The Importance of SecurityBy: William BrowningApril 16, 2012ICTN4040001201230 2012 Spring Enterprise Info Security *001*
Are you open for attackers? In today’s world security is a major problem. Securitythreats are around every corner. It is almost impossible to be completely secure due to the factthat there is always someone who can find a way to get past any obstacle with enough effort.But there are lengths we can take to slow down and turn away most attackers from gettingwhat they are trying to obtain or catching them when they break through. Deterring them is thefirst step in stopping the problem because no one wants to put in a ton of effort into failing.There are three key places for everyone where security is import. The first being your homewhich is vital for everyone to be secure in, the second location is your workplace or officebecause this is where many attacks occur on information, and finally the third is publiclocations. Keeping your information secure is completely necessary because leaking ofinformation can lead to money loss or identity theft. Intrusion detection and prevention arevital to networks and must be updated and carefully monitored for them to do their job.Security at home is the first place because your home is where you should feel the mostsecure from attacks. Most attacks on the home are not viral but they do occur regularly. Themost common attack on a home is brute force and/or burglary. Keeping your home securedoesn’t take much effort. Homes now of days have security pre installed for example locks ondoors and windows, then as you step up your brute force security you have more advancedlocks and security systems with monitors that are linked to protection services to help if anyoneattempts or does break through. Everyone has valuables that they would like to protect in theirhome may they be files or personal objects. Home network security is of key importance
because we can do almost anything on computers now, anything ranging from checking email,to banking online, and keeping up with friends but the list continues and no one wants to findout one day that someone was able to get their bank passwords and information from justchecking it casually at home. There are a few simple measures for protecting your homenetwork. The first is starting with your internet provider the best way to pick this is to askaround and see what provider others are using and trust. Just like purchasing something from astore a knock off is never as good as the real thing so make sure to pick a trusted company. Atthis point it comes down to what you personally implement within your own network. The firstis to implement a password on your router, this should be a five to ten character passwordsome routers have a separate settings for a guest connection which you should also key apassword so that not just anyone can access your network. Next comes securing you pc thisincludes configuring your firewall, antivirus, antispyware, and spam filter. The firewall doesn’tprevent viruses and spyware from accessing your network it is intended to monitor programsfrom leaving your computer allowing you to make decisions on the programs to allow or denyaccess. Next to the firewall another key safety feature for your computer is the antivirussoftware you use. Antivirus is used to recognize, block and delete malware from your pckeeping you protected from torjans, worms, and other adware. Then you have your computersantispyware which is used to remove software that can track your time on the internet,examples of these are cookies. Finally you have your spam filter which scans your email andfilters the trash and fake email from the real mail you’re getting, it does this through settingsthat you select and handles the mail accordingly. Taking these measures will greatly increaseyour chances of keeping your private information private and keep you safe in your home from
attacks on your valuable items and information. One thing you can do as well is to create abackup of your systems memory so that if any loss occurs you are able to regain access to theinformation previously lost.“Study finds 90% of business were hacked in the last year”Keeping the workplace secure is a primary task every company faces from the smallmom and pop shops to the large banking companies. Hackers are continuously looking toaccess private information that these companies keep stored from credit card numbers tosocial security numbers. A big group of hackers that show this happens in real life is the groupnamed “Anonymous” who are hackers that wear guy Fawkes masks and break throughcompanies security measures to gain access to the private information companies attempt tokeep secure. Hospitals, banks, and any other large companies have to go through extrememeasures to protect the information they keep stored this includes protection from socialengineering and viral attacks. Companies have began implementing new technologies toprevent people from tapping into secure networks from keeping their servers locked upencrypting any access ways to routers and switches and running intrusion detection. Socialengineering is a danger to the security of large complexes but with new technology this isslowing being crushed. Social engineering is the action of physically gaining access to a systemthrough manipulation or fraud. This can be getting people to divulge private information or bybypassing physical security and plugging into the network itself. Ways that this is being stoppedis through security measures preventing unauthorized personnel from entering restricted areas.This is done by creating badges, security check in stations and limiting who has access to the
hardware to only those necessary to keep it properly running. IT departments of thesecomplexes have their hands full daily keeping systems secure this comes from runningnecessary software on all computers and intrusion detection software such as NIDS, HIDS, andSIDS. They must also implement measures restricting what outside addresses people on thenetwork can reach, because naturally people are not perfect and may click on junk mail thatcould take them to a site that could potentially harm the network. This is done through in depthblocking methods that the department can implement for those accessing the internet throughthe complexes server. Smaller companies lack many of these measures opening them up topotential threats, I have seen firsthand some small companies with slacking threat protectionand have been a victim of it as well. Not too long ago many students and shoppers at a nearbystore were affected when a hacker was able to gain access to the stores credit card server anddownload credit card information that had been stored for up to a month in the company’sdatabase causing thousands of dollars in losses. The security measures IT departments place onlarge company networks is extensive from the security on the routers, switches, and servers.Every part of the network has to be encrypted this means that someone has to physical wireand program all of the coding for this to be accomplished and one slip could open a back doorfor a hacker to gain access. Many companies use outside industries to help with the protectionof the information they hold some cases consist of storing backups of daily activity where anoutsourced company will collect hard drives of information each day of the previous day’sactivity this way no loss can occur but doing this also opens you up to threats. You will need tobe able to verify that the company is legitimate and that the person coming each day is with thecompany. The intrusion detection system that a complex runs is the back bone of its networks
security. Intrusion detection has many levels of strength that can be implemented for networkprotection this ranges from monitoring, scanning, and the actions it will take when it labelssomething as a violation. Many government agencies even go through the extremes of notallowing personnel into the facilities with anything more than the clothes on their backs thismeans no cell phones, usb drives, and anything else you could take casually to most places.Have you ever used a free access WiFi for business? As nice as it is to be able to do yourwork out of a starbucks or other free WiFi location like the airport there are dangers to logginginto these networks because not all of them are secure. When logging into an unsecure WiFihot spot you are opening yourself up to data theft. The reason for this open to data theft is thatsince the WiFi connection is not encrypted it allows for computer hackers to pick up and readthe information you are trying to send across the open network similar to a radio broadcast.There are ways to help protect yourself while sending private information over a public WiFithese ways include using HTTPS security, using a VPN, And Tunneling for security. Using HTTPSto encrypt your data is a key feature when access private data oven an open connection. Mostwebsites will automatically switch to HTTPS when you will be required to input sensitiveinformation. Using a VPN on the other hand is a one-hundred percent guaranteed way tosecure yourself on a public connection. Doing this you connect to a server instead of directlyconnecting to the internet where the information you send is encrypted and can’t be collectedby an outside source and then you are connected to the internet through your secure server.Next you have tunneling which is the process of sending your packets inside other encryptedpackets this secures your information from being picked up by hackers on the open line
scanning the information being transmitted. Ways that hackers are able to collect your data isby setting up their own fake WiFi hot spots and allowing unknowing people to transmit datathey pick up on programs similar to wireshark.Taking these steps in securing yourself in these three areas can help protect you andyour valuables from being stolen. Understanding the dangers is the key part because if youdon’t feel safe logging into a private account in a location then you shouldn’t. But you should atleast understand the risks that go along with allowing yourself to be vulnerable to attacks.Everyday information is stolen or leaked due to people being able to link past security measuresthe range of the value of this information is extensive as stated it can be from something newcoming out on the market in the future or the ability to become someone else with a stolenidentity. Putting this information out to the public will help educate those who don’t fullyunderstand that technological world and how it plays in their daily lives. People work out ofcoffee shops and click on spam mail on accident and never understand how this could affecttheir lives. Knowing is only half of the battle you must implement the security measuresotherwise understanding them just isn’t enough because you are never fully protected. manythings no of days are made simple to help people in these cases like setup wizards for setting uprouters and modems but many people will ignore the steps and not take the time to securetheir networks.