If you’re looking for vulnerabilities in your company’s systems to work a security plan out for, network and endpoint security may not be the first place you look. But what with hackers trying to think differently all the time, you do need to get creative. Let’s just look at a few IT security pointers that while simple, do actually work, because these are just different.
Even IT support consultants in Wales will go and name their administrator accounts Admin.
Either they name them that because that’s the tradition, or they just leave the default value right there. In a world where most people use simple passwords like “QWERTY” or “monkey” (according to the recent Yahoo e-mail password leak), it might surprise you to hear that the experts do practically the same thing as lay people. But there you have it. Many security experts will actually scoff at such advice. They’ll say that there is no reason to think that they’ll be attacked. Because they are a small company and who cares. That’s just crazy thinking though. A hacker can attack just about any company if he feels there’s a way to get away with something. In fact, making sure that the username is difficult to guess is extremely important – even more important than the password. If a hacker has a username to work with, there are automated programs that can guess what the password is. It’s very difficult though if you have no idea what the username is either.
You need to start with the username if you’re interested in IT security for your business. You really have to understand that there is no program or method in existence that is able to guess usernames. Every hacking attempt that’s been successful in the history of the world has only used default usernames or usernames that are already known to the hacker. Nobody guesses usernames.
The best IT security experts in the business will always use something called a Honeypot when they try to defend the company’s network. What is a honeypot you ask? It’s an easy target that you set up in a computer network that will easily give itself up when an attempt is made. They set it up so that once it is broken into, right away, it will go and send an alarm to everybody in the business to make sure that they take a look. It’s sort of booby-trap, and it can really work. And finally, make sure that you install everything to a non-custom directory.
It’s the same thing as the username idea. Do things that are not the default choice, and hackers won’t know what to do.