As the number of broadband users increases, the ripple effect of any security vulnerability becomes much greater. Combine that with a wide array of new virtual threats, and you have a much more susceptible IT environment, said David Redekop, co-founder of Nerds On-Site, a kind of brain trust for assisting enterprises and individual consumers with IT products and concepts.
“We used to have reasonably big windows when a security vulnerability was discovered,” he said. “We would find out about it and say, ‘That’s a bit of risk for our customers. We should plan on patching that system.’ As the number of broadband users—and potentially malicious users—grows, those windows are getting smaller and smaller.”
Although it used to be acceptable to employ a reactive, patch-as-you-go strategy, information security professionals have to take more preventative measures today. “You can no longer assume that you’re going to get a warning, and you can patch it and then you’re safe,” Redekop said. “You have to assume that by the time you’ve been warned, that particular exploit has been tested on your network by some zombie or some hacker. All of a sudden, we have to put big fences around our (network), and additional fences just in case there are some holes we weren’t aware of.”
Redekop recommends using reverse firewalls to cut down on spam and prevent malware from slipping in and out through back doors. “A reverse firewall virtually inspects any computer’s outbound request,” he said. “Spam is sent out by some piece of spyware on the users’ computers that helps the spammers’ cause by sending out masses of e-mails. A reverse firewall implementation (ensures) computers on a network can only send mail through a server, which inspects for viruses and spam. It’s an easy implementation, and it can be done on any professional-grade router.”
Users also need to be aware of the vulnerability of information sent through wireless networks or in public hot spots. Part of the problem is that more than 90 percent of users still use clear-text e-mail in all situations, Redekop said. Hackers use Cain-and-Abel programs to pick up traffic in exposed areas like this, and can intercept user names and passwords relatively easily. To avoid compromising sensitive information, he suggests using at least some level of encryption to send and receive e-mail.
For more information, see http://www.nerdsonsite.us.