Study Guide

Why Are Security Precautions Necessary?

• In today’s technical workplace, almost every piece of computer hardware is connected to the internet. Anything that is connected to the internet is susceptible to outside intruders across the globe.
• Routinely, many E-Commerce, military, and other government or personal websites are experiencing a breach in security.
• With so much personal information taking a digital form, the risks to businesses as well as individuals is great.
• Though the frequency is going down, even a day of having a computer system down in a large corporation could mean thousands of dollars lost for the company.
• Unethical computer users take advantage of these security leaks to steal consumer information ranging from passwords to credit card numbers.
• Computer viruses and other forms of "malware" can also be harmful to a computer system connected to the internet. Files downloaded onto a computer could contain viruses that destroy data or cause other security problems.
• Security precautions, if followed correctly, can protect individual users, companies, and government agencies from a malicious computer hacker or computer virus.
• Applications in Unix systems, Macs, and even mobile devices are also at risk. Security problems are no longer problems only for windows users.

Security Precautions Are Not Easy

• Companies are getting better at securing their computer systems, but they still have a long way to go.
  • The impact of a security attack is greater now than it ever was.
• Threats can even come from within a business.
• System administrators have difficulty keeping up with the large amount of knowledge needed to reduce the risk of compromise.
• The complexity of computer systems makes finding every single hole in security nearly impossible to find. Crackers are continually searching for these, so computer administrators must be as well to keep up. This has also led to the desire of more simple computing to help lower the risk of holes occurring.
• The most important precaution an individual user can do is to renew and update their antivirus software. This is more efficiently done if the software automatically updates itself.
  • For those with broadband Internet access, this is an absolute necessity since the computer is maintaining a constant connection to the Internet.
  • Additionally, broadband users should ensure that their firewall is updated properly and active.
• Distributed Denial of Service attacks allow a cracker to shut down a site trivially.
  • Tracking down the source of a Distributed Denial of Service attack is very difficult.
  • Also, detecting an attack and filtering it off is just as difficult.
• Hackers employ tools that constantly scan the Internet for unprotected computers so a computer must be protected before it ever connects to the Internet.

Ethical Responsibilities

• It is very difficult and time consuming to determine what actions are attacks on a computer system and what actions are not. This causes system and network administrators to ignore warning signs and policies that could have prevented a security attack.
• Why should a system administrator be concerned?
  • Information security professionals are the first line of defense for the safety of their company's data.
  • Compromised security could lead to a leakage of sensitive information such as passwords, credit card numbers, or other personal information.
  • Even worse, a compromised computer could be used as part of a Distributed Denial of Service attack against another machine or network.
• This leads to an ethical dilemma for the system administrator:
  • The system administrator could follow up on all actions on their network that seem suspicious. However, this would take lots of time, resources, and money to do.
  • On the other hand, the system administrator could ignore all but the most suspicious ones. This method would result in more security attacks passing through the network undetected.

Security Precautions Awareness Is Growing

• The fact that the internet is more vulnerable now than ever has led many companies and individuals to increase their security precautions.
• A wide variety of computer programs have become available to companies over the past few years that analyze computer systems and networks looking for any potential vulnerabilities. These computer programs help companies to fend off attacks on their networks.
• Another option is for a company to hire security consultants to handle network security for them. Many IT managers are having trouble managing information security internally and by outsourcing security responsibilities they are free to focus their manpower on other projects.
• Recently, the United States joined over a dozen other countries in supporting the Council of Europe Convention on Cybercrime. The existence of this convention further shows that people around the world are becoming aware of the growing threats to their security throughout cyberspace.
• Users are becoming more aware of security issues and are becoming more informed on safe surfing habits.
  • Parents are becoming aware of the dangers that face their children on the Internet and as a result, a wide array of products are available to help them maintain a level of security for their children online.

