How to stay secure?
We hangout with laptops and smart phones on a daily basis. Every right implies a responsibility. Every opportunity is a possession of an obligation to the form of obligation. One is in charge of the security of one’s own laptop and smart phones. In the dynamic world of digitally encoded electronic transmission of mass communications through storage and processing power of computers, changing face of internet and fast-paced computer programming creates limitless space for hackers to promote nasty works. No computer system can be secure. On the contrary, a system with high security makes a paranoid situation for users. Computer is designed to cut down lagging time in day-to-day operations. The popularity of mobile devices has created a brilliant line of hackers. What should be a seamless approach to get rid of viruses from your PC and smart phones stroked with malwares? In this article, we will figure out how some simple lessons one can learn to destroy viruses, Trojans, spywares, key loggers that do not need administrator privilege of your PC. Do not get lured to different tactics of malwares and other nastiest of internet. It is best to be securing than sorry. Your computer needs preventive health care.
Preventing infection is better than post infection scenario. One just has to move beyond traditional security to modern security set up.
Before advent of “Windows Defender” from Microsoft, users have traditional security measures on their PC and smart phones. It is free at genuine version of Windows. It is a multi-layered security set-up. Most folks protect their PCs by using multiple signature scanners based on anti-spywares, anti-viruses, anti-Trojans, anti-root kits. For most folks, the cost factor associated with anti-malware suite is beyond purchasing. According to many security experts, multi-layered security could not be better than single prolonged approach of security. Multi-layered security does not provide additional level of security. It is heavy on system resources. Many-a-times some definition modules collide conversely with different definitions modules to stop all layers of security parameters. It results in a blue screen of death (BSOD), destruction of critical boot files and computer stops response. Multi-layers of security pose heavy costs in terms of financially as well as performance and health of your PC. It creates complex security architecture and can delay launch of application on to your PC. There is no such theory as 100 percentages of protection. A good antivirus suit can only manage utmost 90 percentages of PC security. Multi-layer security increases processing level of the central processing unit (CPU) to a critical level so that slowly it will gradually reach towards law of diminishing returns.
What is wrong with multi-layered security?
In a multi-layer security, an aggressive security product of a particular layer can overlap and attack security of an additional layer, resulting curfew within existing security products. Renowned security products from renowned security vendors can resist rogue security applications and self-protect to survive these eminent attacks. Sadly, but true more and more advanced methods are developed by hackers in which they are able to turn off existing security products. Microsoft began collaborating cooperation among diverse recognized security vendors to create a cohesive unit of security products with timely updates in order to overcome the presence of hackers. Now, it is clear, no security product is self-sufficient and for this it is better to take a preventive approach to security with moderate computing practices. If someone is deliberating browsing malware ridden websites with a security suites, then do not provide that security programs to resist termination. Rarely, security programs can catch hostile agents.
The world of hackers:
The world of hackers is treacherous but fascinating, but it is the worst situations for ordinary users who are mostly ignorant of safe computing practices. This article is a matter of safe computing practices which is better practice of employing multi-layer of security. Hacker is faceless with attitude of trespassing computers. It attacks your computer from a far away unknown distance and intrusion without your permission. Hackers chose to operate from a land which has no legal liability and restriction. They are code-jockeys with a miracle bit of programming expertise. Hackers have not always been bad people. There are white-hat hackers who boomerang vulnerabilities and exploits of a computer with the same fitting precision reply to attackers. They can detect the exact location of black hat hackers and can reverse-engineer the same hack to hackers. White hat hackers are used in governmental as well as private enterprises to investigate vulnerabilities in data center and find security vulnerabilities and suggest critical patches to secure the system from zero day vulnerabilities. They fight with black hat hackers and just try to minimize the risk of exploitation from them. That is why; white hat hackers are called ethical hackers.
Black-hat hackers gain sufficient administrative privilege to enter into vulnerable enterprise system and control entire administration from remote. Black-hat hackers are called “crackers”. They spam mails, steal classified documents, gain administrative control over network computers and smart phones, snoop around inbox and social networking accounts through the process of electronic civil disobedience which has altruistic motives.
