In every office, you have to have some policies when it comes to sharing of files and downloading of files. Why? For one thing, those computers are the company’s resources. And it should be that during work hours, people ought to limit their downloads except for materials that are necessary for their work to get done.
How do you formulate your policies when it comes to these matters?
If you are working in a creative environment, anything could be used as your inspiration. That is why there are companies who allow surfing within office hours and it does not really matter what sites you visit. Although some of them do block some sites that are mainly of the personal nature like Friendster, My Space and other similar sites. There are also some that ban blogging services like Blogger. They would even issue memos regarding the matter.
If you work in a strictly confidential project, it would be difficult to try to make sure that nothing leaks out. If you are connected via the Internet, chances are your works could be intercepted in one way or another by hackers. So you have to be careful that you have firewall activated. As others would say, just block off everything except interoffice email.
Employees must be briefed carefully so that they will not be surprised in case they were surfing the ‘net one time and they find out that there are blocked sites. Also, you have to make sure you observe how the employees work. Those in the financial business would have to guard a lot of information. They would have to ensure that the employees understand the policies and that they would follow them in order to ensure that everything will be secure. After all, it is better to be safe than sorry. You would not want to lose your valuable clients.
Tags: internet, office, Real-World Issues, security, Security Policies, work
Categories: Real-World Issues, Security Policies
Harmful objects can be obtained from the web. We are all aware that Malware and Trojans are rampant objects that have been wandering of anywhere on the Internet, especially websites that are often visited by people for reference and information. Such sites would get hijacked and also contaminate visiting users as well, something that can be done through Internet cookies stored on the web folder in the machines.
While developers and security administrators have religiously searched for ways to find such solutions, the ever changing development of new threats coming from the Internet has been far from over. To date, even the well-protected workstations can still be penetrated by objects that are not immediately visible.
Internet fences in the form of firewalls and software protection templates have tried to stop such intrusions but need to be updated frequently to answer the related threats. Without such temporary fences that are up, workstations are sitting ducks waiting to be shot, and if web administrators are not up to date with the new threats, the fences used are good as gone once they occur.
Tags: firewall, Malware, Spyware, trojans
Categories: IT Security Basics, Malware, Network Security, Physical Security, Security Policies, Spyware
In general, teaching people is a difficult task. You have to carefully plan on how to address them and be relevant. Each person would have different needs. Whether you plan to teach your staff and employees, or your family and friends, you have to brace yourself.
Some of the factors that would affect how you would teach them about IT security are as follows:
- the person’s experience with computers
Has the person used a computer before? What has the person done so far? Install an operating system? Used some particular applications like word processing software or a web browser like Internet Explorer?
- the person’s experience with going online
Each of us would have had different experiences when it comes to our online presence and habits like downloading, checking email and the like. When it comes to downloading materials be it online textbooks or anything else, it would be good to take a profile of the sites the person uses as resources.
- enthusiasm
Whether you believe it or not, enthusiasm could affect the reception of the person to ideas and all that. Talking about security is not exactly the same as talking about your favorite car or favorite pet. Unless you think you could gush about firewalls and all those details, that is. Then again, it depends on the person’s experience, as said before.
No matter how easy or difficult it could be, no matter what background the person has, this is an important thing to learn. You are the one who can do it. May you teach them well.
Tags: Real-World Issues, Security Policies
Categories: Real-World Issues, Security Policies
Viruses and malware issues are far from being a thing of the past. On the contrary, they seem to grow large by numbers as each day passes. Thus the works of security software companies have their work cut out for them. There is not definite date to which such threats and intrusions would wholly be resolved.
For the time being, it would be advisable for people to scan third party storage devices such as diskettes, USB drives and mobile storages to be safe and sound. These wandering viruses can attack at any time and this is a fact anywhere computer related materials are concerned.
Files can go as far as infecting the executable files, hence document, excel and compiled scripts are baits for immediate infection and malicious intrusions. Software applications also have their limits as their development teams cater only to a specific genre for known harmful files. But it is better to lower the risk of intrusion than not having protection at all.
[tags]scan, spyware, virus, infections, spyware, malware, trojans[/tags]
Tags: infections, Malware, scan, Spyware, trojans, virus
Categories: Backups, IT Security Basics, Malware, Network Security, Operating Systems, Programming, Real-World Issues, Security Policies, Spyware, Storage, Tips, Wireless Security
The world of cyber-crime has grown so much in these past few years due to the explosion of growth with respect to the number of internet users the world over. It has not only expanded on the side of normal people but on the side of cyber-criminals who now operate on their own networks, spanning the globe and ready to spread their products, malicious code that first scans the globe for weak points in the security net that we all put up to somewhat give us a sense of security from the ever-growing threat which is actually futile to some extent. Read the rest of this entry »
Categories: General, IT Security Basics, Malware, Network Security, News, Real-World Issues, Security Policies
If you have not heard, the RSA 2009 security conference was held in San Francisco in the past week. This conference is a significant one in the industry, and even more so now since we have been facing many different and new threats cropping up here and there. This year, however, what I have been reading about the RSA is not that good. A lot of people are saying that it came a little flat.
John Oltsik of CNET blames the economy for this. He also points out three other reasons:
1.The speakers. The keynote speakers really had nothing new to say. This was especially troubling because the lineup looked so strong. Unfortunately, the most disappointing speaker of all was President Obama’s cybersecurity point person, Melissa Hathaway, who read from a script and said next to nothing about her cybersecurity research effort. Hathaway underwhelmed an audience of security professionals, missing an opportunity to bond with a constituency whose support is critical to her success.
