News

Investec CISO warns that legacy tapes will fail on new hardware

Many organisations may find that years of irreplaceable tape backups are inaccessible because modern machines cannot handle legacy formats. Speaking at a launch event for EMC's latest research, David Cripps, chief information security officer (CISO) at Investec, said: "People will find that they have the tape, but they won't be able to read it back." Investco keeps some old hardware purely for the purpose of restoring legacy tape backups. The inability to access legacy tapes is part of a wider IT problem relating to the availability of systems.

The EMC research estimated that unscheduled downtime costs $611,375 (£379,519) per year in the UK. EMC also reported that security breaches cost UK businesses an average of $1,158,077 per year, while the annual cost of data loss is $1,302,895. The global study of 3,300 IT and senior business executives found that reduced investments in critical areas of IT – such as continuous availability, integrated backup and advanced security – were hampering the resilience of IT infrastructure and recovery time after downtime.  “At Investco, we use security as a business risk, just like the risk [assessment] in the liquidity market," said Cripps. "It is a risk event. My reporting line is into risk, and business makes an assessment of the risk impact.” Challenges of being a CISO From a security and availability perspective, Cripps said that if systems are down for a second, there is an immediate impact on the business.  Among the issues he is tackling are cloud computing, cyber crime and requests from staff to use their own devices. Cripps warned that from a CISO perspective, legislation is increasingly affecting how organisations are run. Changes to the EU Data Protection Directive, for example, will mean that a business has a time limit of 24 hours to report data loss to a regulator.  Cripps said the security industry was failing businesses by selling fear, uncertainty and doubt (FUD).  “As an industry, there is still a great deal of FUD by vendors to sell a product. People phone up and say they have a solution for APT [advanced persistent threats].

This is our life. Don't try to scare me into buying something, because [if you do that], you have lost straight away,” he said. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners.

If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com

Avoid BYOD pitfalls to ensure business benefit, says Amtel

As companies embrace bring your own device plans, the same mistakes continue to be made, says PJ Gupta, chief executive of mobile device management security provider Amtel. “BYOD security requires a delicate balance between business concerns about security and personal privacy,” he told Computer Weekly.  “BYOD should not mean letting any device access the corporate network, but the goal should be to protect corporate data while ensuring the privacy of personal data on personal devices,” said Gupta. “The risks that need to be managed include malware threats from compromised devices, unintended disclosure of sensitive information, data loss, compliance risks, and productivity loss from time-wasting apps,” he said. But in attempting to do that, many organisations fall into the common trap of applying the same set of security policies for BYOD as they do for corporate mobile devices. When a company issues a corporate device to an employee, it can standardise configurations to secure the device and rigidly control how it is used. “But because of the diversity of BYOD devices and their use for personal purposes, it becomes necessary to be more flexible while taking steps to secure the device and minimise the risks,” said Gupta. He cautions against taking a one-size-fits-all approach. “Instead, organisations should tailor a BYOD policy to the organisation’s security needs and the employee culture, and then implement technology solutions that support those policies,” he said. “We are seeing that different industry types have different security requirements and employee cultures differ on whether or not they prefer separate devices for personal use and corporate use,” he said. But Gupta believes there are several key guildelines that should be followed.

