Security Precautions: Difference between revisions

From Expertiza_Wiki
Jump to navigation Jump to search
(→‎Bibliography: added "new" image to links)
 
(28 intermediate revisions by 2 users not shown)
Line 5: Line 5:
*[http://www.privacyrights.org/ar/ChronDataBreaches.htm Routinely], many E-Commerce, military, and other government or personal websites experience breaches in security.  
*[http://www.privacyrights.org/ar/ChronDataBreaches.htm Routinely], many E-Commerce, military, and other government or personal websites experience breaches in security.  
*With so much [http://money.cnn.com/2005/05/23/news/fortune500/bank_info/ personal information] taking a digital form, the risks to businesses as well as individuals is great.
*With so much [http://money.cnn.com/2005/05/23/news/fortune500/bank_info/ personal information] taking a digital form, the risks to businesses as well as individuals is great.
*Though the [http://news.cnet.com/Money-lost-to-cybercrime-down--again/2100-7349_3-6083860.html frequency is going down], even a day of having a computer system down in a large corporation could mean thousands of dollars lost for the company.
*Though the [http://news.cnet.com/Money-lost-to-cybercrime-down--again/2100-7349_3-6083860.html frequency] of security-related downtime is being reduced, even a day of having a computer system down in a large corporation could mean thousands of dollars lost for that company.
*Unethical computer users [http://technews.acm.org/articles/2000-2/0410m.html#item10 take advantage of these security leaks] to steal consumer information ranging from passwords to [http://www.washingtonpost.com/wp-dyn/content/article/2005/06/17/AR2005061701031.html credit card numbers].  
*Unethical computer users [http://technews.acm.org/articles/2000-2/0410m.html#item10 take advantage of security leaks] to steal consumer information ranging from passwords to [http://www.washingtonpost.com/wp-dyn/content/article/2005/06/17/AR2005061701031.html credit card numbers].  
*[http://www.cert.org/other_sources/viruses.html Computer viruses] and other forms of "malware" can also be harmful to a computer system connected to the internet.  Files downloaded onto a computer could contain viruses that destroy data or cause other security problems.
*[http://www.cert.org/other_sources/viruses.html Computer viruses] and other forms of "malware" can also be harmful to a computer system connected to the internet.  Files downloaded onto a computer could contain viruses that destroy data or cause other security problems.
*Security precautions, if followed correctly, can protect individual users, companies, and government agencies from a malicious computer hacker or computer virus.
*Security precautions, if followed correctly, can protect individual users, companies, and government agencies from a malicious computer hacker or computer virus.
*Applications in [http://www.sans.org/top20/ Unix systems], [http://www.cnet.com.au/software/security/0,239029558,339285176,00.htm Macs], and even [http://www.f-secure.com/weblog/archives/00000575.html mobile devices] are also at risk.  Security problems are no longer problems only for windows users.
*Applications in [http://www.sans.org/top20/ Unix systems], [http://www.cnet.com.au/software/security/0,239029558,339285176,00.htm Macs], and even [http://www.f-secure.com/weblog/archives/00000575.html mobile devices] are also at risk.  Security problems are no longer problems only for Windows users.
**Even using common software such as [http://www.theregister.co.uk/2008/07/28/pwning_security_updates/ iTunes, WinZip, Java, and OpenOffice] can open a computer to security holes if the software is not properly updated and secure.


===Security Precautions Are Not Easy===
===Security Precautions Are Not Easy===


*Companies are getting better at securing their computer systems, but they still have a long way to go.
*Companies are getting better at securing their computer systems, but they still have a [http://www.theregister.co.uk/2008/07/25/bank_sites_insecure/ long way to go].
**The [http://www.washingtonpost.com/wp-dyn/content/article/2005/06/17/AR2005061701031.html impact of a security attack] is greater now than it ever was.  
**The [http://www.washingtonpost.com/wp-dyn/content/article/2005/06/17/AR2005061701031.html impact of a security attack] is greater now than it ever was.  
*Threats can even come from [http://www.computerworld.com/securitytopics/security/cybercrime/story/0,10801,101903,00.html within a business].
*Threats can even come from [http://www.computerworld.com/securitytopics/security/cybercrime/story/0,10801,101903,00.html within a business].
*System administrators have difficulty keeping up with the large amount of knowledge needed to reduce the risk of compromise.
*System administrators have difficulty keeping up with the large amount of knowledge needed to reduce the risk of compromise.
*The complexity of computer systems makes finding every single hole in security nearly impossible to find.  Crackers are continually searching for these, so computer administrators must be as well to keep up.  This has also led to the desire of more simple computing to help lower the risk of holes occurring.
*The complexity of computer systems makes finding every single hole in security nearly impossible to find.  Crackers are continually searching for these, so computer administrators must be as well to keep up.  This has also led to the desire of more simple computing to help lower the risk of holes occurring.
*The most important precaution an individual user can do is to [http://www.selfseo.com/story-11606.php renew and update their antivirus software].  This is more efficiently done if the software automatically updates itself.
*The most important precaution an individual user can take is to [http://www.selfseo.com/story-11606.php renew and update antivirus software].  This is more efficiently done if the software automatically updates itself.
**For those with broadband Internet access, this is an [http://www.wral.com/golo/blogpost/3217420/ absolute necessity] since the computer is maintaining a constant connection to the Internet.
**For those with broadband Internet access, this is an [http://www.wral.com/golo/blogpost/3217420/ absolute necessity] since the computer is maintaining a constant connection to the Internet.
**Additionally, broadband users should ensure that their [http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx firewall] is updated properly and active.
**Additionally, broadband users should ensure that their [http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx firewall] is updated properly and active.
Line 45: Line 46:
*Users are becoming more aware of security issues and are becoming more informed on safe surfing habits.
*Users are becoming more aware of security issues and are becoming more informed on safe surfing habits.
**Parents are becoming aware of the dangers that face their children on the Internet and as a result, a [http://www.internet-filter-review.toptenreviews.com/ wide array of products] are available to help them maintain a level of security for their children online.
**Parents are becoming aware of the dangers that face their children on the Internet and as a result, a [http://www.internet-filter-review.toptenreviews.com/ wide array of products] are available to help them maintain a level of security for their children online.
**For individuals, protecting their computer from the majority of the security concerns that it might face from the Internet is simply a matter of installing a good [http://anti-virus-software-review.toptenreviews.com/ anti-virus program] and a good [http://anti-spyware-review.toptenreviews.com/ anti-spyware program].  Some products even bundle these features together so that a user only needs to concern themselves with installing one protection suite to cover all of the potential threats.


===Some Security Products That Could Help You===
===Some Security Products That Could Help You===


*Spybot Search & Destroy – This program scans your computer for known adware and other system invaders.  If a possible threat is detected, it is compared to a database of known threats to determine if it is really malicious.  
*[http://www.spybot.com/en/index.html Spybot Search & Destroy] – This program scans your computer for known adware and other system invaders.  If a possible threat is detected, it is compared to a database of known threats to determine if it is really malicious.  
*Ad-Aware – This program has the ability to scan your RAM, Registry, hard drives, and external storage devices for known data-mining, advertising, and tracking components, Ad-Aware SE easily can clean your system, allowing you to maintain a higher degree of privacy while you surf the Web.
*[http://www.lavasoft.com/ Ad-Aware] – This program has the ability to scan your RAM, Registry, hard drives, and external storage devices for known data-mining, advertising, and tracking components, Ad-Aware SE easily can clean your system, allowing you to maintain a higher degree of privacy while you surf the Web.
*Panda TruPrevent – Panda TruPrevent detects and blocks unknown viruses, the ones that normal antivirus programs are incapable of detecting because they are still not updated against them. TruPrevent does not replace your present antivirus, but rather it reinforces it, offering you extra protection.
*[http://www.pandasecurity.com/usa/ Panda TruPrevent] – Panda TruPrevent detects and blocks unknown viruses, the ones that normal antivirus programs are incapable of detecting because they are still not updated against them. TruPrevent does not replace your present antivirus, but rather it reinforces it, offering you extra protection.
*Zone Alarm Internet Security Suite - ZoneAlarm Security Suite is the easy-to-use, comprehensive security solution that is based on the world's best firewall to keep out hackers, viruses, worms, and other threats. It combines popular firewall with antivirus protection, Web site filtering, privacy protection, and instant-messaging security.
*[http://www.zonealarm.com/store/content/home.jsp Zone Alarm] - ZoneAlarm Security Suite is the easy-to-use, comprehensive security solution that is based on the world's best firewall to keep out hackers, viruses, worms, and other threats. It combines popular firewall with antivirus protection, Web site filtering, privacy protection, and instant-messaging security.
*[http://anti-virus-software-review.toptenreviews.com/ Anti-virus software] - When updated automatically, the virus definitions in most anti-virus suites will protect computers from the various types of malware that could potentially target them.