Android as smart phone operating system:
Android as smart phone operating system, become immensely popular within the shortest possible time that attracts hackers to lurk into your mobile operating system and steal valuable data as well as your online identity. Few years back, “DroidDream”, an android malware existed at “Google Play Store” formerly known as “Android Market”. Since then, Google has comprehensively changed application introduction policies of “Google Play Store” with a virtual platform of testing of apps. Since introduction of “Android Jelly Bean”, all application runs within a virtual environment which runs parallel with android operating system, which is critical of security of system files of Android. Android is an open source Linux operating system well supported by Google. Rogue applications, spywares, malwares and application with privacy threats are fired from “Google Play Store” entirely.
Major antivirus vendors offer mobile antivirus for android. Gone are the days, when mobile antivirus drains batteries completely. They stopped to web based., malwares, phishing and scams, drive-by-downloads, browser hijacking. Some major network threats reach due to multiple network capacity of innovative smart phones. They have provision of tethering, mobile hot spot, direct Wi-Fi that can slow down data transfer within Wi-Fi traffic. Not only, it incurs financial loss but also complete loss of all isolated and classified data.
Few suggestions on Android mobile security:
1. A Google account with Android lets you organize and access contracts and synchronize and back up everything. It allows you anywhere access control, keep your stuffs secure. With this account you can automatically use other Google services such as “Google Play store”, “Google Books”, and “Google Music” and so on.
2. Set “Screen lock” on your android device. The screen locks when your phone goes to sleep. If “Day Dream” is enabled, screen lock does not work.
3. You can encrypt data on your phone. It is irreversible. It provides additional protection to data when your phone is asleep or stolen.
4. Encrypt external SD card. It will ask the password that is required to decrypt the device each time you change it on.
5. “Set up SIM card lock”, to receive SMS (short message service) to receive SMS notification to another number when SIM is changed. It will charge normal SMS cost.
6. Do not grant “Device Administrator” in “Android Device Manager” to unknown apps. When a phone is lost or stolen, through “Android Device Manager” it can be locked remotely or entire data can wipe out from device from web representation of “Android Device Manager”.
7. Do not allow installation of applications from sources other than “Google Play Store”.
8. “Verifies Apps” functions warn users before installing applications that may cause harm or damage-device.
9. Use trusted credentials such as CA certificates or internal installed certificates from the device manufacturer.
10. While installing a new application carefully reads “Application Permissions” of device.
11. Android as an operating system is expected to be very secure. It opens up source Linux mobile operating system. Android operating system trusts you the user and the community of developers.
12. Android offers you a lot of power and with power comes responsibility.
13. Android works with multiple layer of defense, starting from “Google Play”, “unknown sources”, “install confirmations”, “Verify application warning”, “Run time security checks” and finally the newly introduced “Sandbox and permissions”. Android has multiple layer of defense to protect against malware incursions.
14. Android has defenses to be protected, not your data. It is preferable to implement cloud-backup solutions from Google or other third party cloud services.
15. Do not install anything and everything from anywhere and everywhere.
16. Keeping your data safe can be more about taking common-sense steps to minimize data loss risks.
17. A review of one star rating in “Google Play Store” is a sign of something wrong. Do not install that application from “Google Play Store”.
Safe computing practices:
Internet resides within web browsers. An outdated and vulnerable web browser can make your entire computer susceptible to web. It is a gateway to the Internet as well as to worms, hackers. It is still a nice idea to use updated web-browser. With it, you will be in a position to protect your data, privacy and security and consciousness. If you are running Adobe Flash, you should modify “flash player setting” and disable third party flash cookies. Flash cookies never expire. It continuously resides inside system setting. It sends anonymous browsing behavior, internet usages statistics and basic computing practices to concern website. It is better to live without “java”. Uninstall it from computer. In Windows 8, go to “charms menu” by going to lower left corner of desktop and click on “search” icon. From their search for “nPDeploy Java1.dll” and removed it from system drive (generally Drive C). After inactivation, “Java” leaves these files and this can cause its identity theft.
