Based on the title of this post, you can guarantee that I've got to be one of the biggest friggin' nerds the world has ever seen. The bottom line here is that I love technology. Almost every aspect of (GOOD) technology fascinates me to no end.
My latest project that I am working on is a security-related idea of mine. My desire is, on my home network, to lock it down tighter than good ol' Fort Knox (tired on that expression yet?). Yes, networking is probably my favorite part of computer systems. My grand idea this time is actually quite simple: implement 802.1x on my wireless network (check that one off!), get rid of Pre-Shared Key authentication (work in progress) and implement 802.1x on my wired network (work in progress). This completely prevents any unauthorized access to my network, thus protecting my data (or not).
Now another very simple method of protecting your data is permissions. First and foremost, whenever I setup a server, I always remove that damned entry in the list labeled "Everyone" as this effectively locks everyone out. To grant a user (or group) access to read/write/modify, simply add the user (or group if it's a larger environment so you don't have to add thousands or more individual entries) and grant them the most restrictive permission possible for them to do their job, but to also protect your crucial data. NTFS permissions are usually enough to ensure that only authorized people access data, but I don't stop there. I go a step further and remove "Everyone" from the share permissions (because I do lots of inter-network file sharing) and manually add specific users (groups) to have permissions.
To make sure my data and network are safe, I am actively snooping around my network as a lower-privileged user to look for holes. Since I'm using a basic user account and I have the knowledge of what is where, I can find flaws and turn around and patch them.
Hopefully more to come later as I discover more and more technology!
No comments:
Post a Comment