Business Security Information

If you are like most businesses, you have more on your plate than you have time to deal with.  Keeping up with all the security issues that face your business can be a daunting task.  One resource that can help you is the new Mozilla Plug-in Checker.  This tool lets you determine which of the computer plug-ins you are currently using are outdated.  While this may not have concerned you before, there is good reason to pay attention to your plug-ins.

GFI has two e-mail security services—MailEdge and MailProtection.  We were given a choice between the two when we registered for a free trial.  We chose GFI MailProtection.  Once we had logged into our account and configured a domain, we were then given, under the Domain Management tab in the Services settings, an option to change from Full (MailProtection) or Edge (MailEdge) protection.  Depending on which one was chosen, additional options were available to configure prior to saving the setting.  The only real difference we noted between GFI MailProtection and GFI MailEdge is that GFI MailProtection also provided virus protection where GFI MailEdge did not.  Both products are marketed to small and medium sized-businesses.

Despite its complicated pronunciation, the word obfuscate merely means is to change, alter, modify, or obscure.  In business, you probably use this more than you think.  On the web, businesses often use URL shortening services which take a long URL (website address) and make it a short one.  These shorter URL’s are then used in an e-mail or instant message, on a blog, or on social media sites such as Facebook.  Twitter is probably one of the most popular places URL shortening (obfuscated URL’s) services are used since you are limited on the number of characters you can put in each tweet.  I have also seen it used in e-books and other informational products that are downloaded off the web.  URL shortening services hide the original and often long URL.

Just last month I wrote an article on “Choosing a Secure Web Browser” after a recent attack using vulnerabilities in the Internet Explorer 6 (IE) web browser.   In that article, I stated that security researchers and some governments were recommending that people change to a different web browser or at least upgrade to IE8 (you can read the full article using the above link).  Just this weekend, a couple of other security researchers announced another vulnerability involving IE web browsers including IE8.  This vulnerability was confirmed on Monday by Microsoft.  The question now is whether to wait for a patch from Microsoft or to change web browsers?  Let’s look at the highlights of the vulnerability to determine the right answer for you and your business.

When you look at the desktops, laptops and other devices in your business, do you realize the number and variety of software applications running on these devices?  Applications include Adobe Reader, Adobe Flash, Microsoft Office, off-the-shelf accounting software, and other similar types of applications.  Beyond these normal applications found on most computers, custom applications may also be used in your business such as credit card processing, accounting or other business-oriented software applications.  Most business owners and managers do not realize the number and variety of applications running on the computers they use.  Studies have shown that businesses spend most of their security efforts updating and securing the computer’s operating systems and not the software applications.

Crimeware is a form of of malware (malicious software) that is  used to attack your computer and/or network.  Crimeware is designed for one purpose which is to facilitate illegal or criminal activity.

This type of software is often used to commit identity theft.  Also, crimeware allows attackers to capture and export sensitive information which they can sell or use to exploit for some other type of financial gain.  Another common type of crimeware includes phishing kits that allow an attacker with little or no technical skill to launch a phishing attack.  This type of crimeware may include website development software, content for the site, and spamming software that will allow the attacker to send out mass e-mails to their phishing targets.

A rootkit is a collection of software programs that contain a variety of tools and allow an attacker root or administrative level access to a computer or network.  Attackers install rootkits usually after having obtained basic user level access to a system, then gaining higher access to the account by using a cracked password or through some other vulnerability on the system which allows them to install software on the system.  Once a rootkit is installed, it allows the attacker to bypass security measures and hide the intrusion.  Rootkits do this by replacing normal operating system components or altering existing system tools or software so as to escape detection.

In security, a Trojan Horse is similar but not the same as it was described in Greek mythology in which the Greeks presented the city of Troy with a wooden horse in which they had hidden their soldiers.  After the Trojan Horse was inside the city and night had fallen, the soldiers emerged from the wooden horse and overtook the city.

In the computer security field, a backdoor is basically a computer program that gives an attacker easy access to a computer system and bypasses security measures that are currently in place.  Computer programmers sometimes install backdoors in the programs they write, but they use the backdoor  to access the program for the purpose of troubleshooting the software.  For this definition, we will limit our discussion to backdoor programs that attackers use.  Backdoors, whether used as a troubleshooting tool or as a means of gaining undetected access to a computer system, are a security risk.

Spyware is a specific form of malware which tracks a person or gathers information about them without their knowledge.  This means that spyware is usually hidden from the user. Software that is installed with the user’s knowledge is not considered spyware.

Spyware can include software that secretly monitors a user’s behavior, but it can also include much more such as collecting personal and account information and e-mail addresses, changing computer settings, installing additional software, and other similar types of activities.  Spyware can be an issue also from the stand point of slowing down your computer and your internet connection speed.