PHPUGPH Event: tri{php}letreat@USAutoPartsPhilippines

A triple treat! The PHP User Group Philippines, Inc. (PHPUGPH) in cooperation with US Auto Parts Network (Philippines) Corp. has organized an event that focuses on web development, security, and marketing. It will be held on May 24, 2008, 9:00 AM - 5:00 PM, at the US Auto Parts Network (Philippines) Corp. (formerly MBSTek) Training Room, 6/F RCC Center, 104 Shaw Blvd., Pasig City (Near Jade Palace), Philippines.

Topics:

Search Engine Optimization (SEO)
Riz Sanchez, SEO Manager, US Auto Parts Network (Philippines) Corp.

Model-View-Controller (MVC) 101: A Web Development Architecture
Reynold Lariza, Web Development Supervisor, Glocorp IT Solutions, Inc.

Web Application Security by Example
Richard Peter Ong, Lead Developer, Internal Projects, SysIQ Inc.


Event Fee:

PHP 350.00 for early birds paid and with resume.
PHP 450.00 for early birds paid without resume.

* all inclusive of snacks and lunch *

Note:
Limited seats, good only for 35 slots. First come, first serve basis. Registration is open until May 22, 2008. Your registration expires if no payment is made within 2 days.

Payment Details:

All payments must be made within 2 days after online registration through bank deposit.
Bank account details are listed below:

Bank: BPI Family Savings Bank
Account No: 6006-6267-67
Account Name: Cherrie Ann B. Domingo

Scanned deposit slips should be sent to chean_AT_phpugph.com for payment confirmation.

Contact Us:

For more details or any other inquiries, kindly contact Cherrie Ann B. Domingo at: +639178652412(Mobile), (632) 7253053(Office), chean_AT_phpugph.com(E-mail).

Registration:

While waiting for official PHPUGPH.COM registration page please register on this temporary link

PayPal Philippines Can Receive Now

Score one point for Philippine information technology!

Months ago, I received information that the Philippines now can participate in PayPal. But during that time, you can only send through PayPal but not receive money.

Today, I checked my e-mail and voila! I found out that Philippine PayPal accounts can now receive payments. This came in last week, and I overlooked it.

Receiving payments through PayPal is great, especially if you're doing business online and want to receive international payments. You have to pay around 250 pesos to receive money. Still, that's worth it if you're receiving 300 dollars, right?

Below is a portion of the email I received. I circled a portion for emphasis:

I haven't verified my account by entering my credit card information yet. I checked out PayPal's security and they seem to be very secure now. Last year, they were hacked, a security issue that may not occur again since they should be more vigilant by now. So far I think PayPal is secure.

Insider Threats

Rome did not collapse due to external enemies but due to inward corruption. In the same way, IT companies can collapse from threats from within. Employees or former employees have the access needed to sabotage an entire information system, if the administration is not careful. So how do IT companies avoid such risks? The answer is not so much in dealing with security in the network, since high-level access will still have to be granted to somebody. It is more of keeping the relationship of the employee to the company intact, and knowing when that relationship has come to an end, as in the case of resignation or termination.


There are symptoms of possible insider threats, and they can be recognized by the employee's behavior. The following is a list of these symptoms, which may not be comprehensive but helpful:

• Sensitivity to criticism & needs for attention
• Chronic frustration & feeling unappreciated
• Difficulties controlling anger with bursts of inappropriate temper
• Chronic sense of victimization or mistreatment
• Chronic grudges against others
• Grandiose/above the rules
• Subject is avoided by others or they “walk on eggshells” around him or her
• Bragging, bullying, spending on fantasy-related items
• Compartmentalizes
• Lack of conscience, impulse control, empathy for others, social impact

One symptom may not mean that the employee is a threat, but these have to be kept in check by supervisors. The critical point in time when employees can become a threat is when they resign. Such is the case when the employee has access to internal systems from an external location, such as his house, a garage, or a Wi-Fi cafe'. Restricting or limiting access to the system is vital when an employee resigns from the company.

An employee is responsible for his or her own behavior. There are factors however, that will influence the employee towards a certain direction. Management does have a responsibility in maintaining company morale so it doesn't produce disgruntled employees.

A sabotage can occur in the form of a logic bomb. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files (such as the salary database), should he ever leave the company.

Manage your employees well. Maintain those relationships that will foster cooperation between labor and management.

References:

1. A Risk Mitigation Model: Lessons Learned From Actual Insider Sabotage, http://www.cert.org/cert/
2. Logic Bomb definition, http://en.wikipedia.org/wiki/Logic_bomb