Monday, October 17, 2016


Today’s guest blog comes from Merlin Namuth, Director of Standards, Risk, Compliance, and Security with Red Robin Gourmet Burgers, Inc.

Social media sites such as Facebook, LinkedIn, Twitter, Instagram, and Snapchat are great for staying in touch with friends and family, and they’re widely used. They connect people with similar interests to lend support, and share and collaborate on ideas. Other benefits include finding a new job, discovering new friends, asking opinions, and quick information sharing. The advantages are unlimited.

There are dangers you need to be aware of when using social media. People with ill-intent (attackers) use social media sites to steal personal information, commit fraud, and infect your personal computers, tablets, and smartphones with viruses/malware You can take steps to protect yourself and still enjoy the many benefits of social media.

Security Concerns
There are many ways attackers use social media to trick you.
  • Attackers post links in social sites that are malicious in nature. A malicious link may take you to a site that looks like your bank’s website, but really isn’t. The attacker attempts to trick you into entering your login information and banking information on this fake site. 
  • Another example of a malicious link is one that takes you to a site where a computer virus/malware is downloaded and installed on your system. A common tactic by attackers is to create malicious websites that focus on current news events, such as an election, natural disaster, or some tragedy to lure as many people to them as possible. These malicious links are forwarded amongst your social media connections. 
  • Attackers create fake groups to trick people into joining in order to gather information from unsuspecting users. 
  • Sometimes attackers will target someone and create a fake profile. They send invitations to join to the connections of the “real” person. Once people are connected to the fake profile, the attacker will try to trick them into divulging information or click on malicious links. 
  • Attackers look for personal and work information on social media sites. They may try to piece enough information together in order to answer password reset questions on your behalf. If the attacker is successful, your password will be changed along with your answers for the password reset questions. You are then locked out of your account with someone else posing on your behalf. 
  • Posting your vacation pictures while still on vacation tips off the attacker that you aren’t home. The attacker may then target your home for a physical robbery or vandalism. 
  • Posting information to social media sites without any restrictions on who can view your posts will show up in an internet search. This may include information you don’t want the entire world to see.

Protect Yourself
You can take several precautions to stay safe on social media, while enjoying the vast benefits:
  • Educate yourself. Pay attention when social media sites add more functionality, as this may create different security concerns. Most sites have a web page dedicated to security tips specific to their site, such as how to configure multi-factor authentication. Some sites will send a PIN to your phone via a text message. This makes it harder for an attacker to login as you.
  • Change your privacy settings so only your connections can see your list of friends. Hiding your list of friends keeps the attacker from targeting your friends. 
  • Watch out for fake profiles. Recently, I had friend who is in a high profile position become the victim of someone creating a fake profile as her on Facebook. She contacted Facebook about the fake profile and it was disabled within a few minutes. 
  • Use your privacy setting to restrict your posts so that only your connections can see them. This will help prevent your posts from showing up in Internet searches. You can check what is visible on Facebook, for example, with a feature where you can view your profile as someone who isn’t connected to you. This will help you verify your privacy settings.
  • Some applications will ask you to use your social media login. Be very wary of doing this. Attackers create malicious applications where they capture your login information.
  • Cover your webcam when you aren’t using it. There have been instances where attackers have gained access to the webcam via malware and used the pictures captured from the webcam as blackmail.
  • Be wary of clicking on links. When possible, go to a known and trusted site.
  • Don’t use the same password for each site. If your login is compromised on one site, it will then likely stay contained within that one site. I understand how difficult it is maintaining multiple passwords and trying to remember which password you used for which site. There are different password management programs such as Password Safe, KeePass, and Apple Keychain. This isn’t an endorsement for any of them, but just examples of ones out there for free. 
  • Wait until you return from your vacation before posting your pictures. Avoid the temptation of sharing your immediate whereabouts in general, in order to protect your home.
  • Keep the devices you use for connecting to social media up to date with the latest patches. If you inadvertently click on a malicious link, you may be protected with the most current patches from anything bad happening. 
  • Avoid using public WiFi. Don’t use the public computer in the library, hotel and other places, as they are often infected with malware. Attackers can set up fake WiFi networks at these locations and trick your device into connecting to them. Better to use your smart device on your carrier’s cellular network.
  • Be very sensitive of the information you share on social media. Don’t share your birth date, home address, and social security number. These can all be used to steal your identity.
I hope this gave you new ideas for protecting yourself on social media. Enjoy its benefits while keeping yourself safe.
Merlin Namuth is the Director of Standards, Risk, Compliance, and Security with Red Robin Gourmet Burgers, Inc., a casual dining restaurant chain founded in 1969 with more than 540 locations across the United States and Canada.

Thursday, September 15, 2016

Back on the bike tour: Pedal the Plains 2016

It’s that time again! Our Google Operations Director Brandon Williams is hitting the road for the second year in a row representing the Governor’s Office in Colorado’s 5th annual Pedal the Plains Bicycle Tour.