=Bibliography=
=Bibliography=
===Why Are Security Precautions Necessary?===
===Why Are Security Precautions Necessary?===


*[http://www.sans.org/top20/ The Twenty Most Critical Internet Security Vulnerabilities: The Experts Consensus] Rohit Dhamankar SANS Computer Security Training
*[http://www.sans.org/top20/ The twenty most critical Internet security vulnerabilities: the experts consensus] Rohit Dhamankar, ''SANS Computer Security Training''
*[http://money.cnn.com/2005/05/23/news/fortune500/bank_info/ Bank security breach may be biggest yet] CnnMoney.com
*[http://money.cnn.com/2005/05/23/news/fortune500/bank_info/ Bank security breach may be biggest yet] ''CnnMoney.com'' - [[Image:new.gif]]
*[http://www.linuxsecurity.com/resource_files/firewalls/nsc/500619.html Internet Firewalls and Security] Chuck Semeria 3Com Corporation
*[http://www.linuxsecurity.com/resource_files/firewalls/nsc/500619.html Internet firewalls and security] Chuck Semeria, ''3Com Corporation''
*[http://www.cert.org/tech_tips/home_networks.html Home Network Security] CERT Coordination Center
*[http://www.cert.org/tech_tips/home_networks.html Home network security] ''CERT Coordination Center''
*[http://technews.acm.org/articles/2001-3/0323f.html#item1 NSC Chief Urges U.S. Tech Firms to Protect Computer Networks] ACM News Service
*[http://www.addsecure.net/breach.htm Media examples of security breaches] ''ADDSecure.Net, Inc.''
*[http://www.addsecure.net/breach.htm Media Examples of Security Breaches] ADDSecure.Net, Inc.
*[http://www.nbc30.com/money/16438742/detail.html?rss=har&psp=news AG:Bank security breach affected almost 500,000] ''NBC30.com'' - [[Image:new.gif]]
*[http://www.iwar.org.uk/comsec/resources/canada-ia/infosecawareness.htm Information Security: Raising Awareness] Bruce Hunter
*[http://www.privacyrights.org/ar/ChronDataBreaches.htm A chronology of data breaches] ''Privacy Rights Clearinghouse/UCAN'' - [[Image:new.gif]]
*[http://technews.acm.org/articles/2000-2/0211f.html#item2 Redesigning the Internet: Can it Be Made Less Vulnerable?] ACM News Service
*[http://news.cnet.com/Money-lost-to-cybercrime-down--again/2100-7349_3-6083860.html Money lost to cybercrime down--again] Joris Evers, ''Cnet News'' - [[Image:new.gif]]
*[http://technews.acm.org/articles/2000-2/0410m.html#item10 Hacking Away] ACM News Service
*[http://www.cert.org/other_sources/viruses.html Computer virus resources] ''Cert.org'' - [[Image:new.gif]]
*[http://www.networkcomputing.com/1105/1105f24.html Is Security the Next Big Thing?] Greg Shipley Network Computing
*[http://www.cnet.com.au/software/security/0,239029558,339285176,00.htm Mac users targeted by fake antivirus tool] Liam Tung, ''cnet.com.au'' - [[Image:new.gif]]
*[http://news.cnet.com/2100-1017-250390.html Online Stores Try to Bar the Doors] CNET
*[http://www.f-secure.com/weblog/archives/00000575.html New Symbian malware pretending to be F-Secure anti-virus] ''f-secure.com'' - [[Image:new.gif]]
*[http://www.nbc30.com/money/16438742/detail.html?rss=har&psp=news Bank Security Breach Affected Almost 500,000] NBC30.com
*[http://www.theregister.co.uk/2008/07/28/pwning_security_updates/ Evilgrade] Dan Goodin, ''The Register'' - [[Image:new.gif]]
*[http://www.privacyrights.org/ar/ChronDataBreaches.htm A Chronology of Data Breaches] Privacy Rights Clearinghouse/UCAN
*[http://news.cnet.com/Money-lost-to-cybercrime-down--again/2100-7349_3-6083860.html Money lost to cybercrime down--again] Cnet News
*[http://www.cert.org/other_sources/viruses.html Computer Virus Resources] Cert.org
*[http://www.cnet.com.au/software/security/0,239029558,339285176,00.htm Mac users targeted by fake antivirus tool] cnet.com.au
*[http://www.f-secure.com/weblog/archives/00000575.html New Symbian malware pretending to be F-Secure Anti-Virus] f-secure.com


