The most valuable currency in our modern digital age is the valid information. Convenient, efficient and above all – secure communication and information sharing is an essential aspect of functioning to most enterprises, small businesses, as well as to individuals. I’ve been a member of several teams of ICT engineers over the last few years, maintaining complex corporative networks and systems of unified internal communication, and two major trends became evident to me.
The ICT systems are heading towards wide implementation of IP-based communication within enterprises that will provide myriad of convenient services, such as instant messaging and e-mails, voice, and video, desktop sharing and conferences.
The other trend is centered around extensive security measures that will protect all the valuable data, personal as well as corporative. The threat of malicious software potentially damaging complex ICT systems is constantly present, so I’ve decided to put down a review and some expert’s advice on how to protect your information stored on various digital devices.
With over 300 million of new malware, viruses and various other malicious software attacking during a single year and damaging mostly personal data bases or data bases of small businesses, I strongly suggest you not to underestimate the importance of basic anti-virus and anti-spam protection. Many reputable manufacturers are providing powerful antivirus applications, such as Microsoft, SonicWall, Webroot and others so make sure you purchase system-wide anti-malware and anti-virus 24/7 protection and maintain it regularly. Have in mind that active monitoring and filtration of the incoming data are essential for protection. Also, I prefer to impose strict limitations on employees regarding website blocking and surfing. My experience has proven cloud based protection of emails as the most reliable method.
When asked to provide high-quality protection to personal user accounts, I suggest two-factor authentication system. The two-factor authentication system includes additional safety layer aside traditional username and password log in. Various codes designed for a single-use are sent to another personal device connected to the account (usually a cell phone), and the user is obligated to enter this code to complete authentication.
Popular security methods often provide average protection, but in this case, I agree with the standard option. Encryption renders data that is accessible only to approved users by using decryption key and code stored in a secure location. At first, I used to implement the system onto PCs of my clients and maintain it on my own, but teaching and instruction turned out to be more efficient. I decided to simplify the procedure to all my customers and train them to apply encryption on their own. So far, no unauthorized access was reported to me.
As the experienced software engineer, I’ve been dedicated to constant fighting against software designed to harm stored PC data. The fact is that most threats to internal information and communication come from users who are trying to access risky or inappropriate websites. Another source of threat is installing and running malicious applications, neglecting the anti-virus warnings. In all of these cases, I solve the problem by implementing the system of application white listing. The pre-formed list of allowed applications is encapsulated by this application and all other applications trying to access the computer are blocked.
Security measures that I mentioned above are some of the conventional approaches I tend to implement into maintaining personal and corporative information and communication systems on a daily basis. Depending on the complexity of the internal network, power of servers, number of clients interacting and the flow of the data, there’s a broad range of other effective safety methods I will discuss in my other article.