Paul Walsh, of www.protocolsolutions.co.uk asks the scariest question out there: Think your network is safe from malicious attack? Find out for sure – a quick, complimentary chat will help you sleep better.
An Ethical Hacker is an expert hired by a company to attempt to attack their network and computer system the same way a hacker would. Ethical Hackers use the same techniques and tactics as those used by illegal hackers to breach corporate security systems. The end result is the company’s ability to prevent an intrusion before it ever occurs.
A company can’t know if their security system is solid unless they test it. It’s hard, though, for a company’s IT team to thoroughly ring out the system. Try as they might, the techs can’t go at the system with all the malicious or mischievous motives of a true illegal hacker. To thoroughly uncover vulnerabilities, the theory goes; you must examine your security system through the eyes of an illegal hacker.
The word hacking has strongly negative connotations, and, for the most part, rightly so. But ethical hacking is much different. It takes place with the explicit permission of the company whose system is being attacked. In fact, their “good guy” role is underscored by the nickname “white hat” Ethical Hackers have been given. The nickname is a throwback to old Westerns where the good cowboys could be identified by their white hats.
The company and the Ethical Hacker enter into a legally binding contract. The contract, sometimes called a “get out of jail free card,” sets forth the parameters of the testing. It’s called the “get out of jail free card” because it’s what harbors the Ethical Hacker from prosecution. Hacking is a felony, and a serious one at that. The terms of the agreement are what transform illegal behavior into a legal and legitimate occupation.
Once the hacker has exhausted his attempts, he reports back to the company with a list of the vulnerabilities he uncovered. The list in and of itself, however, is not particularly useful. What’s most valuable is the instructions for eliminating the vulnerabilities that the Ethical Hacker provides.
An Ethical Hacker works to uncover three key pieces of information. First, he determines what information an illegal hacker can gain access to. Next, he explores what an illegal hacker could do with that information once gained. Last, the Ethical Hacker ascertains whether an employee or staff member would be alerted to the break-in, successful or not.
At first it might sound strange that a company would pay someone to try to break into their system. Ethical hacking, though, makes a lot of sense, and it is a concept companies have been employing for years. To test the effectiveness and quality of product, we subject it to the worst case scenario. The safety testing performed by car manufacturers is a good example. Current regulatory requirements including HIPAA, Sarbanes Oxley, and SB-1386 and BS 799 require a trusted third party to check that systems are secure.
In order to get the most out of the assessment, a company should decide in advance the nature of the vulnerabilities they’re most concerned with. Specifically, the company should determine which information they want to keep protected and what they’re concerned would happen if the information was retrieved by an illegal hacker.
Companies should thoroughly assess the qualifications and background of any Ethical Hacker they are considering hiring. This individual will be privy to highly sensitive information. Total honesty and integrity is of the utmost importance.
- Related Videos
- Related Articles
- Ask / Related Q&A
10 Points to keep your network secure and safe from hackers and viruses
By: seo ssl | 14/11/2009This articles is keen to provide information about Secure your online transaction from hackers and viruses. Know about how to protect online portal with SSL certificates from hackers.
Enabling a safer internet
By: MFrizzi | 13/11/2009The positive approach to web security a safer internet: the positive approach to web security One newly infected webpage is discovered every 4.5 seconds.
Free yourself to do more, while securing your business simply and cost-effectively
By: MFrizzi | 13/11/2009In tough economic times, with tightened budgets and heightened competition, it’s vital for businesses to secure their systems and data against a growing field of threats. However, implementing and maintaining full-spectrum protection can be a heavy drain on financial and human resources if not done right. A more efficient approach to security means that resources – both human and physical – are freed up to improve and expand other areas. The end result is your business becomes more efficient, f
The enemy within: Stop students from bypassing your defenses
By: MFrizzi | 13/11/2009Computer literate K-12 students regularly use anonymizing proxies to bypass their school’s web filters to access pornography, social networking, and other blocked websites. This is a major security flaw because most infected networks are first exposed via the web. Moreover, it has serious legal ramifications for schools that are not in compliance with state and federal laws. However, reputation and real-time detection can automatically identify and block anonymizing proxies. This white paper dis
Virus.Win32.Sality—How to Get Virus.Win32.Sality out of Your PC?
By: Emma Qiu | 13/11/2009With the rapid development of computer technology, more and more computer users become the victims of computer virus. Except replicating itself, virus can also make a computer break down through infecting the entire documents on it. Today we would like to talk about this virus-- Virus.Win32.Sality and the methods for resolving it.
Spyware—How to Get Rid of Spyware Successfully
By: Emma Qiu | 13/11/2009You may install spyware by yourself! Do you feel strange about this saying? Do you believe that some one will install virus on his own computer? But the fact is when you download free songs, movies or applications, unknown spyware have sneak into your computer and start to collect your private information.
Spyware – How to Remove Spyware from Your Computer
By: Emma Qiu | 13/11/2009Spyware can sneak into your computer without you knowing and install the “back door” on your PC. If you do not think it is a big question, then your PC probably will be attacked by internet hackers in a short time. We know that spyware can collect or steal our private information and then transfer it to the third party, who may be the spyware maker or the nasty hackers.
How to Protect Your Computer Security -Spyware Cease help you!
By: Emma Qiu | 13/11/2009Have you ever been plagued with continual error messages while surfing the net? Are you annoyed with constant computer freezing or crashing occasionally? Are you still worrying about the slow running of your PC? Want to figure these problems out, right?
What is Ethical Hacking?
By: Paul Walsh | 20/11/2007 | SecurityHow can 'ethical' and 'hacking' be used in the same sentence? The ultimate white hat hero, an ethical hacker can save the day before a nightmare ever has a chance to start.
The Basics of Network Security
By: Paul Walsh | 20/11/2007 | SecurityHackers are smart. But a solid network security policy is even smarter. Learn the basics of keeping your network safe and secure.
Penetration Testing - Which Standard to Use?
By: Paul Walsh | 20/11/2007 | SecurityThink you've outsmarted hackers by doing routine penetration tests of your system? Maybe. Maybe not. It all depends on the penetration test standards you use. Which standard is best for your network?