Blogs / Podcasts / Articles » Free Articles

Scott Wright's Security Views (ScottWright)
Blog Entry

Good reasons to limit surfing on computers with access to operational business data

Friday, September 11th 2009 @ 2:19 PM (not yet rated)    post viewed 4052 times

The article below by Bill Brenner at CIO magazine has some good examples of the kinds of threats an organization can face from what we consider to be "safe" websites. There are a lot of reasons why sites we trust can become the means for hackers to infect your office systems.

Here's a scenario that may sound familiar. An office worker in the accounting department has a few minutes after finishing a major task before lunch. So, he checks out some discount electronics stores to see if he can find out who has the best prices on USB memory sticks. At one of these sites, a hidden infection in the webserver detects the version of his browser and operating system. Instantly, it launches a download with malicious code to which it knows his computer's configuration is vulnerable. He may not even see a virus warning or pop-up dialog box.

Then, the unimaginable becomes reality - NOTHING HAPPENS!  Yes, it is possible for your computer to be infected without you even noticing anything is wrong. This kind of malware wants to live undetected for as long as it can, so it can gather sensitive information from you like passwords, email addresses and account numbers.

The ideal scenario for a business is to have very distinct divisions between operational software systems and Internet-connected computers. Employees may not like it, but it's getting to the point where you may not be able to afford the consequences of having these systems exposed, even indirectly, to the Internet. Many of the threats in the CIO article below can result in similar scenarios and exposure to the risks I described above.

Click HERE for the CIO article by Bill Brenner.


 

Scott Wright

The Streetwise Security Coach

Phone: 1-613-693-0997
Email: scott@streetwise-security-zone.com
Twitter ID: http://www.twitter.com/streetsec
LinkedIn: http://www.linkedin.com/in/scottwright (please send a personal message first on LinkedIn if you'd like to connect, to ensure that you're not a spammer)


Did you find this post interesting?
If so, why not find out more?...

To download my FREE Security Management Resource Guide now, and to receive my series of Streetwise Security Tips, as well as my Streetwise Security News and updates click HERE.


Join the Streetwise Security Zone, or learn more about mobile security risks through the Honey Stick Project.


If your organization is looking for innovative ways to make its security investments more effective right now, CLICK HERE to learn more about Streetwise Security Awareness solutions.

 

Site Meter

Comments

Copyright 2012. Security Perspectives Inc. All Rights Reserved.