Security, what is it? well, it is our way of keeping safe against harm.

Security can be against external or internal threats. There are companies that have very secret information, that should stay internally without getting public and leaking outside, so they take measures to keep the information internal and prevent it from leaking outside by following certain security protocols. The same idea is being taken in order to prevent external access to that delicate secret information.

The main issue with security is that many resources need to be shared, some need external access to reach the internet or another resource of information on external servers. Since there are programs running on both sides, which gain different access privileges, there is always the risk of exposure. The security technologies need to close all of those risks, by minimizing 

accessibility, using secured protocols and exposing only the data that we have to expose, so we will reduce risk to a minimum.

The best way to secure everything is to only work locally and of course in a very secured facility that no one is allowed to exit or enter the facility 🙂 ha ha ha – that sounds far fetched, so if there are people there, they will not see daylight until they die. Since this is a nice thought but not really doable, we have to understand that we need to take some risk in order to function properly, and sharing info is part of using computers, so there is some risk involved.

The fact that there is some risk to it all, means we need to secure those risks and try and reduce to minimize the exposure risk. That is why we have security technologies, to help us achieve that goal.

Now, I will try and go over some of the security technologies that are being used and available today, as far as I could find. There are many different types of security techniques and technologies which are being used, and I will probably won’t be able to cover them all, but I am sure you will get some idea of what is out there and what we can use. I am not giving the actual solutions, only the techniques we can use today and there are tools that can be used to perform those techniques.

Securing the network:

We have technologies that enable to secure our network by using these techniques:

1. Monitor and identify secured login– making sure only authorized access is granted.
2. Penetration testing – always perform penetration scenarios, to make sure all aspects are covered and we are still protected. This also assists in discovering holes, a breach or changes in regular mechanisms (like if a hacker has changed something, like some code in one of the systems that enable him access or pull out info).
3. There are tools that give you managed and controlled supervised solution on what goes where and what comes in, mostly based on a web monitoring system that can be securely accessed from anywhere, or if we choose only internally. Those mechanisms can identify changes and close them to tighten security.
4. Anti-virus tools can keep threats quarantined or eliminated, so they won’t be used by those who sent them to gain information on our system or harm our system.
5. There are many different firewalls that can guard our WAN/LAN networks from harm. Those firewalls maintain the traffic we allow or disallow between branches, or on internet access. They are the WALL that keeps us safe and they are getting more sophisticated and more secured which makes them harder to breach.
6. There are intrusion detection and prevention tools which provide comprehensive safety against threats that might arise.
7. There are security tools that supervise downloads and application installations. This prevents people from downloading harmful and unauthorized software and installing them on our system.
8. E-mails are a real big threat if it is unsupervised. There is much spam out there that reaches our mail server, and different e-mails that contain threats. There are security technologies that enable mail supervision and control over harmful e-mails, to either be tagged, quarantined, or destroyed depends on the definitions defined and security policies.
9. There are tools that check and manage vulnerability by using the software as a service (SAAS) approach.
10. Encryption technologies are out there using higher cipher bits, which can lock files and folders, which can guard/block the network secured protocols etc…
11. There are safeguarding tools, that protect boots and secured hard-disks using state of the art encryption using innovative technologies.
12. There are technologies based on intrusion prevention solutions (IPS), which uses snort detection engines that defend corporate networks from continuous attacks, during and after the attacks.
13. The security technology consists of both Software and Hardware solutions. There are many different types of security appliances.

I believe this covers much of what security enables today and you can find some further information within these website links.

http://www.cstl.com/Solutions/Network-Security.asp
http://csrc.nist.gov/
http://www.microsoft.com/security/default.aspx
http://www.amazon.com/Fundamentals-Computer-Security-Technology-Amoroso/dp/0131089293
http://www.peterindia.net/ITSecurity.html
http://www.itsecurity.com/
http://www.cstl.com/CST/
http://en.wikipedia.org/wiki/Information_security

We always want to be in control and some of us have information at home that we might want to be able to access remotely. Accessing the home computer remotely means that you connecting to the internet and want to be able to access your home computer and perform certain operations. Those types of operations have some effect on which tool to use since some of the tools enable a certain type of access and some take control of your own computer, so you could see the same screen of your home computer as if you are standing in front of your computer.

There are certain security measures that need to be understood. When we open access from the outside to our computer we actually open a door for someone (hacker) to access our computer, or to be able to do so. If the door would be closed and shut with a brick of the wall, then it is closed. But if we decide to make an opening, an external person can reach that opening, and might, of course, use it to do some harm, see our materials (in case they are confident – it might be risky) or spy on our actions, and maybe if we do not pay attention to see some important information like when we log-in to our bank account from home or place a credit card number on an online website to purchase something. If your computer is breached all of those actions and more can happen to your home computer.

The remote access tools are being divided to online programs, software programs. The online programs are programs which are using internet technology to enable the remote connection like the LogMeIn, GoToMyPC, TEAMVIEWER, WEBEX PCNOW, some of the support people use WEBEX technique to gain access to your computer, seeing your screen, with your permission of course (you initiate the session) and you can see everything the support person does on your computer. The software programs are tools that open access and enable the end-user (remote person) to take control of your home computer. Some of these programs are TightVNC, RealVNC, Symantec PCAnywhere, LAPLINK and there is a built-in application in Windows XP, called remote desktop (you can run it by typing on the start–>run MSTSC).

Some programs might require you to set a permanent IP (called Static IP), which means that you will need to ask your ISP for a permanent IP to your computer. The ISP will give you an IP, and you will need to configure your home computer’s firewall NAT (network address translation) which means you will have an internal IP translated to the IP the ISP gave you. The only IP a remote person (or anyone outside of your home) will be the ISP IP, which protects your internal IP (no one will know what your internal IP is they will only know the external IP that you set on your home computer firewall. That IP directs to your computer, and so there is a way to access it, with the correct tools, and of course only by knowing the access password.