Skip to main content

Computer Security : Part - C

How to Keep Our Business Computers and Online Information Secure:

Following important things we can do to make our business computer (and DATA) more secure. While no individual step will completely eliminate our risk, together these practices will make our business computer’s defense strong and minimize the threat of malicious activity.

Conduct A Security Audit:

If we don’t know what parts of our business are vulnerable or what data we have that needs to be protected, we can’t properly secure it. It is critical that we work with a professional to audit our entire IT infrastructure computers, network, and mobile devices—to determine what we need to do to prevent hackers from accessing our network.

Secure Our Hardware:

Of the Seattle-area companies that were hacked, more than 40 had their physical premises broken into by burglars who grabbed electronic equipment. In one case, the gang snatched more than $300,000 in servers, laptops, cell phones and other items. Security cameras recorded those using handcarts to haul loads of equipment to a van over a four hour span.

For burglars who are not scared off by security alarms and motion detectors, physically locking down computers makes their job tougher. Few people feed a cable through their computer's Kensington lock port (the small metal loop found on most laptop and desktop devices) to secure it to their desk. Sure, they're relatively easy for a thief to circumvent, but the extra effort could tip the odds in our favor. "That little bit of time is something criminals usually don't want to take," Cullen says. "Time is the enemy for anyone breaking into a physical premise."

Make network storage safer by using Kensington locks or employing more robust solutions, like rack-mounting hardware and keeping server room doors closed and locked. Vancouver, Wash.-based CRU-Data Port makes several servers that can be secured with locks, USB security keys and even hardware-based encryption, ensuring that if drives are stolen, they will be unusable to the thieves.

There's also tracking software--important if our business runs on mobile laptops in the field. The tracking firm Prey uses a variety of methods to locate anything from a cell phone to a server, password-securing the machine if it goes missing and even snapping and sending pictures of the thief if the stolen device has a webcam. Low per-month rates make the small, covert program a must-install for any device that can access business data and company networks.

Update Our Computer Operating Systems:


Manufacturers upgrade security safeguards often. Sign up for the automatic updates that install security patches. Hackers often are on the lookout for systems that don’t have the latest safeguards. And look into anti-virus software, again with automatic updates. Software should also be put in place to block spam and detect spyware, the programs that can be surreptitiously installed from outside a computer system and feed sensitive information to the intruder.

Lock Our Network:

Many hacking victims are compromised via Wi-Fi networks, through a technique called "wardriving". In cars outfitted with high-powered antennas, hacker gangs drive around cities, scanning for unlocked or poorly protected networks. Once a vulnerable Wi-Fi hot spot is found, the crooks are as good as in the company's front door, scouring machines on the network for passwords and financial data.

The best defense against exploits like wardriving is to have no wireless network at all. Wired networks, while less versatile, are more secure, because users have to access them by either plugging into physical outlets or hacking modem ports. But if our company must have a wireless network, disable the service set identifier (SSID) broadcasting function on the wireless router. This creates a cloaked or hidden network, invisible to casual Wi-Fi snoops and accessible only to users with the exact network name. Small businesses like coffeehouses can also do this just periodically change the network's information and place a small sign near the register with the current network name and pass code.

If we're using Wi-Fi, update it to the latest encryption standard. Some Seattle wardriving victims had enabled Wired Equivalent Privacy (WEP), an easily cracked algorithm that fell out of favor almost 10 years ago, and thought their networks were secure. WPA2, the current standard, has a longer encryption key that is more difficult to break into. To make our data even safer, create a nonsense password with numbers, special characters and capital letters. Says Cullen, "They'd need a computer working on it for a million years to crack the code."

Install Anti-malware And Anti-virus Protection:

When wardrivers are successful in cracking a wireless network, they can log in and infect connected computers with malicious software or viruses. But it doesn't take a Wi-Fi connection to plant this software; spam e-mails and harmful websites push it to computers all the time, and if the efforts are successful, the malware can install code that runs in the background, capturing keystrokes and login information and relaying it to the hackers. According to Verizon's study, malware was used in nearly half of data breaches in 2010 and was responsible for almost 80 percent of records stolen.

"That's probably the No. 1 money-generating technique the bad guys use," SANS Institute's Spitzner says. "Anytime you visit any type of website that requires a login and password Facebook, your bank, payroll, whatever--malware will harvest your information and send it to the bad guy," he says. "The bad guy will turn right around, log in as you and do all his evil stuff."

Most malware is installed through network security hacks, but being vigilant about cybercrime is as much about anticipating tomorrow's threats as it is defending against todays. E-mail phishing, spoofing and apps that access social media accounts are popping up with increasing regularity. Loading anti-malware and anti-virus protection on our machines--that goes for mobile devices as well and running it after every software install can help ensure these threats don't take. Also, keeping programs and hardware up to date from upgrading to newer routers and computers to immediately installing browser updates blocks malicious worms that thrive in older equipment and out-of-date software.

» » » To continue reading, Click here corresponding: A, BC and D.

References:
US-CERT (from Carnegie Mellon University): www.us-cert.gov/sites/default/files/publications/TenWaystoImproveNewComputerSecurity.pdf
Small Business Computing: www.smallbusinesscomputing.com/webmaster/article.php/3908811/15-Data-Security-Tips-to-Protect-Your-Small-Business.htm
Small Biz Technology: www.smallbiztechnology.com
Entrepreneur: www.entrepreneur.com/article/225468

Comments

List of Popular Posts

NU Degree Pass Course Subject & Subject Code List | B.A Pass Course

National University, Bangladesh Three Years Degree Pass Course Subject & Subject Code ListThree Years B.A Pass Course Effective from the Session: 2013–2014
Subject: Arabic

FIFA World Cup-2014

International Federation of Association Football (FIFA) Worl Cup-2014
FIFA:Fédération Internationale de Football Association"or "International Federation of Association Football
Website:www.fifa.com

Dates: 12 June – 13 July 2014 (32 days)

Host Country: Brazil

Teams: 32 (from 5 confederations)

Venue(s): 12 (in 12 host cities)

Matches Played: 64

Quick navigation:At a glance : FIFA

Champions: Germany

Runners-up: Argentina

3rd Place: Netherlands

4th Place: Brazil

Quick navigation:ICC Cricket World Cup-2015
Goals Scored: 171 (2.67 per match)

Top Scorer(s): James Rodríguez [Colombia; 6 goals]


Best Player: Lionel Messi [Argentina]


Best Young Player: Paul Pogba [France]


Best Goalkeeper: Manuel Neuer [Germany]


Fair Play Award:
Colombia

N.B: Please help us via comments, to update this page.

DU Master of Disaster Management (MDM) Admission

INSTITUTE OF DISASTER MANAGEMENT AND VULNERABILITY STUDIES UNIVERSITY OF DHAKA
9th Batch Master of Disaster Management (MDM) Professional Degree Programme AdmissionApplications are invited from candidates in prescribed form for admission into two years Master of Disaster Management (MDM) Professional Degree Program for the session 2o17-2018

Quick navigation:BOU SSC Program Admission (Session: 2015-2016)

For details, please visit: www.idmvs.edu.bd