Most folks seem to understand what a firewall is and why it is so very important. They intuitively understand that they need something between the “trusted” internal computer network and the wild west we call the Internet! The installation of a firewall is generally something all business do, from the wireless network at the local coffee shop, to the medium size law firm and the giant multinational distributed enterprise. The barbarians are at the door, but with a firewall we all feel protected! The largest percentage of cyber security risks, however, do not come through the front door and your firewall will never see them enter. The largest risk to the security of your network comes from the employees and guests allowed, either connected by wire or wireless, to attach to your corporate network.
As a CISCO Certified Security Professional, we do a great deal of work in the area of computer network security. When called on to do a “Security audit”, “voice readiness” or “network assessment”, the first question we ask executive management is where is your AUP? After all we can tell you what protocols are running around on your network and even which user is consuming the most bandwidth. We can not, however, tell you if they are allowed to use that bandwidth! The creation of an “acceptable use” policy (i.e. AUP) is an essential first step in network security. The AUP communicates to all network users what is supported and what applications are allowed on the network. It describes what is acceptable regarding personal email, blogging, file sharing, web hosting, instant messaging, music and video streaming. It defines what is activity is strictly prohibited on the network and clearly outlines what constitutes “excessive use”. The computer network is a valuable corporate asset and as such it needs to be valued, protected and secured.
Does your company have a network access and authentication policy? What is the “password” policy? Do you even need a “password” to use the company network? Can anyone just come in and plug whatever phone, pad or computer device they happen to have into the company network? What is the data storage and retention policy? Do you allow VPN tunnels that extend your company network to a home office or coffee shop? Do you allow your users to connect third party provided equipment to your network? Is it acceptable that Bob just added a hub to his office network connection so he can plug in his own printer? How do we feel if Bob plugs in his own wireless access point? Do we have a “guest” network and do we let those folks know what is acceptable on your network?
What are the legal ramifications and liabilities you are exposed to if you are providing a computer network as part of a lease agreement? Are you liable for damages if your computer network is unavailable or “down for any reason? If Home Land Security shows up because your company’s public IP address was traced as originating a terrorist treat, do you have the user agreements in place to mitigate the costs you are about to incur defending your good name and reputation?
Computer network security is more than a firewall. A computer with an Ebola virus, Adware or nefarious RAT (remote access terminal) will infect all computers on your network, threaten your corporate data and render your firewall as useless as a screen door on a submarine. If your company has taken the prudent step of providing a Human Resource or employee manual that spells out the company’s position on work force violence, sexual harassment, vacation day accrual and drugs in the workplace, why don’t you have a manual that defines the acceptable use of your most vital corporate assess, the computer network?
Technology is constantly evolving and so is the disk drive. That small device you rely on so heavily on a daily basis as part of your computer system or server has evolved from a tape to a small device you can store mountains of information on daily.
When computers were first introduced, they couldn’t hold that much storage. In fact before computers, everything was done manually and once computers were introduced, all disk drives were external, providing companies with the ability to store all their data on external devices, which were carefully locked away in a safe and taken out each day to be used.
One of the first disk drives, which many people don’t even know existed, is the magnetic tape. The magnetic tape enables computer operators to store high volumes of data. The reel held a long string of tape which could accommodate up to ten thousands punch cards worth of data. In those days it was a lot, today it probably wouldn’t even cover you for a complete days’ worth of work.
Then came the floppy disk. The floppy disk was introduced in the 1970’s and could hold a high volume of data. It could hold in the region of four hundred and eighty kilobytes, which was much higher than the magnetic tapes in a smaller and more compact design. This enables computer operators to share information by swapping disk drives from computer to computer.
In the 1980’s a smaller floppy disk drive was introduced. These were made of hard plastic and were only 3.5 inches in size. Computers only just started being manufactured without this disk drive in place a few years back, these floppies remained in computers for three decades and are still used by some users today.
The next introduction to computers is the CD rom, or compact disc drive, an exciting introduction which improved data storage and speed. Operators were able to save a document to the CD within seconds, rather than waiting minutes on a magnetic tape or floppy disk. CD’s were also able to hold more data and was thin and much easier to carry around. They were used extensively in gaming, enabling game developers to sell their games to computer users with easy installation instructions.
Next came the DVD drive, which many people still use today. The DVD drive sped up the saving process and could save large volumes of information. Another benefit is that many DVD’s are rewritable, saving companies money by not having to replace the DVD’s every time they want to do a backup or save a file.
