29 Oct 2009
As a security professional, the essential disciplines associated with operating in cyberspace, such as using the right security tools, installing the latest updates and encrypting data, come pretty naturally to me.
However, of late it has become obvious that it is not just the technical practices and the whizz-bang technologies that make us secure. It is more about a state of mind, and continued application of best – or at least good – security practices as we use our chosen technology.
Most mobile professionals need at some time to access a PC in a public place – a PC which has been, and will continue to be, used by large numbers of unknown people. Recently, when I was using such a computer, after my session I carried out all the usual best practice tasks, and cleared down the browser history, cookies, and other digital footprints. However, when I looked at the previous history of use, it was possible to see the type of person, and in some cases the company, that had used this resource.
In this case, the previous users had clearly been working on business-related topics, and had downloaded files to the local disk. Under Windows, where such data will be written to by default, sure enough in the My Pictures and My Documents folders, information was located that would be considered pretty sensitive by many.
Without exception, the users of the system in question were all considered to be computer literate, and as such, would have been expected to be aware of the threats, and the necessary steps and countermeasures to protect their identities.
Security tools, applications, and other related technological methodologies employed to defend user systems go a long way to mitigating against cyber attacks. But only when they are combined with user best security practices will they fulfil their potential to secure the system. It is good to be careful, but possibly, much better to be paranoid.
John Walker is a member of the E-victims Advisory Council and the ISACA Security Advisory Group
Have your say on this article
Newsletters
Latest stories from Security Technology
Latest videos
You may also like
Security Technology jobs
Technology Patent Wars
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
