Protecting private information

Information is the lifeblood of most, if not all, modern organisations, so protecting (this) information against unauthorised disclosure, modification or erasure is a basic requirement of management. Executives and staff in all organisations rely on the timeliness and accuracy of information in order to operate in the most efficient and effective manner. Increasingly, with advances in technology, there is the danger that this information may be unavailable or may be corrupted, either accidentally or deliberately. There are frequent reports of computer hacking (unauthorised access to computers), viruses and other disasters that can affect information such as fires, power failures or simple human error.
What Is Sensitive Information

Sensitive information can be many different kind of information, like:

* Name, address, phone number
* Date of birth
* Social Security Number (SSN)
* Credit card numbers
* Driver’s license number (DL)
* Banking and financial information
* Medical information
* Employment/education information
* Patient, Student and Faculty records
* Grades
* Intellectual property (your creation)
* Proprietary information (unique data)
* Trade secrets (Coke)
* Passwords and access codes Protecting Information In Your Office Area

A few basic steps to secure information in your office:

* Documents that include sensitive information need to be secured during printing, transmission, storage, and disposal.
* Don’t leave paper documents containing sensitive information unattended. Credit card slips or paper checks should not be sent through intercampus mail.
* Be aware of the potential of others to overhear sensitive information. Don’t discuss confidential information outside of the office.
* Verify identities of all visitors and escort them; verify identities of those requesting sensitive information.
* Lock your office, desks, and file drawers when unattended. Don’t store keys in easily accessible areas.

Protecting Your Computer And Its Information

Simple steps to protect your computer and its information:

* Lock down PCs, laptops, PDAs, flat panel displays, printers, and other high-value items.
* Avoid allowing strangers or visitors to use your computer. Be aware of who can see your screen, especially when viewing sensitive information.
* Create strong passwords or pass-phrases. Use a combination of letters and numbers, and don’t use dictionary words.
* Change your passwords when prompted by the system and never share them or write them down.
* Avoid discussing confidential information, accepting downloads or authorizing transactions or payments on IM, IRC or other chat programs.
* Privacy and confidentiality of email messages is not guaranteed. Information can be opened or read by someone other than the intended recipient. Exercise caution in using email to communicate confidential or sensitive information.
* Use only approved and necessary software applications.
* Make sure anti-virus software is installed on every computer you use.
* Make a backup copy (to a removable disk or flash drive) of your most important files and store the backup in a safe place, preferably in a different location. Backup your files at least on a weekly basis.
* Delete files you no longer need.
* Don’t accept unsolicited downloads.
* Don’t use P2P or file-sharing systems.
* Log off when not using your computer or at least use a screen saver that requires a password.
* Turn your computer off when leaving for the night.
* Follow all LTS and University IT policies and procedures regarding information technology security. Immediately advise an LTS supervisor of any suspicious activity on University computers.

Protecting Your Trash Can

Also be careful with your Trash can:

* Avoid careless disposal. Shred any discarded materials containing sensitive or confidential information.
* If you find sensitive information carelessly discarded in a public place, notify your manager.

Protecting Your Privacy

Never give out personally-identifying information unless you know:

* Who is receiving the information
* Why the information is needed
* What specific elements of information are needed
* How the information will be used, and by whom
* With whom the information will be shared
* How the information will be protected

Written by beerbong.

In computing, a firewall is a piece of hardware and/or software which functions in a networked environment to prevent some communications forbidden by the security policy, analogous to the function of firewalls in building construction. A firewall is also called a Border Protection Device (BPD), especially in NATO contexts, or packet filter in BSD contexts.

A firewall has the basic task of controlling traffic between different zones of trust. Typical zones of trust include the Internet (a zone with no trust) and an internal network (a zone with high trust). The ultimate goal is to provide controlled connectivity between zones of differing trust levels through the enforcement of a security policy and connectivity model based on the least privilege principle.

Proper configuration of firewalls demands skill from the administrator. It requires considerable understanding of network protocols and of computer security. Small mistakes can render a firewall worthless as a security tool.

