PROTECTING YOUR COMPUTER AND NETWORK
PHYSICALLY SECURING LAPTOP/NOTEBOOK/HANDHELD COMPUTERS
Portable computers can be even more vulnerable because it is so easy to steal the entire computer. A thief might then be able to access the data stored on the hard disk and log on to the organization ̳s network remotely, if additional protective measures have not been taken. Cable locks are even more desirable for laptops than for desktop computers. Many portable computers come with built in security slots for attaching these locks.
Alarm systems are available that can attach to portable computers. Once activated, these alarms will sound if they are not disarmed before the computer is moved. A variation on this concept is the transmitter-receiver system. The transmitter is kept on your person (for example, on your keychain) and the receiver is attached to the portable computer. If the two are separated by more than a small
distance, the alarm sounds.
PHYSICALLY SECURING NETWORK COMPONENTS
Network components (Routers, Hubs, Switches, Wireless Access Points, and Cables) can all be points of vulnerability, but their security is often overlooked. A hacker who has physical access can plug a laptop into a hub and intercept network communications using packet sniffer software. Because the twisted pair cabling used for most modern Ethernet networks is unshielded, the electromagnetic signals radiate from the cable and can be picked up by a properly equipped hacker who has access to only the cable.
Exposed cables going through hallways, false ceilings, or in unlocked offices can present a security risk. Most information workers will not be responsible for securing network devices such as routers, hubs and switches, but you should be aware that the cabling in your office can also be listened to by savvy hackers. Making it as inaccessible as possible is a good security practice.
PHYSICALLY SECURING DESKTOP COMPUTERS
Desktop systems are easier to physically secure because they are larger, heavier, and consist of multiple components, which mean they are more difficult to steal. Theft can occur, however, so systems containing sensitive information or connected to the network should be kept in locked offices when no one is there to oversee them.
Cable lock systems (steel cables that attach the computer to the desk, floor, or wall) can be used to secure the computer case to a large structure. Computer cases should be locked so intruders cannot open them and steal the hard disks. Media that holds data (floppy disks, CDs, flash memory cards, tape backups) should be kept in locked cabinets to prevent theft.
If the hard disk is removed, the computer ̳s local data cannot be accessed. And because the operating system also resides on the removable disk, the computer cannot be used to access the network; it will not even start. Server rooms and offices where computers with sensitive data are located should be protected by motion sensors after hours.
PROTECTING AGAINST VIRUSES AND OTHER MALWARE
Computer viruses do millions of dollars in damage every year, so it is absolutely essential that every computer that connects to a network have adequate virus protection. Installing antivirus software is not enough. New viruses are being written and released every day. According to Symantec ̳s Internet Security Threat Report of July 2004, more than 4000 new viruses and worms were discovered during the first half of 2004. You must update the virus definition files that areused by the antivirus programs to detect viruses on a regular basis. (If you have an always-on connection, you should update weekly or even daily). Most antivirus programs can be set to automatically connect to the Internet and download updates on a set schedule.
“Many organizations already have antivirus software set up on their computers, so check first with the IT department before installing such software or changing the configuration of any existing antivirus program.”
PROTECTING AGAINST SPYWARE AND ADWARE
If you notice any of the following symptoms, you may have adware or spyware installed on your computer:
- Noticeable slowdown in performance with no other explanation. Unusual software behavior, such as your Web browser ̳s home page suddenly changing, new items appearing in your Favorites menu, or programs closing unexpectedly.
- Strange hardware behaviors such as the CD drive opening or unusual hard drive activity.
- Strange network behavior, such as indications by your modem lights that your computer is transmitting data when you are not doing anything online.
- Pop-up ads displaying when you are not surfing the Web.
Adware/spyware detection and removal software is becoming just as necessary as antivirus software. However, you must be careful when choosing anti-spyware tools (especially free ones), because some programs that claim to be spyware removal tools actually install their own spyware. Use only reputable anti-spyware scanning and removal programs. In addition to using these tools, there are ways to guard against the installation of adware and spyware. Be careful about installing free software, and always read the entire End User License Agreement (EULA). Configure your browser security settings to prompt you before downloading programs or controls or running scripts.
PROTECTING AGAINST UNWANTED E-MAIL
Unwanted E-mail, like junk mail in physical mailboxes, probably can never be completely eliminated. However, there are several things you can do to reduce the amount of spam you receive, including general spam protection practices, using spam filtering services or software, and using sender verification systems.
Unfortunately, physically securing your systems and network components is not enough. Although many intrusions and attacks originate internally, many others come from outside the organizations walls, over the Internet or through dial-up connections. Protecting against these threats requires special software or dedicated hardware/software combinations such as firewall appliances. Because there are so many different threats, there are also many different types of software security mechanisms.
PROTECTING AGAINST INTERNET INTRUDERS WITH FIREWALLS AND IDS
A firewall operates between your computer or network and the Internet, and examines the data that attempts to move through it. The firewall can be set up to block or to allow particular types of data. A firewall that protects a whole LAN is called an Edge Firewall, a Perimeter Firewall, or sometimes a Network Firewall. Firewall software that is installed on a single computer to protect just that computer is called a Personal Firewall or a Host Firewall. Windows XP includes a built-in personal firewall called the Internet Connection Firewall. When you install Service Pack 2 (SP2), this firewall is replaced by Windows Firewall, which has increased functionality. SP2 also turns the firewall on by default. If you do not have other firewall software installed or if a network firewall is not protecting the network, you should always have the firewall enabled on your Windows XP computer. Third-party personal firewall software is available for older versions of the Windows operating system.
“Windows Firewall in Windows XP SP2 is easy to access and configure through the Control Panel”