Do cybersecurity concern you? I am sure it does. Actually, it should be a concern to all of us, because most aspects of our life — information and assets — are now intricately intertwined with cyberspace. They are available from cyberspace, even if you are not a direct cyberspace user. The security issues in the cyberspace are topics of cybersecurity.
Before I discuss cybersecurity, let us see how we address our safety and security in our daily life. Every civil society has laws, law enforcement departments, and judicial system. But citizens keep their houses and cars locked, and their valuables in safe places. Our behavior in the cyberspace should resemble to what we do in our physical space, but unfortunately most of don’t. That is because we, I mean everyone of us, do not know and understand enough about cyberspace and, hence, the cybersecurity risks there. Yes, cybersecurity professionals know much more than common people, but cyberspace is an evolving world and new security issues are exposed by hackers and malicious actors. Let us now return to our topic, cybersecurity.
Let us look at the diagram for a simplified pictorial view. The six blocks shown within security perimeter requires cybersecurity measures. Namely, they are:
- Communication security
- Physical Security
- Device Security
- Network Security
- Server Security
- Information Security
Users, hackers, and malwares are crossing this boundary to get service, to disrupt operations, and infest the cyberspace, respectively. I am, of course, not addressing details of all cybersecurity issues in this post. Rather, my intension is to discuss security measures that the users can and should take to stay safe. Moreover, they can make life of cybersecurity professional, who are trying to maintain a safer cyberspace, much easier.
For simple analogies, let us consider our homes and cars. To keep them safe, we take simple safety measures such a keeping their doors closed and locked. We even install alarm systems; when someone attempts to cross the safety perimeter, the alarm system produce loud sound or flash lights to warn the intruders and the people around. We need to do the similar thing with our possessions and assets in the cyberspace. Unfortunately, unlike physical space, in the cyberspace we cannot see and most of us don’t know where and how to establish a security perimeters.
Communication Security for Cybersecurity
Well, you would not loudly announce in public your online banking username and password. Right? Then, you should do similar thing for most online communication. All your communication that travels through cyberspace (think the Internet) can be intercepted and read with minimal efforts, if they are Not encrypted. The encryption could be done explicitly by you or implicitly if your connection is secure.
It is very simple to find whether a connection is secure or not secure. (Notice, I have said ‘not secure’, because there is a big difference between ‘not secure’ and `insecure’.) Look at the left of the URL on the browser top address bar. If it shows a ‘closed lock’ symbol, the connection is secure. Some websites allow both secure and not-secure connections. To get the secure connection you should type ‘https://…’. For example, if enter in the address ‘https://cybersecurity1hub.com’ you will get a secure connection to our site. Now all the communication you do with this website will be encrypted. I must warn you that the encryption that is being used may not be STRONG enough. That’s why even a secure website uses stronger encryption for sensitive information.
Physical Security is par of Cybersecurity
Physical security? Aren’t we taking about cybersecurity? Yes, but cybersecurity breaching of a device is one step closer to a malicious actor if he has physical access to the device. For example, one wants to login a web-based email service such as Google or Yahoo, a code is sent to a smart phone. Now if someone has somehow obtained username and password of an email account, but still cannot login to the email account. If that person has the smart phone, viola; there is no more barrier to access the email account (and the treasure trove of personal information, which may include personally sensitive information, and personally sensitive information.)
Device Security is Important for Cybersecurity
Device security itself is a topic by itself, but we will discuss only nontechnical aspects. First, a device should have physical security (see above). Then it must have password/pin for access control. It is important to have a strong password of at least 8 charters that includes lower-case and upper-case letters, numbers, and special characters (such as ‘#’, ‘%’, etc.). To many, these two may appear enough, but they are just the starters. All apps (application software) that are installed and/or activated must be obtained from ‘trusted’ source. Moreover, the apps must be the most recent and up-to-date versions, because most updated versions have the best security features. The next comes the system softwares (and operating systems), such as iOS in an iPhone and android in an Android smart phone. If a device does not have most up-to-date system softwares, it is vulnerable to malware attack as well as hacking. These are the most easily taken security measures for devices. Although from the discussion, one may wrongly get the impression that device security is about smart phones and tablets etc. The fact is, all these are true for all devices from an IoT (internet of thing) device to a cloud server!
Network Security is key to Cybersecurity
Networks are composed of interconnected networking devices. Thus, network security includes all components of device security, and more. User and administrator accesses are two categories of accesses to a network. Here we will discuss only network security issues that are affected by the users and connections to outside networks.
A very basic step to network security is user-access control. When I access the Internet from my smart phone, I use a Wi-Fi network or a data network from my cell-phone service provider. In either case, my accesses to these network require some form of authentication. For accessing a Wi-Fi network I choose the WiFi network’s name (commonly known as SSID), and then provide a password. My cell-phone service provider programs and stores my data network access authentication information in the SIM (subscriber Information Module) card. Proper authentication procedures prevents misuse of the network by unknown entities. Details of authentication process could be as basic as a password (one-factor) or two-factor authentication (password and something the user has, say a cell-phone) or three-factor authentication that adds something the user is (for example, finger print) with two-factor authentication.
The next network-security measure controls, with a firewall, the services authenticated users can access from the network that are outside the network’s own domain. For example, a firewall may prevents the users from connecting to a website that does not provide encrypted secure connection. A firewall stops some (not all) malwares or hacker from entering the network. A firewall uses a set of per-established rules to screen incoming and outgoing data packets. Thus, as the creative malicious actors discovers new ways to pass through a firewall, new rules are necessary to be programmed in the firewall.
Server Security is important for Information and Cybersecurity
An organizer’s servers provide a wide variety of services to users and quite often stores and store personally sensitive or identifiable information. They deserve higher protection, which should be set and maintained by trained professionals.
But role of an average user for maintaining server security is minimal, because an average user access a server from an application software to receive services. However, an ordinary user can expose a server to a hacker and malwares. The former happens when a user keeps an unattended connection to a server that a predatory hacker utilizes to hack into the server. The other problem occurs when a user’s device has malwares that can crawl into the server. Sometimes the malware may not be a full-blown version, nut a few bytes that eventually opens a connection to a source that have other components of the malware. This small part is known as a dropper. In summary, users should ascertain that they completely logout from the application they were using and the device that they use are free from malwares.
Last but not the least important is information security. Malicious actors are looking for information that they can use to make money or sell for money. All five security issues we have discussed earlier are connected to information security. What a user needs to understand is security of some information more important than others. For example, security of your credit details are more important than security of your address. You need to learn more about classification of information which has been discussed in a question-answer format in another post.