In the news, the British Prime Minister Brown has expressed concern regarding the recent security breach that left about half of the British population’s addresses and banking information out in the open, well somewhere out there. The said information was lost while in-transit through the British Post system contained within two computer data disks. This headline dated November 21’st of this year highlights the need for greater security with regards to the handling and safekeeping of vital personal information.

The event happened when a Junior official of the British Government’s Finance Department downloaded the information off a government website for use on another agency. It was then sent through courier service to that agency which was not named but when the disks didn’t arrive after a few days alarm bells started to ring and the police was brought into the investigation to help with the case. The problem was so great that the British Prime Minister apologized to the British public when speaking in Parliament much to the disgust of the MP’s and the public in general.
This event sparks new urgency in the way we handle and treat information even those categorized as personal. The information that was lost had information that was needed for the processing of millions of child and senior benefits support processing which is expected to result in outrage and disgust among many of the affected individuals.
Government’s from around the world spend millions of dollars in safeguarding information of all sorts and questions do arise from such cases such as why a junior officer had access and was even allowed to copy the said information out of a government server down to computer disks.

Tags: banking-information, information-security, lost-information, personal-data, Security Policies

Categories: General, Network Security, News, Physical Security, Privacy & Anonymity, Real-World Issues

3 Comments

Experiencing connection problems and slow transfer of data may occur at any given time for most networks. While most would immediately identify the network cards, computers, cabling or network configuration at first, the presence of unknown processes of the operating system or possible intrusions such as DOS or Ping attacks can also be considered as possible factors for the deteriorating speed issues for network administrators.

Such instances are only normal, especially for wide area networks, or networks exposed to the Internet. The mischief caused by such people can be expected, especially for people who love to try their talent in hacking and network intrusions. The prize of which is that of creating discomfort and headaches for companies that thrive on networks for business and profit.

While there are network monitors available, it would be best to get the best firewall software there is today. Some do not value the firewalls and their use until such issues arise, but just like the war on terrorism, it would be best to take on security measures before they occur to avoid bigger problems once their mischief succeeds.

Tags: IT Security Basics, Network Security, Operating Systems, Physical Security, Programming, Real-World Issues, Security Policies, Wireless Security

Categories: IT Security Basics, Network Security, Operating Systems, Physical Security, Programming, Real-World Issues, Security Policies, Wireless Security

Comments Off

Most software tools that are used today are not perfect. Weaknesses and loopholes that may encounter system operation conflicts and problems will only be natural, especially for programs that are either not immediately compatible or are prone to breakdowns every now and then. The need for a continuous development as far as applying patches and updates towards such software, such as programming languages and operating systems like Windows and Linux, is a necessity.

This is only normal considering that chinks in the armor of anything will always be revealed at times when people least expect it. This is a continuing and ongoing trend that all software developers and administrators need to attend to, considering that as the height of demand for accurate programs are increasing, the same holds true for the need to provide features and flexibility on the programming aspect of installed systems for smooth flow of automations in most business organizations and entrepreneurial undertakings.

[tags]programmer, patch updates, systems, operating system, windows, linux [/tags]

Tags: IT Security Basics, linux, Operating Systems, operating-system, patch-updates, programmer, Programming, Security Policies, Storage, systems, Tips, windows

Categories: IT Security Basics, Operating Systems, Programming, Security Policies, Storage, Tips

Comments Off

More and more companies have geared towards technology as far as using it to aid their daily operations and storing transactions for records of individual transactions. Most users are given certain privileges and rights for access towards the main server that holds the programs altogether. User policies and access are defined and declared, so that each can have specific access and user restrictions to avoid any discrepancies and problems that may occur. Such would only be natural for technology relying companies, since developed and installed programs would usually be prone to modifications and debugging along the way.

It is the duty of the appointed administrator in close relation with department heads to determine the level of access to provide to the users who will be using the system. Levels are meant to define with regards to finding up to which level access will be granted to most users who will be inputting and referring data into the system. Besides, access levels and security policies are a good way to safeguard information and avoid eventual sabotage for the entire systems in unlikely situations both internally and externally.

Tags: Network Security, Operating Systems, Programming, Security Policies, Tips

Categories: Network Security, Operating Systems, Programming, Security Policies, Tips

Comments Off

Anyone would often be advised to regularly change his password in any access points such as e-mails, log on servers and websites. Reason for this is to increase the need for security as far as gaining access and safeguarding files and pertinent information that is usually stored.

With the large number of hackers that have been cropping up one by one, various means to steal passwords,also known as phishing, or hack accounts have been their main course of action. While some would disregard such acts, the real pain begins once important messages, attachments and relevant information are tampered. True that some would not need to change passwords regularly, but just to be on the safe side, it is best to maintain a regular schedule of updating password security and make it a combination of numbers and letters to establish a more secure and harder way of being cracked or accessed by anyone today.