===Security Precautions Are Not Easy===
===Security Precautions Are Not Easy===


*[http://www.selfseo.com/story-11606.php Renew and Update Your Antivirus Software Today] Kwan Lo SELF SEO
*[http://www.theregister.co.uk/2008/07/25/bank_sites_insecure/ 75% of US bank websites have flaws] Dan Goodin, ''The Register'' - [[Image:new.gif]]
*[http://www.washingtonpost.com/wp-dyn/content/article/2005/06/17/AR2005061701031.html 40 Million Credit Card Numbers Hacked] washingtonpost.com
*[http://www.selfseo.com/story-11606.php Renew and update your anti-virus software today] Kwan Lo, ''SELF SEO''
*[http://www.wral.com/golo/blogpost/3217420/ unprotected pc on twc road runner lasts an average of 4m12s until it is hacked] WRAL.com
*[http://www.washingtonpost.com/wp-dyn/content/article/2005/06/17/AR2005061701031.html 40 Million credit card numbers hacked] Jonathan Krim and Michael Barbaro, ''washingtonpost.com'' - [[Image:new.gif]]
*[http://www.computerworld.com/securitytopics/security/cybercrime/story/0,10801,101903,00.html Bank employees used computer screen captures to snag customer data] Todd R. Weiss, computerworld.com
*[http://www.wral.com/golo/blogpost/3217420/ Unprotected pc on twc road runner lasts an average of 4m12s until it is hacked] Charles Boyer, ''WRAL.com'' - [[Image:new.gif]]
*[http://www.informationweek.com/778/security.htm Companies Strive for Simpler Security] Larry Kahaner InformationWeek
*[http://www.computerworld.com/securitytopics/security/cybercrime/story/0,10801,101903,00.html Bank employees used computer screen captures to snag customer data] Todd R. Weiss, ''computerworld.com'' - [[Image:new.gif]]
*[http://www.schneier.com/essay-037.html Why Cryptography is Harder than it Looks] Bruce Schneier
*[http://en.wikipedia.org/wiki/Denial-of-service_attack DoS attack] ''wikipedia.org'' - [[Image:new.gif]]
*[http://www.networkworld.com/news/2000/1005secstudy.html Hacking Rises Despite Increased Security Spending] Christine M. Campbell IDG News Service
*[http://ezinearticles.com/?What-Hackers-Know-About-Your-Network---That-You-Dont!&id=675497 What hackers know about your network - that you don't!] Thomas Raef, ''Ezine Articles'' - [[Image:new.gif]]
*[http://en.wikipedia.org/wiki/Denial-of-service_attack DoS attack] wikipedia
*[http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx Using Windows XP firewall] ''Microsoft.com'' - [[Image:new.gif]]
*[http://ezinearticles.com/?What-Hackers-Know-About-Your-Network---That-You-Dont!&id=675497 What Hackers Know About Your Network - That You Don't!] Thomas Raef, Ezine Articles
*[http://www.microsoft.com/windows/windows-vista/features/firewall.aspx Windows Vista firewall] ''Microsoft.com'' - [[Image:new.gif]]
*[http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx Using Windows XP Firewall] Microsoft.com
*[http://www.microsoft.com/windows/windows-vista/features/firewall.aspx Windows Vista Firewall] Microsoft.com