Some Security Products That Could Help You

• Spybot Search & Destroy – This program scans your computer for known adware and other system invaders. If a possible threat is detected, it is compared to a database of known threats to determine if it is really malicious.
• Ad-Aware – This program has the ability to scan your RAM, Registry, hard drives, and external storage devices for known data-mining, advertising, and tracking components, Ad-Aware SE easily can clean your system, allowing you to maintain a higher degree of privacy while you surf the Web.
• Panda TruPrevent – Panda TruPrevent detects and blocks unknown viruses, the ones that normal antivirus programs are incapable of detecting because they are still not updated against them. TruPrevent does not replace your present antivirus, but rather it reinforces it, offering you extra protection.
• Zone Alarm Internet Security Suite - ZoneAlarm Security Suite is the easy-to-use, comprehensive security solution that is based on the world's best firewall to keep out hackers, viruses, worms, and other threats. It combines popular firewall with antivirus protection, Web site filtering, privacy protection, and instant-messaging security.

Bibliography

Why Are Security Precautions Necessary?

• The Twenty Most Critical Internet Security Vulnerabilities: The Experts Consensus Rohit Dhamankar SANS Computer Security Training
• Bank security breach may be biggest yet CnnMoney.com
• Internet Firewalls and Security Chuck Semeria 3Com Corporation
• Home Network Security CERT Coordination Center
• NSC Chief Urges U.S. Tech Firms to Protect Computer Networks ACM News Service
• Media Examples of Security Breaches ADDSecure.Net, Inc.
• Information Security: Raising Awareness Bruce Hunter
• Redesigning the Internet: Can it Be Made Less Vulnerable? ACM News Service
• Hacking Away ACM News Service
• Is Security the Next Big Thing? Greg Shipley Network Computing
• Online Stores Try to Bar the Doors CNET
• Bank Security Breach Affected Almost 500,000 NBC30.com
• A Chronology of Data Breaches Privacy Rights Clearinghouse/UCAN
• Money lost to cybercrime down--again Cnet News
• Computer Virus Resources Cert.org
• Mac users targeted by fake antivirus tool cnet.com.au
• New Symbian malware pretending to be F-Secure Anti-Virus f-secure.com

Security Precautions Are Not Easy

• Renew and Update Your Antivirus Software Today Kwan Lo SELF SEO
• 40 Million Credit Card Numbers Hacked washingtonpost.com
• unprotected pc on twc road runner lasts an average of 4m12s until it is hacked WRAL.com
• Bank employees used computer screen captures to snag customer data Todd R. Weiss, computerworld.com
• Companies Strive for Simpler Security Larry Kahaner InformationWeek
• Why Cryptography is Harder than it Looks Bruce Schneier
• Hacking Rises Despite Increased Security Spending Christine M. Campbell IDG News Service
• DoS attack wikipedia
• What Hackers Know About Your Network - That You Don't! Thomas Raef, Ezine Articles
• Using Windows XP Firewall Microsoft.com
• Windows Vista Firewall Microsoft.com

Ethical Responsibilities

• Crossing the Line: Ethics for the Security Professional LURHQ Threat Intelligence Group
• Preventing DDOS Attacks Blessen Cherian LinuxSecurity.com
• SAGE-AU: Code of Ethics
• UGA Computer Use Policies
• 10 dumb things IT pros do that can mess up their networks ZDnet Asia
• Even IT types disregard policies designed to protect corporate data Jaikumar Vijayan, ComputerWorld.com
• GIAC Code of Ethics Global Information Assurance Certification

Security Precautions Awareness is Growing

• Spreading Security Awareness For OS X Robert Lemos Security Focus
• Don’t Fall Victim To Internet Fraud Eric Buck SELF SEO
• Outsourced Security on the Rise Rutrell Yasin TechWeb
• World Cybercrime Treaty May Be Underway ACM News Service
• Burglar Alarm Catches Hackers on the Net Will Knight ZDNet
• Companies Boosting Security for Web Sites ACM News Service

Some Security Products That Could Help You

• Spybot Search & Destroy
• Ad-Aware
• Panda TruPrevent
• Zone Alarm

Source Files

Title: Security Precautions

• Original Study Guide
• Original Bibliography