Lock Hardware and Software Down with Security

protecting pc and laptop hardware

Locked down for you by our Digital Lock and Key Experts

Companies that provide a product or service online need to work on the principle of protection, detection, and response in regards to security. In short establish a culture of learning and awareness of cybersecurity.

  • You need to recognise threats to online safety
  • Taking steps to reduce the risk of online threats
  • Understand the concepts including malware, viruses and trojans
  • Ensure network security, use cryptography for data and be aware of identity theft through social engineering*

Cybersecurity Cube

An understanding of the three dimensions of the cybersecurity cube is an easy way to ensure all issue are considered in this matter.

The first side of the cube deals with confidentiality, integrity and availability. See also Cybersecurity All-in-One For Dummies this book shows you how to lock down your computers, devices and systems.

CIA means information is only being read by only the right people (confidentiality), data is only being changed by authorised people or processes (integrity) and your information or data can be at all time available to read and use whenever we want (availability). The confidentiality can be ensure by using strong passwords, using two factor authentication, applying cryptography to data and a virtual private network networks when the information is transmitted over the internet. The use of a signed **digital certificates by a third party CA and public/private key exchange can ensure integrity of data over the internet. Here we wish to ensure accuracy, consistency, and trustworthiness of data. Another method of ensuring integrity of data files is by using hashes to ensure files have not been tampered with This involves using an algorithm is set to md2 for example. The availability of data means the it can be accessed by authorised users when require. Backups and antivirus software is used to make sure data is not deleted or corrupted this makes it available.  Access control can be used also meaning ***authenticated users have access to data only. There is accountability with this access.

Data in transit, data at rest or in storage and  data in process. The second dimension of the Cybersecurity Cube focuses on the problem of protecting the data in cyberspace in each of its possible states, data in transit, data at rest or in storage and  data in process. Over the internet data in transit can be protect by cryptography and a VPN. Cryptographic. Detecting threats and vulnerabilities to your network can ensure the protection of data at rest. a port scanner and network mapping tool to detect threats and vulnerabilities on a system. This type of tool can determines what hosts are available on a network, what services are running, what operating systems are running, and what packet filters or firewalls are running. If TCP or UDP ports are open you can detect and shut them down. If you need to know the versions of software being used performs a version detection which you can use to research vulnerabilities. Capture SSH keys (RSA, ECDSA) for the host system. Then runs a set of scripts built to test specific vulnerabilities. Wireless data transmission means using the most secure protocols. These are WPA2 PSK meaning Pre-Shared Key (PSK) authentication. Server Firewalls and Router ACLs can be used to protect data at rest and in transit. Data in process means using secure connections to the data such as SSL/TLS protocols. Developing databases which are secure from SQL injections and cross site scripting.

Training, policies and technology. The third dimension is about security measure in the form of training and aware; policies and procedure and technology.

Lock Hardware and Software down

1. Data in transit

Protect data in transit by using the best network devices these are:

2. Data Storage

Storage categories are:

Regularly back up important files to an external hard drive or cloud storage. An example is to backup your desktop data onto an external hard drive such as with the Seagate Portable External Drive or for a network use the Duo external hard drive, RAID Desktop HDD with Password Protection.

(2FA) security keys

As an IT manager some examples of this is are locking down your highly valuable accounts with Two-factor authentication (2FA) security keys with a Yubico - YubiKey 5C NFC to protect your online accounts. This work like a physical house key except you insert it into your hardware when accessing your most highly secured accounts such as AWS, Azure or Google business cloud environments.

Implement asset marking which involves labelling and tagging your IT assets to identify ownership and track their location. This can be done using physical labels, RFID tags or digital asset management systems.

Firewalls

Enable Firewalls. Ensure that firewalls are enabled on your devices to block unauthorized access. Ideal for SMB's use a Dual WAN Router, Firewall and VPN, Load Balancing. This protects the network and is the first line of defence.

3. Data in process

As a parent of young adults setting up parental controls to monitor and restrict your children's online activities is best practise. Go to family from the accounts setting tab. Microsoft Family Safety helps families create healthy digital habits and protect what matters most. It offers features like screen time limits, content filters, activity reporting and location sharing to ensure online safety and manage digital well-being. You can access these features through the Family Safety app or the Microsoft Family website. Open family settings now Microsoft Family Safety.

Online scams, data, privacy and passwords

Educate your family about phishing scams and how to recognize them. Setting up accounts to stop tracking by scammers. Turn off images and the preview email setting. You can check to see if your families emails have been part of a data breach by visiting haveibeenpwned.com plus check to validate the legitimacy of a website, is it fake or a scam, check a website for risks, check if fraudulent, see site trust reviews by visiting ScamAdviser.com.

Check and update the privacy settings on your social media and online accounts. Also include †browser settings, review them and turn them to private.

Consider using a password manager to securely store and manage your passwords. Use a password keeper to manage your passwords a physical device. This is a Bluetooth flash drive, military grade AES-256 encryption hardware device. It autofill as its functionality for 1000 credential. Use with Netflix, Amazon, Gmail accounts and more this supports smart phones, tablets and computers.

Monitoring your data and information

Use a service like TransUnion UK | An Information & Insights Company or krollmonitoring.com to protect against fraud. Kroll offers identity monitoring services that detect non-credit-based personally identifiable information (PII) and notify individuals of any suspicious activity. Kroll also provides data breach notification, identity theft restoration, and cyber risk retainer services.

https://www.westafricaphones.com/content/what-ethical-hacker-training

*A digital signature is a mathematical technique used to validate the authenticity and integrity

**Authentication, Authorization, and Accounting by Adding Groups, Users, and Passwords then verifying groups, users, and passwords. Setting symbolic permissions or setting absolute permissions at the command level on an NTP/AAA server. (network time protocol)

***Social engineering. An example is websites that look legitimate. lockdownmaket.com is not the same as l0ckdownmarket.com or lockd0wnmarket.com, 1ockdownmarket.com. 1 is not l

†Browser. A csv export of the browser history could reveal data such as password, user name in the url string of a search. Exporting the csv data is only allowed after a system password is entered. Data examples https://duckduckgo.com/?q=GDPR&ia=web