Tag Archives: lockdown

Two Important Security Concepts: Lock Down & Layered Security

23 Sep

Two important security concepts are Lock Down and Layered Security. These concepts apply to personal home security and online computer security.

Lock Down means different things to different people. A prison lockdown is different from a school lockdown during the threat of a crazed shooter. Lock down implies containment of things as they are. It denies harmful forces the chances to make progress and advance. It keeps things as they are, allowing the white hats to ride in and save the day.

A computer user can “lockdown” his computer. This means the computer is hardened against malicious attempts to change it. There are commercial programs (AppGuard) which prevent malicious code from changing your software. There are free programs like Microsoft’s EMET which help you “lock down” weaknesses.

The simplest things can be the most powerful. Any computer user without adding any special software to his PC can tighten security with the simple “lock down” procedure of creating non-administrative user accounts for daily use. Limited user accounts have limited ability to change your operating system and install software. You can still browse the web, check your e-mail, and spend way too much time on youtube with a limited user account. What you can’t do is make fundamental changes to the operating system. You need to log in as administrator to do that.

If a hacker gets control of your limited user account, his rights are limited. His ability to compromise your system is limited. Researchers have shown 92% of the malware out there can’t overcome being contained in a limited user account.

Limited user accounts are an example of the concept of allowing the minimum access and rights and privileges needed to a person. Don’t let strangers walk through your house.

An intruder entered the White House. The news said the White House is the most secure house in the country. O Contrair. MY house is the most secure house. I keep my door locked and I don’t have tourists. “Ah, that’s my stack of dirty underwear. I’ve been meaning to wash it. Moving over here, we see…”

Layered Security is just what it sounds like. It’s layers of defense to stop an intruder. A pit bull behind a locked door is layered security. If the intruder gets past the door, he must still deal with the dog.

A good example of layered computer security is using a DNS name server like Norton DNS Connect Safe to complement your firewall and virus protection.

DNS is like the phonebook for the Internet. DNS works as follows: When you want to visit a website, your computer needs to find the IP address of the site you want to visit. It gets this information from your DNS, which is a computer usually run by your Internet Service Provider (ISP).

A secure DNS will look at the IP address you want to visit and check if the site hosts malware or viruses. If the site is malicious, the secure DNS will let you know and won’t connect you to the site.

If a virus/malware got past your antivirus protection and past your firewall, one thing it would try to do is “phone home” to connect to a malicious web server to download more viruses or to send your private information to hackers. When it tried to make this connection, if your DNS were secure, the secure DNS would likely deny this connection.

I don’t recommend Google’s DNS because of privacy issues. Google likes keeping personal information way too much. You can layer your anti-virus with Google’s VirusTotal website which checks downloads for viruses.

Give some thought to these two security concepts as they relate to your personal security. What layered defenses have you? What is your daily “lock down” and what is your emergency “lock down”?

***

For airgun shooters, there’s some great information over at ThoughtfullyPrepping.

A great essay about where to start prepping. Not about fighting zombies, but about reality.