At Microsoft's information security and privacy center, thousands of system security reports have been researched each year. In some cases, the resulting safety level of the system comes from defects in the product. This means that there will be a bug fix that will be fixed shortly afterwards to fix the problem. In some cases, problems are reported as simple results due to someone else's mistake in using the product. But there are many cases that do not fall into these two cases. These are real information security issues, but these problems are not caused by the shortcomings of the product. Over the years, a list of such issues has been developed called " Ten key principles of safety and security & nbsp;
Do not keep your system active while waiting for a new bug fix, which should protect you from the issues that we give below. These errors can not be fixed by Microsoft - or any software manufacturer, because they are created by the way computers work. But do not lose hope - it's up to you to take care of these errors, and if you keep them in your mind, you can dramatically improve your security. & nbsp;
Rule # 1: If someone can persuade you to run his program on your computer, it will no longer be your computer. & nbsp;
It is a pity of the computer system: when a computer program runs, it performs the programmed work, even if the programmed part is dangerous to the computer system. . When you select a program, you are deciding to turn on computer control mode for that program. When a program runs, it can do anything, including the tasks that you can do with the system. It can control your buttons, get information and send them to a website. It can open any document on the system, and change them with the word "will" to "no" in all of them. It can also send a nasty email to your friends or you can install a virus program, create a "side door" based on it, another person can control your computer remotely.
That's why it's so important to run, even download a program from an untrusted source. "Resources", here I want to say to the writer it, not the person who gave it to you. There is an interesting analysis between running a program and eating a sandwich. If a stranger comes to you and gives you a sandwich, do you eat it? probably not. If your best friend gave you that cake, maybe you would eat, you probably would not, - it depends on whether she made it or found it on the street. Choosing to use a program is just like you with a sandwich, which will help keep you safe with your computer system. & nbsp;
Rule # 2: If someone can modify the operating system on your computer, it will no longer be your computer. & nbsp;
In general, the operating system is just a set of numbers 1 and 0, when translated by the processor. Changing the numbers 1 and 0, it will make something else go. Where do these numbers 1 and 0 are saved? Why, on the computer system, the order of numbers always goes with everything else. They are just files, and if someone else can use the system and be able to change those files, that means your system is dead.
To understand why, look at the operating system as files between the components that are authenticated on the computer, and they run, generally, with high priority. This means they can do almost anything. Among other things, they are authenticated to manage user accounts, control password changes, and create rules Controls who manipulates the computer. If someone can change them, the system will no longer function properly and obey his actions, and nothing will stop him from interfering with the system. He can steal passwords, give him administrator privileges, or add new functionality to the operating system. To prevent this type of attack, make sure that the file system is protected the best.
Rule # 3: If someone has unlimited physical access to your computer. It will no longer be your computer. & nbsp;
Everything that someone can do if he can put his arm on your computer.
He can manage the security system, and damage your computer with his destructive work. & nbsp;
He can remove the computer, knock it out of your control, and keep it with his requirements & nbsp;
He can boot the computer from a floppy disk, and reformat your hard disk. But wait, you're supposed to say, I have configured the BIOS on my computer with password protection when I boot the computer. This does not mean, if he can open in this case and get to your computer, he can just change the BIOS chip. (There are actually a lot easier ways.) & nbsp;
He can remove the hard drive from your computer, plug it into his computer and read it. & nbsp;
He can make a copy of your hard drive, then he will have enough time to do all his intentions before sabotaging your system, such as trying to find a password, which Existing programs are made according to the caching algorithm that will automatically do that. Having enough time will help him succeed. & nbsp;
He can add a small chip to your keyboard, he can now control everything you type, including your password. & nbsp;
Always make sure that a computer is physically protected, and keep in mind that the value of the system includes not only the value of the hardware itself, but also the value of the data on it, and the price. Access to your network that a stranger can access. At a minimum, important commercial systems such as domain controllers, database servers and print servers or file servers should be locked. Allows the administrator to maintain and access the administrator. But you might consider better protecting your system with the added protection for each system.
