Your Data Is At Risk

When information technology professionals refer to the security of information or data, we are really talking about three things, all of which are equally important:

  1. Confidentiality of information
  2. Integrity of the data (accuracy)
  3. Availability of the information

Without the existence of all three of these, the information you use to make business decisions is useless. The field of information security involves any activities undertaken to ensure that critical business data is kept confidential, accurate and available.

How Is Data Protected?
Click on any link for a detailed description.

Adware programs are similar to spyware in that they are installed during Internet browsing. But most of this type of malicious software (malware) is more annoying than harmful. These programs pop up advertisements onto your screen and often monitor your Internet usage. Because of the ability for these to be leveraged for other purposes (installation of other malware) and because the pop-ups can be very aggravating, you should frequently scan for and remove adware from your system. There are several adware removal tools available for download and installation on the Internet. However, you should be certain to only download and install software from a reputable location that you trust completely.

Anti-virus programs are used to stop known types of malicious software (malware) from infecting the client computers on which they are installed and running. These programs look for specific traits of each type of malware, which are commonly referred to as virus signatures. Anti-virus software manufacturers analyze new threats and distribute new virus signatures on a regular basis. But anti-virus programs do not eliminate the threat of malware infecting and spreading on your systems. New malware is designed and spread through computer networks all the time. These new threats, known as "zero-day exploits," are usually intended to elude detection by anti-virus software. Although anti-virus programs have seriously impacted the spread of malware, they cannot protect your systems and your data by themselves.

Encryption is a method of scrambling the data so that it is difficult to read. A mathematical function (encryption algorithm) is used to pad the data with garbage to make it unusable until it has been properly decrypted. Data can be encrypted on your computer hard disk, within a database, or when it is written to tape backup for long term storage. Encrypting your critical data is an important protection method that is often overlooked, but extremely valuable in maintaining confidentiality. There are several ways to encrypt data; some programs specialize in data to be transmitted, others encrypting databases, some are best for protecting laptop hard drives, and still others designed for file server data.

Event logging is a common method of tracking and understanding what is taking place on your network. Events can be captured from every device on the network and consolidated into a searchable database. Certain events may be assigned high priority and most logging systems can be configured to send alerts to you when important events occur. Events can be captured using several mechanisms, depending upon the operating systems (OS) used on your network. One of the most common mechanisms, as it is independent of OS, is the Simple Network Management Protocol (SNMP). All device manufacturers have agreed to support SNMP standards to allow for the collection of events and alerts on networked equipment. As with IDS systems, event logs should be reviewed daily on a busy network. Event logging systems also take considerable time to tune to a specific environment, due to the assignment of priority and elimination of superfluous information. But event logs are invaluable to any investigation of trouble.

Firewalls are one of the most common methods of protecting data. A firewall limits the type of access that is allowed into your network from its connection to the Internet. This incoming connection is referred to as ingress. More advanced firewalls can also limit the type of connections allowed to exit your network, known as egress.

Firewalls should be used wherever your private network connects to another network and between areas on your private network that have different security needs or levels of trust. A firewall by itself is helpful, but does not provide you with information security. Firewalls look at the source address of a data transmission, the destination address and the ports that machines are attempting to communicate through. Internet based systems recognize 65,535 different network ports for communication. A firewall can be configured to block or allow any of these individual ports.

Intrusion Detection Systems (IDS) are used to provide warning that suspicious activity is taking place on your network. As the name suggests, they detect possible intrusions. Unfortunately, they also detect many normal activities that appear to be suspicious; these are known as "false positives." The typical intrusion detection system can require a lot of upkeep. Sorting through false positives on a regular basis to look for the actual intrusions should be done daily on a busy network and at least weekly on a quiet network. IDS logs are usually very technical and require some expertise and training to review properly.

Intrusion Prevention Systems (IPS) are intended to stop attacks from being successful. There are many different methods employed by IPS vendors to monitor and defend your network and the computers on it. Software-based intrusion prevention is installed on the client PCs or servers; these installations are known as "host-based" because they are installed on and monitor the hosting machine. Some intrusion prevention systems simply look for known attack mechanisms; others also use an understanding of common attack practices to interpolate and extend protective capabilities. A few IPS systems use both of these tactics as well as monitoring memory usage and privileged access to an operating system kernel (core processing).

Monitoring and management systems are based on the particular operating systems used on your network. Each of the major software and hardware vendors provides its own specific monitoring and management systems under its own various trade names. Typically, these management systems allow for consolidated maintenance of many systems and will alert you of critical events requiring attention. These systems are based upon the event logs previously discussed, but also offer enhanced features for convenient management of network equipment, servers and/or workstations. There are also a handful of monitoring and management systems available that will handle equipment from many different hardware and software vendors to allow for consolidated control over diverse hardware and software.

Spyware programs have now become quite prevalent. Spyware programs are installed during Internet browsing and can be used by malicious people to steal private information stored on your computer, to steal usernames and passwords, and to take control of your machines through "root-kits" and "Trojans." Root kits provide their user secret—hidden and privileged—access to the operating system (OS). When your computer is taken over by a remote user, it is commonly said to be "owned" and usually referred to as a "zombie." This is because there are a huge number of machines that are quietly under the control of various nefarious groups. These groups can focus the combined power of thousands of computers on a single task. Thus they own large armies of zombie computers on the Internet. Spyware removal tools are available to assist in cleaning up known exploits, but as with anti-virus, there are many exploits still "in the wild."

Some advanced network security appliances combine several of these mechanisms together into one unit. There are certainly advantages to a single point of administration, as well as disadvantages of a consolidated appliance. Each network environment is different and your network needs its own individual solution, or combination of solutions to effectively protect your data.

Energy america case studysempra energy center of excellence case study using the snap process to define requirements case studycacs data mining concepts white paperregulatory planning compliance guideenabling secure collaboration for professional services firmsInformation Protection Strategies For Financial Services Optimizing Branch Office Security and Productivity in the Financial Services SectorSecure Wireless Access Point Configuration The Security Risk Management Guide2007 Microsoft Office Security Guide2007 Microsoft Office Threats and Countermeasures • MS CRM 4.0 Customer Service Brochure CRM4.0 Marketing Automation BrochureCRM 4.0 Sales Automation BrochureMS Dynamics GP Business Portal: OverviewMS Dynamics GP Business Portal: the Benefits of Self Service for HRMS Dynamics GP Business Portal: edocument delivery MS Dynamics GP Business Portal: order management  Workflow in Microsoft Dynamics GP Fact Sheet Search in Microsoft Dynamics GP Fact Sheet Excel Service for Microsoft Dynamics GP Fact Sheet • SQL Reporting Services for Microsoft Dynamics GP Fact Sheet