He recommends that organisations: Set minimum operating system (OS) version thresholds for users to bring in their own devices for work as a baseline requirement to protect corporate data and apps running on them. “Certain versions of Android, for example, are not secure enough for the enterprise because they lack encryption and other security capabilities,” said Gupta. Quarantine compromised devices and make sure that the OS and apps are updated with current security patches before accessing corporate networks. Enforce standard configuration settings for enterprise access, including the use of an encrypted network and data access only through a VPN (virtual private network) and secure (HTTPS) sessions. Ensure that enterprise apps share data only in secure containers and wipe the container upon exiting the enterprise app, to prevent data leak or disclosure. Ensure the company has the capability to lock devices remotely and wipe selectively content, apps and passwords on lost or stolen devices. Another common failing, according to Gupta is that companies tend to ignore BYOD impact on enterprise infrastructure and related costs. “The enterprise may not be paying for the BYOD device or data usage on the device, but the device is still consuming Wi-Fi data bandwidth and ultimately connections on the company network,” he said. With large numbers of BYOD devices in use on the corporate network and the proliferation of rich media downloads, the strain on the corporate LAN and WAN bandwidth will become apparent. To ensure employees are not using the corporate network to download movies and videos for personal use, Gupta said enterprises can implement geo-fencing limitations on certain data-hogging apps when the device is within work location boundaries. “Such apps can be blocked at work while allowing employees to use the apps as they want, outside the work location boundaries,” he said. The next common pitfall to avoid, said Gupta, is publishing private enterprise apps to public apps stores such as the Apple App Store and Google Play. “But publishing apps to a company’s own private enterprise app store enables the delivery of enterprise apps to employees and partners, without having to disclose anything to the app store providers or go through cumbersome approval processes,” he said. Gupta also says companies should avoid rigid polices in blacklisting and blocking apps. “In a BYOD environment, geo-fencing restrictions on apps may be appropriate, managing what apps can be run and what apps cannot be run within the corporate boundaries,” he said. For example, blocking applications such as Facebook at the work location, but allowing access to the app outside of the work location can help increase productivity while providing flexibility and promoting employee satisfaction. “Define time and location windows with access restrictions, including what apps can be run and what apps cannot be run within work location boundaries,” said Gupta. “Then use geo-fencing to monitor and enforce location-based access and usage policies.

Also, make sure that the GPS and location tracking features persist within geo-fence boundaries even if a user turns GPS off,” he said. Finally, Gupta advises that organisations avoid a full wipe of a BYOD device when a selective wipe is more appropriate. When an employee with a corporate device leaves the company, the admin can remotely wipe the device, but it would be a mistake to do that with a BYOD device without employee permission, he said. While such permission should be obtained beforehand during the BYOD signup process, Gupta said a better approach would be to have the capability to wipe things selectively, erasing only the enterprise apps and data, while leaving the personal information intact. Gupta said many enterprises now encourage employees to bring their own devices to work for the promotion of a flexible work environment and related productivity boost. But, he said, organisations must take the necessary security precautions to ensure that the business benefits from the BYOD trend. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners.

If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com

Newegg on trial, day one: Picking a patent jury

Lawyers for a Web-spanning encryption patent ask about shopping and logging.    

Marble Security Messenger Platform Aimed at Health Care Workers

The platform enables organizations to protect patient information on mobile devices with encryption and passwords. Cloud-based mobile security specialist Marble Security is reaching out to physicians, surgeons, nurses, emergency responders and other health care professionals who want to transfer protected health information from mobile phones with the launch of Marble Messenger. The platform enables organizations to protect patient information on mobile devices with encryption and passwords and enforce electronic protected health information (ePHI) security policies for both senders and receivers. Since it is encrypted, patient information is also protected as it traverses the Internet or a mobile network.

Additional safety is provided by an auto-destruct feature that deletes the image and text after a time limit is reached. The Marble mobile security platform lets administrators, via the cloud, set and enforce risk-based policies, control mobile security through dashboards, and run risk analytics and compliance reports. "Customers tell us that with Marble Messenger, they can continue to consult with other health care professionals via secure messaging while not violating HIPAA/HITECH [Health Insurance Portability and Accountability Act/Health Information Technology for Economic and Clinical Health Act] regulations," David Jevans, Marble Security founder and chief technology officer, said in a statement. "With the pervasive use of mobile, we are seeing interest in other sectors as well to encrypt and protect sensitive information that is routinely sent over mobile devices." As enterprise bring-your-own-device (BYOD) programs continue to become more commonplace, 38 percent of companies expect to stop providing devices to workers by 2016, according to a global survey of CIOs by IT research firm Gartner.

