Week 5 Security Discussion Comments"

  1. There is no way to totally (100%) prevent a computer security breach. There is also no way to guarantee that a bank branch cannot be robbed no matter how much you spend on security. Well planned security investments and procedures can greatly reduce the probability of a security breach but cannot eliminate the possibility entirely.
  2. In both the Disaster Recovery Discussion and this Security Discussion, taking backups was frequently mentioned. Most backup software provides an option to encrypt the backup files. It is important to take advantage of this option. If you do not encrypt your backups, the only thing preventing a storage provider from accessing the data is their policies and procedures.  There is usually no technical barrier.
  3. There is frequently a trade-off between security and convenience. I would prefer to access acats2k12 remotely as I do now without driving from Evanston to River Forest each time I need to access that server on the Dominican Network. Dominican spent over a year establishing a secure way to access that server without allowing access to other parts of the network (such as the computer in my office).
  4. Even a minor security incident can be painful to customers. My Discover Card number has been compromised several times. Each time it is necessary to go to many online sites and change the credit card number stored on many sites (Illinois Tollway, CTA Ventra, ...). Last time this happened, I opened a separate credit card account to use only on selected sites where automatic renewal is critical such as the hosting company where dombsb.com and millerjw.com are hosted..
  5. Here is a link to a short article published on 08/09/2016 about companies that prioritize innovation over security.
  6. Based on some postings, I would like to comment that how well IT repairs computers or how quickly they respond to your requests does not have a direct relationship to how well your company protects assets at risk.
  7. The Internet of Things presents new security challenges. Now, even pop machines want internet access so that they can report when the need restocking. It is necessary to make sure that employees at the pop machine company cannot access critical informaiton on your network.
  8. Here is a part of a posting by a member of our Dominican Staff from last Spring's class.

    At Dominican cyber security is taken very seriously and we do a lot to ensure we protect the information of all of users. This is because we hold a lot of confidential information that could be hacked if we do not have the right methods and best practices in place to secure our data. At the undergraduate level students are asked to take a computer information systems course that helps introduce students to the dangers of sharing information and how to secure your information. Also, over the recent years our IT department has hosted training sessions to help students and staff understand the risks of being hacked and how to identify if you are being a victim of it. As a staff member IT has done mock phishing emails to make staff and faculty aware of what to look for in an email and understand how hackers use these methods to gain access to your information. Needless to say there is also a team who oversees the planning and implementation of new security systems. Recently, I also noticed that our outlook accounts when ever someone send you an email with an attachment a security check is done to ensure the content of the email is not a threat to your security.