Tuesday, November 06, 2007

Virus Alert

Keystroke loggers are a particularly dangerous
security threat because users typically don’t realize
they’re even there. Learn about the different versions
of keystroke loggers, and get tips for protecting your
organization and your users from this threat.

More and more people have made the switch to using the
Internet for personal tasks — online bill paying and
shopping are just two examples. But while companies
tout the convenience of using the Web for such
purposes, the security threats continue to mount.

That’s why user education is so important. Teaching
users best practices for being safe on the Web can
help mitigate some of these threats. But it’s also
important that users understand the full extent of the
risks.

For example, using an encrypted link (i.e., HTTPS
rather than HTTP) to access bank or e-mail online is a
good way to encrypt the transmission of private
information as it flows across the Internet. However,
it’s vital to remember that the encryption process
doesn’t take place until the information leaves the
machine. This creates a vulnerability that some people
may not be aware of — keystroke logging.

Keystroke loggers are a dangerous security threat,
particularly because — like other forms of spyware —
the user can’t detect their presence. Let’s look at
the different versions of keystroke loggers and
discuss what you can do to protect your organization
and your users from this threat.

Keystroke loggers are available in either software or
hardware versions. They can store everything a user
types without the user ever knowing they’re even
there.