PCI DSS or short for Payment Card Industry Data Security Standard, is designed as a security protocol that has been agreed upon by industry for applications in Credit card payment systems. Due to ever increasing problems and losses incurred by firms due to credit card fraud they have agreed to implement a data security protocol that encrypts data in transit to the various local card centers. The standard calls for a unified set of rules or parameters to be used in card centers to prevent and maintain security at all levels from the retail store where the data is collected, in-transit as it travels through the internet and as it is processed and stored in the data centers.
IBM has introduced the first PCI-DSS End to End system for implementation on the HughesNet Broadband Network Service. At a time when compliance is at a mere 50% these types of data security become imperative to prevent more losses and other problems associated with fraud and other criminal activities. The standard also applies and recognizes the needs of wireless networks through which a set of analytic and diagnostic processes are required. The PCI Standards Security Council who formulated the said standards are in constant process of reviewing and revising the said set standards as needed due to the ever-changing status of the internet and the business that goes through it.
Around 90% or more of most credit card transactions go through a public network in one stage or another as it makes its way to the central data center which makes it vulnerable to attack. The adoption of cheaper high-speed internet has companies turning to the public net opposed to the previously expensive dedicated T1 lines usually used by businesses. It also allows transaction data to be transferred through one single phone line thus lowering overhead costs making it the better choice for businesses.
Handhelds : Still the Biggest threat to Corporate Security
Employee’s love them, Network Administrators hate them, the advent of more function packed handheld devices have sparked a re-evaluation of the threat these small devices pose. Traditionally, networks were quite safe for to gain access to it you needed to be hooked up to the network, physically with a LAN cable. Now that the shift to wireless has become the network engineer’s best friend the network has surely been simplified and companies are switching to the new technology. Thy no longer needed wires and all existing computers are either replaced with ones that support Wi-Fi or bought individual dongles that allowed connection within the office. That was still an easy security agenda for they usually had a range of a couple of hundred feet.
Then came wireless internet hotspots which commercial developers started to put up to get more workers out of the office into their shops allowing them to work while, say having coffee. That’s where the problems began for the more office correspondence left the walls of the office, the more harder was it to secure. VPN’s were implemented that allowed a secure channel within existing networks making it a bit better. But that was still quite vulnerable to attack and security experts needed a better way of securing corporate data where-ever the user might be. Projections by business and security analysts estimate volume to increase to 100 million email transactions to and from outside the office locations that is still causing nightmares as the next step is found in the drive to secure this network without physical bounds.
[tags]Handheld Computing, Mobile Computing[/tags]
Better Security by Thinking as a Hacker
The best way to find out the security breaches is to think like a hacker on how to penetrate a secure network through various means. Accessibility to servers may have to go through different stages since various encrypted usernames and passwords would stand in the way of a successful hack.
The approach is quite simple. It is a reverse psychology of sorts since to become a full-proof secure system, ways on how to be able to get over the fences for such walls that have been put off must be severely tested.
Unorthodox as it may seem, the various approaches to be done will certainly be simple at this point because at the rate that hackers are able to go around security fences today, a lot of progress has been made in being able to make the lives of administrators a living hell as far as IT security is concerned.
[tags]hacker, network security, breach, coding, cracks, cryptography[/tags]
Disable that Shared Folder
It would only be normal to find shared folders in the default setup of Windows operating systems. This can be easily seen once a person would go to the explorer option of his computer where shared folders are waiting to be accessed. This is automatically made for access if people connect to a network and would not set the security policies and accessibility on a restricted basis which only allows administrators to access them.
The importance of setting security levels to avoid such access to folders is important. Not al people are aware of the harmful things an unauthorized user may do once he gets the chance to intrude in another person’s workstation. Aside from probable back-ups, a person may lose the files contained in such folders if he is not careful. Hence it is best to do the precautionary measures before hand to avoid unwanted avoidable circumstances would ensue.
[tags]shared folders, security policy, network security[/tags]
Playing with Algorithms and Numbers
The main gist of security conscious and malicious programmers is to play with the known algorithms where most of the problems can be created and avoided. The never ending search for understanding algorithms has been a given today. Malware development has been obviously aggressive and the issues and plagues that it has continued to spread is really something that keeps technology people up on their feet.
The best way is to be aware of possibilities. The Internet is known to be always up to date with such risks, but overall, a person aware of the capabilities of such should know beforehand that spyware, malware and Trojans can easily penetrate systems without notice if they are not secured properly.
Such security breaches and issues are placed under the tutelage of network administrators and officers. Being aware of such potential risks beforehand is something that they should be aware of. Besides, it is also a given that most of these professionals are aware of such risks since they are always logged on the web.
Password Protection for Word and Excel
For confidential files that people would want to be kept at maximum security, applying passwords to ensure that only proper personnel will be able to open them has been the regular exercise for basic security measures. Among the usual files that would require such security levels are that of payrolls, business plans, and management projections and outlook, a lot of which are kept in safe storage to avoid people and competitors from planning to gain access to them.
Payrolls, especially for people who are at higher levels are usually restricted materials. The only person allowed to access them would usually be the finance, personnel and upper management honchos. In organizations, curiosity and challenge are the usual culprits for people to try and crack the passwords. However, if they are already under wraps and given advanced warnings, access can be limited and contained so that they would not even entertain the thought of doing such mischief which will not do them any good anyway.
[tags]password protect, cryptography, file access[/tags]