[tags]password theft, passwords, hacking, cracks, codes, security[/tags]

Tags: codes, cracks, Cryptography, hacking, IT Security Basics, Network Security, password-theft, passwords, Programming, Real-World Issues, security, Security Policies

Categories: Cryptography, IT Security Basics, Network Security, Programming, Real-World Issues, Security Policies

Comments Off

Electronic mail has become the buzz of the town in recent years and while some use e-mail as a means of cheaper and faster ways of sending messages and files over the Internet, it cannot be discounted that some use e-mail as a form of exploit as well, by send unrecognized files to various recipients who in the same way may not know the harmful effects that such files would bring to their personal workstations.

While there are various means of supplying computer protection such as firewalls and anti-virus protection for single and networked computers, some harmful file just tends to get past them. That is why there are specific softwares used for specific infections, particularly the Trojan developed files that do their work unnoticed.

So the next time you get mail from someone who has an attachment with questionable file name extensions, better think twice before clicking or opening it. It may cause more pain than enjoyment in most cases.

[tags]spyware,malware,trojans,security[/tags]

Tags: IT Security Basics, Malware, security, Security Policies, Spyware, Tips, trojans

Categories: IT Security Basics, Malware, Security Policies, Spyware, Tips

Comments Off

With the vast number of viruses and spyware that most people contract in their everyday exposure to the web, the need for consistent and reliable anti-virus protection software is the foremost concern of most people. To date, the awareness for such deceiving acts done over the Internet without the user even noticing it is rampant. Such viruses have caused discomfort and havoc in more cases than one and it has been the battle cry of most security software developers to adhere and answer such miscues that usually occur everyday.

[tags]malware, spyware, virus, security, anti-virus[/tags]
Network and workstation security has always been the subject of most people, especially the vulnerability that most computer stations are prone to. Updates and patches are usually the way to update reliable anti-virus software partners, but in most cases, there will always be a loophole to which hackers and advanced technology harassers would be able to come up with. Hence the needs to find a reliable software partner that can truly protect a workstation from such harmful intrusions evolve and change in time. It is just a matter of being up to date with regards to their reliability and efficiency in providing a safe surfing and exposure level once they are logged on to the World Wide Web.

Tags: anti-virus, IT Security Basics, Malware, Network Security, Programming, Real-World Issues, security, Security Policies, Spyware, virus

Categories: IT Security Basics, Malware, Network Security, Programming, Real-World Issues, Security Policies, Spyware

Comments Off

At the rate that hackers and more people are becoming wiser as far as discovering technology and its flaws today, the best way is to have ready back-up procedures for databases and important documents and spreadsheets just in case of system intrusion and crashes. While it is true that most companies are continuously developing software to be able to limit such malicious intentions, it cannot be discounted that the safest way is to have ready back-ups which can be easily restored at any time of their liking.

The question is when to back-up and what to back up. For most people, backing up periodically is the common practice. But for more important documents and reference materials, archiving them as often as possible is the safest way to be sure. People should not wait for the last minute to back-up their files since with the fast pace of technology comes the fast pace development of hackers today.

[tags]backup,archiving,network security[/tags]

Tags: archiving, backup, Backups, IT Security Basics, Network Security, Security Policies, Storage, Tips

Categories: Backups, IT Security Basics, Network Security, Security Policies, Storage, Tips

Comments Off

802.11 Wired Equivalent Privacy (WEP) doesn’t provide enough security for most enterprise wireless LAN applications. Because of static key usage, it’s fairly easy to crack WEP with off-the-shelf tools. This motivates IT managers to use stronger dynamic forms of WEP.

The problem to date, however, is that these enhanced security mechanisms are proprietary, making it difficult to support multi-vendor client devices. The 802.11i standard will eventually solve the issues, but it’s not clear when the 802.11 Working Group will ratify the 802.11i standard.

As a result, the Wi-Fi Alliance has taken a bold step forward to expedite the availability of effective standardized wireless LAN security by defining Wi-Fi Protected Access (WPA) while promoting interoperability. With WPA, an environment having many different types of 802.11 radio NICs, such as public hotspots, can benefit from enhanced forms of encryption.
Inside WPA

WPA is actually a snapshot of the current version of 802.11i, which includes Temporal Key Integrity Protocol (TKIP) and 802.1x mechanisms. The combination of these two mechanisms provides dynamic key encryption and mutual authentication, something much needed in WLANs.

