Computer Security

What is Computer Security?

Computer Security is a branch of technology known as information security as applied to computers. Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. The objective of computer security varies and can include protection of information from theft or corruption, or the preservation of availability, as defined in the security policy.

Technological and managerial procedures applied to computer systems to ensure the availability, integrity and confidentiality of information managed by the computer system

Computer security imposes requirements on computers that are different from most system requirements because they often take the form of constraints on what computers are not supposed to do.

Typical approaches to improving computer security can include the following:

• Physically limit access to computers to only those who will not compromise security.


• Hardware mechanisms that impose rules on computer programs, thus avoiding depending on computer programs for computer security.


• Operating system mechanisms that impose rules on programs to avoid trusting computer programs.


• Programming strategies to make computer programs dependable and resist subversion.

Computer Security has three Layers:

o Hacking

o Cracking

o Phreaking

Hacking:

Unauthorized use or attempts to circumvent or bypass the security mechanisms of an information system or network.

Computer hacking always involves some degree of infringement on the privacy of others or damage to computer-based property such as files, web pages or software. The impact of computer hacking varies from simply being simply invasive and annoying to illegal.

Cracking:

The act of breaking into a computer system.

Software Cracking is the modification of software to remove protection methods: copy prevention, trial/demo version, serial number, hardware key, CD check or software annoyances like nag screens and adware.

The most common software crack is the modification of an application's binary to cause or prevent a specific key branch in the program's execution.

Phreaking:

The art and science of cracking the phone network.

Security by design:

The technologies of computer security are based on logic. There is no universal standard notion of what secure behavior is. "Security" is a concept that is unique to each situation. Security is extraneous to the function of a computer application, rather than ancillary to it, thus security necessarily imposes restrictions on the application's behavior.

There are several approaches to security in computing; sometimes a combination of approaches is valid:

1. Trust all the software to abide by a security policy but the software is not trustworthy (this is computer insecurity).


2. Trust all the software to abide by a security policy and the software is validated as trustworthy (by tedious branch and path analysis for example).


3. Trust no software but enforce a security policy with mechanisms that are not trustworthy (again this is computer insecurity).


4. Trust no software but enforce a security policy with trustworthy mechanisms.

12 tips for computer security:

1. Update / patch ALL your software every now and then!


2. Check / adjust ALL your settings so they are safe, since they ARENT by default!


3. Use firewall, like ZoneAlarm to control what goes in and out from your computer!


4. Use good passwords: at least 13marks long, containing both letters and numbers. Remember to change your password every few months atleast and dont ever use the same password in two places!


5. Get a good antivirus program: NOD32, F-Secure or Norton Antivirus and keep it updated!


6. Don’t open or execute files that you are not 100% sure are absolutely safe nomatter where or how you get them.


7. Wipe your historyfiles (like cookies, internet history and temporary files, etc.), logs and personal files, with specific wiping program (like Eraser) instead of just deleting them.


8. Use encryption to enhance your privacy! Use encrypted email (like Hushmail or Ziplip), www-surfing and encrypt sensitive files on your computer (PGP).


9. When you are finished using some internet-based service like email, sign out of it rather than just closing your browser! Also, when you leave your computer, make sure that none of such programs or connections are left open that someone could abuse. In WindowsNT/2k/XP, press Windowskey+L to lock the workstation.


10. Don’t use public computers for anything you need to type in your logins, they usually have Trojan horses that capture your passwords.


11. Make backups and store them in safe place! Easiest way to do a total-backup is to make an "Image" of your harddrive or partition and store it on safe location, but floppies will usually be just fine for storing documents, etc.


12. Install and Use a Hardware Firewall

Regards,
Kethy Wright
www.perceptionsystem.com