Online Security

By Ramon Ray

Locking our car doors (in many locales), securing our money and making sure our children don’t run into the streets are all second nature to most all of us.

This same type vigilance regarding securing our digital information must permeate our day-to-day business lives.

 

Passwords are an important gateway into your protected information. If you make the password easy, it is going to be easy for someone to figure it out and break into your computer system. The harder you make it the better. As much as possible try to mix up letters and numbers and add a few lower case and upper case numbers into the mix as well. It’s best to commit your password to memory and not write it down or you increase the possibility of exposing it to others.

 

Viruses are a constant and prevalent threat to all computer users – businesses and consumers alike. But because your business, is in business, viruses can pose a great economic if your computers are infected so you need to be VERY vigilant. The best protection against viruses is an anti-virus program. These programs will regularly scan your computer for viruses and automatically scan files as they are being accessed and/or downloaded into your computer system. If you have an anti-virus protection program on your PC, your personal vigilance is the next step in safeguarding your PC. Be wary of emails ending in the extension .exe, .com, .bat. pif or .dll. These are executable programs so if you are not 100% sure of who sent the file to you be very careful of opening it. Also remember, many viruses can send email from someone else’s address. So if you get an email from your trusted friend saying “open this file text.exe” it can’t hurt to ask if it came from them first. Also, using internet based mail services, such as Yahoo! and Hotmail, are a good alternative, too, because these programs allow you to scan attachments without opening, and without installing any software.

 

Resources: Symantec.com, McAfee.com

 

Firewalls should be a part of every businesses network and can serve as a first line of defense against many hacker attacks. A firewall is software or hardware device that scans incoming and outgoing information traveling over the Internet to ensure that it is authorized into and outside of your network. Let’s say that a hacker is trying to access your computer, a properly configured firewall will prevent the hackers access to your computer as they have not been authorized to do so. You may ask,  if I’m accessing a Web site that requires me to download some tool onto my PC, why will the firewall let that happen? The firewall is very good at understanding those Internet connections that have been requested and are therefore allowed – and those Internet connections that have not been requested and in general are not allowed. As with all security devices, a firewall is not a perfect tool, but only an important security tool in your arsenal. It’s a device that can and has been defeated, so the best advice is  to rely on your firewall as a first line of defense, utilize your anti-virus software and be vigilant of suspicious activity to your computers and be wary of email attachments and downloaded programs.

Resources: Symantec.com, McAfee.com, Zonelabs.com, Sonicwall.com, Linksys.com

 

Employee vigilance is one of the most important aspects of securing your business. Those with malicious intent may simply call your secretary and claim to be the VP of security and need her to urgently give them your password – will she or won’t she? Train all your staff to verify who they are speaking before releasing any security information to anyone. Establish clear security policies to guide all employees on how to ask for security information and how to release security information.

 

Physically securing your technology is important. It does no good to have thousands of dollars worth of software security, only to have a thief walk out with the computer that houses your customer database. The more important the data is, the more physically secure the hardware it resides on should be. Cameras, biometric devices, locks and other tools should be considered and implemented depending on your budget and security analysis.

 

Encryption of your files is something you should do if you have very sensitive data you want to give it an extra level of security. If for some reason your files are stolen you can have some assurance that POSSIBLY that thief can’t break into your files to get your data.

 

Resources: Pandasecurity.com, Cypost.com, Mcafee-at-home.com

 

Backing up your data (although not a strategy to enhance security) will ensure that if your data is lost or corrupted you can get it back with little downtime.

 

Resources: Veritas.com, backup.com, virtualbackup.com

 

Credit cards and online retailers

I know many people who are needlessly paranoid about ordering anything online, fearful that their credit card number will be stolen and used. This has happened – millions of dollars worth of online theft occur every year. However, think about how often you give your credit card to a complete stranger at the local restaurant, grocery store or other location. There’s no encryption between them and your credit card, as there is with most online retailers and many times authorities have arrested people for duplicating credit card information. I’ve used my credit card many times online with much success and never a problem. When using your credit card online use common sense.  Ask yourself a few questions --is it a reputable retailer; do they list a telephone number and physical address I can check out; and will they encrypt my transaction? And remember, if your credit card number is used without your authorization most often you’re protected and at most will have to pay up to $50 of the unauthorized charges, but often times that fee is waived. You might want to consider getting a credit card for use only online that has a low credit limit. I also suggest you be very careful about using a debit card for online transactions. Read its liability policy but still be careful  Losing $500 from your Visa card is not nearly as damaging as losing $500 from your checking account.

