. There are other practices that we do as human beings which we don’t realize are dumb, and I’ve done some of them myself. When my kids were born, I put up pictures on the web of when my kids were born. I was proud to be a papa. What I didn’t realize until a couple years later is, “Raj, you just told the world what date they were born. They know your wife’s name. They know your name.” And what do we ask for when we open up a credit card account or a loan? Date of birth, mother’s maiden name, address. And there’s no way in the world for me to take back from the Internet the date of births of my children.
Dave: Yeah, I couldn’t agree more. Let’s go one step further. Identity thieves are specifically going after children because seldom do they ever check their credit. It could be years before you realize it.
Raj: Yep.
Dave: You mentioned red flags, and I’m kind of switching a little bit here to talk about the red flags rules. Maybe you can help explain that a little bit to our listeners and how that might effect the small mom and pop or even the entrepreneur who is doing Internet business or Internet marketing. They could be susceptible to these red flags.
Raj: We don’t have enough time to really talk about red flag in detail so I’ll summarize it for you at the high level. Red flag is a federal act passed by the federal trade commission, and it’s really designed to increase the information security posture of small to medium businesses. There are some thresholds to what kind of businesses it applies to. It doesn’t apply to every business so if you’re selling Beanie Babies on eBay, you’re really not subject to red flag. But if you’re a doctor, you’re an accounting firm, you’ve got 5 or more employees, you should start reading about red flag. Right now, we don’t pay a lot of attention to it. The act is too new and there’s a bunch of lawsuits going on about whether it applies to doctors, whether it applies to attorneys, whether it applies to accountants. So a couple of large industry groups have already sued the federal government to try to get an exempt from the act. It’s currently not enforced, but it will happen in the next couple of years. But if you want a good guideline to where the world is heading, then really look at either the HIPAA act or the PCI rules for credit card data. The way I look at it is: 50 years ago the only people who cared about information security were defense contractors, the government, and large corporations. Mom and pops never cared, the doctors, the lawyers never cared. Banking Reform Act of 1986 made security in the banking industry a real liability for the banks. And as a result, the banks after they finished whining, complaining, and moaning about the act actually learned to get their act together. And we now have the ATM networks and the great banking system that we have as a convenience because banks took a security regulation and used it to
improve the flow of their business. In the late 90’s, early 2000’s, HIPAA came out. Its mandate was: healthcare information belongs to the patient. The doctor safeguards it as your bank safeguards your money. They don’t own your money. They just have to protect it. Similarly, your information belongs to you, not your doctor or your hospital. And they have to safeguard it. So now we have the banks getting regulated with security. We have healthcare industry being regulated for information security. [Something at 19:49] made it a responsibility for every large organization that extends credit for living, from banks and insurance companies to real estate brokers and mortgage companies and payday lenders, to protect consumer information. Red flag is the next evolution of bringing information security from the large corporates and the governments down into the 5, 10, 20-person small business firms because 80% of the business in America have less than 20 employees.
Dave: Yeah, and actually isn’t that being circumvented by the laws that apply to databases and that they could be searched? As you mentioned, the idea was to protect the personal information or information that was in a database. What I’m trying to relate it to is the Google, Gmail, and that.
Raj: Right. So on the one hand, we’ve got laws that say, “If you’re a business owner, if you’re a doctor, if you’re an attorney, you’re an accountant, you have to follow these laws and safeguard your consumer information.” On the other hand, we have this almost opposite, psychotic behavior towards privately owned databases. One of the most cognitive dissonant things I’ve learned and have to deal with on a daily basis is under federal law, there are questions US government can’t ask of you. However, if that information is available in a private database, they can buy it, and that’s what the government does. Getting on my soapbox for a minute, what we really need in this county is what already exists in Europe and in Canada. In Canada, half the ID theft and crimes we have in the US cannot exist. In Europe, ID theft is not a real problem. Why? Because over there, by law and by culture, your information belongs to you. Companies have to get approval to do anything with it. In the US, we have a complete, exact opposite approach where your information doesn’t belong to you. It belongs to companies almost otherwise told so by law. And as a result, we have companies like Transunion and credit brokers who really are responsible for some of the largest ID theft problems in this country. And these are privately held databases which have information about you and me, and we don’t have any rights to that information. Try getting it corrected. It takes weeks, months, and years. they have no interest in fixing that information because we’re not their customers. The banks and the mortgage companies and the businesses that buy that information are their customers. So what we really need is a change in this country, all of us demanding that our information be safeguarded as a matter of course. Gmail should not exist. Technically, Gmail is a great product. But socially and culturally, it is completely dangerous. Why? The 1986 Electronic Communication Privacy Act, which is for federal law for this country, says any email held on a mine for more than 6 months does not require subpoena for the government to access it. This was written when CompuServe ruled the world, when people had maybe an email if that much. No one kept email online for more than a day or 2 at a time. What does Google
tell you? “Use Gmail. Never delete email.” What they don’t tell you is,” Please do that. Oh, and by the way, we make millions of dollars every years selling this information to the US government and to the banks. And everyone else will write us a check because, by law, after 180 days this in is effectively public.”
