29 Feb 2012

'Disorder' successful defense against hackers and malware

While a good antivirus program and internet security solution are extremely important for any personal computer or business network, Roger Grimes writes on InfoWorld that disorder and chaos in picking passwords and logins is also an effective way to thwart attacks. He said "entropy," the technical measurement of randomness of the next piece of data in a string, can sometimes be very useful.

"In the realm of IT security, antispam services have long used entropy and its link to anomaly detection to sniff out unwanted messages," Grimes said. "If the service detects a single email account sending out messages to thousands of seemingly random and unconnected addresses, the provider will usually examine the message for other indicators that it's spam."

Grimes, who has his own Security Adviser blog on InfoWorld, said there are now companies using chaos to help keep devices secure. Mixing up passwords and logins adds no additional costs to companies, which makes it one of the most efficient ways to defend against semi-sophisticated web attacks.

Randomness can come in handy for passwords as well. Larry Midig, a technology journalist, writes on CNET that creating a seemingly random password that has meaning to the owner can be a great way to practice internet security. The key is to make a password that is hard to crack but easy to remember.