website security

When it comes to the global cyber security landscape threats are continuing to increase. Hackers are utilizing the latest technologies to act out their malicious attacks. With more and more data being stored digitally the increase in an attack and a breach is on the rise. 

Security Introduced

·      Security should not be a second thought

·      Bring security principles into every phase of what you are doing

·      Do an audit of your digital tools and practices

·      Don’t stop monitoring once everything is set up

Cyber Attacks Worldwide

Screen Shot 2018-11-12 at 11.11.27 AM.png

Cybercrime is a costly issue globally, costing the US the most out of any country worldwide. However, $15 million is just a fraction of the total global expense of $114 billion. The cyber attack epidemic may surprise many with its scale as 14 people fall victim to an attack every second and as smartphones become more common, so do cyber attacks. 

Screen Shot 2018-11-12 at 11.11.38 AM.png

Follow these 6 steps to protect yourself:

Authentication – Who are you? 

Authentication is the process of uniquely identifying the clients of your applications and services. This addresses the question: Who are you? This can also pertain to passwords. Most of us don’t have unique passwords for every application we use. A password manager can help you never use the same or similar passwords. 

Authorization – What are you allowed to do? 

Authorization is the resources and operations that the authenticated client is permitted to access. This answers the question: What are you allowed to do? This can be path traversal, probes, known worms, etc. 

Auditing and Logging – Who is accessing your data and from where? 

All activities that affect the user state of content should be formally tracked and traceable. It should be possible to determine where an activity occurs in all levels of the application. Logs should not have the ability to be overwritten or tampered with by local or remote users. 

Confidentiality – Is the intended person the only one who can view the data? 

Data remains private and confidential and can’t be viewed by unauthorized users:  Be aware of your surroundings, where/how you store passwords, and who you give access to your device. No security measure will block your own username and password to make sure who you are showing your data to. 

Integrity – Is the data guaranteed to be the same format and content that the user submitted it as? 

Integrity guarantees that the data is protected from accidental or deliberate modification. This is provided by using encrypted storage, hashing techniques, and message authentication codes. 

Availability – Is the website or program going to be online and performing to meet expectations? 

The system should be available and ready to use and be able to have a separation of legitimate versus illegitimate user traffic. There should also be the separation of public versus private information, which includes denial of service and compromised servers. 

Leave a Reply

Your email address will not be published. Required fields are marked *