A wide range of software can provide tools for ensuring information security.
- Turn off not-in-use wireless connections on your mobile devices.
- Use anti-virus software with frequent updates.
- Scan floppy disks, compact disks and other
storage media, especially those from unknown sources, before use.
- Consider installing/enabling security measures such as a Personal
Firewall to protect your computer if it has
a broadband connection to the Internet.
- Apply updates and patches to your computer
to fix known security vulnerabilities in a timely
and responsive way.
- Perform regular back-ups on your system and
data and store the backups securely. Recovery from a
full backup is the most secure and effective
way to recover any lost configurations and data.
- Install software according to installation
- Use software according to license terms and
- Don't use illegal software and programs or
those from untrustworthy or doubtful sources.
- Don't download programs without permission
of the copyright owner or licensee.
Guidelines for using Open Source Products
Open source software usually refers to software
whose source code is open and available to anyone
to study, use and adapt. Open source
software is gaining in acceptance, even in enterprise environments.
To use open source software safely, the following are
general security tips for your reference:
- Download open source products only from trusted
sites, such as the official website of the software developer,
to avoid potential risks caused by malicious code.
- Download the source code rather than a compiled
package. In this way, the source code can be
verified against the MD5 / SHA-1 checksums provided,
analysed for security vulnerabilities, and then
compiled for your own specific needs.
- Study the product's documentation carefully
for explanations regarding secure configuration.
- Check whether there is any process for reporting
a discovered vulnerability of the
product, and ensure that security issues are well maintained and addressed.
- Regularly examine common security vulnerability
databases, such as CVE (Common Vulnerabilities
and Exposures), for publicly-known information
on security vulnerabilities of the open source
product your organisation is using.
If your organisation is using open source software,
you should also consider the following:
- Set up a well-documented security policy and
ensure the policy is strictly adhered to. This
policy should be revised as business needs
- Adopt a "Defence-in-Depth" strategy
so that various threats at various levels right
from the open source product to the network
can be tackled effectively.
- Provide appropriate training to in-house staff
for the support and maintenance
of the open source product. Get proper documentation
done for all practices and configurations to
avoid problems that might arise due to job rotations
or employment termination.