1. Keep Windows and MS Office completely up-to-date by applying the latest fixes from Microsoft Update-Service.
2. Ensure that you regularly update third party applications, web browsers, Java and Adobe Flash.
3. Recently, Microsoft Windows, integrated updates of Adobe products in its cumulative updates. Turn “automatic updates” to automatic to receive these updates as soon as Microsoft releases it from its server.
4. Stay away from malicious sites which offer commercial software for free, key generators and other packed materials.
5. Avoid accidentally logging into hostile sites by installing “WOT” or “AVG Link Scanner”. These are the free browser plug-ins.
6. Download files from trusted sources. Scan external media through free online signature scanning service like “Virus Total” or “Jotti”.
7. Install a good firewall. It serves to protect against worms and hackers. You should not turn off “Windows Firewall”. It will keep your PC safe from vulnerability of worms and hackers.
8. Before allowing an application to receive information through the firewall, do not forget to understand the inherent risks involved in it.
9. Windows 8 has built-in “auto-run” disability function.
10. Use Windows 8 with a standard user account.
11. Enable Windows 8 Family Safety for a standard account. It controls website that users can access online. Set it to “Online communication” in web restriction level. In this segment user can view websites of general interest, social networking, web chat and web mail categories. Adult sites are blocked. Administrator can edit “Family Safety” to “block file-download”.
12. Turning on “web restrictions” with “Windows 8 Family Safety”, automatically turns on “Safe search” setting of Bing, Google, Yahoo and other popular search-engines. In this way malicious websites are blocked while searching on popular search-engines.
13. With a “standard User Account” on Windows 8, one can run Windows with limited user restrictions. It runs all high risks program with limited rights. Programs with limited rights are handicapped to change basic system settings.
14. It is a bright idea to prevent malwares from entering your PC. Standard account of Windows 8 reduces privilege of programs which seem a workable solution for most users.
15. If one has wired connections, it is best to purchase a physical firewall. Router is better known as a physical firewall. It is preferable than a software firewall. Hardware firewall does not consume system resources. It works beyond computer.
16. Image your main drive to an external back-up drive.
Enterprise computer security policies:
In the last decade, use of personal computers has expanded exponentially. Due to the advent of this technology, there are huge gains in productive capacity of employees. The principal aim of a reliable computer system is to control access of users in relation to the release of data. This process is a correlation between subjects to objects. The security policy aims at managing a set of rules related to general goals and objectives. The computer security policy creates defined determination of organizational policies to streamline different ways of accessing of data. A static and a comprehensive security policy must interpret general policies accurately. It must stick to laws and regulations and generally acceptable standards unequivocally. Confidentiality of policy states that administrators have a right to observe classified documents of the organization. Integrity policy refers to the amount of quality of data saved to the computer. It should reflect statistics of people. Data mining must be in accordance with proper distribution and management of data. Unorganized datum means wasting of infinite degree of information. Integrity policy must reflect a considerable amount of research activities which should provide proper information management inside core wings of the organization. Properly authorized officials with a high degree of integrity should be located in a position to access data with considerable sense of security. Due care must be provided to ensure the physical as well as manual safety of data. All these should give proper security management among all these people of the organization.
Unauthorized persons should not trespass data of an organization. Organized unauthorized access of eccentric individuals can slow down the entire server and the actual user will find it difficult to log in when it is necessary, due to the extra load of shedding of server, which could break the entire network architecture of an organization. Availability policy of computer security makes a time frame within an organization where curfew of server time and time available to users is properly cared for. This reduces extra load on server times as well as it sets up a sense of fitting safety through software restriction policies. In this way, it should cater to the basic need of computer users by providing them absolute time when it matters the most as well as providing users the most essential part of clean computing where as public as well as loading capacity on different third party vendors can be restricted. Proper management of server can give a complete full proof security to server which would not be bogged down through perpetual virus attacks as well as continuous security vulnerabilities.
