Alpine Computer Service - The House Call computer and network experts. 802 434-3349 Richmond, Vermont

Home > Common Issues

Security

Security Holes
Many software tools exist that can aid in the discovery (and sometimes removal) of vulnerabilities in a computer system. Though these tools can provide an auditor with a good overview of possible vulnerabilities present, they can not replace human judgment. Relying solely on scanners will yield false positives and a limited-scope view of the problems present in the system.

Alpine can help you determine whether your current security practices are up to date or if you need to do something more to keep your computer safe.

Identity Theft
Identity theft (or identity fraud, iJacking) occurs when someone wrongfully acquires or uses another person's personal data, typically for their own financial gain. ^[1] Sometimes it is referred to as "identity fraud" since the criminal impersonates rather than 'removes' the victims identity.

Most commonly, this term is used in relation to credit card fraud although mortgage fraud and other kinds of financial fraud are common. Less commonly, it is used to enable illegal immigration, terrorism or espionage. It may also be a means of blackmail if activities undertaken by the thief in the name of the victim would have serious consequences for the victim. There have also been cases of identity theft for the purpose of obtaining medical treatment, or for evading criminal prosecution.

Techniques for obtaining information include :

stealing mail or rummaging through rubbish (dumpster diving in the USA)
eavesdropping on public transactions to obtain personal data (shoulder surfing)
stealing personal information in computer databases
infiltration of organizations that store large amounts of personal information
impersonating a trusted organisation in an electronic communication (phishing)
Spam (electronic): Some, if not all Spam requires you to respond to alleged contests, enter into "Good Deals".

Identity theft is not possible without serious breaches of privacy. If corporate or government organisations do not protect consumer privacy, client confidentiality and political privacy the execution of identity theft becomes much easier for criminals.^[2]

The following precautions are recommended by the US Federal Trade Commission ^[12] :

Shred documents and paperwork which contain personal information before you discard them.
Don't give out personal information unless you know who you are dealing with.
Never click on links in unsolicited emails; instead, type in a web address which you know
Use firewalls, anti-spyware, and anti-virus software to protect your home computer;
Don't use obvious passwords like your birth date or your mother's maiden name
Keep your personal information in a secure place at home
Be alert for discrepancies in your financial bills and statements and query them immediately
Report fraud as soon as you detect it

The following have also been recommended ^{[citation needed]} :

Collect delivered postal mail as soon as possible.
Use reliable ATM's at reputable sites only.
Look for any suspicious attachments to an ATM and if in doubt, do not use the ATM but report the problem.
Be aware of your surrounding when using an ATM. Hide what you type on a keypad from others.
Limit the amount of personal information you publish on the web.
When shopping online, make sure the company is reputable and displays an approved security symbol.
When handing over your credit card, do not let it out of your sight.
If you are traveling, tell the post office to hold your mail until your return or have someone you trust collect it

The following are specific to the USA :

Protect your Social Security number. Don't carry your Social Security card in your wallet or write your Social Security number on a check. Give it out only if absolutely necessary or ask to use another identifier.
Don't order checks pre-printed with your driver's license or social security number.
Don't carry your social security card unless absolutely needed. In states where your driver's license number is your social security number, be equally careful about who sees your license.
Freeze your credit, if available in your state so that no one can open any form of credit in your name.
Request your own credit report each year and check the reports for inaccuracies and new lines of credit issued that you did not request.

Backups
In the field of information technology, backup refers to the copying of data so that these additional copies may be restored after a data loss event. Backups differ from an archive in that data are duplicated rather than moved.

A backup should be planned carefully, and the following points should be considered:

Periodic backups improve data recovery reliability.
Automated backup should be considered, as manual backups can be affected by human error.
Making two copies of backup can potentially increase security for data recovery, to avoid accidents such as fire and physics randomness.
Using standards make them easier to recover, since that's the goal of a standard. Established standards are usually safer for recovery.
New standards are generally faster and more powerful.
Data compression might be important if there is more data than media space.
Uncompressed data are mostly easier to recover if the backup media are damaged or corrupted, unless individual objects (files, folders, etc.) are compressed separately. Many backup programs allow an administrator to increase or decrease the scope of solid compression to tradeoff compression performance against durability.
Backups might take a lot of time to accomplish, which can potentially become a problem in a work environment. (The amount of compression can also affect the time required to perform a backup or restore.)
Multiple media backup, for just one content, can be done with independent indexing to optimize individual data recovery.
Backup depends both on software and hardware and so are exposed to expiration due to time issues.

