ALL >> Computers >> View Article
Cyber Warfare
In these days of all-out combat in Afghanistan, terrorist attacks in New York and Anthrax in Washington, it's easy to lose one's perspective. I know I've become addicted to checking the major news web sites several times a day. I now listen to the news radio stations on the way to and from work instead of my normal rock and roll station. It seems like something might happen at any moment, and I want to know immediately.
Something that seemed to be mentioned in every IT related publication for the last year or so is the possibility of cyber warfare. This is the concept of attacking a country through it's information systems (specifically the internet).
Since the attacks I've seen the number of articles go from a few per week dozens per day. Warnings about security risks seem to be popping up all over the place. It is important that these warning be taken seriously - it's time to wake up folks and get your systems locked down.
What could be attacked? Just about every company has an internet connection these days. Many of those companies do not have good security, as is proven by the recent Nimda and Code Red outbreaks, as ...
... well as numerous penetrations by hackers.
If you are an IT manager you probably need to ask yourself some important questions to be prepared for the possibility of attack. In fact, it is your patriotic duty to be sure your systems are safe and secure. To do otherwise not only puts your company in danger, it actually threatens, even in a small way, the security of your country.
Does your organization really need to be attached to the internet at all? - This is the first question to ask yourself. I know it seems like every workstation at every company must be attached to the internet, is it really necessary? Does it add to the company bottom line? For many companies, the answer is yes, for others no.
Is the information that you provide to the internet community appropriate? - This question has come up on a large number of government and utility sites. Is it really necessary, for example, to include a map of a power plant? I know this might seem useful to, say, schools for educational purposes, but it may also be even more useful to terrorists and other evil-doers.
Is your backup and archive strategy sound? - The most important single task that you perform is backups. Do them regularly and check the data occasionally.
Are your password policies good enough? - The weakest link in most security schemes is the user and his or her passwords. If your management will allow it, make sure your users have long, complex passwords which they change regularly. Enforce best practices with their passwords.
If your front line security adequate? - Have you got firewalls installed? Regardless of whether you've got a home computer or a hundred million dollar complex, you'd better install a firewall if you have not done so already. A hardware firewall is the best solution, but a software one will do for a home system if money is tight.
Have you defined a DMZ? - If you manage a network for a company, you should reexamine your firewall strategy to ensure that you have a proper DMZ. What is a DMZ? To simplify it a bit, it's a way to protect your application servers even if your web servers are compromised. You have your core application systems behind a firewall. On the outside of that firewall you place your web servers. Then to protect them you put another firewall.
Is your virus protection adequate? - If you haven't installed antivirus software by this time, shame on you. It does not matter whether you run a network of ten thousand computers or a cheap home system, you'd better have this basic application not only installed, but regularly updating.
Is your system patched properly? - All vendors release software with bugs. It is the responsibility of all system managers to periodically review operating system and applications patches and releases and update them as needed. Remember, even the Apache web server is ridiculously insecure if not properly patched.
Are you educated on security? - If you haven't already, look around and find some books, classes or information about security. Become educated as fast as you can. Once you understand security, then propose, plan and implement what you have learned.
Do you perform background checks on IT related positions? - All new hires into IT should have thorough background checks before they are hired. You should also check the backgrounds of all of your IT consultants. It's best to know who you are hiring before you hire.
Is your user community educated about security? - Perhaps one of the best tasks you can perform is to educate your users on good security practices. Emphasize the reasons why security is important and how it protects your users. I usually stress that security penetrations are a direct threat to their employment. Spend some time explaining and demonstrating how social engineering works - this is the number one way break-ins occur.
Do you have a working disaster plan? - To be perfectly prepared, ensure that you have a working, tested, debugged disaster plan ready at all times. That way if for some reason your primary systems are rendered useless you can still have a running company.
Is your security plan confidential? - The less information you have available to evil-doers the better. Keep any information about how your systems are secured confidential - treat it on a need-to-know basis.
Remember this important fact. As of September 11th the United States and all of the free nations are in a war. And when your country is in a state of war you had better be prepared to be attacked. It's the only sane thing to do.
Richard Lowe Jr. is the webmaster of Internet Tips And Secrets at http://www.internet-tips.net - Visit our website any time to read over 1,000 complete FREE articles about how to improve your internet profits, enjoyment and knowledge.
Add Comment
Computers Articles
1. Rental Management Software: A Complete Solution For Car, Property, And Coworking SpaceAuthor: RentAAA
2. The Ai Revolution: What’s Coming In 2025
Author: Ben Gross
3. The Rising And Falling Trends Of Graphic Card Prices In 2024
Author: Alahdeen
4. What Is Test-driven Development And Which Three Rules Does It Follow?
Author: Byteahead
5. What Is Web Application Architecture?
Author: goodcoders
6. Understanding How Wifi Works: The Wireless Connection Process Explained
Author: Kr
7. What’s Coming In Cybersecurity For 2025?
Author: Ben Gross
8. Hire Magento Expert In India
Author: Yuvraj Raulji
9. Discovering Everything About C15 Power Cables
Author: Jennifer Truong
10. Want To Get Long-distance Power? Time To Grab Extension Power Cords
Author: Jennifer Truong
11. Best Android Development Tools To Use
Author: Best Android Development Tools To Use
12. Choosing The Right Kansas City Web Design Partner For Your Business Success
Author: naviworld1h
13. The Importance Of Choosing The Right Kansas City Ecommerce Developer And Logo Design Expert
Author: naviworld1h
14. Top Mobile App Companies And Developers In Kansas City
Author: naviworld1h
15. Boost Your Business With A Leading Web Design Company In Kansas City
Author: naviworld1h