The Internet has made the world a much smaller place, but not everyone who utilizes it is neighborly, nice or remotely trustworthy.
Not every computer whiz is working for an upstanding company. Some are using their knowledge purely for their own profit or amusement, at the expense of others.
Case in point: A thief hacks into a CD ordering company’s web site and steals 300,000 credit card numbers. The company is informed of the theft and warned that unless $100,000 in “ransom” is paid, the numbers will be posted on the Internet.
The company doesn’t pay and 25,000 credit card numbers, along with expiration dates and their holders’ names and addresses, appear on the hackers’ web site. Several people are victimized before the site is shut down.
Alicia Clay, program manager for information security at the National Institute of Standards and Technology’s Computer Security Division in Gaithersburg, MD, says many companies are at risk of having confidential information end up in the wrong hands, even if they have hired staff to keep that information secure.
Despite having safeguards in place, “it still comes down to the individual employee,” she says. “If your employees don’t understand what you are doing and why you’re doing it, it can be all for naught.”
An employee might pick a great password or pass phrase, but then leave it posted on a sticky note on his or her computer.
“If you click ‘save the password’ on a software program, it’s just like not having one,” says Clay.
Similarly, if employees are downloading programs from unknown sources or running files on web pages, your company is at risk of a painful security breach.
Clay offers the following safe computing tips to companies:
Use strong passwords, not your name or any word that can be found in a dictionary. Longer is better and a combination of letters, numbers and symbols is recommended. Many programs are set up to accept pass phrases, which are even more secure than passwords.
Back up your important information, saving it early and often. Don’t save back up files in the same room. If fire is a concern, keep backup disks in another building.
Use virus protection software and update it regularly.
Don’t leave computers on-line when you aren’t using them. Shut them off, or disconnect them from the Internet.
Never open e-mail attachments from strangers, or even from people you know, unless you are expecting to receive them. They can be used to introduce nasty viruses into your system.
Use a firewall to stop your computer from “talking out to the Internet” without your permission, or to prevent unauthorized access of your company’s network .
A 2001 Computer Security Institute/FBI survey found 85 per cent of companies and government agencies polled had detected computer security breaches within the past year and 64 per cent experienced financial losses as a direct result. An estimated $378 million in combined losses was reported by 186 respondents.
“If you don’t have any protection and you’re connected to the Internet, you’re wide open (to attack from hackers),” says Clay.
Neil Gleason, sales manager for Securityware in San Diego, CA, says physical theft of computers from workplaces is also a big problem.
“If someone steals a server, that can put a company out of business,” he says, noting thieves can be miles away with a van full of stolen equipment before police respond to a break-in call.
Securityware is one of several companies selling devices to secure computer equipment against theft. These include cables and padlocks and lockdo