PC security frequently asked questionsDate Entered: Tuesday, 04 April 2000 Author: Innovative Security Products Story: Why should I worry about notebook theft Hundreds of thousands of notebook computers are stolen every year. Which represents nearly 1/4 of the notebooks sold. A statistic too high to ignore. Not to mention the risk of losing the important and sometimes personal data on the notebook, makes it imperative that measures be taken to prevent this from occurring to you. The hot spots for notebook theft are as follows: office, airports, your car, and hotel rooms. Lastly, notebook computers are ideal for a thief. They are portable, valuable, easy to pawn off, and difficult to recover.
What can I do to help prevent my notebook computer from being stolen
First be sure to backup the data on your notebook regularly. Second, buy a security device to use with your notebook even when you are nearby and don't believe it could be taken from you. Never leave you notebook unattended. When going through airport security, don't put you notebook on the conveyer until it's your turn to walk through the metal detector. Keep you notebook in an inconspicuous case rather than an obvious notebook/laptop case. Record your notebook serial number, or place a UV mark on it so you can identify the notebook if it is ever recovered
How do I know if internal PC component?s are being stolen
You may not. A lot of IS shops place orders for replacement memory and processor?s under equipment maintenance or repair parts. This being the case, you should audit the individual line items of the PO?s or invoices to see what parts are being ordered. Also, require that all bad parts be turned in before replacements are ordered. 99% of the time, if memory is being replaced, it?s not because it was bad, it?s because it was stolen. One quick way to monitor the situation, is to see the relationship between your companies new hardware purchases and your maintenance expenses. If they?re running about even, you probably have a problem.
Why should I worry about theft, that?s why I have insurance
With six-figure claims more the rule than the exception, insurers are paying more attention to the issue of high-value components. Furthermore, some losses are uninsurable because they result from disappearance or inventory shortage. Then there are the companies that have been hit several times and are now at risk of having their policy canceled.
It was reported that in 1993 Chubb Insurance Group paid less than $3 million to victims of high-tech robbers, while a year later, the figure had surged to $15 million. This year, Chubb expects another clear increase in damage claims. In fact, the increase of high-tech crime has led Chubb to form the Technology Theft Prevention Foundation. This group is focusing insurance, electronics and law enforcement resources at this growing problem.
In the future, look for insurers to increase premiums and start requiring various security measures to be implemented before they issue a policy.
Does anybody really care about security
The "ostrich with its head in the sand" mentality seems to be prevailing in corporate America for a variety of reasons. With all the downsizing , rightsizing, and economizing that is going on, it is too expensive to hire a security administrator, or a disaster recovery coordinator.
Unfortunately, until personally faced with a security problem, most people will choose not to get involved. When a big break-in does occur, they may look back and even acknowledge that they should have listened to the warnings.
The cause of most data security problems is lack of management concern. Security will always be a managerial rather than a technical problem. With intellectual capital the creator of wealth in the 90?s, it is imperative for companies to protect themselves from threats of misuse, abuse, or theft of their sensitive information.
If a company cannot show ?due diligence? in protecting their trade secrets, directors and officiers may be held accountable by the stockholders. This is a threat that officiers need to be concerned about.
Is SATAN really the devil or an angel in disguise
SATAN (Security Administrator Tool for Analyzing Networks) became available on the Internet in April, 1995. SATAN reports security weaknesses in networked computers. The trouble lies in the construction and implementation of the software. To use SATAN, you enter your network the same way a hacker (intruder) would, from a host outside your network. The software finds and can be used to fix a variety of security problems.
However, SATAN can just as easily show a hacker how to break into your system. Because it is available free of charge on the Internet, anyone can get their hands on the product.
The way SATAN works is very straightforward. Each security probe targets a host, using a common TVC/IP-based protocol, such as SMNP (Simple Mail Transport Protocol), FTP (File Transfer Protocol) or RTC (Remote Procedure Call). Because it attacks using these common protocols, the target system simply sees the probe as another machine in the network making a request. It responds by returning whatever data is appropriate to the apparent server?s request. In other words, SATAN exploits the avenue of trust within the target system.
Who or What is Courtney
Courtney is the anti-SATAN software that is available for free on the Internet. When running on a computer linked to the Internet, Courtney continuously looks for attacks from SATAN. By using Courtney, if your system comes under a probe from SATAN, you are not only made aware, but also have the opportunity to trace the perpetrator.
Courtney can be found on the Internet at: http://ciac.llnl.gov/ciac/ToolsUnixNetMon.html#Courtney
What is a firewall
Internet firewalls are secure Internet gateways. A firewall generally consists of several components including both hardware and software. The gateway machine, (or set of machines) intercepts ?filters? all incoming and outgoing transactions. One of the reasons experts consider a firewall to be more secure than other machines on the network, is that the firewall is task-dedicated- not a general purpose host or server. It?s sole purpose is to protect your internal network environment.
With this in place, your network should be set up so that none of the other machines on your network trust the gateway machine. That way, if the gateway is successfully attacked or taken over, the rest of the system will remain safe.
Explain what encryption software is
Most encryption systems involve both an algorithm (a procedure for solving a mathematical problem) and a secret value. The secret value is known as the key. The reason for having a key in addition to the algorithm, is that it is difficult to keep devising new algorithms that will allow reversible scrambling of information, and it is difficult to quickly explain a newly devised algorithm to the person with whom you would like to start communicating securely.
The concept of the key is analogous to the combination for a combination lock. You dial in the secret numbers in the correct sequence and the lock opens, you can?t open a combination lock without knowing the combination.
Today there are both hardware devices and software packages available for encrypting users? data files, hard drives and E-mail messages.
Help me to understand some of the encryption terms
The Electronic Codebook - This is a basic block encryption method that operates like a physical codebook. This method can be used to encrypt keys. As a drawback, this method may create a recognizable pattern that can help an intruder figure out how to break the code.
Cipher Block Chaining - An enhanced version of the Electronic Codebook, this module chains together blocks of ciphertext. This module encrypts each block using the original plaintext, a key, and a third value based on a previous block-hence the term chaining. Chaining does not create a recognizable pattern.
Cipher Feedback - Uses previously generated ciphertext as input to the DES, in order to generate what looks like a random output. This output combines with plaintext to produce ciphertext-another form of chaining.
E-mail encryption and decryption FAQ
If I send encrypted e-mail to someone will they need to have a copy of that same software to decrypt it - Yes
What is the Orange Book
The real title ,Trusted Computer System Evaluation Criteria, is a US government publication. It standardizes security system requirements and defines four broad categories of security for host-based environments- minimal security (least), discretionary protection, mandatory protection, and verified protection (most). Each category is then further broken down into more specific classes of security with specific criteria for each.
The objective of the Orange Book is to:
Provide you with a way of assessing the level to which you can trust a given computer system.
Provide guidelines to manufacturers as to what to build into their systems to satisfy various security needs.
To serve as a basis for specifying security requirements so you can purchase a coordinated security system.
In today?s complex business environments, the Orange Book?s security classifications are somewhat limited.