Aug 14

Database security 101 Part 4

It is important to note that small businesses and larger workgroups may face the same threats, especially on the Internet. Employees in small businesses and home offices may assume they are safe because they have a low profile, but this is no longer true.

Hackers use automated tools to detect and break into vulnerable systems. If you install a simple firewall by Zone Alarm, you will be amazed at how many times you will be poked in just a short amount of time.

A great number of these hackers are looking for passwords, information that will help them with identity theft, and so on. The value of the data will usually determine the time and resources a hacker will invest in attempting to crack a system.
Often the goal of the attack is just to find a system that can be used to confuse the trail involved with attacking another target. So in other words, your computer might be just one stepping stone in a trail of devastation.

Small businesses are generally easier to get access to than larger organizations because they often lack good perimeter defenses (for example, firewalls maintained by experienced network administration staff).

In many cases, home run and small businesses have valuable assets (and underestimate the value of those assets until they have been tampered with!) and don’t have baseline security standards for their computer systems (for example, if all computers aren’t using the most secure operating system versions, the best browser editions, or people on the network are  not regulated in terms of what they download from the internet).

Outside intruders frequently want access to the data of a workgroup or small business. Occasionally their goal is to disable the system, but it’s more common to attempt to gain access to sensitive information, such as credit card numbers or identification information like passwords, and birth dates.

Intruders are assumed to be located far away from the workgroup, and likely to have little direct knowledge of the system. They use automated scripts to locate systems that have well-known weaknesses. Only a modest amount of security is needed to convince them not to waste their time, and go after another target.

Leave a Reply