Online Security
By Ramon Ray
Locking our car doors (in many locales), securing our money and making sure our children don’t run into the streets are all second nature to most all of us.
This same type vigilance regarding securing our digital information must permeate our day-to-day business lives.
Passwords are an important gateway into your protected information. If you make the password easy, it is going to be easy for someone to figure it out and break into your computer system. The harder you make it the better. As much as possible try to mix up letters and numbers and add a few lower case and upper case numbers into the mix as well. It’s best to commit your password to memory and not write it down or you increase the possibility of exposing it to others.
Viruses are a constant and prevalent threat to all computer users – businesses and consumers alike. But because your business, is in business, viruses can pose a great economic if your computers are infected so you need to be VERY vigilant. The best protection against viruses is an anti-virus program. These programs will regularly scan your computer for viruses and automatically scan files as they are being accessed and/or downloaded into your computer system. If you have an anti-virus protection program on your PC, your personal vigilance is the next step in safeguarding your PC. Be wary of emails ending in the extension .exe, .com, .bat. pif or .dll. These are executable programs so if you are not 100% sure of who sent the file to you be very careful of opening it. Also remember, many viruses can send email from someone else’s address. So if you get an email from your trusted friend saying “open this file text.exe” it can’t hurt to ask if it came from them first. Also, using internet based mail services, such as Yahoo! and Hotmail, are a good alternative, too, because these programs allow you to scan attachments without opening, and without installing any software.
Resources: Symantec.com, McAfee.com
Firewalls should be a part of every businesses network and can serve as a first line of defense against many hacker attacks. A firewall is software or hardware device that scans incoming and outgoing information traveling over the Internet to ensure that it is authorized into and outside of your network. Let’s say that a hacker is trying to access your computer, a properly configured firewall will prevent the hackers access to your computer as they have not been authorized to do so. You may ask, if I’m accessing a Web site that requires me to download some tool onto my PC, why will the firewall let that happen? The firewall is very good at understanding those Internet connections that have been requested and are therefore allowed – and those Internet connections that have not been requested and in general are not allowed. As with all security devices, a firewall is not a perfect tool, but only an important security tool in your arsenal. It’s a device that can and has been defeated, so the best advice is to rely on your firewall as a first line of defense, utilize your anti-virus software and be vigilant of suspicious activity to your computers and be wary of email attachments and downloaded programs.
Resources: Symantec.com, McAfee.com, Zonelabs.com, Sonicwall.com, Linksys.com
Employee vigilance is one of the most important aspects of securing your business. Those with malicious intent may simply call your secretary and claim to be the VP of security and need her to urgently give them your password – will she or won’t she? Train all your staff to verify who they are speaking before releasing any security information to anyone. Establish clear security policies to guide all employees on how to ask for security information and how to release security information.
Physically securing your technology is important. It does no good to have thousands of dollars worth of software security, only to have a thief walk out with the computer that houses your customer database. The more important the data is, the more physically secure the hardware it resides on should be. Cameras, biometric devices, locks and other tools should be considered and implemented depending on your budget and security analysis.
Encryption of your files is something you should do if you have very sensitive data you want to give it an extra level of security. If for some reason your files are stolen you can have some assurance that POSSIBLY that thief can’t break into your files to get your data.
Resources: Pandasecurity.com, Cypost.com, Mcafee-at-home.com
Backing up your data (although not a strategy to enhance security) will ensure that if your data is lost or corrupted you can get it back with little downtime.
Resources: Veritas.com, backup.com, virtualbackup.com
Credit cards and online retailers
I know many people who are needlessly paranoid about ordering anything online, fearful that their credit card number will be stolen and used. This has happened – millions of dollars worth of online theft occur every year. However, think about how often you give your credit card to a complete stranger at the local restaurant, grocery store or other location. There’s no encryption between them and your credit card, as there is with most online retailers and many times authorities have arrested people for duplicating credit card information. I’ve used my credit card many times online with much success and never a problem. When using your credit card online use common sense. Ask yourself a few questions --is it a reputable retailer; do they list a telephone number and physical address I can check out; and will they encrypt my transaction? And remember, if your credit card number is used without your authorization most often you’re protected and at most will have to pay up to $50 of the unauthorized charges, but often times that fee is waived. You might want to consider getting a credit card for use only online that has a low credit limit. I also suggest you be very careful about using a debit card for online transactions. Read its liability policy but still be careful Losing $500 from your Visa card is not nearly as damaging as losing $500 from your checking account.
