Research has shown that a survey conducted within a large company shows that although telecommuting is very much productive for many firms it tends to be on the downside for those employees who do stay within the physical office itself. This can be in the areas of personal assistants/secretaries and other office workers who are left to run the office in the absence of their counterparts/coworkers. This leads to dissatisfaction in the workplace hence lowering productivity and encouraging home-bodies to engage in dangerous liaisons from within and outside of the office.
The hatred felt is seen in the rising occurrences of these same people becoming the entry point for attacks on corporate networks when they visit social sites to pass on the otherwise boring day. This is also counterproductive for their attention to work and the other nuances such as physical security and IT security is so much a threat that it is under study on how to improve the working conditions for these people. They are distracted and left to do almost anything they please which is where the security gap seems to be, using the corporate network to access social sites to which they are members of. Even the installation of hardware and software security measures cannot guarantee security coverage at all angles for the main security risk is still the human behind the keyboard who does the typing and not on the structure of the system itself. It might be helpful to get them out more often to allow their facilities more practice letting the steam and pressures/boredom to dissipate. Role rotation may be a key but is not always feasible for there are certain knowledge associated issues that have to be addressed to be able to do that. Training and re-training people allows them to sharpen skills and add new knowledge to their already bored lives.
Tags: Mobile-Workforce, Telecommuting
Categories: General, Instant Messaging, IT Security Basics, Malware, Network Security, Physical Security, Privacy & Anonymity, Real-World Issues, Security Policies
This has been proven true by incidents broadcast around the world in minutes or hours after they have happened. Many have suffered the consequences of such incidents in the UK, US and mostly each and every place on earth where people have had their information taken and used for no good before there was even a sign that there was a problem.
Big business has been reminded again and again that complacency is it’s worst enemy and they have failed again and again at the area. Why? Well first, total protection is almost always imperfect and somebody out there with enough intent and resources can break-in however expensive the protection methods may be. Next is that the best systems for protection is always the ones that cost too much yet they still remain vulnerable and hackable. Contrary to most ad’s you see in print, the internet or your Television there is no one true solution to protection, for if the hardware and software measures succeed in protecting you, the human behind the computer/s are always the biggest risk. That is why even the most expensive solutions are used in conjunction with other solutions to provide the best of both worlds combining physical and software solutions hoping that combination will be enough protection from the continuous influx of attacks from the web and elsewhere. Encryption is nice but it takes a lot of computing power to implement making it too expensive for implementation on all levels of the company. All of these high-tech solutions and hardware would be nothing if the people using the various computer systems in the said organization fail to use them so the weakest link in every system is still the human. Strict adherence and compliance is the key with systems that process information somewhat autonomously already in use doing the searching and classification of information without the user’s input. This uses the latest in Artificial Intelligence with minimal intervention or input from the users.
Tags: IT Security Basics
Categories: Cryptography, General, IT Security Basics, Network Security, Physical Security, Privacy & Anonymity, Real-World Issues, Security Policies
Biometrics is seen as the next step in computer systems security and access control due to the failure of more primitive and fundamental security systems. Fingerprint scanners, passwords, security keys and even smartcards have failed miserably in providing the ultimate and most secure intrusion prevention method for just about anything. From your home, car, computer terminal at work to just about anything else that needs security, it has be come more and more of a must due to the increasing threat of identity theft and other computer related crimes in and out of the workplace.
Biometrics are security systems that are based on the differences the human body manifests in terms of eye structure, facial features and now vein geometry. We’ve all heard of DNA or the so-called blueprint for life and the way it makes each and every human different from everyone else on this earth (well, except for some genetic disorders and diseases that changes the DNA makeup). That is what biometrics takes advantage of as a source of a very unique key or method of identifying one from another person.
Your fingerprint is mapped when it is initially scanned into a computer system which convert’s your analog (actual) print into a digital map that is as unique as you are an individual. Iris scanners take into account the differences the iris has from each and every individual (through the use of a low powered light and scanner to obtain a picture of the eye’s iris which is also unique). Voice recognition takes into account, the differences our voices have from everybody else also converting it into a digital map or password of sorts. Vein geometry, uses a thermal imaging camera to take a picture of your hand or whole body which is sensitive to heat showing all the blood vessels which show as hotspots thus giving you a unique id of sorts as that is also mapped and converted into digital form. All of the above biometrics systems rely on our individual differences which are quite unique to us and add onto it, other more basic security measures such as a physical key (password, key or other devices) to give the ultimate security system preventing intrusion.
