The value of computer security systems has never been higher. It seems we hear about a high profile network intrusions in which corporate or personal information are stolen almost weekly. Online fraud has become a billion dollar industry and shows no sign of slowing down. The lucrative nature of identity theft has attracted organized crime and created an active marketplace where identities with credit card numbers, social security numbers, addresses, and more are traded just like stocks on the New York Stock Exchange. In such a hostile online environment it is vital that you have a computer security system of some sort to protect your identity and infrastructure.
Choosing the right computer security system for your needs depends on your environment. If you are a home user with just a PC or iPad that connects to the Internet through an ISP that provides cable modem service or DSL then you can get by with a small investment in router. NetGear and Linksys were probably the two most common brands of routers for the home markets. Models still range in price from $40-$100. These routers will properly segment your home network from the public and prevent outsiders from looking in and seeing your devices. Most also have firewall features built in to them that can close down unnecessary network ports to make your home look like an unattractive target to hackers that crawl the Internet in search of vulnerable computers they can take control off and use for mischievous purposes. For home users, keeping your operating system patched (i.e. Windows Update), running anti-virus software, and using a broadband router will stop about 99.9% of attacks and is the only computer security system needed unless you need to protect extremely valuable digital assets from compromise.
In the corporate environment, a more thorough computer security system is required. Companies are much larger targets to hacker groups. Penetrating the network defenses of a major corporation is like a badge of honor for many egotistical hackers. Companies also have to protect themselves from rogue employees on the inside who don’t need to bypass the perimeter defenses so it is essential that they deploy a defense in depth strategy.
The perimeter usually gets the majority of the attention and funding in a typical corporate environment. It is very difficult to get through a properly configured firewall and router combination to access internal systems without having detailed information about the network topology. The best a would be intruder can hope for is a misconfiguration somewhere or to probe for a devices with known vulnerabilities that remain un-patched. The most common attack on the network perimeter is a Denial of Service (DoS) attack in which the network is flooded with massive amounts of requests in an attempt to overload the network infrastructure and take down the service (usually web sites using HTTP) being offered. Some modern head end routers (Cisco, Juniper) can detect such attacks and immediately drop suspicious packets to thwart most attacks of this sort.
Although most companies get high marks for their perimeter security systems, they fall well short in their internal computer security systems. Most are composed only of Anti-Virus software and single factor authentication systems. It is easy for an insider with technical knowhow to circumvent password based authentication systems. This leaves most organizations that don’t utilize multi-factor authentication systems like smart cards vulnerable to insider attacks and data compromise.