The nature of computers is that there are always options and usually three points to consider when buying equipment: size (measured in bytes), rotational speed (measured in hertz or other cycles such as RPM), warranty (measured in years or eventually months).

Each of the different media has benefits and drawbacks. Also consider the cost per gigabyte when comparing different solutions.

Preparing checklists for worst case situations is a strategy that may well alleviate a condition that on the face of it looks hopeless.

The more important the data that are stored in the computer the greater is the need for backing up these data.

Protecting Private Information

Security awareness is the knowledge and attitude you possess regarding the protection of your physical and information assets. Many organizations require formal security awareness training for all employees when they take up sensitive assignments and, in some cases, periodically thereafter. You should follow a similar regimen for your personal data.

Topics typically covered in security awareness training include:

The nature of sensitive material and physical assets they may come in contact with, such as trade secrets, privacy concerns and classified information
Requirements for proper handling of sensitive material in physical form, including marking, transmission, storage and destruction
Proper methods for protecting sensitive information on computer systems, including password policy and use of two-factor authentication
Other computer security concerns, including malware, phishing, social engineering, etc.
Physical security, including building access, carrying proper id, reporting of suspicious incidents, forbidden articles, etc.
Consequences of failure to properly protect information, including potential loss of property, economic consequences, and misuse of your private records, and possible civil and criminal penalties

In order to successfully protect your private information you must understand that there is the potential for some people to deliberately or accidentally steal, damage, or misuse the data that is stored within your computer systems and through out your house/workplace. Therefore, it would be prudent to support your assets (information, physical, and personal) by trying to stop that from happening.

What is Spyware?

Passwords

[top] Alpine Computer Service 802 434-3349

Networking

How a network works

Wireless or Wired?

