Author Archive Jayanthi

ByJayanthi

Definitions: What is “Dark web”?

“Dark web” which is not to be confused with “Deep web” is that part of the web which cannot be accessed by traditional search engines likes Google, Bing or Yahoo. In addition to this, it can only be accessed by special browsers like ‘Tor – the Onion router’ or ‘I2P'(Invisible Internet project). The “Tor router” enables anonymized browsing of the “dark web”.

“Dark web” domains end with “.onion” and are purposefully hidden from popular search engines. They are used to host a number of illegal activities.

 

Images source: Google images

ByJayanthi

Who talks more?

….Men or Women? 🙂 Yes – I know, I know –  the answer seems to be pretty obvious about who is more loquacious but still it piqued my interest to write about it… 🙂 However, it is to be noted – that there is no scientific reasoning behind my blog post – just  some honest observations around my world!! 🙂

In my universe, “the fair gender” is the one who has to more to say at all times! (I am sure there are a few exceptions to this rule – though I would find it hard to believe that!! :)) We,women  have a lot to say,express, state, discuss, rant, gossip, agree, disagree on a variety of topics about almost everything in the world! 😉 which, is a good thing as effective communication is the key to success, I would say…There is a great deal of pleasure women derive from just talking and sharing ideas… 🙂

Read More

ByJayanthi

Social media security!

Continuously toying with a new idea for the technical blog post for several weeks, I couldn’t help but post about “Social media security” finally!

We live in an era where “sharing is caring” and the more we share with our friends and well wishers, the happier we are. Contrast this is to the time, when snail mail was sent and received only in  totally sealed envelopes that nobody could see! As times have changed and social media plays a huge role in most of our lives for different reasons, it is but necessary to adopt some safety standards as we share and care.

As an ardent follower of Information security practices I see how simple data sharing can potentially open the doors for invisible hackers. My InfoSec brain is, tuned and wired differently and I see social media broadcasts in a totally different way! This post lists certain vulnerabilities that social media presents and some common ways to avoid it.

Read More

ByJayanthi

Wireless security

Look around you and you see everything has become wireless and more mobile than 10 years ago. Wireless technologies have seen increased growth as being tied to desktops, landline phones have become passé. We see laptops with Wi-Fi connectivity that gives one the ultimate freedom to do business or do casual browsing on the go. In addition to this we also have numerous wireless devices such as the wireless mouse, wireless speakers, wireless headphones and wireless cameras. Another interesting development on the wireless front is the wireless POS terminal that again gives more convenience to the end user and the merchant. Given all these wireless developments, it is but necessary to secure them, using good policies and adopting latest standards.

We start our discussion on wireless security by first seeing the working of the WLAN, security issues with wireless networks followed by the countermeasures that seek to block these security issues.

Read More

ByJayanthi

Why do we Tamilians not have a last name?

Frankly, I have no idea!! 🙂 If you do please comment below…

But I can share some thoughts regarding our first and last name business! While for most of the world specifying a first and last name is the easiest thing to do – it is not so for us who belong to one particular state in India, Tamil Nadu!! Specifying first and last names is Greek and Latin to most of us who are Tamilians. I used to be petrified of applications that asked for

Read More

ByJayanthi

Intrusion Detection systems

 

‘Perimeter security’ is placing defenses around an organization’s perimeter thereby ensuring that an organization’s chances of being compromised are minimal. Some of the components that are used to ensure perimeter security are routers, VPN, IDS, IPS, firewalls and so on. We will see one type of perimeter security device the ‘IDS’ or ‘Intrusion Detection system’ in this post.

Read More

ByJayanthi

What is Steganography?

Steganography is the procedure by which files or information can be transmitted secretly by embedding them in images or audio files. Cryptographic concepts can be used to supplement steganography by first encrypting the message and then hiding it in the image.

For the ordinary user only an image is visible but to the sender and receiver, a message is hidden in the picture which  can be unearthed only by using special steganographic tools.

Read More

ByJayanthi

Don’t cry….

….just remain vigilant about security issues surrounding you! The ‘Wanna Cry’ ransomware is the talk of the world having affected 150 countries including India, Spain, Britain, parts of Europe and crippling 2,00,000 systems globally.

Read More

ByJayanthi

Definition: Risk analysis

Risk analysis is a tool to implement risk management. Before we go onto see the definition of risk analysis, recall that a vulnerability is “weakness” in the system and the “risk” is the threat agent exploiting the vulnerability.

Some examples of the three concepts working together are when a vulnerability like an unpatched application is exploited by a threat agent like a malicious user to create risk. This risk can only be reduced by applying the patch to the application.

Risk analysis is done by the following steps:

a. understanding the vulnerabilities within the organization

b. assessing the value of the assets in the organization

c. calculating the value of safeguards that have to be implemented

d. Is the value of safeguard greater than the value of asset? If so, look for cheaper safeguards but equally effective safeguards.

While risk can only be reduced/mitigated or transferred, it cannot be entirely avoided. It is always good to remember that there is no such thing as 100% security!

 

ByJayanthi

Definitions: Top-down approach to security

The top-down approach to security is when an information security program moves ahead with management approval. The appropriate security funding is secured and there is a proper plan and direction towards the program. This approach is more efficient and generates better results. In short, the top-down approach is a more active and serious approach to security.

In contrast, the bottom-up approach to security is a reactive approach to solving information security concerns. Only after there has been a data breach or several hacking incidents does the company decide to act. This approach will only generate “stop gap” results and not long term results.