As with WEP, TKIP uses the RC4 stream cipher provided by RSA Security to encrypt the frame body and CRC of each 802.11 frame before transmission. The issues with WEP don’t really have much to do with the RC4 encryption algorithm. Instead, the problems primarily relate to key generation and how encryption is implemented.

TKIP adds the following strengths to WEP:

48-bit initialization vectors. WEP produces what’s referred to as a “keyschedule” by concatenating a shared secret key with a randomly-generated 24-bit initialization vector (IV). WEP inputs the resulting keyschedule into a pseudo-random number generator that produces a keystream equal to the length of the 802.11 frame’s payload. With a 24 bit IV, though, WEP eventually uses the same IV for different data packets. In fact, the reoccurrence of IVs with WEP can happen within an hour or so in busy networks. This results in the transmission of frames having encrypted frames that are similar enough for a hacker to collect frames based on the same IV and determine their shared values, leading to the decryption of the 802.11 frames. WPA with TKIP, however, uses 48-bit IVs that significantly reduce IV reuse and the possibility that a hacker will collect a sufficient number of 802.11 frames to crack the encryption.

Per-packet key construction and distribution. WPA automatically generates a new unique encryption key periodically for each client. In fact, WPA uses a unique key for each 802.11 frame. This avoids the same key staying in use for weeks or months as they do with WEP. This is similar to changing the locks on a house each time you leave, making it impossible for someone who happened to make a copy of your key to get in.

Message integrity code. WPA implements the message integrity code (MIC), often referred to as “Michael,” to guard against forgery attacks. WEP appends a 4-byte integrity check value (ICV) to the 802.11 payload. The receiver will calculate the ICV upon reception of the frame to determine whether it matches the one in the frame. If they match, then there is some assurance that there was no tampering. Although WEP encrypts the ICV, a hacker can change bits in the encrypted payload and update the encrypted ICV without being detected by the receiver. WPA solves this problem by calculating an 8-byte MIC that resides just before the ICV.

For authentication, WPA uses a combination of open system and 802.1x authentication. Initially, the wireless client authenticates with the access points, which authorizes the client to send frames to the access point. Next, WPA performs user-level authentication with 802.1x. WPA Interfaces to an authentication server, such as RADIUS or LDAP, in an enterprise environment. WPA is also capable of operating in what’s known as “pre-shared key mode” if no external authentication server is available, such as in homes and small offices.

An issue that WPA does not fix yet is potential denial of service (DoS) attacks. If someone, such as a hacker or disgruntled employee, sends at least two packets each second using an incorrect encryption key, then the access point will kill all user connections for one minute. This is a defense mechanism meant to thwart unauthorized access to the protected side of the network.

You will be able to upgrade existing Wi-Fi-compliant components to use WPA through relatively simple firmware upgrades. As a result, WPA is a good solution for providing enhanced security for the existing installed base of WLAN hardware.

The eventual 802.11i standard will be backward compatible with WPA; however, 802.11i will also include an optional Advanced Encryption Standard (AES) encryption. AES requires coprocessors not found in most access points today, which makes AES more suitable for new WLAN installations.

Tags: IT Security Basics, Network Security, Real-World Issues, Security Policies, Storage, Tips, Wireless Security

Categories: IT Security Basics, Network Security, Real-World Issues, Security Policies, Storage, Tips, Wireless Security

Leave a Comment

Companies these days provide for mobile devices their employees use to ensure they’re available at all times. The downside of this is that their employees may also use these laptops and phones for personal use, all at the company’s expense, and the real risk of losing valuable data if they’re stolen. We’ve talked about data breaches caused by stolen laptops before. Companies should begin weighing the advantage of employee mobility with the disadvantages of possible data loss and decreased productivity.

It’s become much easier for employees to download movies, music, and watch video streaming while in the office and then load them to their mobile devices. Instead of working, they might be tempted to watch their downloads during company hours. Some pornography and gambling sites have begun to exploit this trend by offering their services for phones. These are the very same sites most hackers use to spread their viruses. This way confidential data on these devices can be breached and destroyed even without the user’s knowledge.

For the past few years companies have filtered e-mail and limited web access in the office, but similar control does not exist for mobile devices. Until the advent of similar filtering software, companies can opt to acquire and manage the distribution of their phones to their employees. In such a situation each employee is responsible for their usage. They can also create guidelines and policies to limit how the employees can and cannot use their phones, though they should be aware that their employees will resist stringent control.

[tags]mobility,productivity,mobile devices,filtering software,usage,software,employess[/tags]

Tags: employess, filtering-software, mobile-devices, mobility, productivity, Real-World Issues, Security Policies, software, usage

Categories: Real-World Issues, Security Policies

Comments Off