Identity Theft and Phishing is rampant these days! I’m sure you’ve received numerous emails from your long lost deceased Uncle Bob’s attorney who just happens to be managing the distribution of his estate and wants to send you 3.4 million dollars.

These days its important to be watching out for more than just suspicious emails. Because your computer most likely contains information such as passwords, banking account information, birthdays, etc. you should protect all access to your computer as well. You need to “harden” your operating system. Putting your operating system (Linux, Windows, etc.) through the school of hard knocks will ensure that it is closed to unauthorized access.

Completing a Google search for “windows xp hardening tips” turns up close to 1 million results. There are a ton of great solutions to harden (increase security) for your operating system. As I use Windows XP and Ubuntu the below tips are most relevant to users of those operating systems, though there is a lot of overlap from one operating system to another. While there is a plethora of different techniques, I’ve found that the following five techniques provides enough security to protect the average users computer. If you are hosting top level government secrets on your computer you’ll probably need to implement some extra security steps, but for the average home/business computer user these five steps will secure your computer sufficiently.

1. Always use a NON-ADMINISTRATOR account. Your computer will allow you to make a whole slew of extra security errors if you are logged in as an administrator. Change the administrator account so that the password is extra difficult and also ensure that the account is not named “administrator” or “admin”. Only use this account for necessary installation, etc. and then log back into a non-administrator account immediately thereafter.
2. Ensure strong password compliance. Use only passwords that are rated “100%” by The Password Meter in their password strength checker (http://www.passwordmeter.com/). To achieve this level of strength your password will most likely need Continue Reading »

Virus attacks are increasing in prevalence. Data/Identity theft is rampant. Computer crimes are becoming the preferred vehicle for white collar criminals.

But no worries… you sleep well at night because you’ve got anti virus software on all your workplace computers. You’ve installed firewall blockades at each point of network entry. You’ve even implemented policies requiring all of your employees to log off their workstations if they step away from their desks.

According to John Johnson, Security Focus contributor, you are sleeping on a bed of nails. In his article “Fortifying My Doghouse While Thieves Steal My Computer” he introduces several pivotal points of systems security analysis that infer such a good nights rest might not be granted… yet.

Systems Security Analysis

Step One:
Identify assets and the impact of their loss. If a computer is stolen are you just loosing the $500 it will cost to replace it or are you loosing more than that? Is their customer information stored therein? Is it private information that could be used in identity theft? Are you looking at multiple lawsuits for loosing such information? The point of this step is to get a good grasp on the true value of each asset. Go ahead and actually list out your assets and categorize them (as suggested by Johnson in his article) as either data, hardware, software, facilities, documentation, personnel or operations.

Step Two:
Develop security processes.Vital to this step is to engrave in your mind the following idea… “Security is a process, not a goal or the blame for not implementing enough protection.” One of the biggest mistakes you can make is to assume Continue Reading »