In theory, there is infinite difference between computer security policies and related theories attached to security management of computers. Principles are configured for inclusive accepted standards of conventions which are nearer to a proper set of policies. Security mechanisms are established from a predefined and designated set of security principles. It all goes through the set of inclusive standards of accepted principles which are almost practical and apt to serve basic tenets as well as respectable understanding of organizational security principles. These mechanisms are originated from individual as well as collective behavioral aspects of organizational principles. Security principles create “access control” which prohibits illegitimate access of unauthorized users and also access to authorized users in non-specified time intervals. There are two forms of “Access Control”; administrator and standard user. Administrator has right to access into unforgivable “Capability”. “Capable” is an incontestable proof of authorization. Here, administrator can over see entire functionality and can stream line all set of events into actions by sending proper and inconceivable management of delimitation of powers to standard users. Generally, in a complicated organizational networking environment, many sets of interconnected nodes have different access rights to different individuals at different time interval, which can clutter all those access rights of users by clogging them into a set of “Access matrix”.
Access matrix and least privilege mechanism:
“Access matrix” is not a real time behavior of computer security principles. It is a virtual representation of all access rights which are many times cluttered with each other through the principles of veins inside the formation of mind. It has numerous sets of independent yet dependent set of control mechanisms which can control and delimit other set of actions and access controls. Administrators have access rights to properly manage all these actions with similar and prudential back end servers. It could create a huge amount of memory usages due to flow of large amount of access-requests all around organizational security network. This creates the concept of “Access matrix” which distributed a different set of access rights and stops heavy users from stopping all other network-connectivity. Security policies of organization do include physical security of network server as well as functional safety of this Server. If it is not been controlled, in the long run constant heavy requests from a different set of users through access points can destroy hard drives of Server. It creates typically predefined structures from the existing norm of organizational security policies, which are popularly called as “least privilege-mechanism”.
SAP:
System administrator in an enterprise is called as “subjects”. Standard users to whom administrators distribute and delegate access rights are called “users”. Subjects have the right to delegate and restrict power to users. When that management comes down to user level through the process of delegation and restriction parallel focus of administration comes to light. It is called “special access provision” (SAP). SAP is a part of “least privilege mechanism” (LPM). The principal point of action here is to control access rights of millions of users. Access-matrix shows them as the account is not there and it behaves to users as if existence of particular email account is not there, but it is there inside deep “user setting” of administrator and can only be accessed by user through correct “user name” and “password”.
2-step verification:
Further with due course of time hackers through the process of social engineering able to detect “user name” and “password” of users and then can indict continuous log in to unstable network server. Google updated organizational security policies to a newly introduced and conceived “2-step verification”, process. It is a security of your mail as well as on Google server located in an undisclosed locations. This security process involves the presence of hardware which in turn asks hackers to log in from that same hardware such as computer or smart phone to log into mail or other Google services. It is easier to hack into software security system which has a virtual presence. With “2-step verification process” Google ensures the presence of reality such as hardware to be logged in mediums and this out rightly obstructs hacker’s attempt to “brute force” user Accounts. User has one more security option to protect and safeguard personal information. When the bad guys steal your account’s password, they could not lock you out into your account as they will require authentication code from your phone.
“Realm of knowledge” is always secret for functional reasons and it differs from person to person. Man is a rational animal. Its mind differs from situation to situation. Like five fingers of us are not same, the similar happens to different personalities. Network security of enterprise deals with “realm of knowledge”. These are classified and secret documents of organizations and access rights to these documents are extremely limited. Even these secrets are being kept with fewer people and from generations these secrets have never ever been shared with outsiders. Computer helps us to stay connected with modern world. Web browsers, help us to log into the Internet world. Computers are fast becoming personal assistants of us and it is needed in day-to-day activities. Most of the time we tend to depend upon smart phones and computers all over the time and want to be connected with rest of the world. We trust them more than personal assistant and save most of the data and private information and want to believe it always be safe and stays secure.