Tags: identity-theft, Secure workplace
Categories: General, IT Security Basics, Network Security, Operating Systems, Physical Security, Real-World Issues, Security Policies
If you are in charge of network security, one thing you may want to consider as far as laying down the law in safeguarding your network is the regular change of user passwords to avoid potential hackers and cracks based on how their passwords can be easily guessed.
For some users, it is easy to figure out their passwords. The normal passwords that people use include:
1. Birthdays
2. Anniversaries
3. Car Plate Numbers
4. Mobile Phone Numbers
5. Adding 123 to their names, or
6. Using “PASSWORD” as their password
Now there will be a lot of potential combinations depending on the length of the password. That is why the longer passwords (8 alphanumeric characters) are encouraged for users who access the network.
But while the probabilities of guessing or cracking passwords offer a lot possibilities, employing a regular maintenance as far as changing them is indeed something ideal to combat these hackers or malicious people from gaining access to the network and the programs in use.
Once cannot avoid the fact that some people’s curiosity and call for fame are the main reasons for wanting to be a hacker or code cracker. It is evident in people who are looking to try out their skill. They don’t think of the outcome which can cause a lot of problems.
So one good tip to avoid being hacked is to think like one. Once you do, think of security policies that can make it hard for you to breach a system. That is the best way to stay efficient in your line of duty in any organization.
Tags: network, passwords, security, systems
Categories: IT Security Basics, Network Security, Security Policies
The world of cyber-crime has grown so much in these past few years due to the explosion of growth with respect to the number of internet users the world over. It has not only expanded on the side of normal people but on the side of cyber-criminals who now operate on their own networks, spanning the globe and ready to spread their products, malicious code that first scans the globe for weak points in the security net that we all put up to somewhat give us a sense of security from the ever-growing threat which is actually futile to some extent. Read the rest of this entry »
Tags: Malware, security
Categories: General, IT Security Basics, Malware, Network Security, News, Real-World Issues, Security Policies
A lot of the viruses and Trojans today find their way into a network or a computer using emails. They come in the form of links or attachments which are always a risk for anyone especially if they don’t have the proper software to screen these files being sent via email. One good way to go about it is to set limits as far as the main email configuration server is concerned. While it may not be able to screen links in emails, attachments of any sort can be minimized.
A good way to provide manual preventive measures is through memorandums and of course lectures that IT personnel can provide to the people in an organization. Newsletters are another option, warning people of virus alerts and how they can make their way into computers.
Spreading in networks starts from one computer. These are a given. So if network and security administrators want to avoid having to address such issues, it would be best to start by safeguarding workstations and orienting people of the threat of such.
Of course, not all people will be listening to you. As far as they are concerned, it is the duty of IT personnel to block them off even before they reach the individual mailboxes. Petty as it may seem, it would be best to use all precautions necessary. While many people will not cooperate, there are measures a good IT person can do and it all starts with research and beefing up security measures through software and policy declarations.
Tags: email security, space
Categories: IT Security Basics, Network Security, Spyware
If you’re a freelance web developer – doesn’t matter if you mostly restrict yourself to visual designs – you have to invest some time in educating yourself properly about the current security trends in web development. The popularity of the Internet has made it an equally popular platform for malicious users who attempt to exploit its vulnerabilities – and as a web developer, it should be among your top priorities to stay in touch with the trends.
This is especially valid for those of you who work on dynamic websites with various scripted elements and database interaction – a small flaw can quickly magnify to become a tremendous hole in your security, and you simply can’t afford to let that happen in the solutions you provide to your clients. There are various courses that aim to teach you the basics of implementing security in your designs, but keep in mind that trends change constantly. Read the rest of this entry »
Tags: Business Solutions, Business Tools, Freelance Jobs, Web Development, Web security
Categories: General, IT Security Basics, Malware, Network Security, Tips
Worms and Trojans can make their way into local intranets fast if you don’t have a good firewall to protect your networking environment. Most of it originates from overlooked files like granting access to the Internet for specified users. But rest assured, unless you document and orient these people on potential risks, chances are the ones to whom you grant access will be the bane of your network security issues.
