This article was previously published in the Law Times on May 30, 2011[space height=”2″]
In early April, a few law firms in Toronto had their systems compromised by an overseas hacker. Networks were left open and data was either replaced, modified or, worst of all, stolen.
Then in May, Sony Corp. announced that its PlayStation network experienced a breach of customer information that resulted in third parties obtaining it. Imagine having your case files compromised and all of your hard work for your clients left open.
In the field of information technology, network security consists of provisions and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification, and denial of the computer network and resources.
Security is a very important aspect of a computer network. Minor instances of security vulnerability can result in a heavy loss of critical data.
Keeping the computer on a well-secured network is a big responsibility for IT managers. There are many measures and prevention methods available to minimize the harm from a threat and also prevent a major attack.
Typically, a computer network can suffer an attack through a number of ways such as viruses, tunnelling, hacking, and cryptography attacks.
Prevention is the first step any business should implement. An anti-malware program that includes virus and spyware detection should be updated regularly and scan all of the network devices, e-mails, open ports, servers, and client computers as frequently as possible. Server software should be checked for updates as well.
Windows-based servers, just like systems for home use, get updates. On internal networks, unnecessary network-shared drives should be controlled, user accounts that are no longer in use should be purged, and wireless access points should be encrypted to the extent that the password to get onto them is hard to guess.
At the same time, companies should impose restrictions on access to the network so systems are used for business rather than personal tasks.
The law firm attack revealed in April started with a simple virus program. It was an undetectable program that embedded itself into the Windows computer system. A computer virus is a small program or an executable code that, when executed and replicated, sometimes performs a harmful function on a computer.
The attack in April was twofold: a domain name system redirection and an intrusion on networks to gain access to data. A virus can destroy information stored on the network and consume memory on a computer while destroying the overall performance of the system.
A Trojan, a form of a virus, can destroy a system’s critical data and also open access to it so hackers can obtain information.
A firewall helps control the flow of data traffic in and out of a network.
These devices are a frontline defence for any network. These should be checked and configured properly to ensure software applications can access network drives and limit outside data access.
Ensuring employees have access only to the resources needed to do their jobs and nothing else will help protect a network. It’s also possible to configure firewalls to block non-business-related web sites. Make sure there are no open or forwarded ports that aren’t required and eliminate those that don’t provide access needed for the business.
Having strong passwords that are hard to guess will also help ensure local security. Passwords should be unrecognizable, which means no phone numbers, birth dates, pet names, words that occur in a dictionary or people’s names.
A strong password will have upper- and lower-case letters, a number, and, if the system allows, a punctuation mark.
In addition, don’t let multiple people use the same username and password combination. All employees should have a unique account and password that they must change frequently.
Another important note is to make sure that updated anti-virus and anti-malware protection is installed and running on every machine. If people can log on remotely, ensure the off-site computers are also protected.
There’s a lot of malicious software that goes unnoticed because it doesn’t actually harm the system it’s on; instead, it captures every keystroke the user types and sends it to the potential hacker.
Having regular backups is important, but that won’t protect you from hackers. However, if a hacker damages data or your computers, backups let you get running again quickly.
Also, keep the backups in a secure location because someone with access to them can get all of the information on them, including things like client information and even system passwords.
To stay secure and safe while working online, it’s important to do research on materials before clicking, opening or installing them.
A simple Internet search can always provide details on something new. Always ask your IT professional before installing anything onto a work computer. It’s always best to be safe than sorry.