Web Security

Prevention

            Numerous strategies are available to secure a system or a web from likely attacks, a good combination of these should keep hackers busy.  These strategies are not new to the computer savvy, but not appreciating its importance may be risky.

            In terms of access to systems or networks, there are 4 layers to watch out for:

1)      Identification or authentication - The need to ensure users are who they claim to be;

2)      Access control or authorisation - Determines privileges and services each user should have access to;

3)      Data privacy and integrity - To protect data from being stolen or altered as it travels across the network;

4)      Administration and audit - implementing security policy to ensure network safety and to isolate it from undesirable or unauthorised users.

            As for the protection of web or internet users who transmit and receive valuable data, several precautions are also available.  Firstly, encryption enables data to be encoded with a public key whereas its decoding requires a secret private key.  Alternatively, there is the certification by a reputable organisation, such as VeriSign, where users are validated by a credible source.

            By setting up a firewall, an internal network may be isolated from the internet, since data is screened when passing through this wall.  Or, the administrator may install configuration tracking tools.  The latter can identify and track unauthorised changes to the system settings within the network, thus preventing internal attacks as well.