===Ethical Responsibilities===
===Ethical Responsibilities===


*[http://www.secureworks.com/research/articles/ethics/ Crossing the Line: Ethics for the Security Professional] LURHQ Threat Intelligence Group
*[http://www.secureworks.com/research/articles/ethics/ Crossing the line: ethics for the security professional] ''SecureWorks.com''
*[http://www.linuxsecurity.com/content/view/121960/49/ Preventing DDOS Attacks] Blessen Cherian LinuxSecurity.com
*[http://www.sage-au.org.au/display/SAGEAU/Code+of+Ethics;jsessionid=1B552880BBF44221BEA4A8FE1A8FDD35 SAGE-AU: Code of ethics] ''Sage-au.org.au''
*[http://www.sage-au.org.au/display/SAGEAU/Code+of+Ethics;jsessionid=1B552880BBF44221BEA4A8FE1A8FDD35 SAGE-AU: Code of Ethics]
*[http://www.zdnetasia.com/techguide/disasterrecovery/0,39044895,61952139,00.htm 10 dumb things IT pros do that can mess up their networks] Deb Shinder, ''ZDnet Asia'' - [[Image:new.gif]]
*[http://www.uga.edu/compsec/use.html UGA Computer Use Policies]
*[http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyId=14&articleId=9051483&intsrc=hm_topic Even IT types disregard policies designed to protect corporate data] Jaikumar Vijayan, ''ComputerWorld.com'' - [[Image:new.gif]]
*[http://www.zdnetasia.com/techguide/disasterrecovery/0,39044895,61952139,00.htm 10 dumb things IT pros do that can mess up their networks] ZDnet Asia
*[http://www.giac.org/overview/ethics.php GIAC code of ethics] ''Global Information Assurance Certification'' - [[Image:new.gif]]
*[http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyId=14&articleId=9051483&intsrc=hm_topic Even IT types disregard policies designed to protect corporate data] Jaikumar Vijayan, ComputerWorld.com
*[http://www.giac.org/overview/ethics.php GIAC Code of Ethics] Global Information Assurance Certification


===Security Precautions Awareness is Growing===
===Security Precautions Awareness is Growing===


*[http://www.securityfocus.com/columnists/389 Spreading Security Awareness For OS X] Robert Lemos Security Focus
*[http://www.securityfocus.com/columnists/389 Spreading security awareness for OS X] Robert Lemos ''Security Focus''
*[http://www.selfseo.com/story-11607.php Don’t Fall Victim To Internet Fraud] Eric Buck SELF SEO
*[http://www.selfseo.com/story-11607.php Don’t fall victim to Internet fraud] Eric Buck ''SELF SEO''
*[http://www.techweb.com/wire/story/TWB20000303S0013 Outsourced Security on the Rise] Rutrell Yasin TechWeb
*[http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9002214 Senate approves cybercrime treaty] Grant Gross, ''ComputerWorld.com'' - [[Image:new.gif]]
*[http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9002214 Senate approves cybercrime treaty] Grant Gross, ComputerWorld.com
*[http://www.cioinsight.com/c/a/Past-News/Cybercrime-Treaty-What-it-Means-to-You/ Cybercrime treaty: what it means to you] Larry Downes, ''CIOInsight.com'' - [[Image:new.gif]]
*[http://www.cioinsight.com/c/a/Past-News/Cybercrime-Treaty-What-it-Means-to-You/ Cybercrime Treaty: What it Means to You] Larry Downes, CIOInsight.com
*[http://conventions.coe.int/Treaty/EN/Treaties/Html/185.htm Council of Europe - ETS No. 185 - convention on cybercrime] ''Council of Europe Convention on Cybercrime'' - [[Image:new.gif]]
*[http://conventions.coe.int/Treaty/EN/Treaties/Html/185.htm Council of Europe Convention on Cybercrime]
*[http://www.cybercrime.gov/senateCoe.pdf senateCoe.pdf] ''President’s message to the Senate on the council of Europe convention on cybercrime'' - [[Image:new.gif]]
*[http://www.cybercrime.gov/senateCoe.pdf senateCoe.pdf] President’s Message to the Senate on the Council of Europe Convention on Cybercrime
*[http://www.cybercrime.gov/COEFAQs.htm Cybercrime.gov] ''US Dept of Justice'' - [[Image:new.gif]]
*[http://www.cybercrime.gov/COEFAQs.htm cybercrime.gov] US Dept of Justice
*[http://en.wikipedia.org/wiki/Cybercrime_Treaty Cybercrime treaty] ''Wikipedia.org'' - [[Image:new.gif]]
*[http://en.wikipedia.org/wiki/Cybercrime_Treaty Cybercrime Treaty] Wikipedia
*[http://news.zdnet.co.uk/communications/0,1000000085,2079244,00.htm Burglar alarm catches hackers on the net] Will Knight, ''ZDNet.co.uk'' - [[Image:new.gif]]
*[http://news.zdnet.co.uk/communications/0,1000000085,2079244,00.htm Burglar Alarm Catches Hackers on the Net] Will Knight ZDNet
*[http://en.wikipedia.org/wiki/Vulnerability_scanner Vulnerability scanner] ''Wikipedia.org'' - [[Image:new.gif]]
*[http://technews.acm.org/articles/2000-2/0421f.html#item10 Companies Boosting Security for Web Sites] ACM News Service
*[http://www.windowhaxor.net/2007/09/25/list-of-vulnerability-scanners/ List of vulnerability scanners] ''windowhaxor.net'' - [[Image:new.gif]]
*[http://en.wikipedia.org/wiki/Vulnerability_scanner Vulnerability scanner] Wikipedia
*[http://www.networkcomputing.com/showArticle.jhtml?articleID=171203188 IT security outsourcing] Jay A Milne, ''NetworkComputing.com'' - [[Image:new.gif]]
*[http://www.windowhaxor.net/2007/09/25/list-of-vulnerability-scanners/ List of Vulnerability Scanners]
*[http://www.uscities.net/webnovice/safe_surf.htm A parents guide to safe surfing] Phillip Elam, ''uscities.net'' - [[Image:new.gif]]
*[http://www.networkcomputing.com/showArticle.jhtml?articleID=171203188 IT Security Outsourcing] Jay A Milne, NetworkComputing.com A Parents Guide to Safe Surfing] Phillip Elam
*[http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1011476,00.html Security outsourcing widespread by 2010] Bill Brenner, ''SearchSecurity.com'' - [[Image:new.gif]]
*[http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1011476,00.html Security outsourcing widespread by 2010] Bill Brenner, SearchSecurity.com
*[http://www.internet-filter-review.toptenreviews.com/ 2008 Top-ten Internet filter software] ''TopTenReviews.com'' - [[Image:new.gif]]
*[http://www.internet-filter-review.toptenreviews.com/ 2008 Top-Ten Internet Filter Software] TopTenReviews.com
*[http://www.getsafeonline.org/nqcontent.cfm?a_id=1179 Get Safe Online: 10-minute guide for beginners] ''GetSafeOnline.org'' - [[Image:new.gif]]
*[http://www.getsafeonline.org/nqcontent.cfm?a_id=1179 10-minute guide for beginners] GetSafeOnline.org


