Essay Sample on Improving General Security and Privacy Online

As everyone knows or should know, anything to do with the internet is dangerous. Since the beginning of the cyber world, multiple security breaches have happened, personal information stolen, individuals privacy intruded upon, and now the most popular forms of attacks are malware and ransomware. Innocent individuals have fallen victims of cyber-attacks as opposed traditional notion that only large corporations were the targets. Fortunately, there are plenty of options to prevent cyber-attacks and protect ones privacy. Some of these preventive measures are rather too obvious for implementation by big business while others can be set up at home for individuals protection.

It is an undeniable fact that trusted companies are lagging behind in software security. These are the same corporations that people entrust with their credit card information, addresses, telephone number, and even social security. An article Cyber Attacks on the U.S. Companies by a Riley Walters outlines numerous cyber-attacks that occurred in the US in 2016. As stated from Walters article, large databases, as well as point-of-sale systems, continue to be targeted by cyber criminals for financial gain (Walters "Cyber Attacks on U.S. Companies in 2016"). These attacks occurred from the late December of 2015 up to November 2016. During the attacks, some major companies like the famous restaurant Wendys and the FBI were attacked.

There are many ways of preventing future large-scale cyber-attacks on companies. The first and most doable one is to create awareness on security risks and to educate people about appropriate ways of ensuring safety. Although this is not an original idea, still many people and organizations have not embraced it. To ensure its effectiveness, this method should be implemented in a hierarchal manner. For example, people who interact more with the companys information and systems should have more intensive training while those who work in the manual labor department should just get a basic run through. A basic run through would be a sufficient guideline that is spoken to employees in a meeting or something similar that would entail the use of work email, websites and other equipment such as a printer and how to report any suspicious activity they find. This simple strategy is easy and will require no funding as it can be done by the internal organizations IT department. The slightly more costing and complicated part would be training employees who have a higher level of access and interaction to companys information and systems. Specifically speaking, it is the cybersecurity analyst who should be having these higher-tier security training. What does a cybersecurity analyst do? An article from Florida Tech states that cybersecurity experts provide consulting services, interpret and establish security technologies, and create the information security framework and architecture that protects sensitive data from threats. Since the cybersecurity team is in charge of various important subjects, the quality of how well they carry out their duty becomes a great organizations concern (Schembri "Cybersecurity Analyst Career Guide"). An example training procedure would be to have a team innovate new encryption methods and have another team of contracted hackers attempt to decrypt it. By doing so, the security team will identify new procedures that can bypass their security and work on improving them.

Another way that companies can protect themselves further is to use up-to-date, enterprise anti-malware and antivirus software from reputable vendors. Enterprise/Business grade software has more features that help in preventing attacks. A good rule of thumb to go by when looking for enterprise solutions is to make sure they that the anti-malware software is not readily available. Such a strategy will minimize chances of the software being cracked and exploited as there are fewer users. Usually, this will be easy to spot as there will be no direct purchase button on the site and will either require a customer to contact them directly or request acceptance. An all-around and secure option for business class anti-malware software is one called Malwarebytes. Malwarebytes are one of the few popular anti-malware sites that are known for providing high-security to the systems. A well-rounded enterprise antivirus is harder to identify as there many companies all providing almost similar anti-malware software.

These two suggestions are only a few of dozens of methods on how general security can be maintained to lessen the impacts of potential breaches. They are not perfect and have their faults, especially in the area where employees should be trained on finding potential security risks. For instance, workers such as clerks, phone supports, who eke meager wages. These workers lack motivation due to the low wage. Consequently, the training will just fall on deaf ears. To encourage them to participate in the training, it would be wise for the companies to introduce paid training sessions and putting out rewards for anyone who finds potential security leaks. Such strategies will encourage the workers to actively participate in the training and hunt for any possible security leakages.

Personal security and privacy is a lot easier and more flexible way of dealing with cyber insecurity. Although just as there are many options to protect oneself, there are also plenty of vulnerabilities and malicious activities that will do more harm in places that are least expected. For instance, free website domains that users visit on a daily basis. Hosting a website requires many things like a domain, server, and web software. All of which will cost money and recurring payments to uphold. Of course, the funds required to pay for these services need to come from somewhere, some owners will pay out of their pocket, but most will have numerous ads everywhere. There are also ad-less websites and the likelihood that someone is visited one is pretty high. For those who are less internet savvy, visiting a website that has no ads at all is a major relief, but for those who know what to expect, it may cause worries. As stated above, websites require funds to keep it up. As the article hosted on WebRoot explains, The way, most free services make money is not by selling advertising. What they sell is access to you, and information about you to advertisers, marketers, and researchers, and others. Though there are some pros to having information on you being sold, the cons of it greatly outweigh it. For one, criminals can use the information to steal identities and start scams (Criddle "How Do Free Websites Make Money?"). Some other possible scenarios that may happen is that some jobs or schools may even deny applications of some applicants since their information is found on compromising websites.

