What is cyber security?
Cyber security is the practice of protecting computer systems, networks, and programs from digital attacks such as theft of or
damage to their hardware, software, or electronic data. These attacks are usually aimed at accessing, changing, or destroying
information or extorting money from users. There are many different types of attack such as viruses or worms; ransomware;
phishing attacks and there are over 300,000 new security threats being released into the wild on a daily basis, now more than
ever you need to ensure your protection is not only in place but up to date.
Implementing effective cyber security measures is particularly challenging today because attackers are becoming more innovative.
In the main, effective cyber security is tackled on three fronts.
The first (and most obvious) way to protect yourself is to keep the bad guys out. You wouldn't go out and leave your front
door wide open so why do it to your computers? A firewall is a network security system that monitors and controls incoming and
outgoing network traffic based on predetermined security rules.
Nearly everyone that uses a computer is sitting behind a firewall whether they know it or not. There are two main classes of firewall:
- Software firewall
A program usually installed to each computer designed to intercept, inspect and ultimately allow or prohibit the transmission of
data beyond it.
- Hardware firewall
A purpose-built device attached usually but not exclusively to a network between that network and beyond, (the internet for example).
These devices often offer more granular control; are more capable of handling a higher amount of traffic; are more powerful; free up
resources on individual computers.
A network may have several firewalls installed at various places within it, each with its own set of rules. For example, there may be a
publicly accessible area like a web server where anyone can visit; a user area where only logged on staff can visit; a management area
for managers and a top-secret product development area which is only accessible by the research team.
A firewall is controlled by rules which determine which network traffic is allowed to pass through it and which is not. Close monitoring
of both these rules and the firewall logs is essential to ensure that only traffic that is allowed passes through.
Anti-malware software is software that protects computers
from malware such as ransomware; viruses; spyware; and worms. It scans the system for all types of malicious software that manage to reach
the computer. An anti-malware program is one of the tools to keep the computer and personal information protected. It is designed to detect
and eliminate malware from the computer and warn the user.
You should monitor your anti-malware software regularly to ensure it is functioning correctly and always up to date. You should also
periodically perform manual scans of your system and if anything suspicious is found, perform an online scan with a product like
Trend Micro's HouseCall
Effective backup procedures
You have the tightest firewall rules in the world, your antivirus definitions are right up to date. Staff have been trained on dealing
with email attachments and safe browsing procedures. So, you are good to go right? Then you have a catastrophic fire or flood, you are
burgled in the night and everything is gone. You can replace the computers but what about the data on them?
That is where having an effective backup and recovery plan comes into its
own. It is said that when talking about security, there are two types of people; those that backup regularly and those that haven't
ever lost data through a computer failure or malfunction; robbery etc.
It is not enough to merely back up, you need to test the disaster recovery procedure to ensure that if the worst should happen, you can
get back up and running in the shortest possible time.
Effective password procedures
There is little point implementing all the procedures outlined above if you have little or no password security. If you use "password"
or "1234" as your password, it is fairly obvious that those can be guessed fairly easily. The following are general recommendations
for creating a Strong Password.
A Strong Password should:
- Be at least 8 characters in length
- Contain both upper and lowercase alphabetic characters (e.g. A-Z, a-z)
- Have at least one numerical character (e.g. 0-9)
- Have at least one special character (e.g. ~!@#$%^&*()_-+=)
A Strong Password should not:
- Spell a word or series of words that can be found in a standard dictionary
- Spell a word with a number added to the beginning and the end
- Be based on any personal information such as user id, family name, pet, birthday, etc
Some recommendations for maintaining a Strong Password
- Do not share your password with anyone for any reason
Passwords should not be shared with anyone. Use delegation of permission options. For example, Microsoft Exchange calendar will allow a user to delegate
control of his or her calendar to another user without sharing any passwords. Passwords should not be shared even for the purpose of computer repair. An
alternative to doing this is to create a new account with an appropriate level of access for the repair person.
- Change all your passwords upon indication of compromise
If you suspect someone has compromised your account, change your passwords immediately. Try to change your passwords from a computer you do not typically use.
- Consider using a passphrase instead of a password
A passphrase is a password made up of a sequence of words with numeric and/or symbolic characters inserted throughout. A passphrase could, for example be a
favourite quote or a lyric from a song. Passphrases have added benefits such as being longer and easier to remember. For example, the passphrase
"My passw0rd is $uper str0ng!" is 28 characters long and includes alphabetic, numeric and special characters. It is also relatively easy to remember.
- Do not write your password down or store it in an insecure manner
As a general rule, you should avoid writing down your password. In cases where it is necessary to write down a password, that password should be stored in a secure
location and properly destroyed when no longer needed. Using a password manager to store your passwords is not recommended unless the password manager uses
strong encryption and requires authentication prior to use.
- Avoid reusing a password
When changing an account password, you should avoid reusing a previous password. If a user account was previously compromised, either knowingly or unknowingly,
reusing a password could allow that user account to, once again, become compromised. Similarly, if a password was shared for some reason, reusing that password
could allow someone unauthorized access to your account.
- Avoid using the same password for multiple accounts
While using the same password for multiple accounts makes it easier to remember your passwords, it can also have a chain effect allowing an attacker to gain
unauthorized access to multiple systems. This is particularly important when dealing with more sensitive accounts such as your online bank account or credit card
accounts etc. These passwords should differ from the password you use for Facebook; instant messaging; web-based email and other web-based accounts.
- Do not use automatic logon functionality
Using automatic logon functionality negates much of the value of using a password. If a malicious user is able to gain physical access to a system that has automatic
logon configured, he or she will be able to take control of the system and access potentially sensitive information.
ez-pc are more than happy to help you set up an effective security regime.
Contact us for details of our cyber security services.