Computer Network Security Advice

From Adviceopedia

Computer network security is just like home security; anybody who says their computer network security advice will make your system absolutely safe is either fooling themselves or trying to fool you. A completely secure system is impossible to create, but you can certainly take steps to make your computer secure enough so that it's not going to be worth a hacker's trouble.

Contents 1 Updates 2 Viruses, Trojans, and Adware, Oh My 3 Computer Network Security Advice for Passwords 4 Social Hacking: Less Understood Computer Network Security Threat

Updates

Almost all software is programmed to automaticly update your computer when problems are found or hackers come up with new techniques. Make sure that your system automatically downloads and installs these as they are released.

Viruses, Trojans, and Adware, Oh My

These programs, collectively known as malware (literally, bad ware), are often inadvertantly installed by your system's users. They're written to look like harmless programs such as games, utilities, music files, or even security updates, but instead embed themselves in your system. At best, they slow it down, at worst, they steal data and send it to data thieves who sift through it for information valuable to them such as social security or bank account numbers, or simply destroy data.

Your best protection against these is to make sure users only install authorized programs or at least that they run virus checkers on any file before they install it. There are sites that provide basic security checking, but it's still the user's responsibility to make sure that it's truly virus-free. For added protenction, try something like CNET.com. Warn users that many websites carry malware, particularly sites with music and games such as online gambling.

Computer Network Security Advice for Passwords

Never leave system default passwords around for easy access. It's amazing how many network administrators forget to reset them.

Change passwords frequently and when you give your users computer network security advice, explain why you require users to do the same. Never use (or let users use) passwords based on personal information such as:

• Their own name
• Names of family members or pets
• Birthdays, anniversaries, or hire dates
• Social security numbers
• Phone numbers

Users should also avoid using passwords made of:

• Single dictionary words (there are automated hacking programs that send entire dictionaries to test for passwords)
• Rows of keys on the keyboard (such as qwerty or asdfgh)
• Common phrases
• The word “password”

The best passwords combine words and numbers or punctuation marks and are at least 8 characters long. Good passwords are memorable to the user but not something anybody else could easily guess.

A good example takes a name from their past (like a street or pet) and combines numbers from their past (like an old phone number or street address).

• Smith6532 (maiden name plus phone number growing up)
• 241Linden6543 (street number of house growing up / street name / last four digits of your phone number)
• 712Shrek (area code plus favorite movie)

If possible, have users use different passwords for different systems. To help keep them easy to remember, users can make one password a variation on the other by adding or removing characters. For example, a user might make each of their passwords a variation on the phrase “cabbage89four” by making one of them “cabbage98four1” another “cabbage89four2,” and so on.

Social Hacking: Less Understood Computer Network Security Threat

Most “random” hacking is automated. The hackers simply run programs that search for vulnerable systems and attack those that come up. However, if they are targeting your system specifically, then the hackers may use special technology designed to access your system. This is called social hacking.

Social hacking relies on people as the weakest link in a computer network's security. For example, a user who knows not to install random software from a stranger might nonetheless give into temptation if he or she sees a CD-ROM left on a counter, especially if it has a label such as “Staffing Reductions Q3,” “Executive Salaries FY 2008,” or something else to trigger curiosity or fear.

Another common technique is pretexting, in which the hacker calls an individual staff member at the company, pretending to be from technical support and saying that they've got the fix for the computer problem that the user called about. If the user says that they didn't call in a problem, the hacker apologizes and asks if it was somebody else in the department or somebody with a similar name. Sooner or later, they get to a user who was having problems, and then they give the user instructions to install a program that will fix all the problems. Of course, this program is malware. Alternatively, they might say that they need to log onto the user's machine remotely and the password they have on file isn't working, and ask for the user's password.