The Weakest Link

Spam, viruses, phishing attacks, denial of service attacks and other serious breaches in security are ongoing hazards of life on an open network like the public Internet. There is an ongoing battle between security professionals and the bad guys who want to breach the security. As one side improves network security, the other side finds new holes. But the truth is, no matter how secure certain levels of the Internet are made, hackers will always be able to exploit the weakest link: The end user.

Whether it’s through social engineering, brute force attacks, simple stealth programs unleashed through email, or a variety of other widely known strategies, hackers can eventually find keys to unlock computers and put them to work for their own purposes. But the naiveté of a large percentage of computer users make the hacker’s task that much easier, and make the jobs of system and network managers that much more difficult.

It’s a conundrum. We want computers and the Internet to be easy to use. And we can’t expect everyone to understand the dangers of having simple passwords, or the need to maintain good virus and securty software on personal computers.But this lack of understanding is one of the factors that makes the network so vulnerable. I don’t really see a way around this short of enforcing a set of protocols that will require some basic good practices on end users, whether at the personal computer level or at the network level with hosting, email and other types of accounts. This is unlikely to happen, so the battle will go on. But i am going to encourage our hosting clients to be better stewards of their accounts so I don’t have to spend so much time rooting out hacks.