our company | our solutions | custom applications | secure hosting | managed services | technology consulting | news | contact us | home
 
Articles
Listen to Radio Interview
Evolving Threat
Evolving Threat Webinar
Addressing the Top 5 IT Concerns for Financial Advisory Firms
What Are You Doing to Stop Security Saboteurs?
Commonwealth boosts security with Pragmatix Gold Contract
A Tech World
Controlling the IT, Compliance Strain
Is Wireless Safe?
Send hackers packing: Education and data security - prepare for potential problems
Disaster Recovery and Continuity: What Every Business Owner Needs to Know
IT Watch/Disaster Recovery (IE only - video inside)
Disaster Recovery Made Easy
What small-business owners should know about e-mail
Selecting a Web Hosting Provider
Print Media - Buy, Build, or Both?
Press Releases
4/25/08 IBM Recognizes Pragmatix as Leader for Small Business Solutions
03/17/08 VAI Teams with Pragmatix to Expand Software as a Service Customer Base
10/16/07 Pragmatix Expands Services with BlackBerry® Support
ARCHIVE >>
 

What Are You Doing to Stop Security Saboteurs?
By Bill Abram
As seen on www.crmbuyer.com
February 19, 2007

All it takes to sabotage a network is one person. It's as simple as uploading a program that opens back doors into administrative computers, turning an entire computer system into a spammer's playground. Networks should be secured by passwords. Even better, they should be turned off while not in use. Passwords are imperative to data protection.

Security is one of the fastest growing areas in technology today. Internet scams and hackers are more malicious and widespread than ever. For example, TJX recently announced that its computer system that stores and processes customer information was breached

T.J. Maxx, Marshalls, HomeGoods and A.J. Wright stores in the United States and Puerto Rico and Winners and HomeSense stores in Canada were affected, as was information dating back to 2003.

The threat of hackers is so great that even the Department of Homeland Security conducted its own test cyberattack, called "Cyber Storm," to determine reaction, recovery and coordination in response to a technical security breach.

This is a testament to a large and growing concern about computer and data security across all industries in the U.S.

Additional Viruses Ahead

New viruses are introduced daily and spammers use worms to create "spam zombies," which clog inboxes, steal passwords and introduce Trojan Horses that allow for unauthorized remote access to a computer. This means no network - large or small - can afford lax security standards.

Organizations are constantly under attack and none can afford the risk of an unsecured network. Security breaches can be detrimental to customer relations, but they are also damaging to a company's finances.

All it takes to sabotage a network is one person. It's as simple as uploading a program that opens back doors into administrative computers, turning an entire computer system into a spammer's playground.

More Passwords, Please

Networks should be secured by passwords. Even better, they should be turned off while not in use. Passwords are imperative to data protection.

The sharing of passwords can be extremely harmful to a system. Therefore, policies enforcing password changes every 90 days should be considered for every organization.

Virtual private networks (VPNs) utilize effective intrusion prevention and detection devices such as firewalls, antivirus and spam-filtering tools. With the simple click of a mouse, security updates and new viruses that circulate around the globe can be eliminated.

Monitoring of e-mail systems, along with daily system backups, ensure that problems are detected quickly and are fixed before further damage is caused.

Networks can be affected both by internal and external threats. Intrusion detection can segregate and isolate a subnetwork - or even a single machine - if security levels have been compromised or it they have yet to be updated from a central server.

No Escape

No organization can hide from this phenomenon and the serious outcomes it brings along. California's Hacker Law requires businesses and government agencies to "notify individuals when unencrypted personal information in the categories of Social Security number, driver's license number, account number, or credit or debit card number has been accessed in a computer security breach."

Security experts are employed by many organizations and can provide network assessment and maintenance. One can take the following small and relatively inexpensive steps to greatly reduce security breaches and hacking:

  • Guard the gates. Firewalls should be properly installed and configured. Sometimes authorized and well-intentioned technicians leave "back doors" open to make it easier for them to provide support; these must be closed. If there are modems in use, even occasionally, they should be secured by passwords - or better still, turned off while not in use.
  • Secure the servers. Make sure the server software is kept up-to-date and that the latest security patches are regularly and promptly installed.
  • Defend the desktops. Similarly, make sure the desktop software updates are installed regularly.
  • Apply antispam and antivirus measures. Low-costs software packages and service plans, available from many reputable providers, are easy to put in place. (Note: These also must be regularly updated.)
  • Protect the passwords. Do not share passwords; make sure all employees have - and use - their own password(s) at all times. Enforce a policy that requires changing passwords every 90 days or more frequently. Also, be sure that user accounts for former employees and contractors are quickly disabled.
  • Keep quiet. Many hackers obtain information that allows then unauthorized access simply because they ask. In these scams, a hacker might pose as a potential job applicant, a phone company technician or an Internet provider support representative. Too often, employees - while trying to be polite and helpful - unwittingly reveal crucial information that helps the hacker gain access.

Preparing for potential data threats is a critical component of business and can literally save a company. Businesses that fail to take security precautions run the risk of seeing hackers help themselves to private information.

To view this article online, click here


        Copyright 2008 Pragmatix 565 Taxter Road, Elmsford, Westchester County, NY 10523 P: 914-345-9444
Pragmatix Services | Pragmatix IT Solutions | Clients | About Pragmatix | Contact Us | Privacy | Site Map