I receive a number of queries about security from administrators and users every month, and many of these questions have links to all sorts of security issues that have occurred recently-everything from National Security Agency (NSA) spying to the Target security breach (incidentally, a number of other businesses have been attacked in the same manner). The fact of the matter is that books such as Administering Windows Server 2008 Server Core, Microsoft Windows Command Line Administration Instant Reference, and Windows 8 for Dummies Quick Reference have been telling you all along that security is a matter of vigilance-that software will never do the job alone. Even so, readers keep sending requests for some sort of magic bullet that will allay all their fears and make the task of security automatic.
Maintaining a reasonably secure system is a matter of observing personal, data, and system-wide best practices. Many other authors have listed these best practices in the past, but here are some of the techniques that people fail to use most often:
- Use complex passwords that are easy to remember so you don’t need to write them down-consider using a passphrase whenever possible.
- Change your password reasonably often and don’t rely on the same set of passwords all the time.
- Keep your passwords secret so that no one else can abuse them.
- Encrypt your data.
- Perform local data backups regularly.
- Ensure your applications remain updated with the latest security fixes.
- Update your system as needed to ensure it provides a full set of modern security features.
- Install security applications that check the incoming and outgoing flow of data, and block anything that looks remotely dangerous.
- Check your system regularly for any files, folders, software, or other items that look out of place.
This list doesn’t even include some of the common user foibles, such as opening e-mail from parties they don’t know. In addition, none of these techniques are automated. You have to perform the manually in order to get the benefits they provide. Yes, it’s true that some of the techniques are automated once you start them, but you still have to start them. For example, installing security software will automatically monitor the data flow on your system, but you still have to install the security software manually.
Even with all of these security measures in place, someone who is truly determined can break into your system. You should simply count on it happening at some point, even if you’re incredibly careful. When a security breach does occur, you need to have a contingency plan in place.
Any good contingency plan will include a method of evaluating the damage caused by the security breach. You need to know just what was compromised and what the fallout of the compromise will be. Make sure that you are open and honest with your customers at this time as failure to do so can lead to other consequences. Silencing employees who speak out is even worse – you don’t want to juggle a legal fight with a whistleblower lawyer at the same time as cleaning up a data breach – so remain open to conversation at this time. Even individuals experience fallout from security breaches, such as identity theft. Once the damage is evaluated, you need a method for fixing the problems it has caused. In some cases, you may actually have to format the drive and start from scratch, which is where that data backup is going to become critical.
There is no magic bullet when it comes to security. Over the years I’ve searched, in vain, for a magic bullet and it isn’t even possible to conceive of one. Therefore, it’s the user and administrator who are best prepared for the eventuality of spying and security breaches that are in the best position to handle it later. Let me know your thoughts on security at John@JohnMuellerBooks.com.