Ramon Ray, http://www.smallbiztechnology.com -
Strategic technology solutions for small businesses

DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

More How To Articles
More By Developer Shed

 

developerWorks - FREE Tools!

NEW! Applying lean thinking to the governance of software development Effective governance for lean development isn’t about command and control. Instead, the focus is on enabling the right behaviors and practices through collaborative and supportive techniques. Hear from Scott Ambler on how it is far more effective to motivate people to do the right thing than it is to force them to do so. Learn how to form a lightweight, collaboration-based framework that reflects the realities of modern IT organizations. FREE! Go There Now!

NEW! Did you say mainframe? e-kit Learn how you can extend modern application lifecycle management to IBM System z through the IBM Rational Software Delivery Platform (SDP). The Did you say mainframe? e-kit includes podcasts, webcasts, tutorials, white and red papers, demos, and articles designed to help ease the challenges of modernizing your enterprise. This complimentary kit for mainframe developers is a practical, how-to guide for making the most of an existing development environment, including the skills and infrastructure already in place at an established enterprise. FREE! Go There Now!

NEW! Discovering the value of WebSphere Process Server WebSphere Process Server delivers a unique integration framework that simplifies existing IT resources. Often, as IT assets grow to support business demand, so too does their complexity and manageability. In this webcast, we’ll discuss how WebSphere Process Server helps deliver an SOA infrastructure that provides a common model to orchestrate, mediate, connect, map, and execute the underlying IT functions. Discover how WebSphere Process Server simplifies integration of business processes by leveraging existing IT assets as reusable services without the complexities of traditional integration methodologies. FREE! Go There Now!

NEW! Download IBM WebSphere Portal V6.1 beta code Download the IBM WebSphere Portal V6.1 beta code and learn more about the rich features and enhancements in IBM WebSphere Portal V6.1. WebSphere Portal provides a composite application or business mashup framework and the advanced tooling needed to build flexible, SOA-based solutions, and scalability to meet the needs of any size organization. FREE! Go There Now!

NEW! Evaluate IBM Rational Developer for System i V7.1 Download a free trial version of IBM Rational Developer for System i V7.1, which provides a complete development environment for traditional i5/OS application development. IBM Rational Developer for System i is a new eclipse-based workstation offering for i5/OS application development that provides a comprehensive Integrated Development Environment for edit/compile/debug of traditional RPG/COBOL/C/C++ i5/OS applications. FREE! Go There Now!

NEW! Evaluate Rational Host Access Transformation Services (HATS) Toolkit V7.1 Visit IBM developerWorks to download a free trial of the Rational Host Access Transformation Services (HATS) Toolkit. The HATS toolkit provides a set of plug-ins for the IBM Rational Software Delivery Platform to help you easily extend your legacy applications. HATS makes your 3270 and 5250 applications available as HTML through the most popular Web browsers, while converting your host screens to a Web look and feel and it also enables you to develop new Web, portal, and rich-client applications. FREE! Go There Now!

NEW! Rational Asset Manager eKit Learn how to do more with your reusable assets with the free Rational Asset Manager eKit. The eKit includes demos on how Rational Asset Manager tracks and audits your assets in order to utilize them for reuse. Plus you’ll find white papers and a Webcast that discuss the challenges of a Service Oriented Architecture and how Rational Asset Manager can provide quick and effective solutions. FREE! Go There Now!

NEW! Rational Testing eKits Discover how Rational tools and best practices for testing can make your job easier. The new Rational Testing eKits provide you with valuable resources – including demos, webcasts, tutorials, and articles – that help you address your specific testing needs across the software lifecycle. Five new eKits are available covering the topics of Requirements and Test Management, Functional Testing, Performance Testing, Code Quality and Embedded Systems, and SOA and Web Services Testing. FREE! Go There Now!

NEW! Software Change and Configuration Management Solution Guidelines This whitepaper provides areas to consider when evaluating any software configuration management solution. It addresses how the IBM solutions (Rational ClearCase and Rational ClearQuest) meet the needs and requirements of both project leaders and developers to provide successful Software Change and Configuration Management. FREE! Go There Now!

NEW! Trial download: IBM Rational Tester for SOA Quality V7.0.1 Get a free trial download of the latest version of IBM Rational Tester for SOA Quality V7.0.1, a functional and regression testing tool that enables the creation, comprehension, modification and execution of testing GUI-less Web services. FREE! Go There Now!

All FREE IBM® developerWorks Tools!