Computer and network security is a topic that garners universal recognition for its importance. However, the realm of computer security is vast and diverse, leading to varying opinions regarding the best practices and solutions. Surprisingly, there is unanimous consensus on the most effective strategy for safeguarding your computer in today’s digital age: Abstain from computer usage entirely.
Regrettably, avoiding computer usage is not a viable option for most individuals. Consequently, we’ve conducted an investigation to uncover the security measures that computer security professionals implement to protect their own devices. Given the importance of maintaining a level of secrecy about security practices, we’ve gathered insights from top experts in the field. Becoming a proficient computer security professional requires years of learning, but there are valuable lessons we can glean from these experts.
Take online security seriously and respond quickly
News outlets were abuzz with the recent revelation of a data breach at Panera Bread. An article on medium.com exposed the company for failing to address a significant user data breach that lasted for eight months. During this breach, anyone could access customers’ full names, addresses, dietary preferences, and email addresses. Shockingly, Panera Bread’s IT team failed to resolve the issue, and their leadership did not adequately address the problem when it was brought to their attention. This incident serves as a stark reminder of the critical importance of digital security.
In today’s digital landscape, taking digital security seriously is paramount, whether you consider the implications for public relations, data security, or overall productivity. Just as you wouldn’t leave your car running in a parking lot while you step away for half an hour, you should not leave your (and potentially your customers’) data vulnerable online.
Update your software — now, not later!
The consensus opinion about the importance of software updates is quite simple yet often overlooked. Many of us have been guilty of clicking “Remind me Later” when prompted to update a program. However, there’s a crucial reason why software updates exist: the dedicated team of expert programmers behind the software releases these updates to patch various issues. Often, these updates address security vulnerabilities or other weaknesses in the program that could pose a risk to your system.
To ensure your digital security, it’s advisable to take a proactive approach to software updates. Instead of postponing them, take the time to read the release notes and understand what the update aims to fix. Additionally, consider checking online forums to see what other users are saying about the risks associated with the update. If you’re running an outdated version, carefully evaluate whether updating to the latest version is the best course of action, considering potential vulnerabilities in your current version.
A notable example is when security experts discovered a flaw in High Sierra. While avoiding an immediate update might seem like a way to avoid potential issues, it’s essential to stay informed by checking the news and expert insights. Ultimately, keeping your software and systems up to date is one of the most effective ways to maintain the security of your computer and network, even if it can be somewhat inconvenient.
Be miserly with your permissions!
Every CompSec pro is privy to the basic, fundamental rule of network security: The Principle of Least Privilege, which basically asks “how few permissions can you give each user?” Yeah, needing to ask your IT team to turn on your speakers because of insufficient permissions is incredibly annoying — no one knows better than the IT team. But by keeping everyone’s permissions as restricted as possible, you minimize potential problems, including your own.
Imagine your network like a house and a hack like a break-in.
Example 1: You have valuables in every room of the house, but there are no doors to those rooms. Whether a thief breaks in through the window, the garage, or by picking the front door, they can get at everything by breaking in once.
Example 2: Every room in the house has a locked door, and all valuables are placed inside safes. If our thief gets into one room, they can’t get to the hallway and into another room, and they might not even get anything out of that room.
Obviously, it seems a little paranoid to live that way. But, let’s face it, CompSec pros are a little paranoid. Keep your “rooms” locked, put your valuables in a safe place, and when you throw a party, close it all up. In other words, administer your network with multiple user permission levels and restrict accesses carefully, based on how few permissions can be doled out.
Prepare for the worst: Do your backups
Working in the digital age, one of the most alarming aspects is the possibility of losing all your files the next time you power on your computer. Numerous threats, from ransomware attacks that hold your data hostage to environmental disasters or theft, can result in data loss. Are you prepared for such a scenario?
One effective measure to mitigate most data loss risks is to regularly back up your essential files and store those backups in a geographically separate location from your primary hard drive. While there’s much to learn about computer and network security, knowing how to recover stolen, lost, or compromised files is essential and relatively straightforward.
Updating software, creating data backups, and implementing access restrictions are three critical steps that could potentially save you and your company countless hours and significant financial losses. However, it’s crucial to ask whether you and your network security team fully understand your company’s security policies. These tips only scratch the surface of computer and network security, but building strong security practices begins with asking questions and seeking answers.
One final piece of advice: If you ever doubt whether your company or team is doing enough in terms of security measures, remember that most network security professionals admit that they could be doing more to secure their personal computers. There’s always room for improvement, so take the first step today!
