Cougar Mountain Software Support Productivity Tools
For Cougar Mountain Software Support's
Professional Version (V2012, V2011, V2010, V2009, V12-V6)

 

free site statistics

How to combat illegal entry

Here are a list of ways to make computers more secure and some minimal suggestions for when they should be used. For systems that are critical to operation, all of these and more may be warranted.

 

  1. Physical security. Keep doors locked if feasible. Install locks on accessible but attended machines. Install locks and alarms on machines left unattended.

     

  2. Back up files. This should be done on all computers.

     

  3. Use a surge suppressor. All computers.

     

  4. Use an uninterruptable power supply. Critical systems.

     

  5. Periodic virus checking. All PC and Macintosh computers. High volume or critical multiuser machines.

     

  6. Continual memory resident virus checking. PCs or Macs used by many people, such as in public labs. When data routinely comes from many sources.

     

  7. Firewalls. For organizations that can conduct business with limits on the internet services accessible from inside the organization. Where outside access to company data could do significant harm to the business.

     

  8. Having no internet connection or no internal network at all is done when data is particularly sensitive or reliability is of key importance. Bank record systems and air traffic control systems are some examples.

     

  9. Programs to enforce the use of good passwords. Systems with a moderate to large number of users.

     

  10. Password aging. Systems which have a large number of users or are a likely target for illegal entry.

     

  11. Remove old accounts. Old, unused accounts are just that many more passwords for someone to find out. If it is not feasible to remove old accounts, the passwords can still be deleted. This is done by setting a null password for which no possible password will give acccess to the account.

     

  12. Smart cards. There are various varieties of smart cards to act as passwords electronically. One example is a card with a number that changes every ten seconds and has its internal clock synchronized to one in the central computer. This way, even if someone get the password, it is only good for ten seconds. This expense is only warranted when someone would have a clear motive for trying to break into a system.

     

  13. Install security patches to the operating system. Invisible security patches should be installed anytime systems are being upgraded. On systems with many users or that are likely targets for illegal entry, the system administrator should install new patches frequently or perhaps instantly when available. Many break ins occur within 24 hours of when a security flaw and patch is announced. This occurs when someone has targeted a particular machine and hopes to figure out how to take advantage of the flaw before the system administrators upgrade the system. For this reason, many flaws are not announced until a patch or temporary work around can be announced with them. Networking patches and network software uprgrades are particularily important.

     

  14. Security checking software. There are programs, like Satan, which will test a system for many known security flaws. These programs were created so that administrators can test the integrity of the system, but they are also a favorite tool for the first step in infiltrating a system. It is a good idea to do this periodically. The software can be set to check many machines on a network without interrupting the people using those machines. There are programs to check the system from the inside as well as checking network vulnerabilities.

     

  15. Break in detection software. There are also pieces of software to alert the system adminstrators when security is being tested by a known technique. This is a good way to know of an attack before they have gained entry.

     

  16. Some level of audit trail should be kept on any multiuser system and any system with sensitive data. Some level of auditing is built into many multiuser operating systems. An audit trail has to be maintained before a break in occurs in order to do any good.

     

  17. Use software to prevent sniffing, such as Kerberos or secure shell. These software packages allow remote logins to be authenticated, without sending an unencrypted password over the network. We have seen an increase in sites using these systems, particularily where many users login to machines remotely. The difficulty is setting up a system which is secure and reliable as well as not inconveniencing the users.

     

  18. Encryption of disk files. Disk files should be kept encrypted when the data is particularly important. Passwords, social security numbers and credit card numbers should always be encrypted. Many accounting systems use encryption.

     

  19. Do not use your credit card over the web unless your browser (not their web page) identifies it as a secure server. Even at that it is advisable only to do so with reputable companies that you are familiar with. You should never need a credit card number to get something that is free.

     

  20. Encrypted email software should be used when someone would have a reason to want to see, forge or alter email messages.

     

  21. Random manual monitoring. For a few businesses that deal with very sensitive information and must use networks, the security administrators will occasionally manually look at the information being passed over the network, particularly through the firewall. This probably is not warranted unless security is important enough to be paying someone solely as a security manager.

     

  22. Hiring tiger teams. A tiger team is a group of honest expert hackers that are hired to break into your system in order to give you an analysis of your security. This is generally done by banks or others with extremely sensitive data.

 












 

 

free site statistics