Servers and other electronic, magnetic, and wireless equipment emit and are affected by electromagnetic radiation. This gives rise to three potentially serious problems: snooping, interference, and electromagnetic pulse (EMP) susceptibility. Fortunately, all three problems can be easily mitigated with a faraday cage. The idea is that surrounding your equipment on all sides with a grounded metal cage that conducts electricity essentially shields the equipment from electrical energy. As long as the equipment doesn't touch the cage, wireless signals are prevented from getting in or out. Cages can also double as locked structures to keep unauthorized personnel away from sensitive equipment.
Pete Cortez, Technical Instructor with New Horizons Computer Learning Centers of San Antonio, was recently recognized by EC-Council, a leading international certification body in information security, as one of the top three instructors in North America with the Circle of Excellence award. 2014 marks the eighth time Pete has been recognized by EC-Council for outstanding performance.
Businesses have had to cope with an increasing number of cyberattacks in recent months, bringing cybersecurity and data loss prevention solutions into the spotlight. In a blog post written last week, Microsoft partner and CGI vice president of global cybersecurity John Proctor expressed the need for companies to employ identity and access management techniques. IAM allows for enterprises to keep better track of who is accessing important business information and grant system permissions on a more discerning basis.
A common way to verify users who have forgotten their password is to have them pick answers to "secret questions." If you're designing a website, you may want to avoid some of the common pitfalls found in secret question designs. Otherwise, you risk not only annoying your users, but also compromising their data.
A Problematic Shortage
It seems like there is a new cyberthreat announced every day, and that may actually be the case. According to security services provider Symantec, last year saw a 62 percent increase in data breaches, and 2.5 billion records have been exposed in malicious incidents over the past five years. This may be due to the worsening shortage of IT security professionals which, according to estimates from Cisco, has reached one million people.
Whether you think of Edward Snowden as a hero or a traitor, one thing's clear: It's critical to protect your own organization's data, so you may want to learn what the NSA did wrong that allowed Snowden to gather and disseminate top secret information. According to various reports (e.g., www.nytimes.com/2014/02/09/us/snowden-used-low-cost-tool-to-best-nsa.html?_r=0), Snowden used web crawler software to scrape the classified secrets he wanted. Amazingly, he was caught with this software, but no effective action was taken, even though he was confronted a few times about his activities. Being a contractor at a facility that was last to get state-of-the-art security measures implemented, he was able to fall through the cracks. Afterwards, it was found that the software he used to glean information contained saved settings to scan for various forms of top-secret information.
Holding down an IT career may now mean much different things than it has in past years. For example, CIO.com's Tom Kaneshige reported on a recent survey by TEKsystems, which found that 35 percent of IT leaders and 25 percent of general professionals aren't sure if their company's bring-your-own-device policy is actually in-step with data privacy and protection rules. Half of the respondents believe 25 percent or more of their sensitive data is at risk due to end users having access to it through their devices, something which he believes paints a disturbing picture of BYOD's effect on the state of the IT industry.
For security, you may want to limit the number of computers that can be connected to a given portion of the network. If there are too many, this may indicate that there are connections that don't belong there. Accordingly, the following command limits the number of MAC addresses that can be connected to a given interface (for example, in this case it limits the port to 10 addresses):
If you are in charge of computers open to the public or accessed by employees with a high turnover rate, you want to set the supervisor BIOS passwords on all computers to prevent users from modifying the most basic computer settings. By setting the password, you are also preventing hackers, vandals, and departing employees from setting the password and locking you out of the BIOS. Once you set the password, you must remember it or face the difficult challenge of working around a built-in security feature.