As health care organizations explore programs like BYOD initiatives, there is increasing concern raised about the security on employee-owned devices and how sensitive information is stored on them and transmitted between them. Marble addresses these problems directly with mobile-security management (MSM) functionality, essential mobile-app management (MAM) and mobile-device management (MDM) capabilities.

The platform includes mobile app scanning and device security features to actively protect against malware, unauthorized data access and phishing while enforcing security policies. In addition, the essential MAM feature allows corporate apps to be cataloged, pushed and deleted while providing data-wiping capabilities for lost or stolen devices, and secure, hosted VPN capability isolates users from network attacks like man-in-the-middle, redirects, poisoned Domain Name System (DNS), phishing and wireless eavesdropping. According to this year's HIMSS Leadership Survey, which collected the opinions of health care provider organizations' IT professionals, securing information on mobile devices was the top security concern at their organizations. Nineteen percent of respondents (down from 22 in 2012) had experienced a security breach within their organizations in the past year, and 22 percent (up from 16 percent in 2012) want to focus on security systems in 2013.  

‘NSA exceeded the scope of authorised acquisition continuously,’ says Judge

A Foreign Intelligence Surveillance Court (FISC) has criticised the US government for ignoring guidelines surrounding the National Security Agency's (NSA) Prism programme for domestic surveillance of web users. FISC set out suggested regulations for t...

A third of SMBs unaware they’ve been cyber attack victims

One-third of small and midsize businesses (SMBs) have no idea if the organisation has been the victim of cyber crime or malicious hackers in the past 12 months, while management in over half of SMEs don't see cyber attacks as significant risks. That's according to the Risk of an Uncertain Security Strategy study conducted by independent research firm Ponemon Institute sponsored by security solutions provider Sophos, which highlights that SMBs need better help to understand the potential threats of cyber attacks. "One-third of respondents admit they are not certain if a cyber attack has occurred in the past 12 months," said the report. Because of this lack of knowledge about the frequency and magnitude of such attacks, actionable intelligence appears to be deficient," it continued, adding that in order to remedy the problem IT managers "will be investing in big data analytics and network traffic intelligence over the next three years." The research claims that cyber attacks have cost SMBs an average of $1.6m (£1m) over the past 12 months, the cost of which will only rise if both the IT department and management fail to gain a better understanding of increasing cyber threats. That's especially the case if organisations can't get a grasp of changes in the workplace brought about by the likes of BYOD and cloud technology. "Small and midsize organisations simply cannot afford to disregard security. Without it there's more chance that new technology will face cyber attacks, which is likely to cost the business substantial amounts," said Larry Ponemon, president of the Ponemon Institute, who warned that security should always come first when adopting new technologies. "CIOs are under pressure to implement new technology that informs agile and efficient ways of working, but this should not take precedence over security. "The industry needs to recognise the potential dangers of not taking cyber security seriously and create support systems to improve SMB security postures," he said. Gerhard Eschelbeck, chief technology officer for Sophos, argued the research demonstrates security is increasingly "taking a back seat". "The scale of cyber attack threats is growing every single day, yet this research shows that many SMBs are failing to appreciate the dangers and potential losses they face from not adopting a suitably robust IT security posture," he said. "Today in SMBs, the CIO is often the 'only information officer', managing multiple and increasingly complex responsibilities within the business," Eschelbeck continued. "However, these OIOs can't do everything on their own and as employees are demanding access to critical apps, systems and documents from a diverse range of mobile devices, it would appear security is often taking a back seat," he added. The report recommends that organisations need to focus on monitoring, reporting and proactively detecting threats, and formulate best practice for mobile and BYOD. It also suggests organisations keep a proper record of the cost of cyber attacks, including downtime and loss of productivity caused by malicious hackers. The research surveyed more than 2,000 respondents across the US, UK, Germany and Asia-Pacific.

