Subject: Safely Back to School, and the Office

September too quickly is just around the corner and students are making their final preparations for the new school season. While the student/s in your family have probably already begged or bagged a new computer system it may not necessarily be ready to use. In this month's ELM Bulletin we tell you what you need to know so you can relax knowing that at least their computer it safe. Perhaps it's not the greatest concern in your world; but every little bit helps, right?

Computer users today are faced with three major threats to computer security (a more complete list may be found at this website: http://www.caci.com/business/ia/threats.html). In the past security threats were generally geared toward causing damage and in so doing obtaining "bragging rights" in the hacker community. Today's threats generally have more to do with making money by selling information or stealing resources and is far more mercenary than it once was.  

1 - Viruses - The oldest and at one time most dangerous threat, computer viruses are not as significant  a threat as they once were but they remain dangerous and new viruses continue to be written. A computer virus is essentially a program that has been designed to infect a computer system by attaching itself to other files already on the computer, accomplish a specific task and in many cases replicate itself to other systems.

 

2 - Spyware - Spyware is today's most prevalent computer threat. Not as immediately damaging as computer viruses, spyware can severely affect computer performance. The primary purpose of Spyware is monetary gain; its aim is not to damage computer systems but to spy on them, obtaining a wealth of data that can either be sold to other interested parties or directly used for theft. Spyware differs from computer viruses in that spyware is a self contained program that hides itself on the computer but does not attach itself to already existing files.

 

3 - Spoofing - Spoofing is the means by which the computer user is tricked into revealing private personal or corporate information. Generally, spoofers rely on social engineering concepts and lack of information to accomplish their goals which include: i) Gaining unauthorized access to networks and systems. ii) Gaining access to personal information such as bank and email accounts.

The Solution - Although there is no such thing as total, 100% security, the products listed below serve to minimize security threats to less worrisome proportions. Since most of our readers are concerned with security in the corporate environment as much as (or more than) the educational environment we include several products aimed at corporate networks.

1 - Internet Security Appliance - Corporate - An Internet Security Appliance is a hardware device that stands between your computer network and the Internet. These devices can be configured to protect against all known types of threats and update their definition files every few minutes. Clients for whom we have installed an Internet Security Appliance enjoy a 50% reduction in the volume of spam received with negligible impact on legitimate email. This has translated into reducing the amount of time wasted with spam management by an average of 10 minutes per employee each day.

 

2 - Hardware Firewall - Corporate/Personal - A hardware firewall is a hardware device that stands between your computer or computer network and the Internet. Simply put, a hardware firewall monitors data going to and from the Internet, allowing only legitimate traffic to proceed in either direction. Most modern Internet enabled routers include a hardware firewall.

 

3 - Software Firewall - Corporate/Personal -  A software firewall performs exactly the same function as a hardware firewall It differs from a hardware firewall only in that it is not a stand-alone device but software installed on the computer or network that it is protecting. It is recommended that hardware and software firewalls be used together as they compliment each other and have negligible impact on system performance. The software firewall bundled with Windows XP and VISTA is not the most advanced available but is serviceable in most environments where other protections are already in place. McAfee, Symantec, Zone Labs and many other suppliers offer very capable software firewalls as part of their Internet Security Suites.

 

4 - Internet Security Suite - Corporate/Personal - The days are far behind us now when an anti-virus package was all the computer protection required. While viruses still pose a respectable threat there are so many other security threats on the Internet that anti-virus protection alone is grossly inadequate; which is why most anti-virus protection is now available as part of an Internet Security Suite. Our preferred Internet Security Suites are supplied by AVG, Symantec and Zone Labs but those offered by McAfee and other suppliers are equally effective. We can help you with your decision if you have questions about a particular product.

 

5 - Awareness - Corporate/Personal - No amount of hardware and software can protect you if you are not aware of current threats. This is one of the reasons we publish the ELM Bulletin, so that our readers can be informed of the more serious threats and take appropriate action. In past ELM Bulletins we have offered suggestions on safe email and Internet surfing techniques (see the Security section of the ELM Bulletin Index). If you follow the practices outlined in these ELM Bulletins, and information available from alternative sources, you stand a good chance of never having to deal with recovering from a security breach; at the very least you will minimize the risks involved in using a computer.