One of the problems with passwords is that users forget them. In an effort to not forget them, they use simple things like their dog’s name, their son’s first name and birthdate, the name of the current month- anything that will give them a clue to remember what their password is.
For the curious hacker who has somehow gained access to your computer system this is the equivalent of locking your door and leaving the key under the doormat. Without even resorting to any specialized tools a hacker can discover your basic personal information- name, children’s names, birthdates, pets names, etc. and try all of those out as potential passwords.
To create a secure password that is easy for you to remember, follow these simple steps:
1. Do not use personal information. You should never use personal information as a part of your password. It is very easy for someone to guess things like your last name, pet's name, child's birth date and other similar details.
2. Do not use real words. There are tools available to help attackers guess your password. With today's computing power, it doesn't take long to try every word in the dictionary and find your password, so it is best if you do not use real words for your password.
3. Mix different character types. You can make a password much more secure by mixing different types of characters. Use some uppercase letters along with lowercase letters, numbers and even special characters such as '&' or '%'.
4. Use a passphrase. Rather than trying to remember a password created using various character types which is also not a word from the dictionary, you can use a passphrase. Think up a sentence or a line from a song or poem that you like and create a password using the first letter from each word.
For example, rather than just having a password like 'yr$1Hes', you could take a sentence such as "I like to read the About.com Internet / Network Security web site" and convert it to a password like 'il2rtA!nsws". By substituting the number '2' for the word 'to' and using an exclamation point in place of the 'i' for 'Internet', you can use a variety of character types and create a secure password that is hard to crack, but much easier for you to remember.
5. Use a password management tool. Another way to store and remember passwords securely is to use some sort of password management tool. These tools maintain a list of usernames and passwords in encrypted form. Some will even automatically fill in the username and password information on sites and applications.
Using the tips above will help you create passwords that are more secure, but you should still also follow the following tips:
Use different passwords. You should usea different username and password for each login or application you are trying to protect. That way if one gets compromised the others are still safe. Another approach which is less secure, but provides a fair tradeoff between security and convenience, is to use one username and password for sites and applications that don't need the extra security, but use unique usernames and more secure passwords on sites such as your bank or credit card companies.
Change your passwords. You should change your password at least every 30 to 60 days. You should also not re-use a password for at least a year.
Enforce stronger passwords: Rather than relying on every user of the computer to understand and follow the instructions above, you can configure Microsot Windows password policies so that Windows will not accept passwords that don't meet the minimum requirements.
Saturday, September 18, 2010
Thursday, September 16, 2010
Basic Network Security
In this day and time with many people and businesses having internet and handeling sensitive information whether is a finicial institution, law firm, hospital or goverment entity over cyperspace it is very important to make sure you have a secure network (laptop or desktop).
Computer security can be a difficult concept for many people. There are so many strange words and acronyms that it can seem like someone is talking a foreign language when they are discussing it, however I will try to explain it in a simple fashion.
Network Security Concepts: Network security starts from authenticating the user, commonly with a username and a password. Since this requires just one thing besides the user name, i.e. the password which is something you 'know', this is sometimes termed one factor authentication. With two factor authentication something you 'have' is also used (e.g. a security token or 'dongle', an ATM card, or your mobile phone), or with three factor authentication something you 'are' is also used (e.g. a fingerprint or retinal scan).
Once authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users.[2] Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer worms or Trojans being transmitted over the network. Anti-virus software or an intrusion prevention system (IPS)[3] help detect and inhibit the action of such malware. An anomaly-based intrusion detection system may also monitor the network and traffic for unexpected (i.e. suspicious) content or behavior and other anomalies to protect resources, e.g. from denial of service attacks or an employee accessing files at strange times. Individual events occurring on the network may be logged for audit purposes and for later high level analysis.
Communication between two hosts using a network could be encrypted to maintain privacy.