Dave: Is one way to resolve that obviously not to use Gmail? But then do we delete our emails on a regular basis? Is that a good practice?
Raj: You cannot delete. You can press the delete button but there’s no guarantee it’ll ever be deleted. Information always gets backed up. The right way to not have a disease is to not get infected. Don’t engage in risky behavior. “Just say no or use condoms.” Well, no one uses condoms online. Don’t use Gmail. Don’t use Facebook. Don’t use foursquare for stupid purposes. The tools are not the problem, but how we use the tools are.
Dave: Okay, so when you say, “Don’t use those particular… Facebook, Gmail,” are you saying, “Don’t use them at all,” or “Don’t use them stupidly.”
Raj: I would prefer the former. Don’t use them at all because most people don’t know how to use them. Facebook, Gmail, Twitter, foursquare, all these great, new technologies…they’re no different than a handgun. They’re no different than a loaded handgun. Would you give a loaded gun to a 15-year-old with a bottle of Jack Daniel’s? I wouldn’t. But we give every kid, mom, dad, grandpa in this country a laptop and a cell phone. Try buying a cell phone today without a Facebook or a Twitter app on it. You can’t unless it’s a dumb phone. Try buying a computer without Gmail or Google Desktop already installed. You can’t.
Dave: We actually have a phrase: “Smartphones need smart users.” We had a guest that talked to us about the smartphones, and he says by the year 2013, there’ll be approximately 4.5 billion users connected to broadband. The majority of those are going to be kids with smartphones. Have you got any advice for the kids with smartphones?
Raj: For the kids, not much of one because they won’t listen anyway. I know I didn’t when I was their age. I thought I knew everything and was going to live forever. But for their parents, a smartphone or a laptop is no different than giving a kid a car. Would you trust your kid to drive at their current age? If you don’t trust them to drive. How do we give kids keys? First, we teach them how to drive. Then they take a test. And for the first couple of months, if they’re underage, some adults has to supervise. You can’t go driving by yourself late at night. Well, apply that to your families. What is the rule for using the family computer? Is it in a public area? Is it in their room? if they do something stupid and nasty, do you have the authority and the willpower to take it back? Can you take the keys, the laptop, the cellphone away? Do the parents and grandparents know what sexting really is and why what seems like a great idea when you’re in love at 16 could scar you for life? Do they understand that using Facebook to share family holiday pictures is a really bad idea?
Grandma doesn’t need to see all the pictures and if she does, she doesn’t need to see all 3,000 of them.
Bill: You brought up a really interesting point. I know we’re running out of time. One of the things I wanted to shoot a question at… and I will just wrap it up with this question. Hopefully we can get your advice on this. With cellphones and laptops, your recommendation on that would be what age?
Raj: It’s not about age. It’s about maturity. There are some great 12-year-olds who I would trust with my laptop, and there are 40-year-olds I wouldn’t trust with a Crayon. As a consultant who works with a lot of businesses around the northeast, one of the things that shocks me greatly is I walk into a company and there are college graduate kids, smart kids who are getting a salary from the company and spending hours of the workday tagging pictures on Facebook, Tweeting and Facebooking. And the company either doesn’t have a policy against it or don’t even know this is what’s going on. Ten years ago, we used to complain about people watching porn at work. Porn got blocked. Then we complained about shopping and eBay started getting blocked. No one ever tells an employee, “Tagging your Facebook pictures during the workday is against the rules.” I’ve yet to see an employee get disciplined or sanctioned. More often than not, they found a kid is doing Facebook all day, he becomes the new head of marketing.
