 |
  Contact
UsInfo@Altenbernd.com | (800) 557-7634
|
Improve Your Internet Security with These 8 TechniquesThe security and integrity of your information systems has always been important, something that required special care and attention. But the explosive growth of the Internet has brought with it a significant increase of threat to your systems. If you don’t feel paranoid about it, you should. There really are people out there who really are out to get you. Fortunately there are a number of things that you can do, with relatively little cost and effort, that will greatly improve your security. The ThreatYou and your business face several kinds of threat because of your connection to the Internet. One of them is the threat to your privacy, and that threat is beyond the scope of this article; we will deal with it at a later date. Another threat that you face is one that is encompassed by the somewhat vague term “security”, and that’s the threat we will deal with here. The threat to your system security is posed by people with malicious intent, those who would break into your computer in one way or another and either steal information for misuse (e.g. credit card or bank account information0, cause damage of some kind (e.g. erasing your hard disk), or simply use your computer and its resources for their own purposes (possibly to use your identity to mount an attack on someone else’s system so that if someone gets caught, it is you, not them; possibly just for bragging rights among their nefarious peers). The cost of such an intrusion can be anything from a minor annoyance through a major disruption to a catastrophe. The Response As you might expect, the subject of Internet security is almost as complex as the Internet itself. There are a number of consulting firms that specialize in Internet security and nothing else. And there are hundreds of books currently in print that address the subject. Large, high-value Web sites spend lots of money, sometimes millions of dollars per year, to see that they remain as secure as possible. But on a much smaller scale, there are a number of things that you can do, on your own and at modest cost, to improve the security of your Web site and your network and to discourage all but the most committed vandals. Following is a list of 8 steps you can take to protect yourself. 1. Take Security Seriously Probably the single most important thing you can do to protect yourself and your network from malicious intrusion is to be aware that a problem exists and to resolve to resist. Part of that resolve should be a written security policy. It need not be long or elaborate, but it should contain a list of security steps to be enforced, a list of periodic security review activities, a list of prohibited activities, and so on. (Indeed this article can form the foundation of a rudimentary security policy.) But of course the mere existence of a security policy means little in itself. It is important that the policy be enforced and that it be reviewed and revised periodically. The Web is a dynamic place, and it changes rapidly; the threats to the integrity of your Web site and network change in step. Your written security policy must be a living document, constantly updated in response to evolving threats. And it must be central to the way you do business. 2. Install Virus Protection Computer viruses, in all their forms and variations, have been around for a long time. They are created by the Dr. Moriarities of the Internet, the evil geniuses who are among the brightest and most misguided technocrats of our age. Some viruses are worse than others, but all are bad; my personal view is that there is no such thing as a benign virus. Hiding in the petticoats of e-mail messages or masquerading as cute images or helpful programs, they are aimed at disrupting and destroying other people’s computer resources. Fortunately we have a number of well guided geniuses who are dedicated to eradicating viruses, and there are available several anti-virus programs that do an excellent job of identifying and trapping viruses before they can infect your system. There are several ways to implement virus protection: you can install an anti-virus program on each of your computers, and you can have you Internet service provider and Web site host run virus checkers on all of your e-mail. You can do one or the other; you probably should do both. One caution: virus protection tends to age rapidly and fall out of date. Be sure to subscribe to the ongoing update service that you anti-virus vendor offers, and then be sure to perform an update at least once a week. 3. Secure Your Machines By default, your personal computer has lots of vulnerabilities, points of entry for foreign programs. These entry ports were intentionally left open so that application programs that you might acquire would be able to configure themselves and gain legitimate access to your computer. This was judged to be especially important for casual or unsophisticated computer users who did not have the expertise to configure their machines for each new application that they wished to install. But guess what! There are lots of Drs. Moriarity about who will find your machine and then poke about until they find one of the vulnerable open ports; and then Bingo! Or perhaps Poof! Or maybe Thud! Whatever, it will sound just awful. However there are quick and efficient ways to audit the vulnerability of your computers and then to button them up to keep the bad doctor out. 4. Consult With Your ISP / Host Anyone who is in the business of providing Internet service and hosting Web sites and e-mail has more experience than they like with Internet security problems. They are a good source for consultation about protecting your site, and they probably have implemented a number of security solutions (such as e-mail virus protection, see point 2, above) that they will make available to you for a reasonable price. In addition, they are probably willing to consult to you at a reasonable rate about how you can secure your Web site and your network. 