The hatred felt is seen in the rising occurrences of these same people becoming the entry point for attacks on corporate networks when they visit social sites to pass on the otherwise boring day. This is also counterproductive for their attention to work and the other nuances such as physical security and IT security is so much a threat that it is under study on how to improve the working conditions for these people. They are distracted and left to do almost anything they please which is where the security gap seems to be, using the corporate network to access social sites to which they are members of. Even the installation of hardware and software security measures cannot guarantee security coverage at all angles for the main security risk is still the human behind the keyboard who does the typing and not on the structure of the system itself. It might be helpful to get them out more often to allow their facilities more practice letting the steam and pressures/boredom to dissipate. Role rotation may be a key but is not always feasible for there are certain knowledge associated issues that have to be addressed to be able to do that. Training and re-training people allows them to sharpen skills and add new knowledge to their already bored lives.

Big business has been reminded again and again that complacency is it’s worst enemy and they have failed again and again at the area. Why? Well first, total protection is almost always imperfect and somebody out there with enough intent and resources can break-in however expensive the protection methods may be. Next is that the best systems for protection is always the ones that cost too much yet they still remain vulnerable and hackable. Contrary to most ad’s you see in print, the internet or your Television there is no one true solution to protection, for if the hardware and software measures succeed in protecting you, the human behind the computer/s are always the biggest risk. That is why even the most expensive solutions are used in conjunction with other solutions to provide the best of both worlds combining physical and software solutions hoping that combination will be enough protection from the continuous influx of attacks from the web and elsewhere. Encryption is nice but it takes a lot of computing power to implement making it too expensive for implementation on all levels of the company. All of these high-tech solutions and hardware would be nothing if the people using the various computer systems in the said organization fail to use them so the weakest link in every system is still the human. Strict adherence and compliance is the key with systems that process information somewhat autonomously already in use doing the searching and classification of information without the user’s input. This uses the latest in Artificial Intelligence with minimal intervention or input from the users.

Biometrics are security systems that are based on the differences the human body manifests in terms of eye structure, facial features and now vein geometry. We’ve all heard of DNA or the so-called blueprint for life and the way it makes each and every human different from everyone else on this earth (well, except for some genetic disorders and diseases that changes the DNA makeup). That is what biometrics takes advantage of as a source of a very unique key or method of identifying one from another person.

Your fingerprint is mapped when it is initially scanned into a computer system which convert’s your analog (actual) print into a digital map that is as unique as you are an individual. Iris scanners take into account the differences the iris has from each and every individual (through the use of a low powered light and scanner to obtain a picture of the eye’s iris which is also unique). Voice recognition takes into account, the differences our voices have from everybody else also converting it into a digital map or password of sorts. Vein geometry, uses a thermal imaging camera to take a picture of your hand or whole body which is sensitive to heat showing all the blood vessels which show as hotspots thus giving you a unique id of sorts as that is also mapped and converted into digital form. All of the above biometrics systems rely on our individual differences which are quite unique to us and add onto it, other more basic security measures such as a physical key (password, key or other devices) to give the ultimate security system preventing intrusion.

If you are in charge of network security, one thing you may want to consider as far as laying down the law in safeguarding your network is the regular change of user passwords to avoid potential hackers and cracks based on how their passwords can be easily guessed.

For some users, it is easy to figure out their passwords. The normal passwords that people use include:

1. Birthdays
2. Anniversaries
3. Car Plate Numbers
4. Mobile Phone Numbers
5. Adding 123 to their names, or
6. Using “PASSWORD” as their password

Now there will be a lot of potential combinations depending on the length of the password. That is why the longer passwords (8 alphanumeric characters) are encouraged for users who access the network.

But while the probabilities of guessing or cracking passwords offer a lot possibilities, employing a regular maintenance as far as changing them is indeed something ideal to combat these hackers or malicious people from gaining access to the network and the programs in use.

Once cannot avoid the fact that some people’s curiosity and call for fame are the main reasons for wanting to be a hacker or code cracker. It is evident in people who are looking to try out their skill. They don’t think of the outcome which can cause a lot of problems.

So one good tip to avoid being hacked is to think like one. Once you do, think of security policies that can make it hard for you to breach a system. That is the best way to stay efficient in your line of duty in any organization.

A lot of the viruses and Trojans today find their way into a network or a computer using emails. They come in the form of links or attachments which are always a risk for anyone especially if they don’t have the proper software to screen these files being sent via email. One good way to go about it is to set limits as far as the main email configuration server is concerned. While it may not be able to screen links in emails, attachments of any sort can be minimized.

