Security Precautions: Difference between revisions

From Expertiza_Wiki
Jump to navigation Jump to search
m (Formatting)
Line 58: Line 58:
===Why Are Security Precautions Necessary?===
===Why Are Security Precautions Necessary?===


*[http://www.sans.org/top20/ The Twenty Most Critical Internet Security Vulnerabilities: The Experts Consensus] Rohit Dhamankar SANS Computer Security Training
*[http://www.sans.org/top20/ The Twenty Most Critical Internet Security Vulnerabilities: The Experts Consensus] Rohit Dhamankar, ''SANS Computer Security Training''
*[http://money.cnn.com/2005/05/23/news/fortune500/bank_info/ Bank security breach may be biggest yet] CnnMoney.com
*[http://money.cnn.com/2005/05/23/news/fortune500/bank_info/ Bank security breach may be biggest yet] ''CnnMoney.com''
*[http://www.linuxsecurity.com/resource_files/firewalls/nsc/500619.html Internet Firewalls and Security] Chuck Semeria 3Com Corporation
*[http://www.linuxsecurity.com/resource_files/firewalls/nsc/500619.html Internet Firewalls and Security] Chuck Semeria, ''3Com Corporation''
*[http://www.cert.org/tech_tips/home_networks.html Home Network Security] CERT Coordination Center
*[http://www.cert.org/tech_tips/home_networks.html Home Network Security] ''CERT Coordination Center''
*[http://technews.acm.org/articles/2001-3/0323f.html#item1 NSC Chief Urges U.S. Tech Firms to Protect Computer Networks] ACM News Service  
*[http://technews.acm.org/articles/2001-3/0323f.html#item1 NSC Chief Urges U.S. Tech Firms to Protect Computer Networks] ''ACM News Service''
*[http://www.addsecure.net/breach.htm Media Examples of Security Breaches] ADDSecure.Net, Inc.
*[http://www.addsecure.net/breach.htm Media Examples of Security Breaches] ''ADDSecure.Net, Inc.''
*[http://www.iwar.org.uk/comsec/resources/canada-ia/infosecawareness.htm Information Security: Raising Awareness] Bruce Hunter
*[http://www.iwar.org.uk/comsec/resources/canada-ia/infosecawareness.htm Information Security: Raising Awareness] Bruce Hunter, ''iwar.org.uk''
*[http://technews.acm.org/articles/2000-2/0211f.html#item2 Redesigning the Internet: Can it Be Made Less Vulnerable?] ACM News Service  
*[http://technews.acm.org/articles/2000-2/0211f.html#item2 Redesigning the Internet: Can it Be Made Less Vulnerable?] ''ACM News Service''
*[http://technews.acm.org/articles/2000-2/0410m.html#item10 Hacking Away] ACM News Service  
*[http://technews.acm.org/articles/2000-2/0410m.html#item10 Hacking Away] ''ACM News Service''
*[http://www.networkcomputing.com/1105/1105f24.html Is Security the Next Big Thing?] Greg Shipley Network Computing
*[http://www.networkcomputing.com/1105/1105f24.html Is Security the Next Big Thing?] Greg Shipley, ''Network Computing''
*[http://news.cnet.com/2100-1017-250390.html Online Stores Try to Bar the Doors] CNET
*[http://news.cnet.com/2100-1017-250390.html Online Stores Try to Bar the Doors] Greg Sandoval, ''CNET''
*[http://www.nbc30.com/money/16438742/detail.html?rss=har&psp=news Bank Security Breach Affected Almost 500,000] NBC30.com
*[http://www.nbc30.com/money/16438742/detail.html?rss=har&psp=news AG:Bank Security Breach Affected Almost 500,000] ''NBC30.com''
*[http://www.privacyrights.org/ar/ChronDataBreaches.htm A Chronology of Data Breaches] Privacy Rights Clearinghouse/UCAN
*[http://www.privacyrights.org/ar/ChronDataBreaches.htm A Chronology of Data Breaches] ''Privacy Rights Clearinghouse/UCAN''
*[http://news.cnet.com/Money-lost-to-cybercrime-down--again/2100-7349_3-6083860.html Money lost to cybercrime down--again] Cnet News
*[http://news.cnet.com/Money-lost-to-cybercrime-down--again/2100-7349_3-6083860.html Money lost to cybercrime down--again] Joris Evers, ''Cnet News''
*[http://www.cert.org/other_sources/viruses.html Computer Virus Resources] Cert.org
*[http://www.cert.org/other_sources/viruses.html Computer Virus Resources] ''Cert.org''
*[http://www.cnet.com.au/software/security/0,239029558,339285176,00.htm Mac users targeted by fake antivirus tool] cnet.com.au
*[http://www.cnet.com.au/software/security/0,239029558,339285176,00.htm Mac users targeted by fake antivirus tool] Liam Tung, ''cnet.com.au''
*[http://www.f-secure.com/weblog/archives/00000575.html New Symbian malware pretending to be F-Secure Anti-Virus] f-secure.com
*[http://www.f-secure.com/weblog/archives/00000575.html New Symbian malware pretending to be F-Secure Anti-Virus] ''f-secure.com''
*[http://www.theregister.co.uk/2008/07/28/pwning_security_updates/ Evilgrade] Dan Goodin, July 2008 The Register
*[http://www.theregister.co.uk/2008/07/28/pwning_security_updates/ Evilgrade] Dan Goodin, ''The Register''
 


===Security Precautions Are Not Easy===
===Security Precautions Are Not Easy===

Revision as of 00:53, 1 August 2008

Study Guide

Why Are Security Precautions Necessary?