Bill: That’s right. We’ve had a couple of guests on before this that talked a little bit about that: the new corporations are having huge, huge problems with downtime with employees for exactly that reason. Well, Raj, we know you’ve got to get going. You’ve got a webinar that you’re taking care of in just a few minutes. So thank you for your time today. You’re welcome back anytime. We’d love you to come back in and spend an hour on a subject that you’re passionate about or something that’s coming up. Please keep in contact with us. If that happens, we can bring you back on the show. I want everybody to make sure they go to brainlink.com. You have some fantastic information and previous recorded webinars and information packs that people can use. Is there any other advice, as you head out the door, that you could leave with our listeners?
Raj: Have fun, stay safe, and please don’t put anything stupid on Facebook today.
Bill: Okay, thanks so much, Raj. We appreciate your time.
Raj: Thank you.
Bill: Bye bye.
Dave: Boy, Bill, I tell you what. I had a lot of questions to ask Raj. It was really too bad that he had to check out a little early on us. But he’ll be back. When we do research on the guests of our shows and their information… you just come up with
some great questions to ask because people like Raj are just interesting, what they have to say.
Bill: Absolutely. I want to emphasize that again that: one of the things that he’s heading out the door right now to do a presentation. His presentations are recorded, and their places up on this website where you can actually go listen to them. So we’ll make sure we put a link up. I’ll make sure either Dave and I will put one up on our community site. The other one we’ll put on our blog, so we’ll make sure we have the information available in both places. I’ll tell you what, he is one smart guy and he understands. I don’t think we’ve had anybody on our show in the past 3 years in 30 minutes give us more information than Raj just did. The one thing that stood out to me, Dave, and I’m sure it did to you as well is he basically said social media: stay away from it. That’s pretty scary when you think about some of the things, especially you and I do as business partners. A big part of us getting known, one of the reasons that Raj can come on our show, is that we implement social media through out our business. It’s a tough thing to understand how we’re going to be able to kind of navigate that windy river over the next couple of years and make sure that we’re doing that correctly.
Dave: And I agree. It’s like in the face of social networking. What he’s saying is basically, “Unplug. Don’t really go into that area.” One thing that he’s pushing is a children’s educational character that will rival Sesame Street and Big Bird and Elmo. I wanted to find out what that was. He’s looking to reach in doing what he does and bringing it to the level of where a character can talk to kids. That’s pretty powerful.
Bill: Absolutely. That’s something that we’ve worked on over the past 3 years. We’ve got things in development we’re working on with preteenagers, kids from the age of 5 to 15, we feel like is the point of where us as parents really need to step in and be examples to our children and show them how to use this Internet as a part of their life. And just like Raj said, you really can’t live your life without that. Every piece of technology that you purchase has strings attached to it. in other words, if you buy a laptop and you get a great deal on a laptop, well the reason why you’re getting a great deal on the laptop is a lot of that’s being funded through the fact that people are putting applications and software on that. And I remember when I bought my first computers, Dave. You had to go out and buy your software and you had to plan how you were going to purchase the things that you needed because it was very expensive to have a full suite of products loaded onto your computer. So you would get your computer, you would pick and choose the things that you wanted to purchase and put on there. Well, now with the open source ability that our web provides us today, you basically get a computer and it has those software tools already loaded onto it. You turn it on, and you’re ready to go. You’ve got documents. You can do photos. You can actually create online presentations and run a multimillion-dollar business without ever purchasing a piece of software.
Dave: Yeah, it’s a turnkey operation right now, and I do remember those days because it took a while just to…and I’m talking about the real floppy discs….putting all those in. Over and over and over. It was very time-consuming.
Bill: And I day say if I were to stop in your office today, we’d probably find a couple of those old software boxes setting up on a shelf, wouldn’t we?
Dave: You’d find the classic ones, you’re right.
Bill: I’m the same. Mine’s in a closet in a box but I kept a hold of them because, man, we paid money for them. And they were worth a lot of money and they did a lot of things for us in the very beginning as far as computing. So times have changed, folks, and you really need to be cognizant of the fact that your children, especially, don’t have a way of differentiating between the 2. Am I correct on that, Dave? Really kids of today, so much of their lives are lived online or in this broadband channel that they have no clue what it means to be online, offline. In other words, you’re connected 24 hours a day, 7 days a week, right?
