The Top Five Internet Security Challenges

These challenges apply to companies doing business on the Internet, to service providers, and to end users alike, although dealing with them happens in different ways for each of those groups. In some cases your role and risk as an end user is far simpler and less extreme. For other problems, such as identity or system hijacking, the damages can be catastrophic for individuals. Let's take a look at the top five continuing Internet security challenges.

Developers and application providers want their applications to be available quickly and easily to anyone in the world, from any platform from a phone to a kiosk. Having users hassle with anything more than a simple password seems too much to ask. I'm asking it! At least consider the option for certificates, multi-factor authentication, multi-stage authentication and so forth.

More and more services are moving to the Internet. Interoperation between the various services is becoming more frequent and more complex. Financial transactions from sales to investments online are becoming ubiquitous. The risk of sensitive & high-value data exposure and criminal access to that data increases all the time.

Even with better and better firewalls and anti-malware software for users, malicious programs (like viruses, worms or trojans) that take control of a user's computer and programs are an ever-present threat. Once the malicious program has control it can wreak havoc acting as the user, attacking friends, family, and other contacts while masquerading as the hapless victim.

Distributed denial of service attacks (DDoS) use force of numbers to overwhelm targets with data and connection attempts. Individual users may be the target of such attacks, or their systems may be usurped to use in such an attack against a company or organization. Bots on infected machines may lie dormant until an attack is triggered.

How can others know it's you? Communication is approaching near continuous between friends, family, businesses & services. With current authentication standards, often we take on faith that we're being contacted by the "real" sender the message claims. It's one thing if the imposter is just sending e-mails, but what if it's your bank or retirement account that doesn't know it's not you? Challenges five and three tie in closely with this, the top challenge.

For end users, the same rules continue to apply: Have reliable anti-virus software and keep it updated, have a firewall, only download and run programs you can trust, and protect your passwords and identity. For businesses, the admonitions are somewhat different, but related. Protect your network all the way up the OSI layers, from the physical layer all the way up to application logic. For service providers, don't abdicate responsibility and stay in tune with the best interests of your customers. Be sure to check out my articles on the top five security mistakes users and businesses keep making as well.