With so many different IT security terms and concepts that you need to learn when running a business, 你应该从哪里开始?? Diving into 网络安全 can be challenging, but learning about the most commonly used terms in IT security is a good place to start. Understand these basic terms so you'll be better prepared to protect your business against cyberthreats.
恶意软件
很长一段时间, the phrase “computer virus” was misused to refer to any type of attack that harmed computers and networks. The more appropriate term for these harmful programs and files is “malicious software,” or “恶意软件.” Whereas a virus is a specific type of 恶意软件 designed to replicate itself, any software created for the purpose of destroying or accessing networks and data with the intent to steal, 腐败的, or encrypt these should be referred to as 恶意软件.
Ransomware
Don’t let all other cyberthreats ending in “-ware” confuse you; they are all just subcategories of 恶意软件. 目前, one of the most notorious of these is ransomware, which is 恶意软件 that encrypts valuable data until a ransom is paid for the decryption key. 在勒索软件攻击中, the victim organization may feel compelled to pay the ransom to regain access to their data.
Intrusion prevention system (IPS)
There are several ways to safeguard your network from 恶意软件, but an IPS is one of the nonnegotiables. An IPS sits behind your company’s firewall and monitors for suspicious and malicious activity that can be halted before it can exploit or take advantage of a known vulnerability.
社会工程
Not all types of 恶意软件 rely solely on fancy computer programming. Experts agree that the majority of attacks require some form of 社会工程 to succeed. 社会工程 is the act of tricking people, 而不是电脑, into revealing sensitive or protected information. 对于一些网络罪犯, it's less tedious to convince a potential victim to give them the data they need than to create and deploy complicated software to obtain the same information.
网络钓鱼
网络钓鱼 is a type of 社会工程 scheme that involves defrauding people using an app or a website that impersonates a trustworthy or often well-known business in an attempt to obtain confidential information. Just because you received an email that says it’s from the IRS doesn’t mean that it is. Don’t take such emails at face value — always verify the source, especially if the emails are requesting your sensitive data.
杀毒
杀毒 software is often misunderstood as a way to comprehensively secure your computers and workstations. These applications are just one piece of the 网络安全 puzzle and can only scan the drives on which they are installed for signs of well-known 恶意软件 variants.
零日攻击
When a vulnerability is found within a piece of software, vendors will release an update to fix the gap in security. 然而, cyberattackers can release a piece of 恶意软件 that exploits the security vulnerability before software developers can address it. This is known as a zero-day attack.
补丁
When software developers discover a security vulnerability in their programming, they usually release a small file to update and “patch” this gap. 补丁es are essential to keeping your network secure from the vultures lurking on the internet. By checking for and installing 补丁 as soon as these become available, you keep your software protected from the latest 恶意软件.
冗余数据
杀毒软件, 补丁, and intrusion prevention fail to keep your information secure, there’s only one thing that will: quarantined off-site storage. Duplicating your data offline and storing it somewhere other than your business’s workspace ensures that even if your systems get infected with 恶意软件, you’re equipped with backups to keep your business running.
Our 网络安全 professionals are always available to impart more in-depth knowledge of the many different kinds of cyberthreats. Get in touch with us today and find out how we can help you with your IT security woes.
你一定是 登录 发表评论.