Dave: Yeah, they don’t know what it’s like to be tethered to a cord that’s hooked to a wall in the kitchen.
Bill: That’s right. I remember those days.
Dave: The real high-tech was when you got a long cord that could extend outside of the kitchen area or the listening area and find yourself a little corner in the room to talk in.
Bill: Absolutely. I remember those days too. Especially for teenagers, it was all about privacy and being able to talk to your girlfriend or your boyfriend or whatever that privacy was supposed to be. You didn’t want to be in the living room with mom and dad, trying to talk. Those times have changed.
Dave: Thinking about just what we’ve been talking about where you try to pull that cord as far away from anyone hearing your private conversation. Maybe we ought to get back to that kind of thinking for kids and realize that everything that they do now today is no longer private when they put it on the Internet.
Bill: That’s right, and that’s what Raj said. Well, he taught me something new today and that’s good to know. Communications using a free email provider, you’re giving up some of those privacies that you may or may not have understood when you were signing up for. I know my partner, Dave, he’s a TOS guy. You need to be aware of that. If you’re signing up for free services, be aware that there are certain aspects. And most free services today because of legalities either make you check off or check on. And you need to read that very carefully. One of my biggest bugaboos with the political world is that they’ll wrap different bills in together then ask you to vote on one specific thing but you’re not knowing that you’re voting on something else.
And that’s the really the way that a lot of this communication Internet-wise happens. It’ll say, “You need to uncheck this box in order to stay off of this mailing list.” So it’s already checked and because you didn’t read it and you didn’t understand it, you just go ahead and hit the enter button. Now you’re checked up for a 1995 service every month. Or because you didn’t read the TOS, you’ve actually signed up to give your information every time you use this service out to them to be able to use it for whatever. It’s mostly marketing. I don’t think a lot of those services are provided that are doing illegal types of practices, but they are using your information without you know it. They’re using it for marketing, so if you don’t want that to happen, you need to make sure that you’ve checked or unchecked the boxes that you need to do.
Dave: Yeah, and you know what was interesting also was this Gmail and how if you really understood the fact that the government is not really allowed to solicit or gain any of your private, personal information. But they do get around that is they can consider databases available where those individuals can sell information, and then the government can buy information. So in a sense, they’re getting their information in a roundabout way. Did you pick up on that?
Bill: That’s right. I did. Raj is very well read in that, and he understands what’s going on underneath the surface. It’s something that we all need to be aware of. We really do, and we need to be smart about what we’re doing. Dave and I have actually been working on a little project. We told you about it last week. I know Dave’s excited about it as well. One of the things that we’ve been talking about back and forth as we’ve been creating this new system that we’re going to bring out to help children is one of the things that is so inherent in what we do as far as Internet is clicking or entering. you really need to be smart when you do that. you really need to be smart every single time you click something and you enter something. Not just assuming that you’re not accountable for that. You really are, aren’t you, Dave?
Dave: Yeah, you are accountable for it and you have to be careful. One thing that is coming down the pike is where Outlook is going to link to Facebook. So that’s kind of what we were talking about earlier where you buy these programs that are already preloaded or computers that are preloaded with the programs and all the other different third party vendors that are involved. It’s going to be interesting to see now this works out. And I know Raj had talked about that in doing my research. I was hoping to talk to him maybe a little bit more about it, but it’s just something we should be aware of and be mindful of. Outlook is looking to link to Facebook.
Bill: Sometimes we don’t even know a lot of the bigger social community type of applications are owned by pretty much the same core groups of business owners. In other words, we hear purchases all the time being made be Google but not understanding the total ramification of a purchase of a simple, little idea that a guy has and it mushrooms into this huge thing. Google comes in and picks that up and makes it a part of their suite of things that they do, not maybe realizing like what Raj said right there, that they’re actually building databases based on the metadata
that’s provided within these databases and bringing it back to their master database and using that for being able to sell and qualify information for advertising companies. That’s huge. As a longtime Facebook use, I kind of understand that because you and I do it from a security point of view. But I know all my friends from high school who are jumping on Facebook and sending me links for them to check out their kids’ pictures or all these things. It’s fun to have that happen as an old-time friend, maybe someone I haven’t seen for 30 years. But they’re not realizing that they just opened themselves up for a huge onslaught of marketing that they couldn’t imagine could be happening directly to them.