Honeypots, essentially decoy network-accessible resources, could be deployed in a network as surveillance and early-warning tools as the honeypot will not normally be accessed. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques. Such analysis could be used to further tighten security of the actual network being protected by the honeypot.[4]
(from: From Wikipedia, the free encyclopedia)
Computer security can be a difficult concept for many people. There are so many strange words and acronyms that it can seem like someone is talking a foreign language when they are discussing it, however I will try to explain it in a simple fashion.
Network Security Concepts: Network security starts from authenticating the user, commonly with a username and a password. Since this requires just one thing besides the user name, i.e. the password which is something you 'know', this is sometimes termed one factor authentication. With two factor authentication something you 'have' is also used (e.g. a security token or 'dongle', an ATM card, or your mobile phone), or with three factor authentication something you 'are' is also used (e.g. a fingerprint or retinal scan).
Once authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users.[2] Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer worms or Trojans being transmitted over the network. Anti-virus software or an intrusion prevention system (IPS)[3] help detect and inhibit the action of such malware. An anomaly-based intrusion detection system may also monitor the network and traffic for unexpected (i.e. suspicious) content or behavior and other anomalies to protect resources, e.g. from denial of service attacks or an employee accessing files at strange times. Individual events occurring on the network may be logged for audit purposes and for later high level analysis.
Communication between two hosts using a network could be encrypted to maintain privacy.
Honeypots, essentially decoy network-accessible resources, could be deployed in a network as surveillance and early-warning tools as the honeypot will not normally be accessed. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques. Such analysis could be used to further tighten security of the actual network being protected by the honeypot.[4]
(from: From Wikipedia, the free encyclopedia)
Securing Your Laptop at the Airport
Laptops are becoming more common than desktop computers. An increasing number of business and personal travelers bring along their laptops on flights. You should be prepared to remove your laptop from your laptop bag or carrying case to send it through the airport security checkpoint in its own bin. More importantly for travelers though is the need to protect the laptop throughout the trip. The very portability that make them such a convenient computing platform also makes them easy to lose and a prime target for theft. In order to protect your laptop and ensure it arrives at your destination in one piece and with the integrity of the data it contains still intact, you should follow these Top 10 tips:
1. Pad The Laptop: Make sure the laptop bag or carrying case you transport your laptop in provides adequate padding. As you move about the airport or shove the laptop under the seat in front of you or into the overhead storage compartment, the laptop can be jarred and jostled quite a bit.
2. Keep It On You: It is not uncommon for someone to set their luggage down while standing in line for a muffin, or to sit down while waiting for a flight. With all luggage, it is important to keep an eye on it and ensure nobody tampers with it or steals it. Because of their size and value though, laptops make prime targets and a thief can snatch the laptop bag and keep walking while you are unaware with your back turned. You should keep the laptop bag on your shoulder or keep it in sight at all times.
3. Back Up Data: Perform a backup of all critical or sensitive data before departing. Just in case your laptop does become damaged or lost, you don't want to also lose your important files and information. You can buy a new laptop, but it is much harder to replace lost data.
4. Encrypt Your Data: Just in case your laptop should fall into unauthorized hands, you should make sure your hard drive is encrypted. Laptops with Windows Vista Enterprise or Ultimate come equipped with BitLocker drive encryption. If you aren't using one of these versions of Windows Vista, and your company has not implemented any other sort of enterprise-wide encryption solution, you can use an open source solution such as TrueCrypt to protect your data.
5. Document Identifying Information: In case your laptop does end up lost or stolen, you should be able to provide detailed information about the make, model, serial number and any other identifying information. You may need the information to file a claim with the airline or your insurance company, or to provide law enforcement.
6. Use Strong Passwords: Follow the advice in Creating Secure Passwords to make sure that your passwords can not be easily guessed or cracked if your laptop falls into the wrong hands.
7. Use a BIOS Password: Protecting your laptop with an operating system login and password is a good idea, but there are ways to circumvent that protection and gain access to the data still. For better protection, you should enable password protection at the BIOS level so that the laptop can not even be turned on without the correct password.
