You Think a Firewall and Anti-Virus Are Enough?

Why do I care? I am not worth hacking!

What precautions have you taken to ensure the security of your personal computer or your company's network? Holland IT, a computer network security firm, offers innovative solutions to the challenges of securing your data, your network, your money and your identity.

You think a firewall and anti-virus are enough? Think again! Anti-virus and a firewall are just the tip of the iceberg! If you have seen the AOL advertisements on television, you know there are worse things than your hard drive making a sound like a yeti! On a personal level, if you are even slightly concerned about a third party obtaining anything on your computer, then your first step is to take a moment and figure out how vulnerable you are. The same basic process applies to a corporate network.

Keep in mind that being connected to the Internet is a bit like stumbling down a dark alley wearing a shiny gold Rolex while you are drunk. Rather dangerous - who knows what is around the next corner! You may end up on the Channel 5 news. Would you risk it, considering how hard you've worked on building your company?

You have a firewall (maybe many!)? Sure, better than no firewall. But you do have holes in it, right? I mean, your e-mail goes through it, you can surf the Web through it, send files right through it. Are any of your people using Instant Messenger? FTP? SSH? Any MP3 servers, WEB servers, WEB e-mail servers anywhere in your network? Your wireless data is encrypted, right? Every vulnerability in every operating system or program you have on every computer in your infrastructure has been patched, right?

Think "proactive" to avoid attack or extortion

At the risk of sounding overly dramatic, computer network security has to be more proactive and not reactive. In a recent survey, Orange County was well below the national average in secure computer network standards. Public companies have no choice but to comply with Sarbanes-Oxley, but what about the privately held companies? Are their systems immune to hackers, worms, viruses, spam and spyware? System security is a highly complicated subject - no one knows everything, especially overworked, stressed out IT persons! But with the appropriate tools and the right procedures and safeguards in place, a hacker may select an easier target to attack or a less proactive company for extortion.

Home computer vulnerabilities

Some individuals are worth hacking, although less so than companies. Thieves can use your connection for criminal activities, send spam, store copyrighted data for illegal distribution, steal your identity or money, and wreak havoc on your credit rating. If you have wireless in your house or home office, your information is easily captured. If you have any connection to the Internet, you can be hacked. If it's broadband, DSL or cable, you can be hacked at any time, even when you are sleeping or not home, and your connection can be abused - firewall or no firewall. If I were a spammer, I wouldn't use my own connection - I would "borrow" yours!

Impact on your business

If your company relies on the Internet for business, just imagine the impact if your connection is locked up. Every time you switch it off and then back on, it's still locked up! It's called a DDOS (denial of service) attack - what are you going to do about it?

Has someone published vulnerabilities to gain access to your systems? A resounding "Yes!" Welcome to the World Wide Web, where all information is available if you know where to look. Although real hack attacks are actually rare, they do happen. The most common hacks are from within, ex-employees or employees with something on the side, but the net result to your business is the same.

Why do most hacks go unreported? How would your customers feel if they knew your network was compromised? Anyone with money or confidential information in his or her systems is a possible target. In 2004, hackers got away with an estimated $800 million and that is surely only a fraction of the true amount.

There are even worse things than theft to deal with. Former CIA Director George J. Tenet said recently, "Telecommunications -and specifically the Internet - is a back door through which terrorists and other enemies of the United States could attack the country, even though great strides have been made in securing the physical infrastructure. The Internet represents a potential. Achilles heel for our financial stability and physical security if the networks we are creating are not protected." (Washington Times) And we have not even talked about viruses, worms or spyware.

Initial course of action

A recommend initial course of action would be for everyone to take time to download the FBI CSI file on Computer Crime from http://www.fbi.gov, study it, and take a look at what other companies are doing to secure their infrastructure. Maybe you can wait; maybe your infrastructure will be okay. But think about why you have car insurance. If it were legal not to have it, would you do without insurance? Attacks and ruined computer networks are a very real problem that cannot be ignored. The solutions are out there - talk to an expert today.

SIDEBAR SIDEBAR ... if you are even slightly concerned about a third party obtaining anything on your computer, then your first step is to take a moment and figure out how vulnerable you are.

At the risk of sounding overly dramatic, computer network security has to be more proactive and not reactive.

Pen Drive - A Necessary Evil?

Technology has always been a necessary evil. The more the technology develops, the greater are the chances of its being abused. Pen drive, the small storage device used to store and transfer data to and from computers, has gained popularity due to its functionality. It has got thousands of uses. Ease of use and convenience is the prime reason of its popularity.

However, like many other equipments, pen drives are also a necessary evil and pose a potential security threat to the technology world. When placed in wrong hands, the portability and high storage capacity of the pen drive can be hazardous. The device has evolved as a threat to the corporate and other organizations where security of data is given utmost importance.

The threats that are associated with pen drives are serious. Some of them are listed below.

Stealing of data:

Apart from the defense department, the corporate sectors all over the world are under the threat of data theft for espionage. There is no dearth of incidents where spies, hackers and other source are employed to steal data. A pen drive gives ample of opportunity for the theft from an unattached or unlocked PC with a USB port. It is easy to access data and steal information like client list, research data or any other information. The hackers can even bring the software with a pen drive allowing the user to hack password or other confidential information.

Spreading virus:

Earlier, floppy drives and emails were considered as main source of virus to computers. However, there has been anti-virus software developed to counter virus and protect the PC. But with pen drive it is difficult to check the virus with the safeguard as the device can bypass the protection. It is almost impossible to defend against the viruses unless and until you have strong anti-virus policies or you are not scanning all files in your network. It is easy for a virus writer to corrupt the entire network of a corporate environment with a pen drive.

Plant malicious software:

Virus apart, it is not difficult for anyone to take any spamware and plant it in the PC. In corporate sectors the threat multiplies when employees use pen drives to bring unauthorized software or any other data such as software pranks, sharewares, mp3 files, pornography pictures, video clips and other inappropriate data that is against the corporate ethics. As pen drives allow more space, it is easy to bring bulky software which impossible with a floppy. Situation worsens when the software is used to crack password.

Causing data loss:

Pen drives barely allow any security system in terms of password or any other built in security feature. So it is more likely that if a person loses a pen drive, the data inside it can be accessed by anyone. If it falls in wrong hands he or she can misuse it. a pen drive can be easily stolen or misplaced and the data stored inside it can be easily manipulated. There have large demand for pen drives with some security systems such as finger-print reader or protective software.

There has been a conscious protest against pen drives in many private and government organization. Though it is a convenient device for the productive brains, it has proved to be beneficial for the thieves as well. Pen drives are small in size and have greater capacity to store information. Hence the thieves can carry the device stealthily in pockets and take information.

Unless and until any drastic step has been takes against it, the security of any organization can be in stake. Even a visitor can retrieve data easily from an open computer. Considering these threats, some companies have taken some protective measures for their security by banning pen drive inside company premises. It can reduce the threat to some extent.