===Some Security Products That Could Help You===
===Some Security Products That Could Help You===
Line 124: Line 117:
*[http://www.pandasecurity.com/usa/ Panda TruPrevent]
*[http://www.pandasecurity.com/usa/ Panda TruPrevent]
*[http://www.zonealarm.com/store/content/home.jsp Zone Alarm]
*[http://www.zonealarm.com/store/content/home.jsp Zone Alarm]
 
*[http://anti-virus-software-review.toptenreviews.com/ Top Ten Anti-Virus Software Suites] - [[Image:new.gif]]


==Source Files==
==Source Files==
Line 130: Line 123:
* [http://ethics.csc.ncsu.edu/risks/security/precautions/study.php '''Original Study Guide''']
* [http://ethics.csc.ncsu.edu/risks/security/precautions/study.php '''Original Study Guide''']
* [http://ethics.csc.ncsu.edu/risks/security/precautions/ '''Original Bibliography''']
* [http://ethics.csc.ncsu.edu/risks/security/precautions/ '''Original Bibliography''']
* [http://pg-server.csc.ncsu.edu/mediawiki/index.php/CSC_379_SUM2008:Topics#Security_Precautions '''Topic Description''']

Latest revision as of 18:40, 11 August 2008

Study Guide

Why Are Security Precautions Necessary?

  • In today’s technical workplace, almost every piece of computer hardware is connected to the internet. Anything that is connected to the internet is susceptible to outside intruders across the globe.
  • Routinely, many E-Commerce, military, and other government or personal websites experience breaches in security.
  • With so much personal information taking a digital form, the risks to businesses as well as individuals is great.
  • Though the frequency of security-related downtime is being reduced, even a day of having a computer system down in a large corporation could mean thousands of dollars lost for that company.
  • Unethical computer users take advantage of security leaks to steal consumer information ranging from passwords to credit card numbers.
  • Computer viruses and other forms of "malware" can also be harmful to a computer system connected to the internet. Files downloaded onto a computer could contain viruses that destroy data or cause other security problems.
  • Security precautions, if followed correctly, can protect individual users, companies, and government agencies from a malicious computer hacker or computer virus.
  • Applications in Unix systems, Macs, and even mobile devices are also at risk. Security problems are no longer problems only for Windows users.