Verizon Launches Enterprise Solution to Secure Connected Everything

Verizon Enterprise Solutions is now offering Managed Certificate Services, a more secure approach to supporting connected devices. Verizon Enterprise Solutions has introduced Managed Certificate Services (MCS), a cloud-based, scalable solution aimed at better securing the fast-climbing number of things—from smartphones to smart meters and smart cars—now connecting to the Internet. MCS authenticates objects and machines and ensures that data is safely transmitted between connections, whether from machine to machine or device to machine. Security is offered on the device level, and the data flowing in and out is encrypted. MCS offers cloud-based certificates that eliminate the need for "expensive hardware and complex implementations," Verizon said in a Nov. 19 statement.

Its fully managed environment, it added, enables clients to focus on their core businesses, "without the complexity and cost of managing and monitoring their certificate infrastructure." MCS is offered as a pay-as-you-go service, enabling businesses to pay for what they need, when they need it. "These days, there's more required to provide a complete end-to-end security model," Johan Sys, a managing principal with Verizon Enterprise Solutions, told eWEEK. "Very specifically, with the Internet of things, we have challenges in doing this that we don't have in the enterprise. It's dealing with [a much] larger numbers of things." Cisco has forecast that while there will be about 3.6 billion Internet users by 2017 (up from 2.3 billion in 2012), the number of network connections from fixed and mobile devices will surpass 19 billion, up from 2012's 12 billion. MCS can also help enterprises address new regulatory guidelines for connected devices, such as those utility companies face around smart meters. Sys offered examples of a number of other industries that could benefit. When a consumer purchases a television, content pushed down by the content provider needs to be authorized; certificates can be added in the factory, enabling this. When the firmware needs to be updated, MCS certificates can also control what's downloaded, ensuring it's secure and from the appropriate source.   In the public sector, e-passport ID cards are issued to doctors, enabling them to access the hospital and protected areas, as well as access patient information. Each connection the cards make can be authenticated and secured. Connected cars are another broad market. "When you have a local network consulting on things like a car engine or brakes, you can update the parameters. But if you deploy through the car an additional certificate, you can control what software can be pushed to the car and who can control the system," said Sys. Just as the Internet can be overloaded to create a denial of service, he explained, there's a danger of car systems being overloaded and control of the car taken over. "You see it with air conditioning units—it can be overloaded," said Sys. "So there's a physical danger, not just an Internet security risk." MCS is now available in the United States and Europe, with the Asia-Pacific region to follow in December. "It's not a complete security solution in itself, but a key piece of a solution," said Sys. "It's a first line of defense."   EDITOR'S NOTE: The original version of this article misstated Mr. Sys' last name. Our apologies. 

Google pays those who find Android security glitches

Those who pinpoint vulnerabilities in Google's mobile operating system can earn cash rewards, similar to those paid out for identifying bugs in Chrome. November 19, 2013 4:00 AM PST (Credit: Stephen Shankland/CNET) Google has expanded its bug-bo...

You can’t beat politics with technology, says Pirate Bay cofounder Peter...

He does comedy, thinks The Pirate Bay should shut down, and distrusts Netflix/Spotify.    

Security Think Tank: Security testing a vital part of software procurement

It is a fact of IT life that new application vulnerabilities are created and discovered every day.  On the one hand, the increasing complexity of software and the software supply chain makes it almost impossible to guarantee that software is vulnerability-free. On the other hand, application security testing has become so much better, cheaper and easier that software suppliers have no excuse but to test their offerings to avoid the proverbial "holes so large you could drive a truck through them". Ensuring appropriate testing of all software is not a trivial matter.  The category of business software covers a wide area: from desktop tools to enterprise resource planning (ERP) suites; from file-sharing services to software as a service-based (SaaS) customer relationship management (CRM); and from e-commerce platforms to other customer-facing applications that may even include wearable technology and "smart-something" devices.  Similarly, acquisition encompasses a variety of off-the-shelf and outsourced sourcing models. Given all this complexity and variation, it is vital to set the right expectations and create a solid process when acquiring business software.

The following are important technical and non-technical tasks: Commit to making security a part of the acquisitionAs with in-house development, business users first have to want security as a required aspect of overall quality.