A good way to provide manual preventive measures is through memorandums and of course lectures that IT personnel can provide to the people in an organization. Newsletters are another option, warning people of virus alerts and how they can make their way into computers.

Spreading in networks starts from one computer. These are a given. So if network and security administrators want to avoid having to address such issues, it would be best to start by safeguarding workstations and orienting people of the threat of such.

Of course, not all people will be listening to you. As far as they are concerned, it is the duty of IT personnel to block them off even before they reach the individual mailboxes. Petty as it may seem, it would be best to use all precautions necessary. While many people will not cooperate, there are measures a good IT person can do and it all starts with research and beefing up security measures through software and policy declarations.

This is especially valid for those of you who work on dynamic websites with various scripted elements and database interaction – a small flaw can quickly magnify to become a tremendous hole in your security, and you simply can’t afford to let that happen in the solutions you provide to your clients. There are various courses that aim to teach you the basics of implementing security in your designs, but keep in mind that trends change constantly.

And with that in mind, you should direct your attention towards discussion boards and other places where people actively talk about the latest events in the security world – because in the end, it pays a lot more than reading a book written ten years ago. And it’s also free.

It can be very difficult to find exploits in your own creations, especially when working on more complicated projects with tight deadlines. To this end, it greatly helps to have a friend or two who can help you poke holes in your security. You’d be surprised how easy it is for an outsider to spot the mistakes in your design!

Worms and Trojans can make their way into local intranets fast if you don’t have a good firewall to protect your networking environment. Most of it originates from overlooked files like granting access to the Internet for specified users. But rest assured, unless you document and orient these people on potential risks, chances are the ones to whom you grant access will be the bane of your network security issues.

A worm can multiply fast if not contained immediately. For one, it can affect the whole network. So how do you go about it?

1. Unplug all the computers from the network. Cable disconnection would be a good start. If they are not connected, then there is no place for them to go. Depending on the number of workstations, you may have your work cut out for you. But at least it defeats the need to come and go from one workstation to the other once one is cleaned.
2. Scan the computers manually using a CD. As much as possible use a write-once optical disc. This way, if you find the worm or virus, you have it cornered. There is no place to hide nor go for them.
3. Restart and make a second check. Make sure everything is clean for one workstation. Do this for the rest of the computers that have been potentially affected.

This process requires a lot of patience. But it beats having to turn to the usual formatting and clean everything from scratch. It is indeed demoralizing, but the thing is, you just have to deal with it since better security policies need to be enforced on your end as far as users are concerned.

It is perhaps the headache of any IT head when it comes to implement policies to have a smooth running network and department. But while the essence of a good security system is evident, it is really the implementation part that is hard to accomplish.

For one, the transition and building of security awareness from various threats that can easily make their way towards an acclaimed secure network is abundant. Manually or transmitted, suspicious files will always find a way especially if you are not that adamant towards making sure that all bases are covered as far as the security of your system and data is concerned.

Many people fail to appreciate that value of the data they have gathered. They fail to appreciate the value of a strict IT policy mainly because all they care about is a workstation to use and opening files (both internal and external) as they please. So if you put all these things together, you can imagine the problems that an IT guy has to work with. But to some, taking the initiative such as passwords and some hardware exclusions has to be made.

If you notice, some drives like the usual floppy drives or even USB ports are either missing or disabled. To make them work, certain permissions and passwords are set for them to be enabled. Only the IT administrator would know these security measures and basic as they may seem, they really help a lot.

This is just a basic but effective way that IT personnel use. There are the usual network policies but for the sake of people who want to making it doubly sure, old and basic practices such as this is perhaps the best way to go.

A petty issue with a run-in that he had with his agency had was said to be the cause of it all. But while that may sound off-topic, he has been tagged as becoming unstable and apparently this has lead to his being charged with four felony counts of computer tampering. The bail was set at $5 million dollars which most people including his lawyer said was crazy.

Let this be a lesson that the power of technology, once it goes to the wrong hands, may be entirely catastrophic. While technology breakthroughs are something to look up to, it remains that the people behind them have to be likewise trusted. Better yet, it would be best to have the technology guy and an authorized executive have access to make sure that nothing of this nature would occur as well.

Childs was said to be maniacal at the start so you have to wonder, why did you entrust the guy with the passwords and rights to the network security? Surely this was already a problem at the start and now that it has escalated towards paralyzing most of the operations only one man who is obviously psychologically disturbed holds the key to it. No wonder the bail was set at such a crazy amount of $5 Million!

Source