Cyber Security Basics
Many of us think that the biggest threat to our IT infrastructure is through a breach of our premitier network. Nothing could be farther from the truth. In fact the majority of breaches occur becuase our users do not use good judgement or are just not educated on what to do.
Backup your files
Developing a backup and recovery plan for data residing on your computers and/or servers is an important step every computer user and organization should take. This means utilizing either onsite or offsite data backup solutions that would allow the continuity of business in the event of accidental file deletion, data corruption, hardware failure or natural disasters.
Looks to Good to be True
Every day, American consumers receive offers that just sound too good to be true. In the past, these offers came through the mail or by telephone. Now the con artists and swindlers have found a new avenue to pitch their frauds — the Internet. The on-line scams know no national borders or boundaries; they respect no investigative jurisdictions. But, as with all scammers, they have one objective — to separate you from your money!
An interesting point about fraud is that it is a crime in which you decide on whether to participate. Hanging up the phone or not responding to shady mailings or emails makes it difficult for the scammer to commit fraud. But con artists are very persuasive, using all types of excuses, explanations, and offers to lead you — and your money — away from common sense. So if it looks too good to be true, it probably is.
Read the document from US-CERT for more information about recognizing and avoiding email scams.
Fight Against Malware
Malware, short for malicious software, is software designed to disrupt computer operation, gather sensitive information, or gain unauthorized access to computer systems.
While increased productivity is a positive feature for anyone, the risks associated with mobile devices can be significant and include issues stemming from human factors to technological issues. Set a policy regarding mobile devices connecting to your network and enforce it.
Establish security for your Wi-Fi networks and control who has access to it. If you allow guest access to your Wi-Fi, make sure it is separate from your business network. This allows guests to access the internet without compromising your infrastructure resulting in down time.
Protect yourself while browsing
Today, web browsers such as Internet Explorer, Mozilla Firefox, and Apple Safari (to name a few), are installed on almost all computers. Because web browsers are used so frequently, it is vital to configure them securely. Often, the web browser that comes with an operating system is not set up in a secure default configuration. Not securing your web browser can lead quickly to a variety of computer problems caused by anything from spyware being installed without your knowledge to intruders taking control of your computer.
Ideally, computer users should evaluate the risks from the software they use. Many computers are sold with software already loaded. Whether installed by a computer manufacturer, operating system maker, Internet Service Provider, or by a retail store, the first step in assessing the vulnerability of your computer is to find out what software is installed and how one program will interact with another. Unfortunately, it is not practical for most people to perform this level of analysis.
There is an increasing threat from software attacks that take advantage of vulnerable web browsers. We have observed a trend whereby new software vulnerabilities are exploited and directed at web browsers through use of compromised or malicious websites. This problem is made worse by a number of factors, including the following:
• Many users have a tendency to click on links without considering the risks of their actions.
• Web page addresses can be disguised or take you to an unexpected site.
• Many web browsers are configured to provide increased functionality at the cost of decreased security.
• New security vulnerabilities may have been discovered since the software was configured and packaged by the manufacturer.
• Computer systems and software packages may be bundled with additional software, which increases the number of vulnerabilities that may be attacked.
• Third-party software may not have a mechanism for receiving security updates.
• Many websites require that users enable certain features or install more software, putting the computer at additional risk.
• Many users do not know how to configure their web browsers securely.
• Many users are unwilling to enable or disable functionality as required to secure their web browser.
As a result, exploiting vulnerabilities in web browsers has become a popular way for attackers to compromise computer systems.
Use strong passwords to secure your information. Passwords should have at least eight characters and include uppercase and lowercase letters, numerals and special characters. It is important to keep different passwords for different accounts. This will reduce the chances that if one password fails your other accounts will be vulnerable as well. Do not use the same passwords for accessing work systems on any other accounts.
Only shop at sites for companies you are familiar with and trust. When shopping online, look for the lock symbol or https in the website URL to indicate the transactions are secure. Be wary of potential scams – if it sounds too good to be true, it probably is. Do not use a public computer or public wireless. Additionally you should make payments by using a credit card rather than a debit card, as credit cards are protected by the Fair Credit Billing Act and may reduce your liability if your information was used improperly.
Updating your systems and software
It is important to keep your systems and software up-to-date. System and software vendors often find vulnerabilities that they fix in the latest update. If your computer is not updated, then you are leaving it open to attack via these vulnerabilities. Set programs and systems to auto-update to avoid missing a critical update. This includes your operating system, office suite, Adobe, media players, browsers, and other programs that can access the Internet.