Online security is basically explained as the prevention of and protection against assault, damage, fraud, invasion of privacy, theft, unlawful entry and other occurrences caused by deliberate action online.The online security is not safe to start with as there are virus, trojan, worms and spyware that is commonly known by everyone. Not only that, there are new threats emerging almost everyday that may harm us. The SANS Institute (SysAdmin, Audit, Network, Security Institute) has identified the top threats in the online security.
One of the common examples is web browser. When we enter certain websites, there will be "cookies" that is send to our computer to monitor our performance in the website but there is a common exploit that may include disclosure of "cookies" with personal information. To encounter this problem, users could configure the browser's security settings for a setting higher than the default value.
Other than that, mail client is also a commonly found threat. It is usually attached to e-mails and then send to user. When the user open the attachment, it will spread worms or viruses in the computer. To avoid this attack, users could configure the mail server appropriately and block attachments with .exe or .vbs files. Not only that, users are adviced not to open any file or e-mails that are sent from unknown user.
The next threat is about file sharing applications. The peer-to-peer programs are commonly used to share files. In this system, users can share files that are uploaded by other users. Many corporations forbid the use of this system because there is an obvious risk of compromised data. The data downloaded might contain unsafe programs. Therefore, users must be careful when they select data to download.
The fourth is the web servers and services. The web servers until this date still have several vulnerabilities and numerous patches have been issued over the past several years. The vulnerabilities may lead to denial-of-service attacks and other types of threats. Therefore, users must make sure that the patches are up-to-date and do not use default configurations or default demonstration applications.
The last example is windows authentication. Most windows systems use password to protect the system but the password can be easily guessed or stolen. Users could try using stronger and more difficult to guess passwords and not by using default passwords. To get more advice on getting a stronger password to prevent password attacks, users could follow a recommend password policy.
No comments:
Post a Comment