  • In today’s technical workplace, almost every piece of computer hardware is connected to the internet. Anything that is connected to the internet is susceptible to outside intruders across the globe.
  • Routinely, many E-Commerce, military, and other government or personal websites experience breaches in security.
  • With so much personal information taking a digital form, the risks to businesses as well as individuals is great.
  • Though the frequency of security-related downtime is being reduced, even a day of having a computer system down in a large corporation could mean thousands of dollars lost for that company.
  • Unethical computer users take advantage of security leaks to steal consumer information ranging from passwords to credit card numbers.
  • Computer viruses and other forms of "malware" can also be harmful to a computer system connected to the internet. Files downloaded onto a computer could contain viruses that destroy data or cause other security problems.
  • Security precautions, if followed correctly, can protect individual users, companies, and government agencies from a malicious computer hacker or computer virus.
  • Applications in Unix systems, Macs, and even mobile devices are also at risk. Security problems are no longer problems only for windows users.

Security Precautions Are Not Easy

  • Companies are getting better at securing their computer systems, but they still have a long way to go.
  • Threats can even come from within a business.
  • System administrators have difficulty keeping up with the large amount of knowledge needed to reduce the risk of compromise.
  • The complexity of computer systems makes finding every single hole in security nearly impossible to find. Crackers are continually searching for these, so computer administrators must be as well to keep up. This has also led to the desire of more simple computing to help lower the risk of holes occurring.
  • The most important precaution an individual user can do is to renew and update their antivirus software. This is more efficiently done if the software automatically updates itself.
    • For those with broadband Internet access, this is an absolute necessity since the computer is maintaining a constant connection to the Internet.
    • Additionally, broadband users should ensure that their firewall is updated properly and active.
  • Distributed Denial of Service attacks allow a cracker to shut down a site trivially.
    • Tracking down the source of a Distributed Denial of Service attack is very difficult.
    • Also, detecting an attack and filtering it off is just as difficult.
  • Hackers employ tools that constantly scan the Internet for unprotected computers so a computer must be protected before it ever connects to the Internet.

Ethical Responsibilities

  • It is very difficult and time consuming to determine what actions are attacks on a computer system and what actions are not. This causes system and network administrators to ignore warning signs and policies that could have prevented a security attack.
  • Why should a system administrator be concerned?
    • Information security professionals are the first line of defense for the safety of their company's data.
    • Compromised security could lead to a leakage of sensitive information such as passwords, credit card numbers, or other personal information.
    • Even worse, a compromised computer could be used as part of a Distributed Denial of Service attack against another machine or network.
  • This leads to an ethical dilemma for the system administrator:
    • The system administrator could follow up on all actions on their network that seem suspicious. However, this would take lots of time, resources, and money to do.
    • On the other hand, the system administrator could ignore all but the most suspicious ones. This method would result in more security attacks passing through the network undetected.

Security Precautions Awareness Is Growing

  • The fact that the internet is more vulnerable now than ever has led many companies and individuals to increase their security precautions.
  • A wide variety of computer programs have become available to companies over the past few years that analyze computer systems and networks looking for any potential vulnerabilities. These computer programs help companies to fend off attacks on their networks.
  • Another option is for a company to hire security consultants to handle network security for them. Many IT managers are having trouble managing information security internally and by outsourcing security responsibilities they are free to focus their manpower on other projects.
  • Recently, the United States joined over a dozen other countries in supporting the Council of Europe Convention on Cybercrime. The existence of this convention further shows that people around the world are becoming aware of the growing threats to their security throughout cyberspace.
  • Users are becoming more aware of security issues and are becoming more informed on safe surfing habits.
    • Parents are becoming aware of the dangers that face their children on the Internet and as a result, a wide array of products are available to help them maintain a level of security for their children online.

Some Security Products That Could Help You

  • Spybot Search & Destroy – This program scans your computer for known adware and other system invaders. If a possible threat is detected, it is compared to a database of known threats to determine if it is really malicious.
  • Ad-Aware – This program has the ability to scan your RAM, Registry, hard drives, and external storage devices for known data-mining, advertising, and tracking components, Ad-Aware SE easily can clean your system, allowing you to maintain a higher degree of privacy while you surf the Web.
  • Panda TruPrevent – Panda TruPrevent detects and blocks unknown viruses, the ones that normal antivirus programs are incapable of detecting because they are still not updated against them. TruPrevent does not replace your present antivirus, but rather it reinforces it, offering you extra protection.
  • Zone Alarm - ZoneAlarm Security Suite is the easy-to-use, comprehensive security solution that is based on the world's best firewall to keep out hackers, viruses, worms, and other threats. It combines popular firewall with antivirus protection, Web site filtering, privacy protection, and instant-messaging security.
  • Anti-virus software - When updated automatically, the virus definitions in most anti-virus suites will protect computers from the various types of malware that could potentially target them.

Bibliography

Why Are Security Precautions Necessary?

Security Precautions Are Not Easy


Ethical Responsibilities


Security Precautions Awareness is Growing


Some Security Products That Could Help You


Source Files

Title: Security Precautions