Computer and network security: how can you easily do it better?
Computer and network security: Everyone knows they should be doing it better, but no one really knows all the best ways to do it. The computer security profession is a large and varied one, so — obviously — opinions vary about best practices and solutions. But believe it or not, everyone agrees on the single-most effective way to keep your computer safe in our digital era: Don’t use a computer.
Unfortunately, that’s not really practical for most people. So instead, we snooped around for what measures computer security professionals use to secure their own machines. (Obviously, one of the best measures is not to release all of your security methods, so we got the cream of the crop.) The skills and knowledge of being an expert computer security professional can take years to learn, but it’s always possible to glean a few tidbits of knowledge from the pros.
Take online security seriously and respond quickly
Whether you’re speaking in terms of public relations, data security, or loss of productivity, there’s never been a more important time to take digital security seriously. You wouldn’t leave your car running in a parking lot while you went inside for half an hour, so don’t leave your (and potentially your customers’) data vulnerable online.
Update your software — now, not later!
We were actually surprised by this consensus opinion. It’s so simple, yet, we’ve all been guilty of clicking “Remind me Later” when some program wants to update. There’s a reason that software is updating: Its team of dedicated, expert programmers have patched something. Many times, it’s a security loophole or some part of the program that allows a vulnerability into your system.
It may be hard to believe that one of the most important lessons of online and network security is performing software updates as soon as possible, but it’s one of the best ways to keep your computer and network safe. It’s almost always a hassle, but it’s definitely always worth it.
Be miserly with your permissions!
We know it doesn’t work in every industry, but there’s an easy, fundamental rule of network security: The Principle of Least Privilege, which basically asks “how few permissions can you give each user?” Yeah, needing to ask your IT team to turn on your speakers because of insufficient permissions is incredibly annoying — no one knows better than the IT team. But by keeping everyone’s permissions as restricted as possible, you minimise potential problems, including your own.
Imagine your network like a house and a hack like a break-in.
Example 1: You have valuables in every room of the house, but there are no doors to those rooms. Whether a thief breaks in through the window, the garage, or by picking the front door, they can get at everything by breaking in once.
Example 2: Every room in the house has a locked door, and all valuables are placed inside safes. If our thief gets into one room, they can’t get to the hallway and into another room, and they might not even get anything out of that room.
Obviously, it seems a little paranoid to live that way. But, with IT Security, that’s sort of how you need to think! Keep your “rooms” locked, put your valuables in a safe place, and when you throw a party, close it all up. In other words, administer your network with multiple user permission levels and restrict accesses carefully, based on how few permissions can be doled out.
Prepare for the worst: Do your backups
It’s entirely possible that next time you turn on your computer, every file on it could be lost. There are hacks that hold your hard drive irretrievably hostage, there are environmental disasters that ruin your servers… even a simple burglary can make accessing your data impossible. Are you prepared for that?
Performing a backup of essential files and storing that backup somewhere geographically different from your hard drive could mitigate most security failures. There’s a lot to learn about how to keep computers and networks safe, but knowing how to retrieve stolen, lost or hacked files could be a lot easier and maybe just as important.
Last tip: With all that said, don’t feel bad if you’re doubting your company or team is doing enough with security measures. When asked, “What do security professionals do to secure their personal computers?,” almost all network security professionals have the same answer: Not enough. You can always do more, so get started today!