The good news is that there are solutions to protecting information online. One popular option for both personal and enterprise use is the use of a Virtual Private Network (VPN) to enhance their privacy. A further explanation is written by Paul Ian, The best way to think of a VPN is a secure tunnel between your PC and destinations you visit on the Internet. Your PC connects to a VPN server, which can be located in the United States or a foreign country like the United Kingdom, France, Sweden, or Thailand. Your web traffic then passes back and forth through that server. The result: As far as most websites are concerned, you are browsing from that server's geographical location, not your computer's location. While masking ones location is a key point of a successful VPN, it is not the only thing that it does (Paul "How and Why You Should Use a VPN any Time You Hop on the Internet). As Paul stated, the VPN is like a secure tunnel, what makes that tunnel secure due to its many security protocols like IPSec, SSL, PPTP, and SSH with 256-bit encryption. These features improve protection whatever data is going through the tunnel so that third parties cannot intrude. Some common uses of VPN are to circumvent country censorships to view websites that they are usually not allowed to access.

Many VPNs whether free or paid are not private at all. A VPN that is private will not record any logs of its users. From bandwidth logging, traffic, DNS requests, time stamps, IP addresses, and even payment information, which should be wiped or not even recorded. Whats worse, those vendors who do log data are almost always located in fourteen eye countries. Fourteen eye countries are extra countries that were extended from the original five eye countries. Five eye countries are as stated directly from Team MPN, They are derived from the UKUSA Agreement, which is essentially an agreement to collect, analyze, and share intelligence. In other words, they spy on people. The data from VPN vendors can be grabbed in although it was supposed to be private. One can determine genuine vendors by reading their privacy policy or terms and conditions. Another thing to look out for is a website that indicates they do not log yet they do now provide further explanation. One such example that cannot be trusted is Tunnel Bear.

A VPN vendor that does not log any data at all is the solution to any concerns of government intervention. These are the types of VPN companies that are reliable even if they reside in Fourteen eye countries (MNP "Is Your VPN Provider in a "14 Eyes" Country?). Some examples of great sellers are BlackVPN, AzireVPN, and BolehVPN. All three of these merchants do not keep logs and place customer privacy at the top of their priorities.

An understandable concern for using a VPN would be the price and if any extensive knowledge is required for using one. However, some VPN services are cheap and affordable nor only to companies but also individuals. An example would be AzireVPN that requires one to download a configuration file and Open the VPN, to connect to their servers. It is also very affordable as it charges 45 euros for one year of unlimited bandwidth usage is only.

Work Cited

Criddle, Linda. "How Do Free Websites Make Money?" How Do Free Websites Make Money? WebRoot, n.d. Web. 20 July 2017. https://www.webroot.com/us/en/home/resources/tips/digital-family-life/security-how-do-free-websites-make-money

MNP, Team. "Is Your VPN Provider in a "14 Eyes" Country? This Is Something You Should Know." My Private Network | Global VPN Service Provider. My Private Network, 20 June 2017. Web. 20 July 2017. https://www.my-private-network.co.uk/vpn-provider-14-eyes-country-something-know/

PAUL, IAN. "HowAnd WhyYou Should Use a VPN any Time You Hop on the Internet." PCWorld, vol. 35, no. 2, Feb. 2017, p. 173. EBSCOhost, ezproxy.fcclib.nocccd.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=f5h&AN=121212349&site=ehost-live&scope=site.

Schembri, Joe. "Cybersecurity Analyst Career Guide." Florida Tech Blog. Florida Tech Blog, 03 Mar. 2017. Web. 20 July 2017. https://www.floridatechonline.com/blog/information-technology/cybersecurity-analyst-career-guide/

Walters, Riley. "Cyber Attacks on U.S. Companies in 2016." The Heritage Foundation. The Heritage Foundation, 2 Dec. 2016. Web. 20 July 2017. http://www.heritage.org/defense/report/cyber-attacks-us-companies-2016