2. The topics. In the past, there was always one topic at RSA that grabbed everyone’s attention. Not this year–same old tired stuff.
3. The vendors. I’m now convinced that most security vendors have no conception of what their customers need. Vendors pitch point technology solutions while users are crying for help to secure their IT-based business processes. There are really only a few security vendors that recognize this. I can’t overstate how much this disconnect alienates the security community.
It is pretty depressing, isn’t it? Do you have other perspectives that might give us more positive views?
Categories: General, News, Security Policies
Who said that Obama does not have a techie side to him? If reports earlier this month are to be believed, the newbie President is not ignoring the importance of cyber space. Iain Thomson of Vnunet.com had this report early this month:
US president Barack Obama has ordered an immediate 60-day review of the online security of government IT systems to check for vulnerabilities.
The review will be led by Melissa Hathaway, who has served as cyber co-ordination executive to the US Office of the Director of National Intelligence. Hathaway will also serve as acting senior director for cyberspace for the National Security and Homeland Security councils during the review period.
“The national security and economic health of the US depend on the security, stability and integrity of our nation’s cyber space, both in the public and private sectors,” said John Brennan, assistant to the president for counter-terrorism and homeland security.
First thoughts…this is wonderful; this coming from the head of the country, it should be a good sign. However, I was thinking about the 60-day limit – would this be enough? More so, are the intelligence arms going to be part of this review? I doubt that the CIA, the FBI, and the NSA will allow anyone to take a look into their systems. Maybe the review is just for the less sensitive government agencies. Who knows?
In any case, I was just thinking of those people who love hacking systems to get credit card numbers, bank account numbers, and the like. Those days will probably be gone pretty soon, don’t you think?
Categories: Malware, Network Security, News, Privacy & Anonymity, Real-World Issues, Security Policies
Did you know that starting March of this year, every single email that is sent and received in the UK will be monitored? Yep, following the law, all Internet Service Providers (ISPs) in the UK will be required to store email information for a year. Though this law requires information to be kept, the actual content of the emails are not included in the requirement.
However, the fact that information is being monitored – even private emails – has got a lot of people shifting in discontent. The details of the law were published by BBC:
-To keep details of every e-mail sent in the UK for a year
-Internet Service Providers will have to record who sent the email, to whom and when
-The e-mail’s content will not be stored
-Data can be accessed by more than 600 public bodies, such as the police and councils, if they make a valid request
-Part of a European Commission directive
Although the contents of emails are not part of the law, it does not take a rocket scientist to figure out that this gives rise to potential security breaches – BIG TIME. It is a given that the idea behind the law was born out of goodwill. After all, we do know that there are a lot of unscrupulous people out there who take advantage of the technology.
However, who is to say that this database of information will be kept secure and that no one will be able to make unauthorized use of it? That, my friends, is the biggest question. Am sure glad I am not in the UK right now.
Categories: Privacy & Anonymity, Real-World Issues, Security Policies
We know for a fact that the battle towards malicious software and viruses released on the web has caused a lot of pain as far as pinpointing and remedying them but apparently nothing has been done to really resolve them. We buy licensed software but we have to ask ourselves on the extent of their coverage. Are they up to date and can they really save us from all these uncertainties of getting online?
Microsoft has been a prime target, being one of the widely used operating systems we know of today. But while Bill Gates and company are doing their part in being able to address the various intrusions and headaches that they can do with a simple click, you just don’t know who to trust these days. Even the software companies have the ability to manipulate and do some foul work and they are occurring right under our very noses.
Security researchers concede that their efforts are largely an exercise in a game of whack-a-mole because botnets that distribute malware like worms, the programs that can move from computer to computer, are still relatively invisible to commercial antivirus software.
So with all these things set on the table, is the cyber world safe for anyone? We can fend off threats but the question is are we resolving the situation or merely providing a temporary solution to the problem? Sad to say, it is the latter. We are content with detecting them but it is really the cleaning and protection part that needs improvement.
Tags: cyber wars, internet, Malware, trojans
Categories: IT Security Basics, Malware, Security Policies, Spyware
If you are in charge of network security, one thing you may want to consider as far as laying down the law in safeguarding your network is the regular change of user passwords to avoid potential hackers and cracks based on how their passwords can be easily guessed.
For some users, it is easy to figure out their passwords. The normal passwords that people use include:
1. Birthdays
2. Anniversaries
3. Car Plate Numbers
4. Mobile Phone Numbers
5. Adding 123 to their names, or
6. Using “PASSWORD” as their password
Now there will be a lot of potential combinations depending on the length of the password. That is why the longer passwords (8 alphanumeric characters) are encouraged for users who access the network.
But while the probabilities of guessing or cracking passwords offer a lot possibilities, employing a regular maintenance as far as changing them is indeed something ideal to combat these hackers or malicious people from gaining access to the network and the programs in use.
Once cannot avoid the fact that some people’s curiosity and call for fame are the main reasons for wanting to be a hacker or code cracker. It is evident in people who are looking to try out their skill. They don’t think of the outcome which can cause a lot of problems.
So one good tip to avoid being hacked is to think like one. Once you do, think of security policies that can make it hard for you to breach a system. That is the best way to stay efficient in your line of duty in any organization.
Tags: network, passwords, security, systems
Categories: IT Security Basics, Network Security, Security Policies
