Making you and your activities and possessions being safe from interference or harm. It is an ever-vigilant struggle against known and unknown forces. Computer security is a process that protects data, communications, and systems from harm or failure, including accidents and acts of nature.
- 1 Tenants of Security
- 2 Threats
Tenants of Security
- Never absolute – The best systems are often tested and retested to reaffirm their strength. These tests try their best to cover genuine dangers. Over a long enough time line, anything is possible.
- Policy And Technical Some elements of security are highly technical while others are simple policy and procedure. For instance, security on a very large wide-area network with a fast network connection can be very difficult and require a dedicated, trained technician. Meanwhile, if no one locks their doors when they leave the office everyday per imposed procedures,
- Communication – Internal suspicion can also harm genuinely secure systems. Possible failures in security must be reported, checked on, and follow up with.
- Systems Thinking – Don’t focus on one thing; a security system is only as strong as its weakest link. Anytime something attempts to compromise your security, it is considered an attack.
- ‘Turn things off – on your computer, every open program that can connect to the Internet or, even more, be connected to is a potential security risk. Turn everything off. Nearly every computer security book on the market will recommend this first and foremost.
- Security often involves giving up control and ease of access. This can include locks or passwords added to prevent access to a computer or creating a separate account on a computer that is incapable of installing programs.
- Effective security enables users to do what they need to do safely. Too much security can often lead to Paranoia and wastes time and energy.
- To create a secure environment specific boundaries need to be defined so that violations can be monitored. Mechanisms should be based on prevention, detection and reaction.
- For computers, information can be copied perfectly and easily so backup is often a universal defense against failure.
Attacks against transmission of data include interruption, modification, fabrication and interception.
Using tools such as cryptography and authentication can help prevent security breeches.
Attacks include cracking, viruses, and theft. Applying patches to keep individual computers up to date is also important.
To prevent theft, physical security includes a process as simple as locking your office door when you leave or as complex as motion-detector alarms and retinal scanners.
- Anonymity / Obscurity
- Brute Force
- Cryptography – Encrypting Your …
- Identity / Authentication / Integrity
- Industrial Espionage
- Security through obscurity
Topics of distant relation
- Cert.org – a center of Internet security expertise
- Stay Safe Online
- GuardCentral – A regularly updated computer and Internet security portal
- Gibson Research Corporation – Of note, this is the home of ShieldsUp and several other products.
- Packet Storm Security
- securityfocus — Don’t forget to browse SecurityFocus’s extensive library and mailing lists. See also: bugtraq
- atstake — Formerly The L0pht.
- security.resist.ca – Security, Privacy, & Anonymity for Autonomy…
- Information Security Glossary
- Hack This Site — training hacktivists through online security challenges
- Tinhat – Humans versus Computers – Electronic security and privacy information for non-experts.
- The Computer Security Institute
- Securityflaw’s Information Security Bible
- Information Systems Security Association – The ISSA is the largest not-for-profit security organization
- Find the latest Security white papers, product literature, webcasts, and case studies.
Free Open Source Information Security Standards ]
- Forum On Risks To The Public In Computers And Related Systems – Very old, and still going.
- Microsoft: Best Practices For Internet Security – A detailed collection of whitepapers and other resources.
- About.com Internet and Network Security
- SpamSpade – Online security tools.
- COTSE – A security service and useful portal system for a variety of security tools and references
- SecureRoot – One of the earliest security and hacking portals
- The Most Overlooked Component of Data Security: Your Employees
- The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments – written by several authors of the NSA
Online security scans
Offering a basic security check (mostly for Windows systems)
- Symantec Security Scan – including vulnerability test and even an over-the-web anti-virus scanner.
- Sygate scans.
TakeDown.NET -> “Security”