A critical part of creating this commitment is communicating with them about risks and rewards, and establishing mutually agreed goals. Find the right process touch pointsMandatory security checkpoints in project management, contract review and sourcing are a must. But since the availability of free and pay-as-you-go software makes it easy for individual business users to acquire software by themselves, additional tools will probably be needed to discover installed software and cloud application use. Tailor testing activities to the software and sourcing typeAll software should be security tested at least once before it goes into production, but not all software needs be tested equally often or in equal depth. Look for some combination of the following: supplier process and testing evidence; third-party testing evidence; third-party certifications and validations (for what they are worth); in-house testing during coding and testing (for some outsourcing); pre-release in-house testing; and testing of software once deployed in production. In all cases, test against documented requirements. Put your expectations of the supplier in writingExcept for full off-the-shelf products or SaaS, create specific contract clauses for the following: the security requirements; how the supplier will show evidence of software security testing processes and outcomes; the security go/no-go criteria for acceptance; in what way, and how quickly, the supplier will communicate discovery of non-trivial vulnerabilities; the allowable time-to-fix for non-trivial vulnerabilities; and the penalties for non-compliance. Gear up for in-house security testingOrganisations should be ready to perform their own application security tests, whether they use a product or a service to do this.

Any deployment that is not completely off-the-shelf is a candidate for in-house testing, even if only to validate the supplier's tests. Some security problems will not show up until deployment into an organisation's staging or production environment, so such testing is very desirable. Prepare mitigation tacticsSince most software cannot be guaranteed to be vulnerability-free, and most discovered vulnerabilities cannot be fixed overnight, the ability to isolate vulnerable assets, block attacks or at least detect attacks is essential as a backup. To come full circle, it can also help to identify previously unknown security vulnerabilities. Given all the help available, there is simply no excuse for buying software with shoddy security Ramon Krikken, Gartner Whatever the type of software and sourcing model, application security testing is vital when acquiring business software.  Information on structuring these testing activities is becoming more comprehensive. Look to organisations such as the European Union Agency for Network and Information Security (ENISA), the US National Institute of Standards and Technology (NIST), the US Department of Homeland Security (DHS), the Software Engineering Institute (SEI) at Carnegie Mellon University, and the Open Web Application Security Project (OWASP) for presentations and documents on software supply chain assurance, software assurance for acquisitions and related topics. Given all the help available, there is simply no excuse for buying software with shoddy security. Ramon Krikken is a research vice-president in Gartner's technical professionals' security and risk management team. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners.

If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com This was first published in November 2013

Campaigners angry over Microsoft, Skype privacy ruling

Campaign group Europe v Facebook has criticised the decision by Luxembourg’s data protection authorities to clear Microsoft and its Skype division of privacy violations. In October, Luxembourg's National Commission for Data Protection (CNPD) ordered an investigation of the firms’ involvement in the US National Security Agency’s Prism internet surveillance programme. The investigation led to speculation that the Luxembourg-headquartered internet-calling service could face criminal and administrative sanctions for passing on users’ communications to the NSA. The probe was launched after the CNPD received a complaint from a private individual concerned that their fundamental right to the protection of personal data had been violated. The complaint came after reports based on documents leaked by whistleblower Edward Snowden claimed that Skype had supplied the NSA with content from calls as well as other details. But, according to a statement released by the CNPD, the probe found that the companies did not provide widespread data access to the NSA. The investigation also found that the transfer of some data to affiliate companies in the US “appears to take place lawfully” under the safe harbor agreement. Max Schrems of Europe v Facebook said in a document on the campaign’s website that "Safe Harbor" decision allows for data use for purposes of law enforcement and national security, but the NSA does much more than that. “In addition the European Commission has recently said that Prism would not be covered by the 'Safe Harbor’, so it seems like the authorities in Brussels and Luxemburg are not in line,” he said. “If Prism would be allowed under the 'Safe Harbor' decision there is no doubt that the decision would be illegal. So overall we can’t really understand the response,” said Schrems. Europe v Facebook said the CNPD investigation once again demonstrates that there are no real consequences from the NSA scandal. "We are making fools of ourselves internationally if we are not taking any action. Our politicians are sending a couple of angry letters, but when it comes to factual consequences we see no action,” said Schrems. The European Commission recently announced that it is conducting a review of the controversial "Safe Harbor" decision to examine whether it still meets European standards after the Prism revelations. "There is an urgent need that the European Commission amends the "Safe Harbor" decision accordingly or at least formally calcifies that transfer of data is illegal if there is probable cause that US companies are forwarding Europeans’ data to the NSA,” said Schrems. More on Prism After Prism revelation there is nowhere to hide Security Think Tank: Prism unlikely to change much Security Think Tank: Prism fallout could be worse than security risks Security Think Tank: Prism is dangerous for everyone Security Think Tank: Prism – Sitting duck or elaborate honeypot? NSA surveillance whistleblower reveals identity US repeatedly hacked China, claims NSA whistleblower FBI spies on internet users UK links to US internet surveillance remain unclear Technology companies call for more transparency over data requests Compliance: The Edward Snowden, NSA program controversy continues Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners.

