Clash of the Touch Titans; iPhone 3G 3.0 vs HTC Magic Google Android

Image via CrunchBaseMy new iPhone 3G (2nd one after returning my original last Fall) is on the way after finding a deal on a new one at HowardForums. I also have been using the T-Mobile G1 since last October, but as I mentioned in my first Clash of the Titans article I am going pop

Today in business protecting your information is essential. IT managers should be practicing defense in dept to secure their systems.

What is defense in depth? It is using multiple layers of security systems to protect or stop a attack. There are criminals, hackers, modem rental fee crime groups, employees and foreign internet data center trying to access or destroy data. There are many reasons why people do this. It could be used for identity theft, they can threaten to bring down a companies website. They might want to take over your servers to launch denial of service attacks. Foreign countries, terrorists and competition might want trade broadband checking speed or information on military information.

There are many tools attackers have ready to use. How do they get to this information? There are many vulnerabilities they can implement. Here are a dial up internet providers Rootkits, Remote exploits, buffer overflows, sniffing, session hijacking, social streamyx promo viruses, trojans, and key stroke loggers.

There are many tools that companies and individuals can use to help internet access provider these risks. Intrusion detection and prevention systems can help stop and inform you that there is a possible attack happening. Firewalls and anti virus gateways can help to try to stop attacks and protect against viruses. The firewall must be checked for correct rule sets.Services not in use should have their ports blocked or turned off entirely. Denial of service defense software can be installed to help drop packets before they crash your systems. Your firewall can be configured to do the same.

Hosts in your network should be protected with anti-virus software, spyware removal tools, and personal firewalls.
If your data is really valuable consider hiring an outside firm to do penetration testing and application security testing.
Software updates should be installed frequently on a test server first and then put on your production servers.

Users on the network should be authenticated with a user name and password. The password should be difficult to guess and be alph numeric usb wireless internet both upper case and lowercase. Passwords should be changed on a regular basis. To protect information on your computers encryption should be utilized with encryption protocols such as DES, 3DES or AES. If you use remote access do not use Telnet Make sure that you are using SSH, or SSL with IPsec.

Users should be educated about possible security risks and trained on the companies security policy. System administrators should be backing up daily and checking their logs for suspicious activity.

Benjamin Hargis Information Security Consultant

Phuture Networks http://www.phuturenetworks.com