Dave: Yeah, I agree. You got to have a point where maybe you can unplug. I know we’ve had a couple of guests talk about that. I just saw something just the other day. There was an interview on PBS with a gentleman who was an author and writer. He came to the realization that he wanted to break way, not totally. He came to the realization when his phone fell into the water and he found himself without any connections. It kind of was that ah-ha moment when you realize how noisy our lives are with the technology that we have. That is a problem, and it is something we should also be mindful of.
Bill: That’s correct. Let’s take a few minutes here while we have some time. Raj had to get going on a seminar. We still appreciate his time. I can’t imagine his level, what he’s doing. Even a half an hour of his time is worth so much. He’s talking to so many different corporations around the world on IT security, so we’re very privileged to have him on the show today and share some of the information that he did. Make sure you use that. I love the fact that he is a corporate IT guy and he was able to condense that down to a real person-to-person information pack of 30 minutes or less of what you should and shouldn’t be doing online. That was kind of a mantra for Dave and I. We could take that information, share that with every person that we know, and we would be giving them a real service in doing so because that’s the thing. You need to be aware that this is happening. You wouldn’t hand a kid a gun and a 6-pack any more than you would hand a kid the car keys to a Lamborghini when he’s 14-years-old and say, “There’s really no need for a driver’s license. Here you go.” Common sense tells you that’s wrong, and I think the same thing needs to be in the fact of cellphones and smart phones. Dave and I have been talking about smartphones over the last month or so and actually, we’ve had some really cool things happening as far as getting the information out to people about smartphones and the dangers. It’s just absolutely scary what people are handing their children and putting in their back pocket.
Dave: Yeah, I agree. It’s something that parents should be aware of. The question is: What should we be telling our kids? What is the advice we need to do and how should we be doing it? Because from what we’ve been hearing from other guests is the technology doesn’t really give the instructions necessary for kids to be safe. It goes back to what we kind of picked up from Winn when he talked about behavior modification and how that kind of effected what we did from there on out. It really does boil down to giving kids core values and helping them use those core values
and applying it to the technology and the Internet and what they’re doing with social media. It’s kind of like the lost art of ethics, civility.
Bill: Really quickly, Dave, tell our listeners what Winn talked about. Kind of explain to them what we had happen at the point when we asked that question. Explain to our listeners exactly what that was really quickly, if you don’t mind.
Dave: Oh, no. Well, actually we were talking about just the state of affairs of the Internet, what was happening, and we asked the question: How do we then make the Internet safe? And it was just like an automatic response that came out of his mouth and he said, “Behavior modification.” That kind of was a moment when Bill and I went, “Ah ha!” It made us think because we had approached this in the beginning from a technology point of view. In other words, if you had the proper antivirus, anti spyware, the firewall, you had unlimited technical support, you had all these features, and that was what would keep you safe on the Internet. And what we missed in all that was that it’s the behavior. It’s when you see a piece of email that comes in that may be enticing and you go, “Oh, I’ll click on it just to see because I’m curious.” It’s that phishing, means of getting you to do something that you wouldn’t normally do, and to really know that it’s not the proper thing to do. It gets you to do that so your behavior is involved. Bill and I began to look at this from how behavior can be the tool that would be in conjunction with technology and use that behavior and those core values that we were all taught as kids… to use those with the internet and secure their digital lives online.
Bill: Absolutely. Really quickly, as we wrap up the show today… we’ve got about 10 minutes left. I want to really talk about something that Dave and I actually just had happen over the last week or so. We put out some information on smartphones, and this was exactly what we were talking about today. So I definitely want to share this information with everyone. I was just going to have really quickly the information that we’ve received from our publicity team put together really quickly, some of the things that have happened as far as this press release. Approaching 500 reads. In other words, there have been over 500 people who have checked that out. Impressions…that’s actually information that’s presented on a 1-page look through, as people are checking on what press is going out and almost 11,000 impressions. It’s kind of cool when that stuff happens, and it’s happening to Dave and Bill. So we thought we’d give you that heads up. You can check it out. We’re going to have a link on our site where you can check out that press release. It talks a little bit about exactly what Raj talked about today, and that is smartphones and the technology and what people need to do as far as making sure their children are not caught with pornography in their pockets. This is, like, so timely, Dave. And so right now. This is happening. Raj talked a little bit about that. The way that the law works, it doesn’t really matter that that kid has got a good mom and dad, and they live in a good neighborhood. For all purposes, he would not have a bit of problems in his adult life. But he’s caught with this pornography in his pocket, he could actually be labeled as a sexual offender.
