August 17, 2007
Chances are your computer network or PC has been attacked at some point or another. Perhaps a worm caused your system to slow down severely, a virus erased your entire hard drive, or, malware plagued your registry and browser, leaving you helpless and frustrated. What you probably learned from these attacks was how or where to find a quick-fix while your overall security remained unchanged. What you may not know is that there are a few fundamental practices in relation to the hardware, software and people that can help to improve or optimize the safety level of your computer network and personal system. These practices or ways are sound, easy to implement and highly effective.
On the Hardware/Software Side
While they may appear relatively basic at the onset, some practical measures should be taken to not just establish and maintain but also to increase ongoing security to computer hardware and software. Failure to adhere to these measures or ways of implementing security can potentially lead to disaster. Of course, you can further add to or enhance these measures depending on your particular situation–such as budget restraints, time-frame, etc.
Specifically, you will want to:
- Upgrade or replace. Older hardware can malfunction and become unstable; older software can have security holes and vulnerabilities or could fail to properly integrate with newer technologies.
- Patch up and harden. Whether it’s a domain controller or your home PC, install anti-virus software, configure a firewall, update the OS using service packs and remove unnecessary services.
- Limit access. Keep the system away from prying eyes and unauthorized users. Implement strong passwords; use encryption. Locks and biometrics are strongly recommended, too.
- Monitor regularly. Make a habit of watching network activity and reading system logs to find inconsistencies and unusual traffic patterns.
- Maintain good backups. Backup often and verify your backups always. Keep one or more copies off-site, if possible.
On the People Side
When it comes to security, people usually are the weakest link in the chain. They can be lazy, indifferent, uninformed or represent some other security liability. Because you, too, may possibly exhibit such characteristics and behaviors yourself, here are ways to address these people problems and successfully increase and ensure IT security. For example, you should:
- Establish controls. Rules and policies can help to specify what is or isn’t acceptable use. Enforce them. Be prompt at acting on the slightest deviation.
- Train and educate. You and your staff can never be too knowledgeable about the newest technologies or the latest types of attacks–worms, viruses, Trojans, malware and others. Be prepared to learn and learn to be prepared.
- Be safety aware. Don’t expose yourself or your systems to potential attacks by linking to questionable websites. And, opening an email attachment from an unknown source could quench much more than sheer curiosity.
- Go “long” on commitment. Engage people by assigning them (or yourself) duties and responsibilities with realistic goals and rewards. Foster loyalty and support alongside accountability for non-performance.
Experiencing a malicious attack is sometimes the result of weak or ineffective security practices. And, while finding quick solutions to the attack may be reactionary and expected, it is not necessarily the only or best course of action in securing PCs and networks. There are far more sensible and fundamental ways to implement and address security in relation to the hardware, software and people involved in day to day operations. It is, in fact, by applying those ways and practices that you can effectively and successfully improve upon and optimize security in IT.
Author: Eddie Bannister works as a network consultant and computer instructor. He also enjoys writing about a wide range of topics.