Security Precautions Are Not Easy

  • Companies are getting better at securing their computer systems, but they still have a long way to go.
  • Threats can even come from within a business.
  • System administrators have difficulty keeping up with the large amount of knowledge needed to reduce the risk of compromise.
  • The complexity of computer systems makes finding every single hole in security nearly impossible to find. Crackers are continually searching for these, so computer administrators must be as well to keep up. This has also led to the desire of more simple computing to help lower the risk of holes occurring.
  • The most important precaution an individual user can take is to renew and update antivirus software. This is more efficiently done if the software automatically updates itself.
    • For those with broadband Internet access, this is an absolute necessity since the computer is maintaining a constant connection to the Internet.
    • Additionally, broadband users should ensure that their firewall is updated properly and active.
  • Distributed Denial of Service attacks allow a cracker to shut down a site trivially.
    • Tracking down the source of a Distributed Denial of Service attack is very difficult.
    • Also, detecting an attack and filtering it off is just as difficult.
  • Hackers employ tools that constantly scan the Internet for unprotected computers so a computer must be protected before it ever connects to the Internet.

Ethical Responsibilities

  • It is very difficult and time consuming to determine what actions are attacks on a computer system and what actions are not. This causes system and network administrators to ignore warning signs and policies that could have prevented a security attack.
  • Why should a system administrator be concerned?
    • Information security professionals are the first line of defense for the safety of their company's data.
    • Compromised security could lead to a leakage of sensitive information such as passwords, credit card numbers, or other personal information.
    • Even worse, a compromised computer could be used as part of a Distributed Denial of Service attack against another machine or network.
  • This leads to an ethical dilemma for the system administrator:
    • The system administrator could follow up on all actions on their network that seem suspicious. However, this would take lots of time, resources, and money to do.
    • On the other hand, the system administrator could ignore all but the most suspicious ones. This method would result in more security attacks passing through the network undetected.

Security Precautions Awareness Is Growing

  • The fact that the internet is more vulnerable now than ever has led many companies and individuals to increase their security precautions.
  • A wide variety of computer programs have become available to companies over the past few years that analyze computer systems and networks looking for any potential vulnerabilities. These computer programs help companies to fend off attacks on their networks.
  • Another option is for a company to hire security consultants to handle network security for them. Many IT managers are having trouble managing information security internally and by outsourcing security responsibilities they are free to focus their manpower on other projects.
  • Recently, the United States joined over a dozen other countries in supporting the Council of Europe Convention on Cybercrime. The existence of this convention further shows that people around the world are becoming aware of the growing threats to their security throughout cyberspace.
  • Users are becoming more aware of security issues and are becoming more informed on safe surfing habits.
    • Parents are becoming aware of the dangers that face their children on the Internet and as a result, a wide array of products are available to help them maintain a level of security for their children online.
    • For individuals, protecting their computer from the majority of the security concerns that it might face from the Internet is simply a matter of installing a good anti-virus program and a good anti-spyware program. Some products even bundle these features together so that a user only needs to concern themselves with installing one protection suite to cover all of the potential threats.

Some Security Products That Could Help You

  • Spybot Search & Destroy – This program scans your computer for known adware and other system invaders. If a possible threat is detected, it is compared to a database of known threats to determine if it is really malicious.
  • Ad-Aware – This program has the ability to scan your RAM, Registry, hard drives, and external storage devices for known data-mining, advertising, and tracking components, Ad-Aware SE easily can clean your system, allowing you to maintain a higher degree of privacy while you surf the Web.
  • Panda TruPrevent – Panda TruPrevent detects and blocks unknown viruses, the ones that normal antivirus programs are incapable of detecting because they are still not updated against them. TruPrevent does not replace your present antivirus, but rather it reinforces it, offering you extra protection.
  • Zone Alarm - ZoneAlarm Security Suite is the easy-to-use, comprehensive security solution that is based on the world's best firewall to keep out hackers, viruses, worms, and other threats. It combines popular firewall with antivirus protection, Web site filtering, privacy protection, and instant-messaging security.
  • Anti-virus software - When updated automatically, the virus definitions in most anti-virus suites will protect computers from the various types of malware that could potentially target them.

Bibliography

Why Are Security Precautions Necessary?

Security Precautions Are Not Easy

Ethical Responsibilities

Security Precautions Awareness is Growing

Some Security Products That Could Help You

Source Files

Title: Security Precautions