Keeping computers and data secure is getting harder every day. This is because for every exciting new technical innovation “designed to make your life better”, there is a corresponding hack out there to enrich someone else at your expense. Here are a number of possible security holes that you man want to look at for your network:
Encryption - without which, if someone breaks through your password, on your phone for instance, they have access to all your information in clear text. Once encrypted, however, the information behind your password is unreadable without a bunch of work.
Software and OS Security - almost hourly, new security flaws are found in software and operating systems. Many are such huge exploits that they show up on the evening news. Both these and the smaller holes need to plugged regularly, almost daily, so that these vulnerabilities are quickly addressed.
Internet of Things (IoT) - is the interconnection via the Internet of computing devices embedded in everyday objects, enabling them to send and receive data (aka: they took a dumb thing and put a chip in it, making it a smart thing). However, in doing this, very little thought is given to securing its data, since IoT devices generally have very little computing power.
Legacy and on-premise software - is software you have installed in your own controlled physical location, while Software-as-a-Service (SaaS) is leased software, fully maintained by its creator and not hosted on your physical premises. If you host it, you maintain it, but utilizing an SaaS provider puts the onus of security and maintenance on the provider.
Security considerations, especially new ones, can feel overwhelming, whether you are an individual or an IT professional. Fortunately, there are providers offering integrations that can fill some of those security holes for individuals and businesses.
An analogy, in favor of using encryption on your phone, compares the entry passcode to the key and lock on the front door to your home. In both cases, once the burglar breaks through that door, the whole house (the contents of the phone) are wide open for them to explore and plunder. Unlike the house, the phone has the option of being encrypted. That’s like having the entire contents of your house suddenly inside an unbreakable safe. The encryption uses a near-unbreakable key to effectively make the contents of the phone unreadable.
Image Courtesy: Pagedon
You can also set up encryption for your computer, but most of the time computers are left on the desks behind physical and digital walls. Your cellphone, on the other hand, goes with you everywhere and once lost or stolen comes under threat of being hacked. By integrating an IT security software with your SaaS software, you can encrypt vulnerable data like financial records and personal identifying customer information that might otherwise be open to attack.
In November 2017, it was reported that Apple accidentally left a bug in place giving password-free access to the Root user on macOS High Sierra. This was set to give Full Admin access to any who knew enough to type in username Root on the login screen of a locked Mac. This was a serious enough vulnerability that Apple had a patch released in under 24 hours. It is important to note that a fix like this is only good if the owner or IT person applies it to the affected computers by accepting the suggested update.
Image Courtesy: TrendMicro
Without a plan or a piece of software to watch for and apply updates to computers and software, networks are often left open to attack. To address this there is a group of software programs called Software Update Monitors (SUMs) that are designed to keep applications up-to-date without human intervention. These target especially those programs that are frequent attacked - such as Adobe Flash or Adobe Reader. A number SUMs are designed for personal use, but they are also available to work at the enterprise level.
The Internet of Things (IoT) is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.
Image Courtesy: ChainLinkResearch
This definition could describe something as mundane as a bathroom scale that can send data to your cell phone. Or it could apply to something more real-world and useful, like the wifi provided by your new Jeep Cherokee. These are just a couple examples of our increasingly interconnected world. Which of course means that the bad guys have greater scope for causing damage and for that damage to move off the internet and into your actual life - many malicious actors now have the skills and means to carry out chilling attacks.
For example, in 2015 two security researchers used Chrysler’s Uconnect dashboard computers to take over the vehicle. They grabbed the dashboard functions, the steering, the transmission and the brakes as shown in a now famous Wired magazine article. The resulting fix for this breach was a recall to put a security patch on 1.4 million vehicles. So, protecting your network from internet connected devices gives you a few more vulnerabilities to consider:
Wifi - see the Jeep example above
Data collection - it would be handy for a connected burglar to know that the homeowner turns down the heater every time they leave the house.
A study from HP Security Research showed that of the most commonly used Internet of Things devices, 70 percent have serious security vulnerabilities. At this point, you should try to find out what IoT devices are on your network so you’ll know what traffic they normally generate and consider getting an assist from security software or an outside provider to prevent exploits and identify security flaws. Like some of the previous vulnerabilities, patching a consumer or enterprise IT security software onto current devices and databases can help protect valuable information from hackers.
Having your software and database on the premises can give a sense of security. You may feel it is right there and in your control. Two major drawbacks to hosting this yourself are that (1) you have to have the IT knowhow/personal to protect and recover your data/network and (2) if your network gets hacked, you are responsible. If, instead, you opt to move to the cloud for database storage and subscription-based software, the responsibility for these security risks is now in the hands of the software providers. Consumer/small business preference for on-premise or cloud-based service has been slowly shifting toward the cloud option over the past 10 years.
One easily recognizable example of a cloud-based service is Google Drive / Google Docs. One facet gives an automatic backup and easy access to data and files, while the other is a Software-as-a-Service (SaaS) comparable to Microsoft Office. In this example, moving to the cloud for database storage and subscription-based software has Google applying all the security patches and making sure you can still access the latest version of your constantly updated document.
Securing your network and data has always been a daunting prospect. As computers, phones, and pretty much everything else, get smarter there are more and more vulnerabilities to consider. Since it is hard for any one person to be an expert in everything, you may wish to consider integrating an encryption or IT security software to protect your data.