Dave: I guess if someone were to do some sexting and he had the pictures, yeah, then he could be help responsible. You’re right.
Bill: That’s absolutely correct. This information needs to be out there so people understand that. That’s one of the things we’ve put together with the press release. Make sure you go and check that out. We want to make sure that people are aware that it’s coming through, not only on a national level, but this really is coming through on a local level as well. People are really becoming, not necessarily scared, but they’re becoming very concerned that their children will be wrapped up in something like this without their understanding of exactly what the parameters are. It doesn’t really matter if your child has actually received that ‘pornography’ image of underage children from a friend or if it’s just actually there ‘by an accident’. You’re checking out websites and it ends up being on your phone. No matter what it is, your child is accountable for that in their pocket. Just the fact that kids can have access to that. I know that we had a guest on a couple weeks ago, Dave, that talked a little bit about this. It was kind of scary because his analogy was that this was something that would have never been heard of. In other words, this being in your child’s phone used to be out on the street corner. And now it’s inside your home and inside the cellphone that your child is using every single day for communication with friends and family.
Dave: Yeah, I couldn’t agree with you more. There was a recent post that we did that kind of applies with this. It was kind of a tagline “Pocket Porn”. It dealt with a program that comes with the iPhone called Face Time, which now allows individuals… I can call you on my phone. Remember picture within a picture? That’s kind of the concept. I can actually now see you in real-time as we’re talking, so I get to see you, you get to see me. Unfortunately, with all this, like Raj said, with the technology… there’s just so much responsibility. There’s so much that will happen with that technology that we weren’t prepared for. I think that has happened a lot with the Internet overall and parents, what I call the ‘digital divide’ with parents. The Face Time… the pornography industry has jumped on this, and they’re definitely using it. What was it? 900 numbers. Now you’ve got, like you said, porn in the pocket or pocket porn.
Bill: That’s correct. That really is what we’ve been focusing on, and we’ve actually been working on some things that are going to help parents understand that. We’re going to put together some information and have that condensed down into a packet that’s actually going to be available through the Cyberhood Watch. We’re trying to put that together, again, like I said for 5 to 15-year-olds with the focus being on kids that are preteens. a lot of the things that you really needed to be educating and helping your children with is the fact that from 5 to 10, educators and professors will tell you that 1 to 5 is where the real core of your child’s being is actually developed. The way I look at it, from 5 to 10 to 15 is where it’s really put to use. In other words, those lessons and those core values as a family that you’ve put together those first 5 years… that next 10 years is where it’s really put to the test. In other words, all the things you’ve taught them, now they start applying them. Of
course, at that point in time, they end up going to school. So now they’re in the local system, so you’re not the only person that’s educating your child at that point as far as their lifelong… what they’re going to have. If we have that time from 5 to 15, it’s so important to make sure that you’re reassuring those values that you’ve created in those first 4 years. And you have to do it on a daily basis. Isn’t that correct, Dave?
Dave: Oh, yeah. It’s got to be on a daily basis. It’s evolving. The technology is evolving. I made reference to it as a digital device. Parents need to start to take responsibility for their child’s online digital life.
Bill: And that’s different than a generation gap. You need to explain why that’s different, Dave, because every generation has a generation gap. But this digital thing is different.
Dave: You kind of just said it. There is no gap here, a generation gap. People your age, my age that have kids, we were the transition from our generation exposed to the online world, the digital world. So we have what was before, during, and after. The kids today don’t have that generation gap. They were put right in the middle of this Internet generation, the net generation. So they don’t have any reference to the past, so they are the new generation when it comes to this. I made a reference to it. Parents didn’t understand. For myself, I saw technology and the Internet as a great opportunity and a wonderful place to be. That’s what I saw. I didn’t realize the dark side that was going to pick up on this, and that’s what happened. You take over here for a second, Bill. I think I have Channel 2 at the door.
