Friday, December 17, 2004

Security challenges of the Internet

Q. What are the security challenges of the Internet? What are the regulatory challenges of the Internet? Explain several types of crimes committed on the internet with respect to online businesses.

Wow this is a really tuff question to answer in just 300 words. I could write a book just on the first question alone, but for the sake of everyone’s sanity I will keep it short.


What are the security challenges of the Internet?

This question should read:
What are the security challenges of protecting your business and home computer systems from evil doers abroad?

You can not secure the internet. It is an uncontrolled environment. You can only security the gateways into and out of your home or business and your internal systems.

A hardware firewall or a NAT router is a good start. Followed by software firewall on your PC with Anti-virus software that is updated daily. Also anti-spyware, web filtering or parental control software should be used, for your self if nothing else. Anti-Spam software or service for email and a good healthy dose of security education on what evil doers are trying to do to your computer and to you.

The biggest challenge is getting people to understand what they are about to be hit with. Once they have been burned, then my life gets easier, because for some reason once they have lost something important on their computer their hearing and understanding all of a sudden becomes very clear and they get it.

A couple of other things on security and the Internet as any business related data or commerce data needs to be encrypted when going ACROSS the Internet.

The common protocol to do this is HTTPS. We talked about that last week. Another method is VPN which can use PPTP or L2TP with IPSEC to encrypt the data in 3DES. These protocols can be Microsoft’s, (which I usually use) or they can be propriety like CISCO or NORTEL’s VPN applications.

One other secure method is Terminal Services which is done by use Remote Desktop application to connect to a Terminal Server. This communication also uses 3DES encryption.

All three Microsoft versions are built into the Windows XP Desktops systems. HTTPS and VPN are in all versions of Windows from Win98 to XP. Remote Desktops is a free download from Microsoft and runs on most all support Microsoft OS to include a pocket PC phone.


What are the regulatory challenges of the Internet?

Keeping the internet unregulated is the biggest challenge. I hope the government doesn’t tax the crap out of the internet. There are so many issues about regulatory stuff being proposed it makes my head spin and eyes pop out! Some of the bills going before congress are just plain stupid nonsense crap. While other bills are much welcomed like the Spyware act, but the government has no way to enforce it, especially when the evil is coming from off shore.

Here is a link for a site about the latest Bills being passed in congress.
http://security.efsnm.com/index.php/weblog/C15/

For links that will make you head spin and eyes pop out there are great reads at the EFF (Electronic Frontier Foundation). They fight for sane tech rights against insane Bills in congress.
http://www.eff.org/


Explain several types of crimes committed on the internet with respect to online businesses.

Information and System Rape is the by far the most common and epidemic. This occurs when spyware gets onto your system and uses it for evil deeds. It is no different than someone going into your house, using it to plot, plan and execute their evilness and they move your cheese. With spying on your PC the evil doer can take your banking information, credit card, personal identify theft, while leaving you holding the bag to pay the bills.

One more common ways is PHISHING via email or web site to trick the user into giving freely their account information. For more on PHISHING you can check out this web site.
http://security.efsnm.com/index.php/weblog/C14/

No comments: