Today, even carefully chosen passwords are susceptible to brute force attacks.

The best defense is using longer passwords. A computer keyboard has 95 keys, so each extra character makes the password 95 times harder to crack.

Analysts at the Georgia Tech Research Institute recommend a password of no less than 12 characters.

Of course, users should also avoid choosing common words to prevent so-called “dictionary” attacks, in which hackers run through a list of dictionary words until the password is found.

It looks very likely that this technology will completely replace analog phones in the not-too-distant future, at least in most companies.

But with every advance comes a new threat. With analog phone message interception, the hacker has a few conventional ways of getting on the system, whether by breaking into your office and attaching a bug or by tapping the main phone trunk liens or exchanges. These are high-expertise, high-cost attacks.

But, as one analyst points out, “Unfortunately, phone calls from your computer are fundamentally different from phone calls from your telephone. Internet telephony’s threat model is much closer to the threat model for IP-networked computers than the threat model for telephony.”

A lone hacker with a. few software tools (such as a packet sniffer) can, with far less difficulty, intercept your calls at multiple points along the transmission. Digital voice data can be intercepted by establishing a spyware application on your network and the data can be sent out for monitoring to anywhere on the Internet with no wire-cutters or alligator clips required.

Experts in the business strong recommend encryption when using a VOIP system. There is a range of solid tools for making sure that voice transmissions, as they go over the Internet, are almost impossible to use if intercepted. Some are third-party programs, others are vendor-specific.

Tools for data encryption are widely available, but according to one report, they are rarely used.

Note that encrypting a phone call involves having both sides capable of encrypting and decrypting data. That means that encryption works best within the company, such as in organizations that already have a VPN (Virtual Private Network) set up to protect text-based data transfers. It is also possible to coordinate encryption with out-of-local-network people you frequently exchange calls with.

Encryption is just one part of the security issue. An even bigger threat is simply put a Trojan Horse program on a PC or a server that intercepts the call before it is encrypted or after it is decrypted. That means you must make sure that your basic antivirus protections are strong, and that you get expert in monitoring network activity.

Your VOIP provider should offer you services for setting up and monitoring security. If they don’t have that kind of expertise and are incapable of consulting with your company about t, you have a problem.

What can you do to help reverse that trend? Here are some tips provided by Michael Davis, CEO of Savid Technologies, at the recent Black Hat security conference in Las Vegas:

1. Learn from another industry

When companies invest in security, what are they really buying? Insurance, says Davis. So IT pros can take cues from insurance salesmen when making their cases. One tactic to borrow: Use concrete scenarios to illustrate your point.

Don’t focus on big-impact cases that have only a small chance of happening. Execs care more about high-probability threats. You can bring up stories about other companies, but focus on threats your particular organization has dealt with or narrowly avoided in the past.

2. Assemble a committee

While IT does the brunt of the security work, it can’t be the only group making decisions. A Savid study found that projects run by IT without input from the rest of the company were often aborted. The most successful projects were headed by a committee featuring representatives from IT, upper management, finance and other stakeholders.

3. Leverage users’ skills

When you’re ready to make your push, find an ally in marketing or sales to go over your presentation with you. They know more about persuasion than IT folks. If you find someone who cares about technology, he or she should be more than willing to help.

The latest mobile printing tool: an Apple iOS application from printer maker Brother.

The free application, called iPrint&Scan, runs on the iPad and iPhone and lets mobile devices link up with a brother printer over a wireless network.

Similar apps have previously been released by Epson and HP. However, those programs are specifically geared toward printing photos, whereas Brother’s offering is designed for all documents, Macworld reports.

Despite companies’ efforts to cut costs and be more environmentally friendly — and a higher environmental awareness in general — most folks are reluctant to change their behavior, at least when it comes to printing at work.

That’s the upshot of a recent survey of 1,000 UK office employees conducted by Kyocera and consultancy firm Loudhouse.

In the past 12 months, 40% of workers haven’t changed the amount of paper they print, according to the survey. Just 22% have reduced their paper use, and 37% are actually printing more now than they were a year ago.

The average employee prints a whopping 45 sheets a day, or about 10,000 a year. Of those, the report estimates 6,800 could be considered unnecessary, including 2,100 extra pages that get printed because employees don’t use double-sided printing.

One reason employees haven’t taken steps to curb that waste: a lack of a formal policy from their employers. Just under half (46%) of employers have “loose guidelines related to printing,” compared to just 24% that have a formal written policy.

Digital pens and paper.

Technicians at dent repair shop Carmedic still fill out invoices by hand after they complete a job. Except instead of ink, they use digital pens, so the information is sent immediately to the company’s headquarters.