A worm can multiply fast if not contained immediately. For one, it can affect the whole network. So how do you go about it?
1. Unplug all the computers from the network. Cable disconnection would be a good start. If they are not connected, then there is no place for them to go. Depending on the number of workstations, you may have your work cut out for you. But at least it defeats the need to come and go from one workstation to the other once one is cleaned.
2. Scan the computers manually using a CD. As much as possible use a write-once optical disc. This way, if you find the worm or virus, you have it cornered. There is no place to hide nor go for them.
3. Restart and make a second check. Make sure everything is clean for one workstation. Do this for the rest of the computers that have been potentially affected.
This process requires a lot of patience. But it beats having to turn to the usual formatting and clean everything from scratch. It is indeed demoralizing, but the thing is, you just have to deal with it since better security policies need to be enforced on your end as far as users are concerned.
Tags: Malware, networkin, trojans, worms
Categories: Malware, Network Security
It is perhaps the headache of any IT head when it comes to implement policies to have a smooth running network and department. But while the essence of a good security system is evident, it is really the implementation part that is hard to accomplish.
For one, the transition and building of security awareness from various threats that can easily make their way towards an acclaimed secure network is abundant. Manually or transmitted, suspicious files will always find a way especially if you are not that adamant towards making sure that all bases are covered as far as the security of your system and data is concerned.
Many people fail to appreciate that value of the data they have gathered. They fail to appreciate the value of a strict IT policy mainly because all they care about is a workstation to use and opening files (both internal and external) as they please. So if you put all these things together, you can imagine the problems that an IT guy has to work with. But to some, taking the initiative such as passwords and some hardware exclusions has to be made.
If you notice, some drives like the usual floppy drives or even USB ports are either missing or disabled. To make them work, certain permissions and passwords are set for them to be enabled. Only the IT administrator would know these security measures and basic as they may seem, they really help a lot.
This is just a basic but effective way that IT personnel use. There are the usual network policies but for the sake of people who want to making it doubly sure, old and basic practices such as this is perhaps the best way to go.
Tags: it, management, policy
Categories: IT Security Basics, Network Security, Operating Systems, Physical Security, Privacy & Anonymity, Security Policies
If there is one thing to be learned from Mr. Terry Childs, a talented network engineer who was jailed due to computer tampering, you better be careful at who you choose to have administrative rights as far as network access and security is concerned. Apparently for some reason, Mr. Childs has refused to turn over the administrative passwords for the larger part of the San Francisco Department of Technology FiberWAN.
A petty issue with a run-in that he had with his agency had was said to be the cause of it all. But while that may sound off-topic, he has been tagged as becoming unstable and apparently this has lead to his being charged with four felony counts of computer tampering. The bail was set at $5 million dollars which most people including his lawyer said was crazy.
Let this be a lesson that the power of technology, once it goes to the wrong hands, may be entirely catastrophic. While technology breakthroughs are something to look up to, it remains that the people behind them have to be likewise trusted. Better yet, it would be best to have the technology guy and an authorized executive have access to make sure that nothing of this nature would occur as well.
Childs was said to be maniacal at the start so you have to wonder, why did you entrust the guy with the passwords and rights to the network security? Surely this was already a problem at the start and now that it has escalated towards paralyzing most of the operations only one man who is obviously psychologically disturbed holds the key to it. No wonder the bail was set at such a crazy amount of $5 Million!
Source
Tags: computer tampering, felony, FiberWAN, Network Security, San Francisco Department of Technology, terry childs
Categories: IT Security Basics, Network Security, News, Operating Systems, Real-World Issues, Security Policies
Research has shown that a survey conducted within a large company shows that although telecommuting is very much productive for many firms it tends to be on the downside for those employees who do stay within the physical office itself. This can be in the areas of personal assistants/secretaries and other office workers who are left to run the office in the absence of their counterparts/coworkers. This leads to dissatisfaction in the workplace hence lowering productivity and encouraging home-bodies to engage in dangerous liaisons from within and outside of the office. 
