Obiaks Blog

Don’t steal my information

It’s important to take the precautions to protect you and your products from information theft these days, because it’s getting easier and easier for people to share digital products.  Information theft is a type of computer security risk and it’s defined as stealing an individual’s personal or confidential information.  When this is stolen this can cause as much damage, or possibly more then hardware or software theft.  Business or home users are both at risk of information theft. One example is a malicious individual stealing credit cards so they can make unauthorized purchases on another person’s account. If information is transmitted over a network then it has a very high chance for malicious users to intercept the information. Every computer in the path of your data can see what you send, and they can also see what you send.  A lot of companies try to stop information from being stolen by applying some user identification and authentication controls. These constraints are best for protecting computers along a company’s premise. However, to protect information on the Internet and on networks, companies use a handful of encryption methods.  Encryption refers to the process of converting data into an unreadable form. One type of encryption software is Obfuscated code which is a programming language that is extremely hard to read. Encrypted data is like any other data because you can send it through a lot of options, but to read it you must decrypt or decipher it into a more readable form. Throughout the encryption process, the unencrypted data or input is known as plaintext and the encrypted data, or output is known as ciphertext.  To encrypt information, the programmer converts the plaintext into ciphertext using some type of encryption key.

An encryption key is the programmed formula that the person who receives the data uses to decrypt the ciphertext. There are a variety of encryption or algorithm methods. However, with an encryption key formula, you will be using more then one of these techniques.  Some business use available software, while others develop their own. When an individual send information online such as through an email for example, they will never know who might intercept it, or to whom it could possibly be forwarded to.  That’s why it’s not such a good idea to send confidential information online. However, an individual can help protect themselves by encrypting the information, or signing it digitally. Some very popular email encryption software is known as Pretty Good Piracy (PGP) and Centurion Soft Secure Protection.  Pretty Good Piracy is known as freeware, which means that individuals can use it for their personal needs but not for commercial purposes. You can download this for no cost. A digital signature is a type of encrypted code that a individual, website, or company pastes to an electronic document to make sure that the individual is who they claim to be.  The code will most likely consist of the user name and a hash of usually part of the message. A hash is a type of mathematical formula that generates content from a specific message, so it is different from a message. The recipient will have to generate a new hash from the received message and compares it from the one with the digital signature to make sure that they match appropriately. The main purpose behind using digital signatures is to make sure that it’s not a deceiver participating in the transaction. So, digital signatures help narrow down e-mail scams. A digital signature can also make sure that contents of a message have not been changed. A lot of web browsers use encryption that is regarded as 40 bit encryption, and this is a very low level. A variety of browsers also offer 128 bit encryption which has a higher level of protection because the encryption key is longer.  Some important places that require extremely hire security like banks, and online retailers needs at least 128-bit encryption. A website that successfully uses encryption methods to secure information is known as a secure site.  A secure site uses digital certificate with security protocol.  The two most popular security protocols are secure sockets layer, and secure HTTP. 

A digital certificate is a notice that verifies that a user or a website is for real or not a scam. A lot of ecommerce websites will usually have digital certificates. A certificate authority (CA) is an authorized company or individual for that matter that has the ability to issue and verify digital certificates.  There are several of websites that offer a digital certificate. Some popular ones are Verisign http://www.verisign.com/, Godaddy www.godaddy.com, Digicert http://www.digicert.com/, and Thawte http://www.thawte.com/.The digital certificate will usually contain information such as the username and the serial number of the certificate. By the way, the information in the digital certificate is also encrypted. Next, the Secure Sockets Layer (SSL) provides encryption of every detail that passes between a server and a client.  SSL also requires the client to have a digital certificate, so the web browser can communicate securely with the client.  The web pages that use SSL will usually begin with https as opposed to http. SSL is available in 40 and 128-bit encryption. Secured HTTP (S-HTTP) allows individuals to choose encryption for data that pass through a client and a server.  When using S-HTTP, the client and the server must have a digital certificate.  This makes S-HTTP more difficult to use then SSL, but on the other hand, it is more secured. Companies that have to use verify a client such as online banking companies use S-HTTP. Also, mobile users can also access computer networks through a virtual private network. When mobile users successfully logon to a main office using some type of standard Internet connection, a virtual private network (VPN) allows the mobile user to secure the connection.  VPNs encrypt data as it passes from a notebook computer or any other mobile device so it won’t be intercepted.  Regardless of your security method, I will highly recommend using the most powerfulness safeguard which is a backup. It prevents data loss from several of sources such as system failure for one.  A backup is simply a backup of a file, program, or desk that can be used in place of the original if its loss, destroyed, or corrupted.  If the files are destroyed, then you can replace them by restoring it, which copies the backed up files into their original position in the computer.