It is pertinent to have a secure smart phone and computer environment in order to save important data with outstanding private care. According to statistics, the use of internet with smart phone devices has doubled within a year and this goes on to show how people are smartly using internet for smart phone devices to back up all of their information into cloud. In this way, if attackers have access to your mobile and erase all data, still you can regain control over all data through the process of cloud and can download and retrieve all of these data easily. With the latest update, Google Photo can now back up all videos stored inside phone and this will create a complete back up of all of your multimedia contents. In this approach, hackers will not be able to gain advantage of unsafe computing practices and vulnerabilities in a secured and patched environment. They cannot implement and inject malicious codes through the process of reverse engineering to leverage point of attack through spreading of distinct layers of malware invasion.
Infamous Conficker malware attack:
One of the worst malware attacks in the annals of the Internet is the infamous “Conficker” malware attacks of 2008. This malware spread in each nook and corner of the world and affected millions of computers. It spread to many computers and many home users as well as enterprises and networks got affected with this worm. It benefited from the advantage of Windows to gain control of its administrative privileges and installed small files to complete control of computer. It disabled auto run as well as in built antimalware in order to create a safe environment. It captured the home network and by using bandwidth of one computer it affected a different set of computers and slowly it created its network all over the area within a few seconds. It disabled automatic updated and changed system time in order to avoid “day-light saving time”.
This infamous “Conficker” worm spread across the internet, due to ignorant users who had not practiced safe computing practices. There are no shortcut rules and there is no security software or security policies which will cut short worm attacks on computer networks. It should be a cumulative approach of safe computing practices coupled with a strong sense of observing a decent knowledge about operating system in which you are dealing with can prove to be a strong point to fight it out with worms and other related malware problems. Slowly, with all these necessary awakening proper establishment of security as well as safety practices, home and network computers will soon be full proof from all nasties of internet. Internet is not a civilized world. It is a world of jungles coupled with anarchy and indecency. There is no way one can establish the law in these locations. Internet runs beyond boundaries. There is no way one can sketch country specific limits to it.
Proactive protection:
When we search something on Google search, the server can be somewhere at the North Pole in an undisclosed location where even many people from Google know it. So, if India makes a law that only those websites which are located in India should be accessible by citizens of India, proves to be a mere fallacy. Many website are hosted somewhere but they run at some other places. For this in order to control the Internet is a very difficult subject. Users have to be aware of these misconceptions and outlandish behavior of internet. Once you are connected to internet thinks that you are entering into a deep jungle. Internet is not a place where democracy and rule of law associated with it. For this one has to be better equipped while entering in these deep and dense rooted jungles. You cannot guarantee even if you are well equipped with all these safe protection to be safe after entering into it. Similarly, you cannot guarantee of safety and security of data after connecting with internet. Someone could argue they have anti malware and other forms of modern layered protection and they will not be afraid of such imminent dangers. If they think so then they are at the wrong way and with which they have to think of proactive protection.
Only humans can perform proactive protections. No security suits would do about it in the wildest stretch of imagination. The internet is a network of networks and it is impossible to know the exact location through which a computer is connected with. If that server computer which you are connecting with for internet browsing is full of malwares then for sure you are being affected with such malwares if you are not practicing safe computing practices in the truest sense of mind and heart. Here, are few guidelines to observer to secure your personal computer.
How to secure Windows 8 PC?
1. If you are Microsoft junkies, do not forget to get Windows 8. It should be your clear choice and be sure to obtain the 64 bit version of it.
2. Have a motherboard that supports secure boot. Secure boot remove “boot kit” malware. This malwares removes boot-files and makes computer unbeatable and corrupt. Run “Windows Powershell”. It is an alternative command prompt for Windows. Type “ConfirmSecure boot UEFI” (without-quotes). If the result of command prompts comes to true, then it is confirmed that “secure boot” is working on computer.
3. Microsoft is encouraging hardware vendors to enable built-in security-booting for computers. It will lock out malicious “boot kit” codes which are developed with Linux computers. Microsoft is locks such hacked computers remotely and encouraging hardware developers to manufacture safe boot hardware to remove this dangerous root kit permanently.
