The Department of Homeland Security recently suggested that there are 7 mitigation strategies that can prevent 85% of targeted attacks. While I prefer to call them the 7 deadly sins, I really can’t since there is no mention of pizza in any of them (and fans of Jimmy Buffet will get that reference.)
While most people may think “Well, that will never happen to me” or “I really don’t need to follow those because I’m not a large corporation, it’s just little old me”, but there are some here that pertain to individuals as much as it does to corporate policy and safe security practices.
- Patch Applications and operating system – You know those really annoying java and Adobe messages that keep popping up on your computer saying there is an update, or Windows has updates that need to be patched? You should pay attention to them. Most attacks happen through vulnerabilities that are years old, in some cases, the fix has been available for 3 or 4 years. If everyone kept their systems patch, at home and work, the bad guys would have less opportunities to deploy their code.
- Application Whitelisting – while this isn’t particularly something that home users can do, it is done by a lot of companies. Basically, you are telling the operating system what programs can run without bothering the user. For instance, MS Word would be a whitelisted application. For some companies, programs such as DrobBox are blacklisted, because these can be used to move sensitive data out of the building, and over 50% of breaches are a result of data loss from insiders. But for the home user, this means regularly reviewing the programs that are installed on your computer. If you don’t know what it is, Google it! You will find a lot of information that way. The reason I bring this up is because there are a lot of programs out there that install other programs “behind the scenes” without your knowledge. A lot of these are considered malware and are more of a nuisance than a threat, but depending on where you get the program you are installing from, it could be installing back doors, or opening a window to let the bad guys in.
- Restrict Administrative Privileges – This is something that more and more companies are adopting, and home users can do the same. For instance, if you have an admin account on your computer, and you create a regular user account for everyday use, being able to install programs will be limited. And although this might seem like a hassle, it makes you take a close look at what you are installing. It could stop the installation of unwanted programs and keep your computer running clean, efficient and safe.
- Network Segmentation and Segregation into Security Zones – This is not something the home user or small business would do, or even understand, but it’s worth mentioning. If you work at home for yourself, there are ways to isolate your work making it harder for others to see and steal. It doesn’t go quite as far as this initiative suggests, but has the same impact.
- Input Validation – This falls into the same class as number 4 above. Not really applicable to home users. But, if you use the web extensively, knowing what information you are putting into particular fields on a web page can make a big difference. Vigilance is the key here.
- File Reputation – This is a way to verify that files have not changed on your system without you knowing about it. Some anti-virus and anti-malware products do this, so regardless of what you are reading about them not being necessary any more is just not true. Yes, there are other ways to get into your system that they don’t protect against, but they can stop a large portion of unwanted changes.
- Understanding Firewalls – Understanding firewalls is something that security folks and network designers need to know in great detail. However, it is a good idea for home users to understand the functions of firewalls, and the different types. While Comcast or Verizon may call their routers firewalls (and some of them do perform some firewall functions), the should not be confused with business or enterprise level firewalls. In my travels, I can’t tell you how many times I’ve found a consumer firewall that still has the default id’s and password (which are easy to find if you Google Comcast Firewall Default ID, they are all documented all over the web) or open firewalls in businesses that would allow me to make changes to their configuration with my phone. I’m not going to go into much detail here, I’ll save the firewall discussion for another post. Suffice it to say, if all you have is a Comcast router between you and the Internet, and there is sensitive data behind that connection (we all have it, bank statements, quicken or quickbooks applications, etc.) you should not be comfortable that your network is secure.
This has gotten longer than I expected, so going to stop here. Remember, Homeland Security is not just for large organizations, they are looking out for the little guys, too. And I hope I’ve explained some of the steps you can use for safe computing.
John Carney, President and Chief Technology Therapist at Carney Consulting LLC can be reached at 484-228-8284 or visit his website at www.carneyconsulting.com