Types of firewalls

There are three basic types of firewalls depending on whether the communication is being done between a single node and the network, or between two or more networks
whether the communication is intercepted at the network layer, or at the application layer
whether the communication state is being tracked at the firewall or not
With regard to the scope of filtered communication there exist:

personal firewalls, a software application which normally filters traffic entering or leaving a single computer through the Internet
network firewalls, normally running on a dedicated network device or computer positioned on the boundary of two or more networks or DMZs (demilitarized zones). Such a firewall filters all traffic entering or leaving the connected networks.
The latter definition corresponds to the conventional, traditional meaning of “firewall” in networking.

In reference to the layers where the traffic can be intercepted, three main categories of firewalls exist:

network layer firewalls
application layer firewalls
application firewalls
These network-layer and application-layer types of firewall may overlap, even though the personal firewall does not serve a network; indeed, single systems have implemented both together.

There’s also the notion of application firewalls which are sometimes used during wide area network (WAN) networking on the world-wide web and govern the system software. An extended description would place them lower than application layer firewalls, indeed at the Operating System layer, and could alternately be called operating system firewalls.

Lastly, depending on whether the firewalls track packet states, two additional categories of firewalls exist:

stateful firewalls
stateless firewalls

Network layer firewalls
Main article: network layer firewall
Network layer firewalls operate at a (relatively low) level of the TCP/IP protocol stack as IP-packet filters, not allowing packets to pass through the firewall unless they match the rules. The firewall administrator may define the rules; or default built-in rules may apply (as in some inflexible firewall systems).

A more permissive setup could allow any packet to pass the filter as long as it does not match one or more “negative-rules”, or “deny rules”. Today network firewalls are built into most computer operating system and network appliances.

Modern firewalls can filter traffic based on many packet attributes like source IP, source port, destination IP or port, destination service like WWW or FTP. They can filter based on protocols, TTL values, netblock of originator, domain name of the source, and many other attributes.

Application-layer firewalls
Main article: application layer firewall
Application-layer firewalls work on the application level of the TCP/IP stack (i.e., all browser traffic, or all telnet or ftp traffic), and may intercept all packets traveling to or from an application. They block other packets (usually dropping them without acknowledgement to the sender). In principle, application firewalls can prevent all unwanted outside traffic from reaching protected machines.

By inspecting all packets for improper content, firewalls can even prevent the spread of the likes of viruses. In practice, however, this becomes so complex and so difficult to attempt (given the variety of applications and the diversity of content each may allow in its packet traffic) that comprehensive firewall design does not generally attempt this approach.

The XML Firewall exemplifies a more recent kind of application-layer firewall.

Proxies
A proxy device (running either on dedicated hardware or as software on a general-purpose machine) may act as a firewall by responding to input packets (connection requests, for example) in the manner of an application, whilst blocking other packets.

Proxies make tampering with an internal system from the external network more difficult, and misuse of one internal system would not necessarily cause a security breach exploitable from outside the firewall (as long as the application proxy remains intact and properly configured). Conversely, intruders may hijack a publicly-reachable system and use it as a proxy for their own purposes; the proxy then masquerades as that system to other internal machines. While use of internal address spaces enhances security, crackers may still employ methods such as IP spoofing to attempt to pass packets to a target network.

Network address translation
Firewalls often have network address translation (NAT) functionality, and the hosts protected behind a firewall commonly use so-called “private address space”, as defined in RFC 1918. Administrators often set up such scenarios in an effort (of debatable effectiveness) to disguise the internal address or network.

2. Change by Group

Use this permission file for Example (-rw-rw-r–) from this permission it mean :
File owner can read and write can not to execute.
User in owner group can read and write, but can not to execute.
Other user out of this group can read only.

About File permission
- r can read.
- w can write.
- x can execute.

Group of person
- u file owner.
- g user in group of file owner.
- o other user out of group file owner.
- a all 3 groups

For this Example will use + and – for add and delete permission.

Exam : If you want to change all users and groups can execute this file (yourfile.txt) you need to use command as below :

#chmod a+x yourfile.txt

Exam : If you want to set owner and group can execute this file use the command :

#chmod ug+x yourfile.txt

Options for chmod command
- c you can see result after use this command on display.
- R use this option for change permission to all subdirectory or all files in subdirectory.