/build/static/layout/Breadcrumb_cap_w.png

Security in 2013

How often do you install new software on your computer? How often do you stop to consider the software being installed could be infected with malware? I am confident the IT crowd here at ITNinja does at least think about this possibility. You probably have some antivirus or malware detection software that helps you feel more comfortable with this.

How often do you check the MD5, SHA1/3/256/512, or other checksum provided by the software vendor against the binaries you have or that you downloaded? Do you check the PGP signature? Or is that not even provided by your vendor?  I would guess that only about 20% of the group here (or less) probably take these steps. You probably think the antivirus software does this for you, and it probably does for some portion of popular applications and binaries.

Do you check the certificates installed on your computer? Have they changed without your knowledge? Have they not changed, but the certificate authority has been hacked so that while now software appears to be trusted, it shouldn't be because that certificate authority should not be in your trusted set? This probably takes the set down to 2% or less. You have a lot on your plate and staying up to date with security news is likely not your top priority. 

Security is hard. The weakest link in the chain is the one that will be found and broken. That isn't entirely true, whatever link in the chain that is first found to have a weakness is the one that will be broken. It might not be the weakest, just the first one that a hacker attempts.

It is nearly impossible to be completely secure. You have so many moving pieces with networking equipment, operating systems, applications, mobile devices, wireless networking, VPNs, traveling salespeople, employees, contractors, guests, physical access, remote access, public websites, and so much more.

Nice job on the work you have done to help secure your organization! You deserve a raise. Be safe!


Comments

This post is locked

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login
Blog

View More Blogs from mikergray

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