5. Build A Firewall “Firewall” is a fairly broad term to cover a variety of ways of monitoring and managing the traffic that comes in over the Internet to your site. Firewalls are a complex subject, reflecting the inherent complexity of the Internet, and there are many ways to design, build, and configure them. But as with the other techniques outlined in this article, it is possible to get much of the benefit of a firewall at a fairly modest cost and with a reasonable amount of setup required of the non-technician. Firewalls can be implemented either as hardware devices (and if so, as either stand-alone boxes or integrated into some other piece of hardware, such as a cable modem or an ISDN router), or as software running on a computer that mediates the connections between the Internet and the computer(s) on your internal network. Most firewalls come pre-configured so that they provide a large measure of protection with virtually no manual configuration required. 6. Delete Unknown E-Mail Attachments One popular way to invade someone’s computer is to send an enticing e-mail with an evil attachment. The e-mail is From: someone you know, because a virus invaded their machine, found your e-mail address in their address book, and immediately dispatched the e-mail to you. The subject line and/or the body of the e-mail message might be something like “I thought you would enjoy this” or “Here’s the information you requested”. And the evil attachment might have an intriguing name, such as “AnnaKournikovaNude.jpg.exe” or some such. The (almost) natural expectation is that the attachment is a photograph (the JPEG – for Joint Photographic Experts Group, and pronounced “JAY-peg” – is an ad hoc industry group that has developed a technical standard for efficiently packaging photographs in electronic form.) of the pneumatic young Russian tennis player in the altogether. WOW! Click-Click. KaPLOOEY!!! Because, see, the extension was NOT “.jpg”, meaning that it was a JPEG file; the extension was really “.exe”, meaning that it was an executable file, that is, a program, you just didn’t notice that because you were excited; and when you double-clicked on it, the operating system said, “Well, it’s a program, that’s what .exe means, so let ‘er rip.” And rip it did, probably shredding your hard disk in the process. So the moral of the story is, look carefully at any e-mail with an attachment, double-check the extensions, have virus detection fully implemented and up to date, and be very circumspect about any unsolicited e-mail with an attachment, even if it’s from your best friend’s mother. If you have any questions about an attachment’s content or integrity, delete it. Contact the nominal sender to be sure that they did, or did not, send it. 7. Configure Your Brower’s Security There are a number of individual security settings that can be made within the browser on each machine on your network. If you use Microsoft Internet Explorer, as most people do these days, you will find the Tools > Internet Options... On the Security tab, select the Internet icon and then click the Custom level… button. You will find a number of options, most of which have three choices: Enable (always do it, don’t even bother to ask); Prompt (Ask me and wait until I reply, then either do it or don’t do it, as I select); or Disable (never do it, don’t even bother to ask). Disabling everything provides a very high level of security at the expense of making the Internet impossibly difficult to use; enabling everything exposes you to some real vulnerabilities and at the same time makes the Internet so easy to use that you could do a lot of damage to yourself very quickly; and setting Prompt for everything provides a fairly high level of security but requires you to answer Yes or No many, many times during a session on the Web. As with many things in life, the correct balance is difficult to determine and probably must be converged on over time. A little bit of trial-and-error experimentation is probably the best way to approach browser tuning. 8. Be Ever Vigilant Unfortunately, ensuring Internet security is a never-ending process. It isn’t helpful to set up a policy, install virus protection, configure a firewall, set browser security levels, and then forget about the issue. Things change too quickly on the Web, and as soon as protection against one evil is implemented, one of those little Moriarities will find a new weakness to exploit. Security must be an ongoing proposition. It’s an unfortunate reality of the Internet, a reality whose cost is a modest reduction of the otherwise significant benefits that we realize form this new technology. Neverthelss, eternal vigilance is essential. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ We can help Altenbernd Consulting is a general IT consultancy for small and medium-sized businesses, and we offer a security audit package that is sufficient for most of our clients. Learn more about our Internet Security Audit product. We also have a list of helpful Internet Security Resources that will be helpful to those wishing to manage their security issues themselves. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
|
Contact Us Would you like to respond to the material in this newsletter? Ask a question? Make a comment? Suggest topics for future articles? Just visit this page to drop us a line. http://www.Altenbernd.Com/ContactUs.asp Subscriptions Click here for a FREE subscription to AC Technology News. http://www.Altenbernd.Com/FreeITNewsletter.asp Would you like to cancel your subscription? Send us a message with the word “Unsubscribe” in the subject line. Our Privacy Policy We respect your privacy. Click here to review Our Privacy Policy. http://www.Altenbernd.Com/OurPrivacyPolicy.asp |
| © 2002 Altenbernd Consulting, LLC. All Rights Reserved. |