Picture: Pixabay

Durban - In the past two decades, I’ve dealt with plenty of security problems - and a few disasters. I won’t pretend I wasn’t responsible for some of them. Those that hurt the most are the ones that might have been avoided if a few rules had been put in place and followed. Nobody thinks about security when everything’s working - but when there’s a breach or a threat, it’s mayhem. Wi-Fi Security: Wi-fi networks offer great convenience, but they are also potential weak points when it comes to security. Wi-fi networks can be configured in a variety of different ways, but one of the more common ones is simply a “wireless bridge” - in this configuration, anyone who successfully connects to the wireless network (using the wireless password or key) is then “bridged” to the main wired network - connecting their device to all the other devices on that network. For guest access, this is very risky.

If you need to offer public or guest wi-fi access, ensure that it is separated from your main “back office” network. Most wi-fi routers have the option of a guest network or multiple “SSIDs” which can be configured to segregate connections. Consult an expert if you’re not sure if your wi-fi is configured appropriately for your needs.

Network Permissions: In business IT environments, permissions are used to control what users can and can’t do. Organisations should have an access policy and a hierarchical structure to grant specific access based on work-related needs. These should be reviewed occasionally as user roles and responsibilities change. Permissions that are no longer necessary should be removed.

This should not be viewed as a trust or privilege issue - it’s simply a matter of best practice. No matter what security is in place, there is always a risk of a hacker or malware or a similar threat compromising a user’s account. The damage that could be caused by this sort of event can at least be curtailed if the user’s access to files and resources on the network is properly defined and restricted.

Administrator Accounts: Controlling access to network resources and shared folders is important for security, but what about your local PC? Does the account you log in with have full administrative access to your computer? That’s probably more than you need for day-to-day activities. A user logged in with administrator privileges can do pretty much anything on the computer. Administrators can view any file on the system, change system-wide system settings, run installed programs, add programs, install hardware and change the user accounts and passwords of other users. A standard or limited user account is restricted to running installed programs, and can’t change system-wide settings, install updates, software or hardware, and is also unable to change the settings or access of other users. This may sound restrictive, but it’s more secure. If a standard user account is compromised by a virus or similar threat, the damage is limited.

For a guide on how to set up new user accounts or amend the permissions of existing accounts see https://tinyurl.com/luwin102019 (Windows 10) and https://tinyurl.com/luwin10guide. For Windows 7, see https://tinyurl.com/luw72019

The Mercury