If you move with a handheld computer, it is probably safe to protect it. The same functionality that makes the small handheld computer in size, lightweight in terms of volume ... also makes them more vulnerable to theft. There are a variety of protection options, such as lock types and alarm bells for handheld devices, and some models let you take your hard drive out of your computer and carry it around. You can also use functions such as encrypting system files to reduce the risk of someone stealing a computer. But the only surefire way to keep your data safe and your hard drive from being damaged is to keep your handheld computer going all the way around you. & nbsp;
Rule # 4: If you allow someone to push the program to your website. It will no longer be your website. & nbsp;
This is based on Rule 1, in which someone uses the tricks to reach the victim while downloading malicious programs on his system and running it. In this case, he will push the malicious program to the system and run it. There are many people who manage their websites too favorably with their customers, and allow visitors to push their programs to the site and run them. This can lead to compromised systems. & nbsp;
If you manage a website, you have to limit what your visitors can do. You should only allow a program on your site to run if you write it yourself, or if you trust the developer to write the program. But that still may not be enough. If your wesite is one of a few machines that are addressed on a shared resource server, you need to be very careful. If one person can negotiate with one of the sites on the server, it can help him extend his control to the server, which he can control every site on it, including you. . If you are on a shared server, it is important to find out what the server's admin policies are. & nbsp;
Rule # 5: Passwords that are easy to read can damage the security system & nbsp;
The purpose of logging in is to know who you are. Initially, the operating system knows who you are, it can allow you to access resources or refuse. If someone learns your password, he can log in as you do. In fact, if he succeeds, the system will consider him a friend. Anything you can do with the system, he can do the same. You probably have more online rights than you and you can do things that he normally can not do. Or maybe he just wanted to do something malicious or threaten you. In any case, it is best to protect your password. & nbsp;
Always use a password, and choose a complex password. Do not use your animal name, wedding date, or the name of your favorite local team. And do not use the word "password" as the password. Passwords should be created by having uppercase and lowercase characters in no order, so use numbers, periods, and ... and generate a password of sufficient length, And remember to change your password frequently. Do not write your password on paper, or anywhere for easy remembering. Do not tell anyone what your password is.
Finally, consider using something longer than your password to identify yourself with the system. You may also want modern products like fingerprint identification, and iris scanning to replace traditional passwords. & nbsp;
Rule # 6: A security system is just as trustworthy as an administrator & nbsp;
Every computer must have an administrator: someone who can install software programs, configure the operating system, add and manage user accounts, set security policies, and Controlling operations is linked to keeping the computer running smoothly. By definition, these operations require him to have full control over the system. This puts the administrator in a very important position with the system. Having an untrusted administrator can completely eliminate the security protections that you have created. You can change the permissions on your system, fix system security policies, install malicious programs into the system, add bogus users to the system or do anything with system. He can damage the virtual system and protect the operating system, because he controls it. If you have an unreliable administrator, you may not have security. & nbsp;
When hiring a system administrator, take a look at the trustee's position, and only those with credibility. Call his colleagues, ask them about his previous work, especially anything related to security, even if it's just a small thing. If appropriate for your organization, you can consider step by step with him when stepping into the corporate security environment. & nbsp;
Next, create the steps to make the system more honest. Use the login panel to capture who is in the admin state. Diversify management operations to the fullest extent possible, such as minimizing the features that each administrator has. Also, do not use the Admin account, instead giving each administrator a separate account with administrator rights, so you can see who is doing what according to his workflow. The more administrators you have, the less security you have. & nbsp;
Rule # 7: Data is encrypted only as a decryption key & nbsp;
Suppose you put some of the biggest, most powerful, and most secure system in the world for your system, but you have to put the code to open that system. How strong it really is, depends on the key to the locking system. If the key is too simple with the protected system, the thief can find it. So he had everything to open the door. Encrypted data is only as secure as the key to decrypt it. & nbsp;
Many operating systems and encryption software products give you an option to see how much code is stored on your computer. The advantage of this method is that you do not have to manually lock the key, but this does mean that you have to pay a small amount for the encryption product. Keys are often confusing and this is usually very good with encrypted systems. But finally, if the code was detected, this encryption would also be ineffective because someone could still write cracking programs.