4. Windows 8 supports, newly introduced technology namely, “supervisory mode execution prevention” Central processing unit (CPU). It initiates data execution and Prevention (DEP) in hard wares. It is better than software DEP and it creates safe CPU and stops buffering data overflow in order to prevent destruction of the hard-disc drive, RAM and CPUs.
5. In other versions of Windows 8, a good encryption mechanism known as “Bitlocker” is available. It is a new incarnation of software restriction policies. It is available with Windows 8 Pro versions. Windows 8 home edition users should download “enhanced mitigation execution toolkit” (EMET) of Microsoft. It is a free tool and a default option of it is very good.
6. Microsoft has improved “Sign-in” options for Microsoft Windows 8. Consider adding secondary log-in options of “change-pin” or “to create a picture-password”. That helps you to take password security practices to a top-notch security levels.
7. Windows 8’s picture password is an innovative way to preserve touch screen personal computers. When you hit the touch screen, combination of circles and gestures becomes part of your picture password.
8. Use “standard account” of Windows 8 for daily tasks and internet activities. It removes all traces of internet after restart. In this way, even if a malware is installed, it is removed after restart.
9. Use a router (hardware firewall) to restrict and manage network access. It is a hardware firewall and works better than a software firewall. Router works effectively with a broad band and semi broad band connection. It does not do anything under dial-up networks.
10. Change factory password of the router. Use a secure password which is long coupled with complex characters. Time to time checks for security and cumulative updates of the router to set up security patches.
11. Use a modern “WPA2 encryption” instead of “WEP” or “WPA” encryption of Wi Fi protected access.
12. Turn off “Universal Plug and Play” (UPnP) feature of the router and computer.
13. With Windows 8, move the cursor to the lower left side of the computer and “charm” menu will resurface, from “search menu” type “Update”. From “settings” go to “Windows Update”. Set it to “automatically install updates”. It continues to check newer updates within certain intervals to make PC secure.
14. Uninstall unnecessary software which will keep personal computer safe from “attack surface” hacking. This is another form of “buffer overflow” attack which will unnecessarily fill up RAM as well as a hard disc place to make slow or sluggish computer. Slowly, it slows down the central processing unit (CPU) of the computer and if this state prolongs in the long run it can damage hardware and break computer to a stand point.
15. Delete all instances of Java, QuickTime, RealPlayer, Yahoo Messenger, unnecessary web browsers and software. By critically injecting codes of “attack surface analyzer” inside malicious software, hackers hacked into PC and steal personal information. Most of times, in Windows, Microsoft provides many software which can cater your needs completely. It is better to use less third party software so that danger lurking out of “attack surface” hacking will be minimal.
16. “Enhanced Mitigation Experience Toolkit” (EMET) is a free security utility from Microsoft. It works best with the latest version of Windows (Windows 8 and Windows 8.1). It optimizes existing application configuration settings. It adds an extra layer of protection for Internet Explorer, Word Pad, Microsoft Office, Adobe Reader and Oracle Java. EMET adds rules of “certificate trust” for Microsof. It enables reporting through “Windows Event Log”, “Tray icon” and “early warning Program”. It is not an obstructive program and it does not disturb users with continuous flash messages.
17. It is always advisable to install the latest version of “Internet explorer”.
18. Enable “User Account Control”. It is from Microsoft and it is skillfully integrated with Windows and it rarely advent to screen to ask for permission. Its configurations are nice and in its default setting it works best.
19. UAC of Windows 8 creates a virtual file system, registry virtualization and protected mode to secure critical system setting from intruders.
20. Windows 8 has a new anti malware program known as “Windows Defender”. It is rebranding of “Microsoft Security Essentials”. It is now installed with Windows 8 as “Windows Defender” and it is a proactive security suite runs in background and windows update keep itself up-to-date. “Windows Defender” is now free for home users as well as for small businesses to use up to ten computers.