Ramon Ray, http://www.smallbiztechnology.com -
Strategic technology solutions for small businesses
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More How To Articles
More By Developer Shed
 developerWorks - FREE Tools!
|
This demonstration gives you an overview of IBM® Rational® Build Forge Express Edition, a global offering that provides a framework to automate and execute software processes. Rational Build Forge provides a software assembly line that can support all of your tools, technologies, and platforms so you can achieve a repeatable, reliable, and traceable build and release process.
FREE! Go There Now!
|
|
|
|
Download the Rational Application Developer (RAD) v7.5 open beta code and start developing applications for the JEE5 standard which features EJB3.0, JPA, JSF 1.2, JSP 2.1 and Servlet 2.5 standards. When you use this beta you will see how you can increase developer productivity for already existing applications with improved support for refactoring, as well as adding new features to existing applications. In addition, the beta provides tooling for JD Edwards, Oracle, SAP, Siebel and PeopleSoft to improve the developer productivity with these enterprise systems.
FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to download a free trial version of Lotus Quickr 8.0, which enables collaboration by transforming the way everyday business content such as documents, rich media, photos, and video can be shared. Lotus Quickr makes it faster and easier to share content of all types (not just documents) within virtual teams. It is designed to make it easier to collaborate across organizational boundaries, while continuing to work within the context of familiar desktop applications.
FREE! Go There Now!
|
|
|
|
Download the IBM WebSphere Portal V6.1 beta code and learn more about the rich features and enhancements in IBM WebSphere Portal V6.1. WebSphere Portal provides a composite application or business mashup framework and the advanced tooling needed to build flexible, SOA-based solutions, and scalability to meet the needs of any size organization.
FREE! Go There Now!
|
|
|
|
Learn from the best! Find out how developers use Rational ClearCase to be more flexible, innovative and deliver higher quality code in the Rational ClearCase Power Users eKit. This complimentary eKit provides a collection of materials, like articles, whitepapers, and demos that can help you become a power user of Rational ClearCase.
FREE! Go There Now!
|
|
|
|
Listen to this webcast to get an overview of Info 2.0 and a technical demo of how to quickly build an enterprise mashup. IBM's Info 2.0 technology leverages emerging Web 2.0 technologies such as mashups, feeds, AJAX, and JSON in order to simplify assembly of information using feeds and services. Come learn about the technical elements of Info 2.0 including the Feed Generation framework, Mashup Engine, and mashup assembly components. Learn how to pull information from databases, departmental information, and the Web to create mashups critical to your company’s success. We will also discuss best practices to help you get started.
FREE! Go There Now!
|
|
|
|
XML has become a common way of storing business data as flat files and many data server vendors including IBM have provided ways to store this data within relational database systems. Increasingly collections of XML files are accessed like databases using an xQuery and other XML standard mechanisms. Businesses find the need to combine the traditional tabular structured data with XML formatted data. In this webcast, you’ll learn about IBM’s WebSphere Federation Server technology, which provides users with the ability to integrate these two data formats.
FREE! Go There Now!
|
|
|
|
Join this Rational Talks to You teleconference on December 6 at 1:00 pm ET to participate in an agile application development discussion and get your questions answered on using IBM Rational Method Composer in a distributed environment.Get your questions answered!
FREE! Go There Now!
|
|
|
|
As businesses grow increasingly dependent upon Web applications, these complex entities grow more difficult to secure. Most companies equip their Web sites with firewalls, Secure Sockets Layer (SSL), and network and host security, but the majority of attacks are on applications themselves – and these technologies cannot prevent them. This paper explains what you can do to help protect your organization, and it discusses an approach for improving your organization’s Web application security.
FREE! Go There Now!
|
|
|
|
WebSphere Process Server delivers a unique integration framework that simplifies existing IT resources. Often, as IT assets grow to support business demand, so too does their complexity and manageability. In this webcast, we’ll discuss how WebSphere Process Server helps deliver an SOA infrastructure that provides a common model to orchestrate, mediate, connect, map, and execute the underlying IT functions. Discover how WebSphere Process Server simplifies integration of business processes by leveraging existing IT assets as reusable services without the complexities of traditional integration methodologies.
FREE! Go There Now!
|
|
|
|
All FREE IBM® developerWorks Tools!
|