SD memory cards were introduced in 2000. These were small and encrypted cards available in thirty two and sixty four megabyte sizes all the way up to two terabytes. They are still used extensively today in smart phones, cameras and tablets.
Most companies rely on external disk drives these days, reducing how much they have to store on their computers. External disk drives also enable people to save data and then take the disk drive when them and plug it into another computer to access the information.
Internal disk drives are used extensively, especially in servers. Companies that rely on servers will keep a number of top disk drives, which are used to save all their important data and information. From here it is accessible to all the computers in the office, reducing how much is saved on each individual computer. This also makes backup easier and quicker, saving all the information from one point.
Have you ever seen a friend, cousin or a family member bearing financial losses as a result of a poor security policy? Are you afraid of the rising cyber crime rates and wish that you should never experience it? If yes, then read the article to know about the common cybercrime threats that the IT sector faces in 2015.
Many of you might have faced the ill effects of the poor IT security management, but you compromise with the situation by believing it to be in your destiny. Market research firms and IT experts claim that the year 2015 will see the cybercrime associated with the Internet of Things (IoT), social security details, financial information and many others. Experts state that the IOT attacks on businesses and the ever-rising computer hacking cases will shock the virtual users with plenty of new frauds, attacks and malicious software. Websense Security Labs predicts that the malware authors are working stringently to create some smart viruses that can escape from the AV detection tests and give rise to cyber bullying activities. The DDoS Attack Report for Q2 2014 by Prolexic Quarterly Global focuses on improving DDoS protection and enhancing multi-layered web security, meaning that 2015 will experience devastating cyber-attacks. Some major Information Technology companies also ensured that their AV products will carry some advanced features as the cyber crime doesn’t limit to financial losses.
1. Healthcare Sector
Tech experts state that the healthcare sector may experience an increase in data-stealing attacks as hackers are paying attention towards the personally identifiable information to commence major frauds. Physical information, health care details, and medical history will help malware authors to manage a huge web of attacks and give rise to various types of fraud. A hospital computer has a database of millions of patient records in a digital form, so managing and protecting the patient’s personal data will be a major challenge for healthcare IT professionals.
2. Mobile Threats
Since mobile devices are entering into the market at a rapid rate, managing their security and privacy has become a great challenge for security professionals. Malware authors design malicious codes that target credential information rather than collecting the stored data on the device. The auto-login feature of mobile apps makes the portable platforms highly dangerous as mobile devices now give rise to broader credential-stealing or authentication attacks and cyber bullying practices.
3. Attacks Associated to the Internet of Things (IoT)
The Internet of Things (IoT) is the future of computing, and the platform will allow things, humans, appliances, animals and other things communicate with each other over a local network. The connectivity amongst the devices can enhance the speed, efficiency and performance of everything, but the closely connected network can invite some major security flaws, affecting everything connected over a local network. The Internet of things expects to focus on businesses, not on consumer products, and rising cyber crime rates can also impact the new internet-connected device in a business environment. A majority of products and applications can give rise to the business attacks as attackers are likely to attempt establishing a control over all the simple connected devices.
4. Credit Card and Information Deals
Cybercrime and financial information have a strong bond as many malware authors create malicious codes just to fetch your financial information and use them for fraudulent purposes. Some IT experts state that the credit card thieves will soon get morphed into information dealers as financial institutions have already adopted Chip and PIN technology to trim down financial crime rates. They further added that the cybercriminals will now look forward to collecting a broader range of data about victims, consisting of multiple credit cards, geographic location data, personal information, and interests.
5. New Vulnerabilities Will Soon Emerge
Every year comes with new inventions, discoveries and technologies to impact user’s experience and their work environment. Some technologies like fingerprint, UltraHD, wearables and others enhance user’s experience in a positive manner, while some source codes like OpenSSL, Heartbleed and Shellshock make users worried. Software development is growing at a rapid rate and so does the cyber crime. Malware authors, software developers, and hackers may come up with new features and integrations to impact the base code and exploit the vulnerabilities to steal away your private information.
Conclusion
Undoubtedly, cybercriminals will continue to adopt evasive techniques and methods to break through the security systems and enter into your devices to steal the valuable information. But, it becomes highly important to stop them right now as the future will experience interlinked things and impacting any one of them may lead to the violation of the whole environment. Some tech experts claim that the malware authors will continue innovating malicious codes that can effectively escape from AV tests, after analyzing recent cyber crime trends and tactics. According to the results derived from the common AV tests, experts predict that the year 2015 will see a tremendous increase in the Internet crime rates, but with greater frequency and sophistication. If you think that your devices don’t feature optimal AV protections, then simply research the web and find efficient online computer support companies to handle your PC security issues.