21. Apply safe computing practices by recognizing fake website versions of popular websites such as face book, twitter, E bay, paypal and do not click-through these websites. Do not provide personal information and identity in those faked version of popular websites. In this approach, you can alter every possible phishing attempts from hackers.
22. Back up your data regularly. Buy a good external hard drive and connect with Windows 8. It has built-in mechanisms to attest third party external hard drives. Turn on “File History”. It saves copies of your files so you can get them back if they are lost. It cans safe copying of files every hour in default setting. It is fast and does not consume huge system resources. It keeps offline cache to create a series of synchronization between computer and external hard drives. It creates an incremental backs up of the entire hard drive of the computer.
23. Windows 8 has dual schizophrenic graphic user interface (GUI). One is age old desktop and the other is infamous “metro style”. In “metro style” GUI, Internet Explorer 10 (IE 10) works with “enhanced protection mode” (EPM). EPM is a standard protection mode of a website in which all entry points of malicious attacks and hacking attempts are eliminated before the website loads into IE10.
24. Adobe reader is well known for leading portable documents. It is equally a honeymoon place for all attackers and for ages it has been continuously targeted by attackers to enter into persons computers. Windows 8 has a built-in security “PDF reader”. It runs in “metro style” GUI. It is always a better idea not to install “Adobe Reader” in “Windows 8”. One should use default “PDF reader” from Microsoft.
25. There are many ways to secure “Adobe PDF reader” and run it in “protected mode”. Javascript setting of “PDF reader” may be disabled to stop malicious-codes. First install the latest version of “Adobe PDF Reader” from Adobe's site. Then open “Adobe Reader” and then to “Edit”, then to “preference” and then “untick” JavaScript. This is a per user setting. Then configure “security, (enhanced) ” and override protected views to put additional limitations of “Adobe reader”. Protected mode is same as standard user account of Windows 8. By opening protected mode of “Adobe reader” in the standard account of Windows 8, you assure a perfect secure computer.
26. It is always a nice idea to go for “2 step verification” for Google products. Most of Windows users connect to the Internet and use a Google search or use Gmail and other Google services such as YouTube and Blogger.
27. Beware of shoulder surfing. Even a strong password from “biometrics” configuration can be hacked from persons who are watching you from behind.
28. Most we-browsers are almost secure. They get regular security updates. Browser add-ons are mostly dangerous for security of browsers.
29. Purchase computers from a well-known hardware vendor. Use a good firewall. Firewalls are like virtual police to enforce security inside environment of operating system.
30. You may be given to a full disc encryption (FDE) laptop. Your computer and data will be protected even if you have been defeated.
Importance of a written security policy in an enterprise:
A well-written security policy of an enterprise advises members to continue within certain specified parameters. It helps law enforcement agencies to investigate disciplinary standards and monitoring systems consistent with industry’s normal to detect and prevent various security violations. It requires authentication of users, authorization to grant privilege access, data privacy and data integration, non-repudiation, security of servers and evaluation of return on investment (ROI). Provisions for ensuring access to administrative control include the process of authentication, privilege access, automatically logs out of unattended computers and detecting of discrete connected computers inside the enterprise network. Strong password policies for all accounts to secure access control mechanisms of computers. With the widespread use of internet, you may want to restrict users from uploading and downloading of files. Stops support from anonymous file transfer protocol (FTP) and use of secure socket layers (SSL) all across the organization for data encryption. It stops users to exploit existing networks to send important files to different locations. In an enterprise network, paramount importance is network security. Most communications and sharing of information across networks are achieved through high speed internet. Importance of written security policies ensures implementation of robust security policies all across organizational networks. Here, are a few suggestions.
1. Configure firewall to permit pre-configured security websites.
2. Block non-authenticated Telnet logins and automatic ping queries.
3. Emphasize the need for strict access control and assign responsibility to staffs in bright cut directives.
4. Virtual Private Network (VPN) pass through solid encryption to remove information related with privacy and data integrity.
