Security 101: Security Basics (Part 3 of 3)

Technology Trends & Culture - June 6th, 2003

by Nichiai

This is the final article in the three-part series, giving you some food for thought regarding home or corporate PC/network security.

In this article, we give you some suggestions on what you could do to reduce the inherent risks involved with being connected to the Internet.

What can I do?

First of all, let’s make one thing clear. No site connected to the Internet is continually “hack-proof.” PC/network security requires vigilance and is an ongoing process.

That said, what can you do to reduce the risk of your home or small/medium corporate PC/network from being hacked?

❖ Be in the Know! Know what’s going on in security, not only with your PC/network, but as much as possible, follow current issues related to the Internet, viruses, software patches and updates, etc. Know whom you connect to, and who may have access to you. When suitable, use access control and content filtering to limit access only to what is required to get the job done.

❖ Use a firewall. Firewalls are not the answer to all Internet related security issues, but a properly configured firewall will usually block a random scan from hackers looking for security holes. Firewalls come as software, hardware, or a combination of both. You can usually find a cost effective solution that will fit your needs and budget.

❖ Use one or more anti-virus solution(s). There are several kinds, so choose the solution most suitable for your needs. Be sure to cover all points of possible infection, be it on your file server, client or mail server, database server, or Internet gateway.

❖ Maintain your PC/network. Keep your software, especially Internet related software such as browsers and websites, properly patched and up-to-date. Ensure you have the current pattern file for your anti-virus software, and actively check for viruses. Check log files of anti-virus gateways, firewalls, servers, etc. for suspicious activity.

❖ Maintain physical security. There’s no use using firewalls and anti-virus solutions when someone could just walk off with your PC! Restrict physical access to your PC/network. Lock your server room/ server racks.

❖ Use encryption and authentication as necessary. Restrict access to and from your PC/network to a level that balances security with ease of use. Realize that nothing going over the Internet is completely safe. Do not give out your password(s), change them regularly, and make them difficult to guess. When possible, use combinations of upper and lower case characters, numbers and symbols.

❖ Consider other solutions as needed. Generally speaking, home users will not need Intrusion Detection Systems (IDS), Vulnerability Assessment (VA), Accepted Use Policy implementations, etc., but these are some things for the corporate user to keep in mind as their needs evolve.

In conclusion

Even if a hacker is not directly targeting you or your company, it does not mean you are safe from probes and attacks. Don’t be paranoid, but do know the risks associated with Internet/network use. With the information in this series, and common sense, you have a starting point for finding suitable solutions for your needs.

Gadget Spotlight: “USB Key Ring Storage”

Dell and most major PC suppliers will tell you the humble floppy disk has had its day.

Welcome to USB Flash Memory storage.

Device capacities range from 8MB up to a gigabyte of data – presentations, MP3 files, word documents and the like – onto a drive smaller than your thumb, and weighing less than an ounce.

Products from Buffalo (see picture) or from DiskOnKey, are portable storage devices that clip to a key ring. A removable cover protects the USB connector from damage – sorry lost mine (not in picture) – yes it is easy to loose! Just plug it into a USB port on a Mac or PC and your data is ready to access.

The technology is generally identical irrespective of manufacturer, and the devices don’t need a driver. Once installed, it acts like an external mini-drive and is given the first letter available on the system for a storage device (for example “E”). Managing data can be done through Windows Explorer or, with some devices, through a software program that manages the drive itself. These programs also normally allow for password protection.

The Buffalo (also known as Melco) USB storage device shown – called “ClipDrive” has a capacity of 64 MB and is available in most stores in Akihabara for around ¥3,900. They also offer ClipDrives with capacities of 32, 128, 256 and 512 MB.

The capacity of these USB memory devices makes them a power tool for the mobile worker who needs access to higher volume storage that can be read on most USB-enabled computers. With capacity of up to 700 times that of a floppy (1.44 MB), that is some seriously portable memory. Of course, increased portability of data, while very useful in some cases, may raise security issues in the corporate environment!