Your email is a nexus point for user interaction and for potential vulnerability from scammers. It is the door to your data home and the place where many users are most likely to compromise their information.
As you know the internet is rife with scammers who are always looking for the next way to take advantage of the public. They use ever improving techniques and changing tool-sets to come up with the next way to get your information and create vulnerabilities in your network.
In most cases this is as easy as convince users to click on links and attachments that they should not.
Recently we have seen a growing malware/phishing/virus threat being spread through legitimate looking voicemail attachments in user emails.
In almost all cases email scammers convince users to click on or open attachments by including just enough information that could be perceived as correct and accurate that it may be appropriate to be receiving the attached information. In the case of the Voicemail attachment – Users may see an “Email ID” that appears to be coming from an internal email address at the recipient’s organization, as well as a “Download Message” link that appears to host the fake audio file on the recipient’s organization’s domain. All these work together to throw off recipients better judgment and convince them to trust the email enough to click on the download link.
This phishing attempt fools users by appearing to be a legitimate, automated email from Outlook. The scam targets Outlook users, who are sent official looking emails with the subject line “You have received a voice mail.” The body of the email contains the Microsoft Office Outlook logo, fake data about the voicemail and caller, and a link to download the voice message. Although the download link appears to be a .wav audio file, it’s actually an HTML link to a website that tries to install a Trojan virus. If you are current with your Antivirus Protection and Ant-malware Protection the software should stop the Trojan from installing, however we have had users who have manually overridden these protections and allowed the blocked content to install.
Another version users are seeing with more frequency is the appearance of a “voice message” which appears to come from the “admin” of your organization. This email includes a zipped attachment which when downloaded will install malware on your computer.
Deleting the email should be enough to avoid downloading any malware. but accessing, or downloading, or even opening and allowing the email to load any embedded images may be enough to confirm the validity of your email address and open your system up to potential vulnerability.
If you do click on the download link or believe that your system has been compromised as a result, You should take steps to quickly mitigate the damage.
The best strategy is to exercise additional diligence when opening email. If you cannot confirm the authenticity of an email or sender, it is always best to avoid opening it.
We are all heading somewhere.
Whether it’s to visit family for the holidays, a trip to the grocery store or being on the path to enhance your life, one thing necessary to arrive at your destination is learning how to change lanes effectively.
I could speak to you about literally changing lanes – using your blinkers, mirrors and gracefully merging into the gap that awaits you. That will surely get you to your destination safely and on time.
Let’s move this conversation to metaphorically changing lanes in your life.
With the New Year right around the corner, reflecting on 2014 will inform you of where you want to go in 2015.
What lane do you want to be in 2015?
The fast lane, the slow lane or somewhere in the middle?
For those of you that have been following me for a minute, you know I choose the fast lane. However, I’ve had a few signals lately, partnered with internal nudges, to move to a different lane.
How the heck do you do that when you’re used to moving at 100 mph and you have got places to go?
First, ease your foot off the gas. As I ponder what’s most important these days, I reconnect with my personal values, the non-negotiables that have to be present for me to say YES to something. If the activity is not aligned with those values, I say no, or at least not now. One of my values is to have fun with everything I do, so if it is not fun, I either look at how to make it fun or delegate the task to someone that finds it fun.
As I slow down, I enjoy the beauty around me. This lets me pick and choose the things I want to fill my calendar with. The second step to effectively changing lanes is to surround yourself with people that are spending time in the lane you want to be in.
Jim Rohn, author, entrepreneur and motivational speaker said, we are most like the 5 people we spend the most time with. Make a list of the people you are with the most and honestly ask yourself if they are supporting you in getting to your chosen destination. If not, start to put your attention on the type of people you desire and begin to attract them into your life.
Last but not least, have a clear picture of where you are going. I-285 is a highway that’s a big circle, outlining Atlanta. If you’re not sure where you are heading, it feels like you are going in circles – literally. Choose what you want to achieve this month and pick a lane, any lane. Committing to it will help you arrive there with more ease.
If you want to enjoy the holidays like you never have before, make sure your activities are aligned with what is most important to you, weave in the people you want to spend time with and have a clear picture of what you want to accomplish-even if accomplishment means more naps during the holiday break.
What lane will you choose to drive you forward in creating a phenomenal New Year?
Article Source: http://EzineArticles.com/8853896
Sign up today for free & stay current with local IT news.
