Making you and your activities and possessions being safe from interference or harm. It is an ever-vigilant struggle against known and unknown forces. Computer security is a process that protects data, communications, and systems from harm or failure, including accidents and acts of nature.
Tenants of Security
- Never absolute - The best systems are often tested and retested to reaffirm their strength. These tests try their best to cover genuine dangers. Over a long enough time line, anything is possible.
- Policy And Technical Some elements of security are highly technical while others are simple policy and procedure. For instance, security on a very large wide-area network with a fast network connection can be very difficult and require a dedicated, trained technician. Meanwhile, if no one locks their doors when they leave the office everyday per imposed procedures,
- Communication - Internal suspicion can also harm genuinely secure systems. Possible failures in security must be reported, checked on, and follow up with.
- Systems Thinking - Don't focus on one thing; a security system is only as strong as its weakest link. Anytime something attempts to compromise your security, it is considered an attack.
- 'Turn things off - on your computer, every open program that can connect to the Internet or, even more, be connected to is a potential security risk. Turn everything off. Nearly every computer security book on the market will recommend this first and foremost.
- Security often involves giving up control and ease of access. This can include locks or passwords added to prevent access to a computer or creating a separate account on a computer that is incapable of installing programs.
- Effective security enables users to do what they need to do safely. Too much security can often lead to Paranoia and wastes time and energy.
- To create a secure environment specific boundaries need to be defined so that violations can be monitored. Mechanisms should be based on prevention, detection and reaction.
- For computers, information can be copied perfectly and easily so backup is often a universal defense against failure.
Attacks against transmission of data include interruption, modification, fabrication and interception.
To prevent theft, physical security includes a process as simple as locking your office door when you leave or as complex as motion-detector alarms and retinal scanners.
- Anonymity / Obscurity
- Brute Force
- Cryptography - Encrypting Your ...
- Identity / Authentication / Integrity
- Industrial Espionage
- Security through obscurity
Topics of distant relation
- Cert.org - a center of Internet security expertise
- Stay Safe Online
- GuardCentral - A regularly updated computer and Internet security portal
- Gibson Research Corporation - Of note, this is the home of ShieldsUp and several other products.
- Packet Storm Security
- securityfocus -- Don't forget to browse SecurityFocus's extensive library and mailing lists. See also: bugtraq
- atstake -- Formerly The L0pht.
- security.resist.ca - Security, Privacy, & Anonymity for Autonomy...
- Information Security Glossary
- Hack This Site -- training hacktivists through online security challenges
- Tinhat - Humans versus Computers - Electronic security and privacy information for non-experts.
- The Computer Security Institute
- Securityflaw's Information Security Bible
- Information Systems Security Association - The ISSA is the largest not-for-profit security organization
- Find the latest Security white papers, product literature, webcasts, and case studies.
Free Open Source Information Security Standards ]
- Forum On Risks To The Public In Computers And Related Systems - Very old, and still going.
- Microsoft: Best Practices For Internet Security - A detailed collection of whitepapers and other resources.
- About.com Internet and Network Security
- SpamSpade - Online security tools.
- COTSE - A security service and useful portal system for a variety of security tools and references
- SecureRoot - One of the earliest security and hacking portals
- The Most Overlooked Component of Data Security: Your Employees
- The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments - written by several authors of the NSA
Online security scans
Offering a basic security check (mostly for Windows systems)