15 Aug You Think a Firewall and Anti-Virus Are Enough?
Why do I care? I am not worth hacking!
What precautions have you taken to ensure the security of your personal computer or your company's network? Holland IT, a computer network security firm, offers innovative solutions to the challenges of securing your data, your network, your money and your identity.
You think a firewall and anti-virus are enough? Think again! Anti-virus and a firewall are just the tip of the iceberg! If you have seen the AOL advertisements on television, you know there are worse things than your hard drive making a sound like a yeti! On a personal level, if you are even slightly concerned about a third party obtaining anything on your computer, then your first step is to take a moment and figure out how vulnerable you are. The same basic process applies to a corporate network.
Keep in mind that being connected to the Internet is a bit like stumbling down a dark alley wearing a shiny gold Rolex while you are drunk. Rather dangerous – who knows what is around the next corner! You may end up on the Channel 5 news. Would you risk it, considering how hard you've worked on building your company?
You have a firewall (maybe many!)? Sure, better than no firewall. But you do have holes in it, right? I mean, your e-mail goes through it, you can surf the Web through it, send files right through it. Are any of your people using Instant Messenger? FTP? SSH? Any MP3 servers, WEB servers, WEB e-mail servers anywhere in your network? Your wireless data is encrypted, right? Every vulnerability in every operating system or program you have on every computer in your infrastructure has been patched, right?
Think "proactive" to avoid attack or extortion
At the risk of sounding overly dramatic, computer network security has to be more proactive and not reactive. In a recent survey, Orange County was well below the national average in secure computer network standards. Public companies have no choice but to comply with Sarbanes-Oxley, but what about the privately held companies? Are their systems immune to hackers, worms, viruses, spam and spyware? System security is a highly complicated subject – no one knows everything, especially overworked, stressed out IT persons! But with the appropriate tools and the right procedures and safeguards in place, a hacker may select an easier target to attack or a less proactive company for extortion.
Home computer vulnerabilities
Some individuals are worth hacking, although less so than companies. Thieves can use your connection for criminal activities, send spam, store copyrighted data for illegal distribution, steal your identity or money, and wreak havoc on your credit rating. If you have wireless in your house or home office, your information is easily captured. If you have any connection to the Internet, you can be hacked. If it's broadband, DSL or cable, you can be hacked at any time, even when you are sleeping or not home, and your connection can be abused – firewall or no firewall. If I were a spammer, I wouldn't use my own connection – I would "borrow" yours!
Impact on your business
If your company relies on the Internet for business, just imagine the impact if your connection is locked up. Every time you switch it off and then back on, it's still locked up! It's called a DDOS (denial of service) attack – what are you going to do about it?
Has someone published vulnerabilities to gain access to your systems? A resounding "Yes!" Welcome to the World Wide Web, where all information is available if you know where to look. Although real hack attacks are actually rare, they do happen. The most common hacks are from within, ex-employees or employees with something on the side, but the net result to your business is the same.
Why do most hacks go unreported? How would your customers feel if they knew your network was compromised? Anyone with money or confidential information in his or her systems is a possible target. In 2004, hackers got away with an estimated $ 800 million and that is surely only a fraction of the true amount.
There are even worse things than theft to deal with. Former CIA Director George J. Tenet said recently, "Telecommunications -and specifically the Internet – is a back door through which terrorists and other enemies of the United States could attack the country, even though great strides have been made in securing the physical infrastructure. The Internet represents a potential. Achilles heel for our financial stability and physical security if the networks we are creating are not protected. " (Washington Times) And we have not even talked about viruses, worms or spyware.
Initial course of action
A recommend initial course of action would be for everyone to take time to download the FBI CSI file on Computer Crime from http://www.fbi.gov , study it, and take a look at what other companies are doing to secure their infrastructure . Maybe you can wait; maybe your infrastructure will be okay. But think about why you have car insurance. If it were legal not to have it, would you do without insurance? Attacks and ruined computer networks are a very real problem that cannot be ignored. The solutions are out there – talk to an expert today.
SIDEBAR SIDEBAR … if you are even slightly concerned about a third party obtaining anything on your computer, then your first step is to take a moment and figure out how vulnerable you are.
At the risk of sounding overly dramatic, computer network security has to be more proactive and not reactive.