IS 250 Computer and Network Security

Having an Employee Exit policy is an essential part of the disconnect process. I remember a job I had where I was hired to augment 2 other developers but within a month, one had quit and the other was terminated. Both left abruptly and left little in the way of guidance for doing the job,…

Governments should not have the ability to decrypt user data, even to access data that would support criminal cases. These are my 3 main reasons: The government already has tools in which to conduct investigations. The recent push for a backdoor to encrypted data by law enforcement is couched in the idea of protecting children…

Emails are a necessary component in today’s business world and a point of concern for any IT department. Cyberattacks are becoming more frequent and damaging and one of the ways attackers gain access is with Phishing emails. According to Verizon’s Data Breach Investigations Report for 2020, the top threat action in breaches is caused by…

Introduction Malicious Software, better known as Malware, is software that is designed, according to Cisco.com, “to damage and destroy computers and computer systems.” There are various types of Malware: Virus – This type of malicious software is attached to a file and only runs once the infected file is opened or run. Worms – Unlike…

Introduction A physical and access policy is important for Catalina.com to protect hardware, software, and data from internal and external unauthorized access that would harm the organization. Assessing, addressing, and preventing these threats are one of the responsibilities of the IT and Security departments and an access policy is a way to define the standard…

What are your thoughts about password management?  Do you or do you not agree with having rules around passwords, i.e.: Requiring the use of special characters, having passwords of a minimum/maximum length requiring passwords to be changed on a regular, etc…What do you think is the single most important password “rule” requirement? I have been…

Introduction The process of authentication and authorization is where a user’s identity is verified and allowed access to the organization’s systems. Access control (also called permissions or privileges) defines and enforces the authorization policies. One of the most important roles as a Network Administrator is to create accounts for an organization and manage the level…

Universal Single Sign-On A universal single sign-on seems to be an easy “heck no”. Who in their right mind would willingly give that kind of power to just one entity? Data breaches are a regular occurrence. Just last week, as I was lamenting the Terms of Service for playing Pokémon on my Switch, there was…