Secure Networks

Troubleshooting Networks

[top] Alpine Computer Service 802 434-3349

Music

Loading music players with music from your computer

Burning CDs

Creating universal playlists

Organizing your music

Naming music files

Copying music to your computer

Online Music resources

[top] Alpine Computer Service 802 434-3349

Pictures

Saving your pictures

Sending your pictures

Printing your pictures

Organizing your pictures

Loading your pictures

[top] Alpine Computer Service 802 434-3349

About Alpine \| Contact US
Common Issues >> Security Networking Music Pictures Services >> On-Line Support >>	Home > Common Issues Security Security Holes Many software tools exist that can aid in the discovery (and sometimes removal) of vulnerabilities in a computer system. Though these tools can provide an auditor with a good overview of possible vulnerabilities present, they can not replace human judgment. Relying solely on scanners will yield false positives and a limited-scope view of the problems present in the system. Alpine can help you determine whether your current security practices are up to date or if you need to do something more to keep your computer safe. Identity Theft Identity theft (or identity fraud, iJacking) occurs when someone wrongfully acquires or uses another person's personal data, typically for their own financial gain. ^[1] Sometimes it is referred to as "identity fraud" since the criminal impersonates rather than 'removes' the victims identity. Most commonly, this term is used in relation to credit card fraud although mortgage fraud and other kinds of financial fraud are common. Less commonly, it is used to enable illegal immigration, terrorism or espionage. It may also be a means of blackmail if activities undertaken by the thief in the name of the victim would have serious consequences for the victim. There have also been cases of identity theft for the purpose of obtaining medical treatment, or for evading criminal prosecution. Techniques for obtaining information include : stealing mail or rummaging through rubbish (dumpster diving in the USA) eavesdropping on public transactions to obtain personal data (shoulder surfing) stealing personal information in computer databases infiltration of organizations that store large amounts of personal information impersonating a trusted organisation in an electronic communication (phishing) Spam (electronic): Some, if not all Spam requires you to respond to alleged contests, enter into "Good Deals". Identity theft is not possible without serious breaches of privacy. If corporate or government organisations do not protect consumer privacy, client confidentiality and political privacy the execution of identity theft becomes much easier for criminals.^[2] The following precautions are recommended by the US Federal Trade Commission ^[12] : Shred documents and paperwork which contain personal information before you discard them. Don't give out personal information unless you know who you are dealing with. Never click on links in unsolicited emails; instead, type in a web address which you know Use firewalls, anti-spyware, and anti-virus software to protect your home computer; Don't use obvious passwords like your birth date or your mother's maiden name Keep your personal information in a secure place at home Be alert for discrepancies in your financial bills and statements and query them immediately Report fraud as soon as you detect it The following have also been recommended ^{[citation needed]} : Collect delivered postal mail as soon as possible. Use reliable ATM's at reputable sites only. Look for any suspicious attachments to an ATM and if in doubt, do not use the ATM but report the problem. Be aware of your surrounding when using an ATM. Hide what you type on a keypad from others. Limit the amount of personal information you publish on the web. When shopping online, make sure the company is reputable and displays an approved security symbol. When handing over your credit card, do not let it out of your sight. If you are traveling, tell the post office to hold your mail until your return or have someone you trust collect it The following are specific to the USA : Protect your Social Security number. Don't carry your Social Security card in your wallet or write your Social Security number on a check. Give it out only if absolutely necessary or ask to use another identifier. Don't order checks pre-printed with your driver's license or social security number. Don't carry your social security card unless absolutely needed. In states where your driver's license number is your social security number, be equally careful about who sees your license. Freeze your credit, if available in your state so that no one can open any form of credit in your name. Request your own credit report each year and check the reports for inaccuracies and new lines of credit issued that you did not request. Backups In the field of information technology, backup refers to the copying of data so that these additional copies may be restored after a data loss event. Backups differ from an archive in that data are duplicated rather than moved. A backup should be planned carefully, and the following points should be considered: Periodic backups improve data recovery reliability. Automated backup should be considered, as manual backups can be affected by human error. Making two copies of backup can potentially increase security for data recovery, to avoid accidents such as fire and physics randomness. Using standards make them easier to recover, since that's the goal of a standard. Established standards are usually safer for recovery. New standards are generally faster and more powerful. Data compression might be important if there is more data than media space. Uncompressed data are mostly easier to recover if the backup media are damaged or corrupted, unless individual objects (files, folders, etc.) are compressed separately. Many backup programs allow an administrator to increase or decrease the scope of solid compression to tradeoff compression performance against durability. Backups might take a lot of time to accomplish, which can potentially become a problem in a work environment. (The amount of compression can also affect the time required to perform a backup or restore.) Multiple media backup, for just one content, can be done with independent indexing to optimize individual data recovery. Backup depends both on software and hardware and so are exposed to expiration due to time issues. The nature of computers is that there are always options and usually three points to consider when buying equipment: size (measured in bytes), rotational speed (measured in hertz or other cycles such as RPM), warranty (measured in years or eventually months). Each of the different media has benefits and drawbacks. Also consider the cost per gigabyte when comparing different solutions. Preparing checklists for worst case situations is a strategy that may well alleviate a condition that on the face of it looks hopeless. The more important the data that are stored in the computer the greater is the need for backing up these data. Protecting Private Information Security awareness is the knowledge and attitude you possess regarding the protection of your physical and information assets. Many organizations require formal security awareness training for all employees when they take up sensitive assignments and, in some cases, periodically thereafter. You should follow a similar regimen for your personal data. Topics typically covered in security awareness training include: The nature of sensitive material and physical assets they may come in contact with, such as trade secrets, privacy concerns and classified information Requirements for proper handling of sensitive material in physical form, including marking, transmission, storage and destruction Proper methods for protecting sensitive information on computer systems, including password policy and use of two-factor authentication Other computer security concerns, including malware, phishing, social engineering, etc. Physical security, including building access, carrying proper id, reporting of suspicious incidents, forbidden articles, etc. Consequences of failure to properly protect information, including potential loss of property, economic consequences, and misuse of your private records, and possible civil and criminal penalties In order to successfully protect your private information you must understand that there is the potential for some people to deliberately or accidentally steal, damage, or misuse the data that is stored within your computer systems and through out your house/workplace. Therefore, it would be prudent to support your assets (information, physical, and personal) by trying to stop that from happening. What is Spyware? Passwords [top] Alpine Computer Service 802 434-3349 Networking How a network works Wireless or Wired? Secure Networks Troubleshooting Networks [top] Alpine Computer Service 802 434-3349 Music Loading music players with music from your computer Burning CDs Creating universal playlists Organizing your music Naming music files Copying music to your computer Online Music resources [top] Alpine Computer Service 802 434-3349 Pictures Saving your pictures Sending your pictures Printing your pictures Organizing your pictures Loading your pictures [top] Alpine Computer Service 802 434-3349
	Alpine Computer Services LLC DBA Alpine Computer Service Richmond, VT 05477 802 434-3349