IT Security Blog

Wireless Security Tips

By

Wireless networks are becoming increasingly common these days, ranging from home use to businesses. Increased mobility within the network’s range and the reduced cost of installing a LAN without cabling are but some of the advantages you can get when using Wi-fi. It’s major disadvantage lies in the higher security risks of unscrupulous users hacking into your personal data and gaining access to the Internet to your network. Here are a few precautions you could take to ensure your network security:a laptop

Change the default administrator passwords. Default administrator passwords to network devices are easily available online and well-known to hackers. Most routers allow you to change this easily.

Turn on data encryption. This allows you to scramble the messages and data sent through the network. Most devices come from the manufacturers with this option turned off, so users have to activate this. Also note that all Wi-fi devices in your network must share the same data encryption settings to work together.

Disable SSID broadcast or change the default SSIDs. SSID is short for service set identifier, and is attached to the header of all packets in a wireless network. It also uniquely identifies your network. This is broadcast at regular intervals, and hackers can use this to identify vulnerable networks. Also, change your SSID from the default, and refrain from using IDs that can reveal who owns your router and where it’s located.

Restrict the computers that can access your network. You can do this by filtering the MAC (Media Access Control) addresses to those of the devices in your network.

Install antivirus software and firewalls. This might seem obvious, but after the initial install most users forget to update their virus definitions. Computers on a wireless network needs the same protection as other computers.

A Few Tips to Avoid Phishing

By

phishing example Chances are that when you open your inbox today you’ll find an e-mail claiming to be from your bank, an e-commerce site, or another online site you’ve visited. They might offer you an upgrade to your account, inform you that there’s been changes to their, and asks you to verify your account information. This could be a phishing attempt to get sensitive information like your personal information or passwords. Fortunately, you can avoid getting scammed by taking these precautions:

  • Be suspicious of any email with urgent requests for personal financial information. Phishers are getting more sophisticated in their attempts, so even if an e-mail appears to be legitimate, look for proof that it came from your e-commerce company. They should be personalized and carry information that only you and your company would know. They might show partial account numbers or other verification tools.
  • Use anti-virus software and a firewall, and keep them up to date. Phishers sometimes include script that can track your activities on the internet without your knowledge.
  • Never use the links in an e-mail to go to any webpage. Phishers will redirect you to a bogus site to trick you into logging in your account number and password. Log onto the website by typing in the web address to your browser. At the same time, never call any numbers in the e-mail. It could lead you to a VoIP provider that isn’t connected to your company at all.
  • Never fill out forms in e-mail messages asking for your personal financial information. Your e-commerce company would never ask you to send sensitive information in that manner.
  • Check your bank, credit, and debit card statements regularly to see if all your transactions are legitimate. Report any suspicious withdrawals immediately.
  • Finally, report the phishing attempt you received to your company and other anti-phishing groups.

[tags]phishing,spam,spoof emails,indentity theft,pharming,spam filtering[/tags]

Office policies and IT security

By

office compliance

In every office, you have to have some policies when it comes to sharing of files and downloading of files. Why? For one thing, those computers are the company’s resources. And it should be that during work hours, people ought to limit their downloads except for materials that are necessary for their work to get done.

How do you formulate your policies when it comes to these matters?

If you are working in a creative environment, anything could be used as your inspiration. That is why there are companies who allow surfing within office hours and it does not really matter what sites you visit. Although some of them do block some sites that are mainly of the personal nature like Friendster, My Space and other similar sites. There are also some that ban blogging services like Blogger. They would even issue memos regarding the matter.

If you work in a strictly confidential project, it would be difficult to try to make sure that nothing leaks out. If you are connected via the Internet, chances are your works could be intercepted in one way or another by hackers. So you have to be careful that you have firewall activated. As others would say, just block off everything except interoffice email.

Employees must be briefed carefully so that they will not be surprised in case they were surfing the ‘net one time and they find out that there are blocked sites. Also, you have to make sure you observe how the employees work. Those in the financial business would have to guard a lot of information. They would have to ensure that the employees understand the policies and that they would follow them in order to ensure that everything will be secure. After all, it is better to be safe than sorry. You would not want to lose your valuable clients.

