homepage Welcome to WebmasterWorld Guest from 54.242.126.9
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / WebmasterWorld / Professional Webmaster Business Issues
Forum Library, Charter, Moderators: LifeinAsia & httpwebwitch

Professional Webmaster Business Issues Forum

    
What security measures are you taking
Just read an new report on cyber hacks
bwnbwn

WebmasterWorld Senior Member bwnbwn us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4082939 posted 2:59 pm on Feb 18, 2010 (gmt 0)

This isn't part of my job here at my company but it does become part of my job if our sites are infected due to a comprimised network.

[foxnews.com...]

How do you control what employees do in their email system? Is it suggested we do a security teaching training to make them aware what not to do?
This has gotten so serious I am searching for what we as a company should begin doing.

Maybe a weekly meeting say 20 minutes on internet security just to keep their guard up and not let them forget it is an everyday war.

 

engine

WebmasterWorld Administrator engine us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4082939 posted 3:36 pm on Feb 18, 2010 (gmt 0)

I always find that it's an ongoing thing.
I used to run the information on an intranet, but it became a problem when people were just not reading the valuable information collated, then, it fell into disuse.

Nowadays, I always circulate the latest news on hacking and phishing via e-mail, reminding people to be vigilant. Most are savvy, anyway, however, all it needs is the guard down for a short while.

bwnbwn

WebmasterWorld Senior Member bwnbwn us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4082939 posted 4:10 pm on Feb 18, 2010 (gmt 0)

Most are savvy, anyway,
you would think but from what was hacked doesn't look that way.
aspdaddy

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4082939 posted 7:21 pm on Feb 23, 2010 (gmt 0)

You cant really blame users for clicking links, the security systems need to cope with whatever threats are out there.

There are some web layer products like palo alto that can help with new types of threats but if directors of companies dont regulary have external pen-tests and vulnerability assessments they are to blame imo

lammert

WebmasterWorld Senior Member lammert us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4082939 posted 9:54 am on Feb 24, 2010 (gmt 0)

At the time of the ILOVEYOU outbreak 10 years ago we had the policy at the company where I worked to stop all emails which could be a threat, including emails containing Word documents, ZIP files, etc and all these emails were manually scanned and forwarded by a trusted employee of the IT department. If it couldn't be scanned, it was simply returned to the sender with the request to send the email again in an accepted format. (PDF wasn't known to be unsafe 10 years ago ;))

In that time it was a great way to deal with this kind of threats while many employees were struggling at home to try to remove these and other infections from their personal computers. This kind of manual scanning uses human labor and may because of privacy concerns also not be appropriate in specific settings. The company I am talking about was a technical company where most emails coming in and out were production data, drawings etc, nothing privacy related. There was a stand-alone PC in separate room with an Internet connection which people could use for their private Internet activities.

cyberlogos

5+ Year Member



 
Msg#: 4082939 posted 7:25 am on Mar 17, 2010 (gmt 0)

what a safe idea from lammert about the stand-alone PC.
I agree with aspdaddy you should contract a vulnerability assesment firm to examine the programming of your site, so your webmaster applies those reports to strenghten its security.
There are many programs to monitor every activity of every PC remotely and report to you as the Manager, and there are also programs which prevent unauthorized access to CD/DVD trays or to USB unauthorized copying etc.
Goodwill teaching is sometimes not so effective as the monitoring measures hereby mentioned.
Keep all this in mind and contract an advanced security suite as Bullguard, which is highly custom-configurable.

dataguy

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4082939 posted 12:53 pm on Mar 20, 2010 (gmt 0)

We've started switching employees to using Macs. This has been more effective than anything else we've tried. Our employees have to review web sites as part of their responsibilities, which inevitably would lead to viruses, but not on the Macs.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Professional Webmaster Business Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved