Tuesday, October 04, 2011

Preventing Cybercrime

In the cyber crime world, there is no such thing as a bullet-proof defense. However, the risk of data-loss, unauthorized access, or other undesirable intrusions can be reduced or nearly eliminated by taking some basic precautions. Among them:

1. Ensure that all accounts have unique passwords. All passwords should be difficult to guess. A strong policy is like having a good lock on the front door. Passwords should not be a word found in the dictionary or a given name. Instead, passwords should be made of random upper- and lower-case letters, numbers and symbols. Each password should contain at least 3 of the four, and should be no shorter than eight characters. Passwords should be changed every three months, or if there is any reason to believe that a password has been compromised.

2. Update the network configuration as soon as vulnerabilities become known. Leaving a known vulnerability open is very foolish. Any incorrect or compromised network configuration needs to be corrected immediately, and care taken that new ones don’t arise. Proper change management procedures can mitigate this.

3. Apply upgrades and patches promptly. Applications and operating systems may contain hundreds of thousands, even million of lines of code. Vulnerabilities are discovered all the times. Even a mature, stable, tested and well-written application like QuickBooks 2010 had 13 revisions after its release. Operating systems may be released with hundreds of vulnerabilities that are not discovered until after release. Upgrades and patches must be applied as soon as the vulnerability is discovered and a patch for it released.

4. Check log files regularly to detect and trace intruders. Log files are useful for finding and patching holes, as well as detecting intrusion attempts and unauthorized use escalation. They can be used for mapping problems between account names and security IDs, finding incorrect permissions for performing tasks, problems with trust relationship between the primary domain and trusted domains and errors that may be caused by a number of different problems.

5. Train all employees to identify and avoid cyber crime attacks. Train all users to report any suspected phishing attempts or potential security beaches. Proper training in cyber crime prevention can help users to counter viruses, phishing attacks and computer-based identity theft. Nearly all fraud and identity theft happens at the user level. Proper training makes users aware and prepared.

Training, awareness and preparation can make an enormous difference in avoiding and preventing cyber crime.

1 comment:

Razvan said...

Hi Michael,

I was reading your blog and I was just wondering: is it any source of data containing HIPAA anonymized patient information (such as diagnostics, unstructured medical reports, insurance supported costs etc)? I am doing a phd in data mining, and this would be very useful to build quality of life, screening, prevention or financial models of various diseases.

The reason HIPAA appeared is two folded, one is to protect the sensitive data, and second, to leverage research on the non-sensitive information. As we can read in most of the discussions regarding HIPAA, people only care for the first.

Just an anecdote.. if UK would have enforced HIPAA in 1800s, John Snow wouldn't have been able to correlate the positions of the wells with the outbreak of cholera. Or at least, he won't be able to publish his result.

Thanks,
Razvan

PS
my email address is rp at miravtech.com