If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com

Cloud storage needs an audit process to stay compliant

There is so much software as a service now that data heads off into the cloud and lands who knows where. But that doesn’t absolve you of the need to know where your data is, how it is secured and what laws and regulations its retention must comply with.

For this, you need to carry out a cloud-compliance audit. Your service provider may not state where your data will be held, let alone guarantee that it stays in the same country or even on the same continent.

They may move data around for load balancing, or may failover to another datacentre if things go wrong. If you don’t take steps to find out, you are unlikely to know where your data is. Not long ago, data stayed safely in the data centre behind a firewall, and rarely ventured much further than branch offices or to the tape storage warehouse. Life was easy then. But now, in the age of the cloud, there are numerous laws and regulations that make things less simple.

The bottom line is, you are classed as the data controller for compliance purposes and this means you need to comply with the laws and regulations that apply in the territories in which you operate and/or data is held. For example, if you are sending personal data outside the European Economic Area (EEA) you are required to comply with Principle 8 of the UK Data Protection Act, which states: “Personal data shall not be transferred to a country or territory outside the EEA unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.” Furthermore, you will be subject to the local laws of the country in which your service provider is based and of the country in which your data is stored. You can be prosecuted under these laws even if you just make use of a datacentre in a European country. Another example is the 2001 USA Patriot Act, which states that data stored in the US or UK, by any company headquartered in the US, is subject to access by federal authorities.

This includes financial information and emails. The key thing to take away here is that before sending personal data off to be stored or managed by any third-party provider, you have to know where it is being stored and how it is protected. In other words, you need to conduct a cloud complianceaudit. As an organisation you are data controller and even though you outsource the storage process to a cloud provider, responsibility for it still belongs to you. A cloud compliance audit should include a review of policies and procedures that the cloud storage provider applies to your data, the technical solutions in place to protect your data, and the skills of technical or business staff responsible for your data. You may also want to physically audit the datacentre where your data is stored. In short, you should know everything that happens to your data, just as if you stored it on your own premises, so that you don’t fall foul of data protection laws and regulations. Kingsley Eley is principal consultant at GlassHouse Technologies (UK).

For more information, visit GlassHouse.com and the GlassHouse blog for expert commentary on key datacentre issues, and follow us on Twitter @GlassHouse_Tech. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners.

If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com This was first published in November 2013

1

Attach Id ( 959790 ) not integer for post_thumbnail 835201

1

Attach Id ( 856794 ) not integer for post_thumbnail 761607

1

Attach Id ( 856801 ) not integer for post_thumbnail 734000

1

Attach Id ( 856800 ) not integer for post_thumbnail 734000

1

Attach Id ( 856806 ) not integer for post_thumbnail 725032

1

Attach Id ( 1035932 ) not integer for post_thumbnail 1030349

1

Attach Id ( 1097605 ) not integer for post_thumbnail 1021772

1

Attach Id ( 1070445 ) not integer for post_thumbnail 1031592

1

Attach Id ( 1088817 ) not integer for post_thumbnail 1084937

1

Attach Id ( 1097146 ) not integer for post_thumbnail 1034023

1

Attach Id ( 1097756 ) not integer for post_thumbnail 1081891

1

Attach Id ( 1366067 ) not integer for post_thumbnail 1064018

1

Attach Id ( 1114278 ) not integer for post_thumbnail 1112807

1

Attach Id ( 1120202 ) not integer for post_thumbnail 1110638

1

Attach Id ( 1130484 ) not integer for post_thumbnail 1128829

1

Attach Id ( 1130811 ) not integer for post_thumbnail 1070037

1

Attach Id ( 1131627 ) not integer for post_thumbnail 1037929

1

Attach Id ( 1138547 ) not integer for post_thumbnail 1066943

1

Attach Id ( 1155230 ) not integer for post_thumbnail 1037716

1

Attach Id ( 1298248 ) not integer for post_thumbnail 1046394

1

Attach Id ( 1164146 ) not integer for post_thumbnail 1054729

1

Attach Id ( 1188679 ) not integer for post_thumbnail 1062534

1

Attach Id ( 1204758 ) not integer for post_thumbnail 1042440

1

Attach Id ( 1246234 ) not integer for post_thumbnail 1037938

1

Attach Id ( 1247909 ) not integer for post_thumbnail 1063879

1

Attach Id ( 1248171 ) not integer for post_thumbnail 1229545

1

Attach Id ( 1249414 ) not integer for post_thumbnail 1188979

1

Attach Id ( 1257328 ) not integer for post_thumbnail 1120206

1

Attach Id ( 1297465 ) not integer for post_thumbnail 1157604

1

Attach Id ( 1301705 ) not integer for post_thumbnail 1060130

1

Attach Id ( 1323365 ) not integer for post_thumbnail 1204453

1

Attach Id ( 1334069 ) not integer for post_thumbnail 1050182

1

Attach Id ( 1368162 ) not integer for post_thumbnail 1368169

1

Attach Id ( 1368198 ) not integer for post_thumbnail 1368199

1

Attach Id ( 1368203 ) not integer for post_thumbnail 1368204

1

Attach Id ( 1368211 ) not integer for post_thumbnail 1368212

1

Attach Id ( 1368214 ) not integer for post_thumbnail 1368215

1

Attach Id ( 1368366 ) not integer for post_thumbnail 1368367

1

Attach Id ( 1368479 ) not integer for post_thumbnail 1368480

1

Attach Id ( 1368482 ) not integer for post_thumbnail 1368483

1

Attach Id ( 1368641 ) not integer for post_thumbnail 1368642

1

Attach Id ( 1368652 ) not integer for post_thumbnail 1368653

1

Attach Id ( 1368658 ) not integer for post_thumbnail 1368659

1

Attach Id ( 1368673 ) not integer for post_thumbnail 1368678

1

Attach Id ( 1368882 ) not integer for post_thumbnail 1368883

1

Attach Id ( 1368910 ) not integer for post_thumbnail 1368915

1

Attach Id ( 1368949 ) not integer for post_thumbnail 1368951

1

Attach Id ( 1368992 ) not integer for post_thumbnail 1368993

1

Attach Id ( 1368995 ) not integer for post_thumbnail 1368996

1

Attach Id ( 1369043 ) not integer for post_thumbnail 1369044

1

Attach Id ( 1369072 ) not integer for post_thumbnail 1369081

1

Attach Id ( 1369087 ) not integer for post_thumbnail 1369094

1

Attach Id ( 1369258 ) not integer for post_thumbnail 1369260

1

Attach Id ( 1369270 ) not integer for post_thumbnail 1369271

1