Teaching people about IT security

By

teaching about it security

In general, teaching people is a difficult task. You have to carefully plan on how to address them and be relevant. Each person would have different needs. Whether you plan to teach your staff and employees, or your family and friends, you have to brace yourself.

Some of the factors that would affect how you would teach them about IT security are as follows:

  • the person’s experience with computers
    Has the person used a computer before? What has the person done so far? Install an operating system? Used some particular applications like word processing software or a web browser like Internet Explorer?
  • the person’s experience with going online
    Each of us would have had different experiences when it comes to our online presence and habits like downloading, checking email and the like. When it comes to downloading materials be it online textbooks or anything else, it would be good to take a profile of the sites the person uses as resources.
  • enthusiasm
    Whether you believe it or not, enthusiasm could affect the reception of the person to ideas and all that. Talking about security is not exactly the same as talking about your favorite car or favorite pet. Unless you think you could gush about firewalls and all those details, that is. Then again, it depends on the person’s experience, as said before.

No matter how easy or difficult it could be, no matter what background the person has, this is an important thing to learn. You are the one who can do it. May you teach them well.

Sharing your computer and keeping your files intact

By

computer sharing

Living at home means that you have to share your computer with other people. In some companies, people also share workstations in case that they have different work shifts. In any case, it is important for you to make sure that your files are safe. Especially those that you use for work and those that contain confidential information.

Here are some tips for you:

  • Make sure you are using a password that is not easy to guess.
    If people know you well enough, they could probably figure out what password you will use. People tend to use passwords based on words, names and dates that important to them. Examples are pets‘ names and anniversaries. If you do this, chances are those who know you will be able to log in your computer using your account. Try changing your passwords every so often and make sure that they will be easy for you to remember but difficult to guess. Think of some cipher for it.
  • Set permissions on your files and directories.
    You could set that your files and directories will only be accessible to you. Do a chmod on them. Then again, whoever has root access will be able to get through. Maybe it would be easy for you to do this if you are the one with root access.
  • Protect your files with passwords.
    Although not everyone agrees with this, some people do this for their own sake. They feel better to have password protected files. A drawback, of course, is that if it has a difficult password to remember, you might as well have deleted your files.
  • Log out of your account or profile.
    If you have set your file permissions that you are the only one who can view, edit and execute the files, it will be pointless if you don’t log out. When you are the one who is still logged on, you leave your entire session open for intrusion.

Hopefully these tips have helped you deal with some of your dilemmas with regards to sharing your computer with other users.

It Security – The threat from within

By

corpespionage.jpgIt Security, is a cat and mouse business comprised of people trying to get the best of the other. People are always trying to get into a company’s servers to get information and the other half is the ones who are trying to prevent them from doing so.

This is quite a difficult task for these people use very sophisticated techniques in the form of code to do so. One very difficult problem is that if the treat and protector are the same. In the industry, these security experts are a select few and many have been all over the place in terms of companies they have worked for. With ever soaring prices paid for privileged information either for industrial espionage or personal gain it does pose a serious temptation to these professionals.

Most maintain their integrity by playing by the rules, but a few fall to the lure of a quick buck. Many instances of threats to many companies being discovered to have originated from within are on the rise and companies are going to lengths to getting people to look after the other. After all, we are only humans and many of us do need the extra cash but don’t you think there’s a more honest way to make it. People just don’t realize the importance of their information stored within say an insurance company of which they are a client of. If that information were to leak out into the open that can reek havoc on the finances of an individual or worst a whole client list full of it. Such leakages have ruined companies before resulting in bankruptcy and subsequent closure.

So to you guys, keep it clean for all of us depend on it. Maybe not me, but a whole lot of other innocent people out there can fall victim to a tragedy just because of a CD full of information you get paid a few hundred bucks for. And a warning, never ever think that no one is watching for someone surely is…