8. Implement Remote Data Protection: Another step you can take to make sure your data does not fall into the wrong hands is to look into products that will allow you to remotely destroy or erase the data on your laptop if it is lost or stolen. These products generally require that the unauthorized user connect to the Internet first in order for them to do their work though, so they are not a guarantee.
9. Use Portable Storage: To make sure you have the business critical PowerPoint presentation or Excel spreadsheet that you need to show your business partners in order to seal the multi-million dollar deal (or whatever other important files and documents might be on your laptp) you should carry a copy on a USB thumb drive or some other type of portable storage that you can carry separate from the laptop in case it becomes lost or stolen.
10. Just Leave The Laptop At Home: When it comes to all of the hassles and all of the issues that can arise from traveling with your laptop, you should also consider whether you really need to take it. You can carry your data or files on portable storage such as a CD, DVD or USB drive, or you can just email or FTP the data ahead of you. Then, you can borrow a desktop or laptop system once you are safely on the ground and at the office site you are visiting
1. Pad The Laptop: Make sure the laptop bag or carrying case you transport your laptop in provides adequate padding. As you move about the airport or shove the laptop under the seat in front of you or into the overhead storage compartment, the laptop can be jarred and jostled quite a bit.
2. Keep It On You: It is not uncommon for someone to set their luggage down while standing in line for a muffin, or to sit down while waiting for a flight. With all luggage, it is important to keep an eye on it and ensure nobody tampers with it or steals it. Because of their size and value though, laptops make prime targets and a thief can snatch the laptop bag and keep walking while you are unaware with your back turned. You should keep the laptop bag on your shoulder or keep it in sight at all times.
3. Back Up Data: Perform a backup of all critical or sensitive data before departing. Just in case your laptop does become damaged or lost, you don't want to also lose your important files and information. You can buy a new laptop, but it is much harder to replace lost data.
4. Encrypt Your Data: Just in case your laptop should fall into unauthorized hands, you should make sure your hard drive is encrypted. Laptops with Windows Vista Enterprise or Ultimate come equipped with BitLocker drive encryption. If you aren't using one of these versions of Windows Vista, and your company has not implemented any other sort of enterprise-wide encryption solution, you can use an open source solution such as TrueCrypt to protect your data.
5. Document Identifying Information: In case your laptop does end up lost or stolen, you should be able to provide detailed information about the make, model, serial number and any other identifying information. You may need the information to file a claim with the airline or your insurance company, or to provide law enforcement.
6. Use Strong Passwords: Follow the advice in Creating Secure Passwords to make sure that your passwords can not be easily guessed or cracked if your laptop falls into the wrong hands.
7. Use a BIOS Password: Protecting your laptop with an operating system login and password is a good idea, but there are ways to circumvent that protection and gain access to the data still. For better protection, you should enable password protection at the BIOS level so that the laptop can not even be turned on without the correct password.
8. Implement Remote Data Protection: Another step you can take to make sure your data does not fall into the wrong hands is to look into products that will allow you to remotely destroy or erase the data on your laptop if it is lost or stolen. These products generally require that the unauthorized user connect to the Internet first in order for them to do their work though, so they are not a guarantee.
9. Use Portable Storage: To make sure you have the business critical PowerPoint presentation or Excel spreadsheet that you need to show your business partners in order to seal the multi-million dollar deal (or whatever other important files and documents might be on your laptp) you should carry a copy on a USB thumb drive or some other type of portable storage that you can carry separate from the laptop in case it becomes lost or stolen.
10. Just Leave The Laptop At Home: When it comes to all of the hassles and all of the issues that can arise from traveling with your laptop, you should also consider whether you really need to take it. You can carry your data or files on portable storage such as a CD, DVD or USB drive, or you can just email or FTP the data ahead of you. Then, you can borrow a desktop or laptop system once you are safely on the ground and at the office site you are visiting
Subscribe to:
Comments (Atom)