Q7

Question 7
Digital Security

1.       Clicking on email attachments from unknown senders – apparently there are IT managers, consultants and other experts maintaining that of all the dangerous things corporate end users do, opening e-mail attachments is still most potentially damaging. The problem isn’t that users don’t know the risks-it’s that they can’t help themselves. In the survey, 86% of the workers admitted they open attachments and click on links without being sure if it’s safe to do so. And despite frequent warnings, 76% of those surveyed said they routinely open what they assume to be viral marketing files, such as funny videos, jokes, or web sites.

2.       Installing unauthorized applications – if you are like many organizations today, prohibiting instant messaging is out of the question. IM is rapidly becoming a standard corporate communication tool, even as the number of IM exploits rises. Like any other peer-to-peer application, instant messaging comes with some serious risks, buy once your users are hooked on IM, they are hooked.

3.       Turning off or disabling automated security tools – Everyday, users reschedule automated virus updates, remote security patch installations or requests to change their passwords. Security stuff, they say, is an administrative hassle and keeps them from doing their “important” work.

4.       Opening HTML or plain-text messages from unknown senders – while most end users today are aware, if not respectful, of the dangerous associated with opening e-mail attachments from strangers, many are not aware of the threats that may lie in a normal, everyday text or HTML message that contains no enclosure. Most of these users are those who have not updated their computer training lately and still labour under the illusion that only e-mail attachments can contain malware.

5.       Surfing gambling, porn or other dicey sites – most companies today have established that such content, even when technically legal for consumers, could create a hostile working environment for employees, subjecting the company to legal or punitive action. Any human resources department will tell you that these pursuits are a major no-no, and most IT professionals will tell you that they have deployed some sort of content filter to restrict access to objectionable content.

6.       Giving out passwords, tokens or smart cards – the password problem is as old as computers themselves. Despite years of trying, however, no one has come up with a workable solution. Despite years of IT warnings to the contrary, about one in three people still write down their computer passwords somewhere near the machine, either on a piece of paper or in a text file on a PC or mobile device, the researchers said. Some experts also say that employees can be too trusting of acquaintances, colleagues an family members who may “borrow” their passwords or authentication tokens, exposing them even more broadly to loss or theft. This is a particular risk among telecommuters or road warriors who may give out their passwords to help a friend or relative.

7.       Random surfing of unknown, untrusted web sites – browser-based vulnerabilities are becoming one of the most popular target attackers on the Web. Just ask Microsoft and Mozilla, which have been busy patching new vulnerabilities the past few months. If your organization gives users free reign to surf the Web during or after business hours from the corporate network, beware.

8.       Using any old Wi-Fi network – there’s nothing more soothing than a good cup of java (lowercase) and a free Wi-Fi connection at your local coffee shop. But watch that guy sitting at the next boot; he may be hacking into your laptop over that very same Wi-Fi link. Your network’s users are even more at risk if their wireless card uses the Wireless Access Protocol, which is notoriously simple to hack. A hacker can use a sniff and grab your corporate user name and password, for instance, or infect you with a worm, says Daniel Peck, a security researcher with SecureWorks.  

9.       Filling out Web scripts, forms or registration pages – if your users could actually see a hacker looking over their shoulder as they logged onto a Web site or typed sensitive data into a registration page, maybe then they would consider thinking twice. But since key loggers and XSS don’t have a human face, you’d better hope your users are hanging out on sites encrypted using secure sockets layers (SSL)-and know just what constitutes sensitive corporate data.


1.   Participating in chat rooms or social networking sites – The very same parents who frantically try to keep their kids off MySpace are now flocking to business-oriented social networking sites like LinkedIn, either from home or at the office. They join a colleague’s “network” on LinkedIn, post messages and maintain their own presence on the site. That’s much safer than MySpace, because it is just like a professional organization.   

Comments

Post a Comment

Popular posts from this blog

Q2

Question 2 Digital Literacy and Information Fluency The introduction of Homo naledi as a new species of human relative has raised a myriad of questions regarding our origins. For the Rising Star Expedition team, led by Professor Lee Berger from the Evolutionary Studies Institute at Wits University, the search for human origins is “one that celebrates all of humankind’s common origins on the continent of Africa”. “The science is not asking questions of religion nor challenging anyone’s belief systems, its simply exploring the fossil evidence for the origins of our species. We, as scientists, are encouraging everyone who wants to understand more about the fascinating evolution of our species to read our research, “Berger said. To do this, the scientists are applying the principle of open access, the unrestricted online access to research. The research has been published in the open access journal, eLife, where anyone can access the scientific papers. The public can also see the #n...
Read more

Q4

Image
Question 4 Digital Etiquette Digital Etiquette -  is defined as “the standards of conduct expected by other digital technology users” (Ribble & Bailey, 2007). In other words, Digital conduct refers to how people should behave when using the internet. It is expected that users behave in an appropriate and responsible way when using technology and it is important to teach those who do not have digital etiquette how to behave in an ethical manner. Inappropriate conduct would include; sexual harassment, cyber bullying, verbal abuse, fraud, child pornography, racism etc. Inappropriate conduct has a profound effect on society as it is easier for people to behave inappropriately over the internet where they can remain anonymous. Cyberbullying causes psychological, emotional and physical stress which has led to many suicides which has impacted negatively on society. Families are torn apart, lives are lost and money is lost as a result of inappropriate digital conduct. Sexual h...
Read more