Previously, the technicians filled out paper forms — and four copies were needed of each. That’s a lot paper.

That’s why Carmedic moved to a digital system. The company considered giving employees smartphones or other mobile devices with keyboards, but those were deemed too expensive, ComputerWorld reports.

The pens were cheaper and didn’t require technicians to learn a new system — the process is the same as ever, except with an electronic instead of ink pen.

Printer giant Lexmark has filed a patent infringement suit claiming 24 cartridge manufacturers stole its intellectual property.

The companies in the suit haven’t been announced, but the complaint is assumed to be connected to Chinese companies that sell Lexmark-compatible ink and toner, Network World reports. The company is seeking damages, as well as limitations placed on the unnamed importers.

Observers say filing the lawsuit is a risky move for Lexmark, because it brings to attention the pricing strategy used by printer manufacturers — sell printers for cheap, but turn huge profits on consumables sales.

Lexmark had already lost a similar case in 2003, when it sued a company for cloning the control chip embedded in toner cartridges that allows the machine to authenticate the cartridge.

That price, which surprised some analysts, bears witness to the importance of internet security in the larger computer world. What most observers believe is that Intel plans to embed many security features into its industry-leading processors, making them even more of market dominator.

In the short term, Intel already serves McAfee’s customers (PC makers) and there may be some antitrust issues as it is in a position to oust McAfee rivals like Symantec from the PC market. But while Intel dominates desktop and notebook computing, it contends with a lot of competition in the burgeoning handheld market (phones, PDAs, and tablets).

Here, the real advantage for Intel may be in the cloud, according to a New York Times article.

For mobile devices, the security features, whether hardware or software, tend not to reside so much in the device as in the cloud services, the severs and storage that connect the devices to the real world. And, as the Times article points out, “those data-center ‘clouds’ are running mostly industry-standard servers, powered by Intel processors. So there may be plenty of runway for Intel to execute its security-baked-into-hardware strategy on computer servers.”

In fact, 82% of those surveyed thought that “employees rarely or never consider corporate security threats in their everyday business communications.”

The biggest worry: social networking and Web 2.0 applications.

New threats are emerging due to the multitude of downloadable productivity tools, with new ones appearing all the time, including browsers extensions, widgets, and application add-ons. The problem is that while the basic program (such as the browser) might check out as relatively secure, the constant arrival of new add-ons initiated by end users expose systems to many new dangers from viruses and malware.

It’s not easy to control the use of such futures, since they are often genuine productivity aids. Plus the message of potential danger is hard to get through to end users, especially since IT departments are more prone to react to problems rather than to train employees.

Other conclusions from the survey include:

• Almost 50% see the threat from Web 2.0 usage as an urgent problem
• A key issue is finding ways to educate end users, and
• Also important is finding a way to offload at least some of the responsibility for system security with Web 2.0.

As with any sponsored survey, there is a hook: Check Point has new software (Application Control Software Blade) that helps IT departments and end users classify which downloadable add-ons and applications are present, and give help in deciding which ones might be more risky to use and blocking them. It’s an interesting concept, and you can read more about it here.

It’s possible, but it usually takes a multi-step, time consuming process at the hotel business center or the local Staples or FedEx Office. In a world where getting remote access and doing work on the road has become a snap, getting documents printed on the road as just as big a pain as it has ever been.

Ricoh announced that it is expanding its HotSpot solution, to include new multifunctional printers and some new mobile devices.

This system allows you to send a document to HotSpot-enabled machines, either via e-mail or through a dedicated website. The printer sends you back a release code. When you arrive at the printer, you enter the release codes and the document prints out. Documents are saved on the hard disk for 72 hours, and then wiped clean.

The HotSpot approach avoids the need to have an installed driver for the output device, the biggest problem for mobile printing. It works with any originating device connected to the Internet, whether it’s a laptop, or a smartphone like the iPhone or Blackberry.

Printing from a handheld device requires the download of an app. That app can help you locate an available HotSpot printer geographically.

The HotSpot rollout is still in the early stages, but there are already a pretty good number of installed printers on the system, mostly at hotel business centers. In my area (suburban Philadelphia), I can find printers (though Ricoh’s online locator) at various nearby Hiltons, DoubleTrees, Embassy Suites, Marriotts, Sheratons, along with several universities. There are also a large number of installations around the world, from Argentina to Vietnam. We expect this to grow once the technological and financial model proves itself.

Printing from mobile devices is a growing need, and it stands to reason that, as it becomes more and more convenient, it will really take off. Ricoh is establishing itself as one of the leaders in this emerging field.