Digital Dispatch – Is the Internet Safe?
by: Todd Althouse
The simple answer is no. Most of the computers today are vulnerable to some kind of hacker or virus attack. If you don’t believe me, just pickup any newspaper or listen to any news show, computer attacks happen everyday. Should you stop using the Internet? ABSOLUTELY NOT! With the proper precautions you can adequately secure your information. In fact, I read a statistic the other day that said more data is lost from computers being stolen than from data being accessed from the Internet.
Then why should you use a computer connected to the Internet? - To stay profitable. Many of your competitors already manage their businesses using a computer. Today, most of the motorclubs encourage service providers to use the Internet to receive calls. Tomorrow this may become a requirement. In fact, the Internet will soon be used by car dealers, trucking companies (
www.wrecker.com), car rental agencies, and insurance companies to send the majority of towing requests. Therefore, it is imperative that you protect your information from malicious Hackers.
Just like we use locks on our doors and windows to prevent intruders, we can lock down the information on our computer. However, just as it is difficult to absolutely prevent someone from entering your house, it is difficult to absolutely prevent someone (a hacker) from gaining access to your computer. That is why backups (your insurance) are so important. So, if you are attacked you can restore your information.
The same way banks protect your money and valuables in high security vaults, professional system administrators protect your data by preventing nearly all attacks from hackers, losses from fire, storms or theft with the proper hardware and software, but it is expensive. The average computer owner is not willing or not able to go to this expense. So my article is aimed at affordable solutions that will give you adequate protection against viruses and hackers.
Let’s start with a few definitions:
Hacker (or more correctly a Cracker): Is a programmer who breaks into a computer system for the mere challenge of doing it. This may or may not be a malicious attack.
Viruses and Trojan Horses: Viruses are computer programs that run against your wishes and without your knowledge. Some cause damage to your system, while other are just annoying. A Trojan Horse, a special kind of computer virus, is a malicious program that is disguised as a useful or fun program. It can be installed on your computer by email or other means. Someone can send you an email with an attachment claiming that it is a super duper screen saver or another appealing document. When you launch the attachment it appears as if nothing has happened, but in reality the Trojan has been installed and initialized on your system. It can be a remote control type of program, which will allow someone to control your computer, access your data or delete things. Usually the anti-virus vendors are on top of threats like this and issue a new virus definition that detects the Trojan before it can do any harm. That is why it is very important to keep your anti-virus software up-to-date.
Firewall: A software program or hardware device that monitors Internet activity to detect and prevent unauthorized access to a computer system.
Are you at risk?
There are several FREE resources that will test the vulnerability of your computer system to outside attacks:
*
http://mcafeeasap.com/content/cybercop_asap *
http://www.symantec.com/securitycheck *
http://www.grc.com *
http://scan.sygatetech.com/ These programs will also identify other areas of concern and rate your exposure. They will also give instructions on minimizing your risks, like:
Disabling File and Printer sharing for Microsoft Networks
This is a Windows networking setting that should be disabled (off) unless you are behind a firewall. If you have this enabled (on) anyone can access the data on your computer hard drive. Look in the Microsoft Windows help file under “File and Printer Sharing for Microsoft Networks” for instructions on disabling it.
Using better passwords
Do not use proper names, since many of the password cracking programs assume that most people use the names of their spouse, kids, pets, etc. You should also mix upper and lower case letters with numbers. The more random you make the sequence the better. For example “rfghZyU23Iu” is hard to crack, but it is also hard to remember. Think of it as remembering a combination to a lock or a phone number. You can remember it with a little practice.
Consider purchasing a personal firewall (Free - $40)
A personal firewall program will limit your exposure to unwanted guests by monitoring all Internet activity. The next version of Microsoft Windows (Windows XP) will have a personal firewall integrated into the operating system.
Service providers are being told that the motorclub Digital Dispatch will not work behind a firewall. While this may be true for the web solutions from the motorclubs, it is not true for the solutions being provided by the towing software vendors. Furthermore, I believe with a little investigation and testing the motorclub browser solution should work behind a firewall too.
But is it safe to use Digital Dispatch? Although Digital Dispatch uses the Internet, it poses a relatively low security risk if properly implemented. This is because data is expected in a certain format, if does not receive data in that format it rejects the packet. However, your towing software vendor should also verify that the data packet came from one of the motorclubs and the connection should not remain open for more than a few seconds. These precautions will keep your risk exposure to a minimum.
Purchase an anti-virus program and keep it up-to-date
Most anti-virus programs have a “live update” feature that will check the company’s web site for virus updates and update the software when needed. You need to do this about every 2 weeks to make sure you are protected against the latest viruses. You can order an anti-virus program online from
http://www.mcafee.com or
http://www.symantec.com.
Give Credit Card information on a secure site only
You can tell you are on a secure site by looking for “locked padlock”. Netscape places the padlock in the lower left corner and Internet Explorer places the padlock in lower right corner of the program screen. Giving your credit card information over the Internet on a secure site is more secure than giving your card over the phone or even using you card in a store. This is because your credit card information is usually sent directly to the credit card company, bank, or processing company without human intervention.
Use online applications (ASPs)
The next generation of applications for towing management, accounting (Quickbooks for the Web), anti-virus, etc. will be online. This will give tremendous security advantages. First of all, Internet professionals that know how to thwart the efforts of hackers will maintain the sites. Your data will be safer on the web than in your own office. Secondly, if you were to get a virus or your computer is lost or stolen, all of your data would be safe on the server of your application service provider. Therefore, since nothing is stored on your local computer, you can simply go to another computer, input your password and you are back in business without experiencing any downtime or lost information.
Use secure databases to store your information
If you are using a towing management or accounting software, your data is stored in databases. Think of a database like a file cabinet. Some people lock their file cabinets and others do not. Databases are locked using user IDs and passwords. Just because your program requires you to login with a password, this does not mean the database is protected. Certain older less expensive database systems allow access to your information from outside the software that created it (using something like Microsoft Excel). However, expensive enterprise (professional client/server) database systems, such as SQL Server and Oracle maintain a very high level of security. That is to say, without the proper user ID and password, it is nearly impossible to view your information. This is not the case with older (distributed) databases, such as FoxPro and dBase. These packages merely store information and do not require authorization to view the information. They rely on your local network to provide the security.
The Internet generation of towing software (ASPs) will likely use professional client/server databases for information storage. This will bring a level of security to your information that has been needed for a long time.
To review, you should do the following to reduce your Internet risk:
1. Disable file and printer sharing.
2. Purchase personal firewall and anti-virus software.
3. Only use secure “pad locked” sites for credit card transactions.
4. Look to new online applications (ASPs) for towing management, accounting, etc. to provide the most secure, cost effective business environment.
Using computers, the Internet, and proper safeguards, your business information will be more secure and accessible. Your competitors will have a tough time catching up!
About The Author
Todd Althouse is a Managing Partner of Beacon Software, LLC - an Internet Application development company specializing in towing software and fleet management software. Visit
http://www.beaconsoftco.com for more information.