Republished with permission from WatchGuard Technologies, Inc.
Securing the Corporate Network -- Two Simple Things Every PC User Can Do
Fredrick M. Avolio
When I mention "network security," what do you think of? If we wanted to list the top network and computer security mechanisms, what would top your list?
Perhaps you think of Internet firewalls. They are popular, and have been a "must have" for Internet security since the early 1990s. Maybe you envision biometric devices that are coming into more common use: fingerprint scanners, face or voice recognition systems, and the like. Intrusion detection devices, like motion detectors sitting on our network, looking for problem or illegal behavior, are also interesting.
However, in the realm of security, the most important mechanisms are often the simplest, most mundane, and least expensive. For physical information security, for example, this might mean the obvious locking of desks and file cabinets. For electronic information security, two simple mechanisms will do much to help secure the corporate network from attacks and data theft.
Mechanism #1: A
Bear with me a bit. I believe the FBI and industry studies that say that insiders commit most computer and network crimes. I believe Peter Tippett of the ICSA, when he says, "it is clear to us that the vast majority of inside attacks are 'opportunity' attacks where a machine, with the authority of the logged-in user, is used by someone else with the logged-in user's privilege." (In other words, when a bad guy uses someone's computer when he is away from his desk).
Given these beliefs, the simplest, easiest, and least expensive thing a PC user can do to help safeguard the corporate network and related data, is to put a password-protected screensaver in place on his desktop. The screensaver should have its timer set to 5 minutes or less. If someone has to break into a PC in order to use it as the base for an attack or for information theft, most of the time the attacker will pass by the PC.
Do observe the caveat used: "correctly installed, configured, and running." We should configure AV software to run constantly "in the background." In other words, it runs all the time and silently, checking for viruses on every virus-prone file that you open and alerting you to viruses it discovers.
Again, quoting Tippett:
Simple, Boring, and
Inexpensive, Yet Effective