Unless otherwise noted, articles © 2005-2008 Doug Spencer, SecurityBulletins.com. Linking to articles is welcomed. Articles on this site are general information and are NOT GUARANTEED to work for your specific needs. I offer paid professional consulting services and will be happy to develop custom solutions for your specific needs. View the consulting page for more information.

Computer Security Basics

From SecurityBulletins.com

Jump to: navigation, search

Written by Doug Spencer 11/23/06

There is a saying in computer security that goes along the lines that "the only secure computer is one that is powered off in a vault encased in lead and buried in a mountain." It goes to the fact that nothing can be 100% secure and still be usable. Computer security is intended to let authorized users in, keep unauthorized users out, and to keep the systems available and accessible for authorized users.

In real-world implementations, security is about creating barriers to unauthorized users to make it difficult to enter or damage your systems. How difficult depends on the value and type of information. For a web site containing only public information, you might have some basic security in place to keep the site from being defaced. On a system that does eCommerce, you would want a bit more security, including firewalls, host based security, intrusion detection, multi-tiered application structure to separate the data from the application and web servers. A system containing missile launch codes should have far greater security still.

When evaluating the level of security you require, first determine the impact a security breach may have. The impact may range from embarrassment to destruction of your company to destruction of the planet. The level of impact of a breach generally has a effect on the level of security you implement, since the cost of implementing, maintaining, and auditing security increases with the complexity of that security.

The inexpensive security that can be implemented include locks for physical security, make sure hinges are not exposed, strong passwords, firewalls, virus checking systems where applicable, e-mail filters, and intrusion detection systems. Many of those security pieces can be had for very little expenditure.

As you add more security, costs go up significantly. Hardware tokens, biometric security, bunkers and so on all increase your costs. If what you are protecting justifies the cost, it may be worth it. Don't get duped into thinking that just because you have a biometric scanner, you're secured. Some devices have known exploits you want to be aware of before investing in the equipment. Fingerprint scanners have been defeated using silly putty, gummy bears, and various other inexpensive items. Make sure you are getting a product to improve your security, rather than a prop that provides little security.

Personal tools