Last year, we followed Brandon through eastern Colorado -- this year we’ll check in with him from Ordway, Fowler and La Junta during the three day bike journey.

Follow Brandon’s video updates from the road via his twitter account -- including his video recap here. He will be sharing cool tech applications and insights, plus other highlights from the tour.

Day 1:
Day 2 & 3:
Video Recap:

Brandon Williams is the Director of Google Operations for the Governor’s Office of Information Technology. Brandon and his team are responsible for supporting nearly 30,000 Colorado state employees using Google Apps for Government.

Wednesday, September 7, 2016

VIDEO: It's all about that balance. Colorado technology jobs!

What’s it like working for the State of Colorado’s technology office? It’s a pretty cool gig -- but don’t take our word for it, let these current employees tell you all about it! Then you should definitely bookmark OIT’s job posting page for your Colorado technology jobs search.

Hear more about the work-life balance, flexible schedules, great benefits, and that warm and fuzzy feeling at the end of the day because you are serving the great state of Colorado.

Check out our new video and apply for a Governor’s Office of Information Technology job in Colorado today!

Monday, August 8, 2016

Education, elevated.

Why? Because we’re at 5,280 ft in elevation?

No; because the State of Colorado recently completely transformed the education of youth in correctional facilities across the state.

In October 2015, the Governor’s Office of Information Technology (OIT) -- in collaboration with the Department of Youth Corrections -- formulated a strategy for the redesign and implementation of a comprehensive state of the art computing environment for the delivery of high quality educational programs and services at six youth correctional facilities and 50 classrooms. This forward thinking project included the revitalization of an outdated network and development of new mobile and wireless services that provides secure mobile training labs, administrative flexibility, educational consistency and managed internet access to higher education online training curriculums. Prior to this project each of these six facilities functioned independently through agreements with local school districts and/or a private contractors, and each was handling youth education in a different way -- with very little standardization and a host of challenges because of it.

When OIT took it over, these were the issues:
  • The curriculum planning was costly (money and time!)
  • Student did not have access to the internet or online internet educational resources
  • Student could not participate in online higher education programs due to security and privacy constraints inherent to correctional facilities
  • Computer labs were outdated, unsecured and not sustainable due to student tampering 
  • Systems were not meeting state and national security requirements
  • Facilities could not leverage modern “shared” platform technologies and were required to duplicate hardware, files storage, network and other computing assets that increased operating costs and long term support issues
  • Students and instructors were using outdated workstations with a high risk of virus/malware infection and hardware failure, and there were minimal back-ups in place
  • The computers were also isolated to one or two labs, making access a challenge
  • When a student was brought into a facility, all of his or her records and curriculum were on paper and manually processed -- if that student was then transferred to a different facility their records had to be copied to a CD and/or printed and sent over with him or her (!!!)
The solution that OIT devised to fix these issues is a single, cloud-based solution powered off the use of Chromebooks and Google Apps for Education, to leverage the best resources and lowest costs. Using these tools, including applications like Google Doc and Google Classroom, the team was able to standardize the curriculum, process and tracking across the facilities in a highly flexible way. The facilities could deliver individualized content to each facility while using a standard hardware platform and framework -- for the low cost per computer of just $270. Furthermore, no Microsoft Office licensing is necessary, it enables better management and monitoring of users with little to no extra cost, and no servers are required.

The system now has more than 350 Chromebooks, more than 60 teacher workstations and hundreds of completely cloud-based websites and educational materials -- all in an environment where the internet historically has not been available due to security and treatment issues.
This may not look like a big deal, but it is. When unable to hold class in their normal classroom due to facility maintenance, it's no problem at all with Chromebooks -- class in the courtyard!

With the implementation of this amazing project:
  • There is minimal to no risk of malware/virus infection
  • Individual Google user accounts have completely stopped computer vandalism -- students are trackable, and what’s more, they have an appreciation for the system
  • Every facility classroom now has access to Chromebooks or each student has their own Chromebook
  • There have been huge cost savings and return on investment: Devices cost less than half of a low-end laptop and require approximately one-third the time to support
  • Maintenance is reduced dramatically -- it takes less than four minutes to set a Chromebook device back to its original state
  • Community college classes offered through the web-based learning system
  • Automated, real‐time user account creation, allowing faster student and teacher provisioning 
  • Ability to allow students access to approved websites
  • High battery life -- no need for students to have a power adapter in class
  • Giant reduction in paper/printing cost across state facilities; the first classroom the system was put in led to the avoidance of more than 40 reams of paper for one semester
  • High quality education with nearly zero gaps for the student
OIT and the State of Colorado work every single day to to make Colorado the best place to live, work and play; and this project is just one example of how IT can be used to change someone’s experience.