Attach Id ( 1369382 ) not integer for post_thumbnail 1369383

1

Attach Id ( 1369385 ) not integer for post_thumbnail 1369386

1

Attach Id ( 1369388 ) not integer for post_thumbnail 1369389

1

Attach Id ( 1369408 ) not integer for post_thumbnail 1369412

1

Attach Id ( 1369403 ) not integer for post_thumbnail 1369414

1

Attach Id ( 1369416 ) not integer for post_thumbnail 1369417

1

Attach Id ( 1369421 ) not integer for post_thumbnail 1369422

1

Attach Id ( 1369618 ) not integer for post_thumbnail 1369620

1

Attach Id ( 1369623 ) not integer for post_thumbnail 1369624

1

Attach Id ( 1369759 ) not integer for post_thumbnail 1369760

1

Attach Id ( 1369772 ) not integer for post_thumbnail 1369774

1

Attach Id ( 1369814 ) not integer for post_thumbnail 1369815

1

Attach Id ( 1369820 ) not integer for post_thumbnail 1369821

1

Attach Id ( 1369824 ) not integer for post_thumbnail 1369825

1

Attach Id ( 1369958 ) not integer for post_thumbnail 1369959

1

Attach Id ( 1369969 ) not integer for post_thumbnail 1369970

1

Attach Id ( 1369972 ) not integer for post_thumbnail 1369973

1

Attach Id ( 1370098 ) not integer for post_thumbnail 1370099

1

Attach Id ( 1371497 ) not integer for post_thumbnail 1371498

1

Attach Id ( 1371625 ) not integer for post_thumbnail 1371626

1

Attach Id ( 1371723 ) not integer for post_thumbnail 1371724

1

Attach Id ( 1371736 ) not integer for post_thumbnail 1371737

1

Attach Id ( 1371755 ) not integer for post_thumbnail 1371756

1

Attach Id ( 1372619 ) not integer for post_thumbnail 1371839

1

Attach Id ( 1371908 ) not integer for post_thumbnail 1371909

1

Attach Id ( 1372006 ) not integer for post_thumbnail 1372014

1

Attach Id ( 1372112 ) not integer for post_thumbnail 1372113

1

Attach Id ( 1372121 ) not integer for post_thumbnail 1372123

1

Attach Id ( 1372125 ) not integer for post_thumbnail 1372127

1

Attach Id ( 1372130 ) not integer for post_thumbnail 1372131

1

Attach Id ( 1372176 ) not integer for post_thumbnail 1372180

1

Attach Id ( 1372183 ) not integer for post_thumbnail 1372184

1

Attach Id ( 1372207 ) not integer for post_thumbnail 1372208

1

Attach Id ( 1372210 ) not integer for post_thumbnail 1372211

1

Attach Id ( 1372213 ) not integer for post_thumbnail 1372214

1

Attach Id ( 1372216 ) not integer for post_thumbnail 1372217

1

Attach Id ( 1372275 ) not integer for post_thumbnail 1372276

1

Attach Id ( 1372454 ) not integer for post_thumbnail 1372458

1

Attach Id ( 1372460 ) not integer for post_thumbnail 1372464

1

Attach Id ( 1372524 ) not integer for post_thumbnail 1372525

1

Attach Id ( 1372527 ) not integer for post_thumbnail 1372528

1

Attach Id ( 1372613 ) not integer for post_thumbnail 1372614

1

Attach Id ( 1372616 ) not integer for post_thumbnail 1372617

1

Attach Id ( 1372666 ) not integer for post_thumbnail 1372667

1

Attach Id ( 1372669 ) not integer for post_thumbnail 1372670

1

Attach Id ( 1372672 ) not integer for post_thumbnail 1372673

1

Attach Id ( 1372737 ) not integer for post_thumbnail 1372738

1

Attach Id ( 1372804 ) not integer for post_thumbnail 1372805

1

Attach Id ( 1373257 ) not integer for post_thumbnail 1373258

1

Attach Id ( 1373389 ) not integer for post_thumbnail 1373393

1

Attach Id ( 1375016 ) not integer for post_thumbnail 1375017

1

Attach Id ( 1375019 ) not integer for post_thumbnail 1375021

1

Attach Id ( 1375147 ) not integer for post_thumbnail 1375148

1

Attach Id ( 1376382 ) not integer for post_thumbnail 1376383