Bill: Okay. Folks, let’s just make sure we take this information, we use it correctly, we use the technology as far as the cellphones the way that you’re supposed to do. You’re not supposed to just hand this over to an irresponsible or an immature child and just let it go. You definitely have to have some parameters. You need to have some rules in place. You need to have rules in place that have some consequences if there’s behavior problems. No more access to the cellphone and things like that so they understand that bad behavior means not being in timeout. Bad behavior means not being able to use your cellphone because that really is what children rotate their lives around at this point in time.
Dave: What Raj said is, “Are you strong enough to stand up to your kids and take away that privilege?” I think that’s what one of the problems is. We gave our kids or we handed over to them the keys to that car without taking into account or understanding what this new net generation was all about.
Bill: That’s right. So we’re just about at the top of the hour, Dave. I know that we’ve had a whirlwind day as far as the Cyberhood Watch. A lot of fun stuff. We’re so excited to be a part of that with all of you. I know that our longtime listeners and the folks that have followed us basically from day 1. We’ve got 1 of them in our chat room. He is such a supporter and has been on our show a few times. It really makes us feel good to know that what Dave and I are doing is making a real difference out
there. We are touching some lives, and we are putting this information in parents’ hands. That’s the most important thing. We can’t do much at that point, Dave. We can get them the information and then it’s parents following through and applying that great information that we’ve spent pretty much a lifetime working on. I want to really quickly just let everyone know that you can check us out on the Cyberhood Watch at TheCyberhoodWatch.com. You can also check us here on the radio every single week at Tuesday at 11 in the morning and also on Thursday, we have a secondary show that we bring in additional guests on. So pretty awesome stuff, Dave.
Dave: I agree. And don’t forget Wednesdays.
Bill: Yeah, actually Wednesdays. We’ve been pretty excited about having 3 times a week sometimes because people are wanting to know this information. We’ve gotten so many great guests to come on to actually share almost an hour of their time. It’s just incredible that that happens. Really quickly, as we wrap up, Dave, why don’t you go ahead and handle the Cyberhood Watch magic 1 question this week? And take us out on a good note.
Dave: Well, before I do that. You’re handing me that magic 1, are you?
Bill: You bet. We didn’t get a chance to hand it to Raj because he was on his way out the door.
Dave: Well, actually my magic 1 then is to be able to waive it over the idea that we’ve just recently come up with that we think that’s kind of the missing link in educating and helping children to become and live a safe digital life on the Internet. We keep referencing [Winn Schwarta] who we had on the show almost 2 years ago, I think, who kind of changed our direction of thinking and understanding that technology is 1 approach but it is not the approach that is needed to reach kids. If we can get to that generation and help them understand using core values instead of technology, I think we’re going to be better of. My magic 1 is to waive over the efforts that we’re going to be putting into this new book as well as a curriculum to help educate parents who need to educate their children. I think that’s what I’m hoping for, that that’s successful.
Bill: Well, thank you so much for that, Dave. I totally agree with that. I know we had a meeting last week and we talked about that, the fun stuff that’s coming up for us as an organization. We’re just so excited. Good stuff happening today. I applaud all the things that have happened around Cyberhood Watch around the last 3 or 4 months especially. It’s just some real hard work by our publicity team. They have just worked their tails off to get our message out, and it really has started that perfect storm that [Winn] talks about. We’re really excited about that for CHW. That’s really moving us into the next level where people really do become aware of who we are, what we stand for, and that’s some exciting stuff. We really have had a kind of whirlwind over the last 3 years. It’s almost hard to believe that we’ve been in
business for 3 years, Dave, and we’re coming up on that anniversary. Sometimes when you’re trying to reach for goals, time goes a little slower than you realize. When the floodgates open, you’re like, “Holy cow. Where did all that come from?” So really fun stuff going on, especially with the project that Dave mentioned. We’re going to probably have that out in a month or 2. We’re looking at a month to really have the finalization on everything, and then another month to put it all together. So good stuff and a good show today. Make sure you check it out. We’ll have a recording up on our website. And Raj’s information… that was just some golden nuggets, Dave.
Dave: Oh, great information and coming from such a highly respected individual in the industry. When you get those kind of leaders who are willing to come on the show and share an hour of their time, that’s impressive. So I want to make sure everybody stops by the hood, TheCyberHoodWatch.com community. I hope to see you next week.
Bill: All right. Thank you, everyone. Bye bye.
Dave: Thanks, Bill. Bye.