Tuesday, April 20, 2010
Six Easy Habits to Maintain a Secure Network
Whether your company is a tiny home office or a big fish, your online business can be hacked easily, and the stakes are bigger than a few canceled orders. Here are six ways to protect your networks and your users, steps that even many enterprise-class security experts may slip up on sometimes.
1. Don’t be an ignorant fish
Spear-phishing attacks targeting companies are likely to use custom-tailored messages (tweet, IM, e-mail, and so on), such that victims may take the bait. A leading scientist at a research institution may not follow through on an email advertising natural male enhancement or replica Rolex watches, but if it invites the would-be victim to become a keynote speaker on an important symposium, it will be irresistible.
2. Use separate e-mail account for personal uses
Many websites use a “forgot password?” feature that sends reminder to regain your access. In addition, people are trained to expect notifications about many things, like friend requests.
How can we be sure that MySpace or Facebook are the real e-mail senders? There are plenty of DNS-level security and electronic signatures to make those spoofed messages useless. For example, you can use one simple method that you should employ to make sure an e-mail is genuine, make sure the e-mail come from the original domain, for example firstname.lastname@example.org.
It is a good idea to use a separate email account, preferably from a free email provider to register with social networks, IM and others. If a password reset message is directed to office e-mail instead of your free email, it is likely a spam or perhaps a phishing attempt. Fortunately, it is easy to know about unscrupulous web sites that share your important information with 3rd parties.
3. Don’t click on any links within e-mail
As a rule, don’t click those links. Not even in e-mails from reputable senders. If you do need to click, you should copy, paste and edit it on the browser’s address bar. If nothing else, it will remove any funny tricks (like, www.gmail.com.email.ru or paypa1.com) and leaves you with a pristine plain-text web address,
4. Patch regularly
Patching is very necessary and almost free. The first thing to know, is whether you’re current on all your patching. It would be better to set the update on the second Wednesday, as Microsoft usually releases its security updates and patches on second Tuesday.
If the Microsoft Update isn’t activated, you won’t get any Microsoft Office updates. But, it isn’t enough. Be sure you visit Adobe site to update your PDF Reader and Flash player. Firefox also great at pushing out updates automatically, but it may not upgrade the browser and plug-ins to a major release, it would be better to check the Firefox site as well. Hardware may need updating, too; check manufacturer web sites for new drivers.
5. Be careful with P2P application
Some people believe that P2P has no business on personal computer and the risk of malicious code from peer-to-peer (P2P) networks far outweighs any needs for KaZaa or BitTorrent.
If you need to participate in P2P, they advise to use a separate, non-admin account. Don’t run apps that you download from a peer-to-peer network using your administrator account, and update your anti virus program. Virustotal.com is a great place to do a reliable scan on a dubious downloaded file. It would be better to test P2P apps in a virtual machine to identify any malware.
6. Don’t use ISP’s default DNS
Use OpenDNS for your home and your company router’s DNS resolver. You shouldn’t use default DNS given by your ISP. OpenDNS has a big cache that will improve your queries performance and also a reliable filtering service. Although you may not need the filtering, its secure and robust DNS infrastructure may shield you from common attacks on DNS level. After five minutes of re-configuration, your Internet connection is snappier because the OpenDNS servers generally respond faster than an ISP server.
It may be necessary to use a host-based outbound firewall on your workstations and servers. It is absolutely important to be notified when a new or unknown process decides to establish an outbound connection. That way, even if some evil codes slip past your antimalware and antivirus defenses, you can catch it immediately.