The virus scanning system works as compared to your computer system against a registered virus. Each signature is the character of a particular virus, and when the system scans for data in a file, email, or anywhere else, it fills the signature. It reported that the virus was found. However, a virus scanner may only scan for known viruses. This is essential for your system to be updated regularly anti-virus system on every day. & nbsp;
Virtual virus protection software provides a way to receive free signatures from their website. In fact, many of these types of software are available The service pushing adds new updates, which they will send notifications when updating a new virus. New virus writers develop new techniques that require virus scanning systems to change how they work.
Rule # 9: Bad names are completely unrealistic & nbsp;
The whole of human interaction influences the exchange of data in all aspects. If someone gives you enough data, they can describe you. Think about all the information a person can get in a short conversation with you. Just a glance, they can judge the height, weight, or approximation you have. Your voice can tell them where you come from, and maybe even tell them something about your family, your hobbies, where you live, and what you are doing to make a living. It does not take long for anyone who wants to collect information to describe who you are. If you wish to hide completely, it is best to live in a cave and stay away from human contact. & nbsp;
The same thing applies to the Internet. If you visit a website, the owner can, if he wants to know who you are. Finally, the numbers 1 and 0 that create web sessions can find their way to the right place, and that's your computer. There are many ways you can hide bits, and the more you use them, the more bits you use must be covered more. In case you can use the network address to cover your real IP address, use a different Internet subscription for different purposes, ... This whole thing can make you hard to Detect more when checking who you are, but can not completely eliminate the information about you. Do you know for sure who operates the hiding information service ?, maybe it's someone who owns the website you just browsed! Or the website you just visited the previous day suggested to mail you a $ 10 coupon? Perhaps the owners of these sites will be pleased to share your information with another website. If so, the second site will continue, ... and will check who you are. & nbsp;
So does that mean that web-based policy is causing the loss of security? Not entirely so. It's just the best way to protect your privacy when accessing the Internet, just as it protects you in the way you live your life. Read the privacy statements on the websites you visit, and only trade with someone who meets your requirements. If you are worried about cookies, please remove them. More importantly, avoid sites without authentication, as in most cities there are paths that should be avoided, the Internet does. But if you want no one to know about you, it is better to find a cave to live in. & nbsp;
Rule # 10: Technology is not everything & nbsp;
Technology can do some amazing things for everyone. In recent years we've seen tremendous growth in both hardware and software: cheap hardware and new features, software has evolved alongside hardware as well. New standards in safety and security and other computer science related fields. It opens the prospect that technology can create a new world with utmost security, if we work hard. However, this is unrealistic. & nbsp;
Perfect security requires the corresponding perfect technology, this does not exist, and The reality has never existed . Software development is an inaccurate science, and all software is faulty. Some may be due to overloading leading to unsafe security. But in reality even with perfectly programmed software, it still does not solve all the problems. Most attacks consist of multiple levels, from one level to another. Increasing cost and complexity in security technology, and intruders will seek to undermine the system in other ways, such as human beings. You can maintain your security even better or you can become the cause of system errors. & nbsp;
The solution is to acknowledge two essential points. The first point, security and security, includes both technology and policy, that is, how it combines your technology and system with all the essentials. Second point, security is a security process, no end, it is not a problem that can be solved once for all; It is a set of persistent problems and measures between the protective and the destructive. The key to ensuring that you have a good security system is that it depends on the people and the policies of your company. & nbsp;
