Tuesday, August 23, 2011

Security

Working with users, I am never at a loss for subjects for new posts, and will welcome comments on this one: Security.


At the outset, let me say I don't even trust the so-called experts, and conspiracy theorists, on security.    If there were that many true experts on security, we would have few failures.    So, what to do!   Simple:


NEVER EXPOSE ANY OF YOUR SENSITIVE DATA IN THE FIRST  PLACE!!


That might not be entirely possible, but it is a good objective for computers and everything else.   The big exposures are credit cards,  Social Security numbers, and the like, and not computers per se.     Shopping in stores is where you need to be careful.


However, as always with changes and with what is new, there are always new fears.   Also, it is not just us seniors who resist change.   Yet changes are making things a lot better for all of us.     If you work individually with users, as I do, you have experienced the need for newer simpler and safer systems and have seen them develop.


The "cloud" is really just a new name for internet, but with programs and data in a safer place than your home computer connected to internet,  especially wirelessly.     Rapidly adopting cloud computing: Microsoft, Apple, Walmart, EMI Industries, (music), Sony, Amazon, Intel, oh, and IBM---you get the idea!!


To be considered protected, data from one user must be segregated from that of another, it must be stored securely at rest and it must be able to more securely from place place.    Newly cloud providers have systems in place to prevent against data leaks or access.   These safeties too often did not exist heretofore.


I believe cloud computing to be a great resource to improve security.   Cloud computers minimize the threat from viruses, keep data more safely, eliminate failure to update, and are free from crashes.     With data in the "cloud", in fewer places,exposure to risk is also minimized.     I keep backup data in more than one place, though.     Suffice it to say that if the cloud computer I am using quits, it is of little concern to me---I just go to another one: all my stuff is there.   I cannot think of why anyone would want to hack into it.


The latest cloud computer apps, which use the web page for an application in the cloud, can be a great step ahead in security.   The new Kindle app is a wonder.     It is in one place, and not on your computer at all.    Way to go, Amazon!!    Better that program and data be in one well-policed central place where quickly updated than exposed to millions of computers.


We all have our money in a bank computer if not under our bed.    Our bank account is just numbers in some computer somewhere.   You can, however, keep accessibility limited.    You should keep paper records somewhere, such as a safe deposit box. I therefore use computers for transactions in a very limited way.     Obviously, it is nearly impossible not to use them nowadays, especially if you are not so mobile.


In theory there is always a loophole somewhere for security, however remote.     There are ways to protect further, thru tunneling and VPN.   You could run a complete virtual operating In system like EyeOS, and so on.    You could route thru a second router.   You could use a Linux computer.   By all means, use these measures if you are concerned.    BUT, wherever possible, just


NEVER EXPOSE ANY OF YOUR SENSITIVE DATA IN THE FIRST  PLACE!!


References:


Why the Cloud is Safer - (Click) - by Simon Crosby, (taught at Cambridge University, England before going into the private sector)


Even Safer with a new dedicated "cloud computer" - (Click).


Safer with an older computer:


Some old tried and true rules for safer computing from Leo Laporte:



1. Don’t open email attachments; even if it’s from someone you know. If you do get something from someone you know, make sure that they really sent it to you. Email attachments are the number one way viruses and trojan horses get into your email. You might also want to turn off HTML email in Outlook and other programs. HTML emails are just as dangerous as rogue web sites, and can spread infections just by previewing them.
2. Don’t click links in email. That link could lead you to a phishing site, or the link may lead you to install malicious software. Copy and paste links into your browser, or type them in by hand instead. Another reason to disable HTML email – the HTML hides the real destination of that seemingly innocuous link.
3. Don’t download files from places you aren’t absolutely sure are safe. Stick with the well known sites. Teeneagers who use filesharing software like BitTorrent, Azureus, Kazaa, Morpheus, Grokster, and Limewire, often unwittingly download spyware and trojans. If you must, quarantine all downloads then scan them a few days later with an updated anti-virus.
4. Update your OS regularly! Turn on automatic updates in OS X and Windows. Apply all critical updates immediately. Criminals often create hacks within 24 hours of Microsoft’s patches (these are called zero day exploits), so you need to protect yourself the day the patches appear.
5. Use a firewall. The best firewall is a hardware router – the kind you use to share an internet connection. Even if they’re not billed as firewalls, they are, and they’re quite effective. I also recommend turning on your operating system’s firewall – even if you have a router – but I don’t recommend third-party software firewalls. They cause more problems than they solve.
6. Never run as an administrator in any operating system. Administrators have way too many priveleges that malicious people/code can take advantage of. Run as a limited user as much as possible. Windows Vista, Linux, and Mac OSX allow you to run a majority of features, but with some additional safety, as a limited user.
...and from Microsoft, if you are paranoid... - (Click)


...and a video on security from Google... - (Click)

















No comments:

Post a Comment