Security Jungle - Part 1 of 3

It’s a JUNGLE out there!

The widespread use of the Internet as a business medium, along with handheld and portable computer devices, mobile and wireless technologies have made access to corporate data and information transportation easy and affordable.

New technologies allow one to ride the Information Highway and benefit from the latest technologies while being entertained on their computer or using computing technology to run their business. But these new technologies inherently pose new risks to corporations that choose to deploy them in their environment.

Many easily identifiable risks are:

  • data and information theft
  • identity theft
  • malicious attacks against your PC, network or website
  • viruses, spam, trojans and spyware
  • hacking and phishing attempts
  • denial of-service (DoS) attacks

and even organized crime are closer to your business than ever before.

All the risks noted above, as well as the potential for careless mistakes and user errors, may result in serious financial and reputational damages to your company.

SECURITY BEST PRACTICES

It’s a Jungle Out There…” is a 4 part series that will provide you security best practices in a way that are simple to follow. We will focus on four categories of users. Since you most likely will fall in one of the following groups, read through carefully and choose the practices you wish to follow. The four computer user categories are:

  • Home Users
  • Professional (Corporate) Users
  • Managers and Senior Managers
  • Board of Directors and C-level executives

Our suggestions are presented in a checklist format, which you may print and use it as a guide. Feel free to pass it on and give credit where due.

Read all 4 parts of the series as these tips will apply to your home computer, your own company or the organization that you work for.When done reading, keep ONLY ONE thing in mind:

 There is no such thing as 100% security!

If you choose to follow even just a few of these simple steps and protect your computing experience, surprisingly, you will be better protected than most organizations are.
[Based widely on the “COBIT Security Baseline” – ITGI.ORG]

HOME USER SECURITY

Security Risks

There are many risks home users are exposed to:
- Home users are somehow unaware of the dangers using the Internet
- They install unreliable or malicious software on their computers (knowingly or un-knowingly)
- The Software and Operating systems, be it Windows or Mac, are usually out-of-date
- Internet users are exposed to pornography and undesirable media and information
- They allow uncontrolled use of computers by children, friends, etc.
-Use of home computers for business activities, exposing corporate data to these hazards

 

Description of Task

What does this mean?

1

Keep your Operating System protection (Windows200, XP, 2003) up to date. (Older versions are still vulnerable! Don’t be fooled!)

Enable the automatic download and installation of patches from Microsoft.

Monitor other OSs for patches through their websites

2

Install Virus, Spyware, Spam and Trojan protection software

Antivirus alone will no longer protect your from the risks out on the Internet. Purchase a total solution and configure it to update daily if possible

3

Avoid opening email attachments from unknown sources (sometimes even from known!)

Curiosity killed the cat’ and will do so to your computer. The latest version of Outlook automatically protects you from harmful attachments. Most viruses propagate through email.

4

Install personal firewall software or a router/firewall, if you have more than one computer connecting to the Internet

Most broadband firewall/routers are ready to use out of the box. They come configured to provide the basic protection, when plugged in correctly.

5

Backup your data and store the media in a secure place

Use a floppy, a CD, a DVD, a ZIP drive, a tape drive, something! Software is easy to use and the task can be automated.

6

Protect your data, passwords, credit cards and pins. Avoid storing them on Laptops, PDAs, USB drives and other portable media which can be lost easily

Identity theft is the number one reported crime. It is a very frightening experience and difficult to repair.

Use your personal data only on reputable websites but always be aware of “phishing” attacks (consumer fraud)

7

Use hard to guess passwords and change them frequently

Do you use the same password for most of your important information? Most do. Minimize the risk and have 2 or 3 passwords. Keep the important ones close to your heart.

8

Do not use illegal software or peer to peer sharing programs

Files downloaded to your computer through these sources can be programmed to open holes in your computer and take over. Unfortunately, you will not know this happened until it’s too late…

9

Check immediately any strange computer behavior

Strange behavior’ is usually a clear indication of security problems with your computer. Don’t wait for your yearly support call. Call an expert and have it checked.

10

Hire a certified technician once a year to check and clean your computer

Computers are complex. Leave it up to a specialist (not your nephew) to maximize your computer’s performance and guarantee your privacy protection.

PART 2