Are You Really Secure?
Dealing with Security
Nightmares in Broad Daylight
When
you think about your security strategy, do you
ask yourself if you've done enough? Have you covered
all the bases? If you haven't, is there a work-around
or some other risk-mitigation plan in place?
Dealing
with security threats never changes. Whether it’s
responding to a new virus, upgrading firewalls,
or installing antispyware software, there’s
always some threat that needs to be fixed, patched,
or planned for.
While
a company's IT systems may never be perfectly
secure, IT managers should be able to identify
and mitigate risks. Networking specialists understand
the concept of setting a baseline: becoming familiar
with what normal activity and thresholds are,
so that when abnormal activity pops up or normal
thresholds are exceeded, you can spot it.
The
choice you have is to continue to work on improving
your company’s cybersecurity practices!
Spam
is dangerous and costly for business.
It disrupts networks, cuts productivity, spreads
viruses and is increasingly used by criminals
who steal passwords to access confidential information.
Private companies providing Internet access to
employees or customers have obligations to:
- Establish clear
e-mail use guidelines.
- Monitor the Internet
for websites that copy their site in an attempt
to steal customer data in phishing attacks.
- Educate their
customers about the potential for faked e-mail
messages.
As
much as 98% of bad messages get filtered out by
antispam and antivirus software. But the few messages
that wriggle past increasingly sophisticated filters
constitute the greatest threats from the Internet.
IM is the new threat
vector in messaging.
A piece of instant-messaging malware called Heartworm
is targeting users of Microsoft's Windows Live
Messenger service, masquerading as an e-card and
delivering an executable that draws personal and
financial information off PCs.
Until now, at least,
users have had to click on an HTML link for an
exploit to work. But security analysts fear that
it is only a matter of time before an e-mail exploit
becomes available that will be launched without
any user interaction.
Firewall conversion
and upgrades are necessary.
When it comes to firewalls, moving from one to
another can be a daunting task, so many IT managers
opt to stay with what they have because upgrading
or going for rip-and-replace is too complicated.
Some major firewall manufacturers have conversion
tools that do 80 to 90% of the conversion between
brand A and brand B, but you still need a clever
person with their brain turned on to do the rest.
The best security
approach is applied in layers. Here is a checklist
to consider:
- Protect your servers
by hardening them.
- Patching is perhaps
the single most important thing you can do in
a Windows environment.
- Monitor event-log
information and services running on each server.
- Control access
to resources and systems.
- Install firewalls
at each entry point.
- Ban wireless from
the network.
- Desktops –
Lock down or harden the operating system on
desktops and keep all patched and protected
with automated tools.
Technology is a small
part of the security solution. People are the
big part.
Printer
Friendly Article
Compiled from a variety of Internet Sources |
