Security has always been an important part of any IT infrastructure. It means protecting your information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. But, there will always be people who will try to infiltrate or want to access your network to do their malicious deeds.
As the security technology improves, simultaneously the skills of these hackers. But what can we do to protect ourselves from these threats?
1. Physical Attacks
We can set a policy in place that prohibits the use of any type of external storage device. Also, we can use Read Only Domain Controllers (RODC) that helps the networks concerned. Further, the BitLocker feature, which is designed to protect data by providing encryption for entire volumes, helps to protect sensitive data.
2. Comprise Pass-phrases in place of Passwords
A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource. Password policies should use encryption method, which is if less than 15 characters long, is automatically stored in backup. So instead of a password, have your users come up with a passphrase instead. And please do not write your password for someone else.
3. Avoid phishing attacks through E-mails
The rise in specifically targeted e-mail attacks has been of significant concern to security experts. Such attacks are both harder to detect than mass phishing attacks and more likely to be acted on given the fact they are customized to their recipients, including things such as their name and official title.
You can receive an e-mail claiming to be from your bank or from your HR department, claiming that a new policy is in place and it’s required that you change your password for security reasons. You provided the password and credentials, which is used by the bad guys for their benefits.
5. Be cautious on self-replicating worms
A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes and it may do so without any user intervention. Although, worms do not corrupt or devour files like a virus, they usually consume your PC’s bandwidth.
Recently, the Conficker worm had caused so many problems to networks are still around and Microsoft announces a $250,000 bounty on the head of those who created it. A new variant known as Conficker B++ has also been spotted in the industry and the IT industry’s attempts to bring it down.
6. Increasingly Malicious Malware
Malware is software designed to infiltrate or damage a computer system without the owner's informed consent. Although most of the malware is not malicious in nature and is usually referred to as spyware, malware includes computer viruses, worms, Trojan horses, most rootkits, dishonest adware, crimeware and unwanted software.
7. Have a heads up on Unauthorized Network Access
One of the biggest challenges for any organization is to keep an eye on the person who wants to access the network that should not. Fortunately, we have tools like Network Access Control (NAC), which uses a set of protocols to define and implement a security policy that describes how to secure access to network nodes by devices when they initially attempt to access the network. It forms a standard, when met, the computer is able to access network resources and the Internet, within the policies defined within the NAC system.
There is also Network Access Protection (NAP), which is used for controlling network access of a computer host based on the system health of the host.
As the security technology improves, simultaneously the skills of these hackers. But what can we do to protect ourselves from these threats?
1. Physical Attacks
We can set a policy in place that prohibits the use of any type of external storage device. Also, we can use Read Only Domain Controllers (RODC) that helps the networks concerned. Further, the BitLocker feature, which is designed to protect data by providing encryption for entire volumes, helps to protect sensitive data.
2. Comprise Pass-phrases in place of Passwords
A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource. Password policies should use encryption method, which is if less than 15 characters long, is automatically stored in backup. So instead of a password, have your users come up with a passphrase instead. And please do not write your password for someone else.
3. Avoid phishing attacks through E-mails
The rise in specifically targeted e-mail attacks has been of significant concern to security experts. Such attacks are both harder to detect than mass phishing attacks and more likely to be acted on given the fact they are customized to their recipients, including things such as their name and official title.
You can receive an e-mail claiming to be from your bank or from your HR department, claiming that a new policy is in place and it’s required that you change your password for security reasons. You provided the password and credentials, which is used by the bad guys for their benefits.
5. Be cautious on self-replicating worms
A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes and it may do so without any user intervention. Although, worms do not corrupt or devour files like a virus, they usually consume your PC’s bandwidth.
Recently, the Conficker worm had caused so many problems to networks are still around and Microsoft announces a $250,000 bounty on the head of those who created it. A new variant known as Conficker B++ has also been spotted in the industry and the IT industry’s attempts to bring it down.
6. Increasingly Malicious Malware
Malware is software designed to infiltrate or damage a computer system without the owner's informed consent. Although most of the malware is not malicious in nature and is usually referred to as spyware, malware includes computer viruses, worms, Trojan horses, most rootkits, dishonest adware, crimeware and unwanted software.
7. Have a heads up on Unauthorized Network Access
One of the biggest challenges for any organization is to keep an eye on the person who wants to access the network that should not. Fortunately, we have tools like Network Access Control (NAC), which uses a set of protocols to define and implement a security policy that describes how to secure access to network nodes by devices when they initially attempt to access the network. It forms a standard, when met, the computer is able to access network resources and the Internet, within the policies defined within the NAC system.
There is also Network Access Protection (NAP), which is used for controlling network access of a computer host based on the system health of the host.