5. Every standalone computer networks must pass through appropriate authentication techniques.
6. Modems of corporate networks should not be connected directly with networks connected with workers. There should be a sharp line of separation between those two networks.
7. Ensure proper physical security to computers with proper security cables and locks to prevent stealing of computers.
8. Attach computer system alarm and close circuit camera inside server rooms.
9. Train employees to be aware of shoulder surfing. Train them to use long and secure passwords as well as never leave computer unlocked.
10. Place the server in an access-controlled room.
11. Isolate all network infrastructure systems which include routers and firewalls and implement genteel code of least privilege access to all units of enterprise network server.
12. Maintain audit trail logs files to scrutinize unauthorized activities.
13. Install software such as “Network Monitor” and “Intrusion detection system” (IDS) on the computer to enable a vigilant watch on network behavior and activities.
14. A proper contingency planning that includes quick time to reach normal functions after imminent disaster. A proper disaster recovery plans should be available to nullify the effects of server down time.
15. Vital e-commerce circulars and documents should be incrementally back up regularly to external hard drives. Those hard drives should be kept in a sheltered and isolated place other that place of these physical servers. Physical protection to back up server must be given in accordance with industry’s standards.
16. Test drive disaster recovery plans annually, and check its shortcomings and if found something negative updates critical vulnerabilities with security updates and critical policy decisions.
17. Strong disciplinary actions on fraudsters within staffs including suspension, termination of contracts or criminal prosecution of revoking public security policy documents.
18. Train and communicate each segment of security policy of your organization to staffs and implement good marketing methods to distribute security guidelines.
Scope of computer security policies:
Implementation of good security policy lead can safeguard strong financial losses, protect intellectual property rights. It enhances competitive advantages over immediate competitors. It helps to avoid unwanted litigation. Organization security policy is a dynamic document. It has to be keeping on evolving and changing according to changing time and circumstances. Therefore, it is imminent to reassess and revaluate security policies to counter new security threats arising from different strategic shifts of organization. Here are some suggestions about the scope of computer security policies.
1. Corporate security policies go through the process of security assessment, project consulting, implementation and future developer support.
2. Create robust guidelines for constructing password rules, devise session time out parameters, and construct a well-balanced security policy for implementation of organizational guidelines.
3. Access different risks involving denial of service (DoS) and security attacks on network computers.
4. Make log files for system outrages and malicious activities.
5. Establish duplicate servers at unknown places and back up entire copy of server to it.
6. Avoid fraudulent phishing mails which are intended to steal critical data of an organization.
7. Enable remote device protection for smart phones and tablets used for authorized purposes. All major mobile operating system has built-in applications to enable remote device control in case phone gets lost or stolen.
8. Scope of organizational security policy is extended to work space, business space, enterprise space, hosted security services and total space security.
9. Periodical inspection on access control, device control, application control, vulnerability scanning, web control and content filtering to create a proactive mode of security.
10. Cybercriminals use social networks to steal personal security information of users. Post minimum subjective information in social networking sites like twitter, Facebook, My Space or LinkedIn.
11. Do not befriend with strangers.
Conclusion:
Crime is the dark side of society. Criminals have adopted modern techniques, in the modern world to keep up with ever changing technology. Anybody, who uses the internet, is at risk of becoming a victim. Arm yourself with the best antivirus package; utilize a completely updated operating system, latest versions of web browsers, and third party applications from a reliable and trusted vendors. The internet is a safer place to live in as long as we are equipped with the right equipment to avoid being a casualty. Idea of computer security is concentrated on data security and physical protection of computers. It relates to prevention of hardware damage, information theft and disruption of service. Computer security focuses on preventions of denial of service (DOS) and prevention of cyber-attacks. DOS is a temporary disability of performance reduction of computers when major hard drives crash with permanent data loss. Despite heavy technical advancement, most computer systems are not full-proof. Security is fundamentally problematic concept. Securing a system has traditionally become a battle of wits. Abusers, hackers and other perpetrators can secretly monitor your computer. Effective security cannot secure you from flawed procedural controls.