Sunday, September 13, 2009

Defense in Depth

Today in business protecting your information is essential. IT managers should be practicing defense in dept internet speed check secure their systems.

What is defense in depth? It is using multiple layers of security systems to protect or stop a attack. There are criminals, hackers, organized crime groups, employees and foreign countries trying to access or destroy data. There are many reasons why people do this. It could be used for identity theft, they can threaten to bring down a kasda website. They might want to take over your servers to launch denial of service attacks. Foreign countries, terrorists and competition might want trade secrets, or information on military information.

There are many tools attackers have ready to use. How do they get to this internet marketing jobs There are many vulnerabilities they can implement. Here are a few: Rootkits, Telekommalaysia exploits, buffer overflows, sniffing, session hijacking, social engineering, viruses, trojans, and key stroke loggers.

There are many tools that companies and individuals can use to help mitigate these risks. Intrusion detection and prevention systems can help stop and inform you that there is a possible attack happening. Firewalls and anti virus gateways can help to try to stop attacks and protect against viruses. The firewall must be checked for correct rule sets.Services not in use should have their ports blocked or turned off entirely. Denial of service defense software can be installed to help drop packets before they crash your systems. Your firewall can be configured to do the same.

Hosts in your network should be protected with anti-virus software, spyware removal tools, and personal firewalls.
If your data is really valuable consider hiring an outside firm to do penetration testing and application security testing.
Software updates should be installed frequently on a test server first and then put on your production servers.

Users on the network should be authenticated with a user name and password. The password should be difficult to guess and be alph numeric contain both upper case and lowercase. Passwords should be Full Rate Adsl on a regular basis. To protect information on your computers encryption should be utilized with encryption protocols such as DES, 3DES or AES. If you use remote access do not use Telnet Make sure that you are using SSH, or SSL with IPsec.

Users should be educated about possible security risks and trained on the companies security policy. System administrators should be backing up daily and checking their internet comparison for suspicious activity.

Benjamin Hargis Information Security Consultant

Phuture Networks http://www.phuturenetworks.com

All your void are belong to us

Updated Virgin broadband has started serving up advertising, instead of empty pages, when the domain you were looking for turns out not to be there.?lt;/p>

The power of collaboration within unified communications

No comments:

Post a Comment