Is a document that states in writing how the user or company plans to protect itself information assets. It have to be updated all the time and explain how the company or user will measure that is working that plan.

The objectives of an IT security policy is the preservation of confidentiality, integrity and availability of systems and information used by all the members of the organization.

• Confidentiality: Involves the protection of assets for unauthorized entities.
• **Integrity: ** Only the authorized user can modify the information.
• **Availability: ** The information is accessible when it is required.

**The specifications of any company policy should be: **

• Objectives
• Scopes
• Specifics goals
• Responsibilities for compliance and actions to be taken in the event of noncompliance.

If you want to know more about fundamentals security policies, check this video.

The firt step is to know what is a Malware?

Malware is any software with malicious intentions, for example.Check your personal information without your approbation, create a backdoor to your computer or steal personal data.

Different types of Malware

We have different forms for Malware, the most important are:

• Virus: Infect programs and files
• Spyware: Collects personal information
• Worm: Replicate itself accross a network
• Trojan horse: It looks like a legitimate program but it is not.

How does the Malware infection happen?

Are different ways to be infected, is not possible to be 100% secure for that. But you should take all the possible precautions, don't download illegal software, don't use any USB, update all the time your OS and programs.

Conlusion

Taking precautions is better, now that you know the most commons types of Malware you can detected in your computer. If you get infected is important to uninstall illegitimate programs, files that you don't recognize.

Sources: https://www.lifewire.com/what-is-malware-2625933

A Denial of Service Attack is when an attacker takes action that prevents legitimate users from accessing targeted networks, computer systems or devices.

DoS (Denial of Service) attacks typically weak servers where the security configuration is not complete or strong and doesn't have a way to predict these attacks and stop it. The Dos start sending a lot of false users to a server, requesting a lot of calls, where the server will break with many petitions.

Here are a great video that explains how works a Denial of Service

How can I protect my devices or server for DoS?

You have to know that it is impossible to prevent, but you can be ready to stop it. Is important that you have a tech person in your IT Department that can help you with this, also is important to follow the basics security practices and get support for different softwares that help you to determined when you are being attacked by Dos.

First is important to mention that the protocol WPA2 was broken.

We have different protocols to ensure that our wireless are secure, in the close history we have: WEP, WPA and WPA2. Each one with their weakness and strengths.

Is important to know a little more about each protocol

Wired Equivalent Privacy (WEP)

It was created to protect at the same level all the wired networks. Now all of us know is very easy to broke and no body wants to use it more.

Wi-Fi Protected Access (WPA)

Introduced as an interim security enhancement over WEP while the 802.11i wireless security standard was being developed.

Wi-Fi Protected Access version 2 (WPA2)

Based on the 802.11i wireless security standard, which was finalized in 2004. The most significant enhancement to WPA2 over WPA is the use of the Advanced Encryption Standard (AES) for encryption.

WPA2 has been broken and here are the steps that you need to follow to be safe.

WPA2?

WPA2 (Wi-Fi Protected Access 2) is a network security technology used on Wi-Fi wireless networks, provide a strongest encryption option and nobody can see the traffic.

What happen?

WPA2 has been cracked with new method called KRACK (for Key Re-installation AttaCK)is now able to break WPA2 encryption, allowing a hacker read your information passing inside the network, it can spy you.

How bad is it?

Is bad, but you can do something to fixed, and is important that everyone do the next 3 points.

1. You need to be very careful using public networks.
2. Just connect to secure websites with HTTPS like mine https://arturomendoza.me thats mean that the website is using a SSL protocol of encryption. This create a secure connection between the server and your computer, all the information will be encrypted.
3. Use a VPN, you should already be using one, will continue protect your information no matters WPA2 is compromised.

In the meantime,the best that you can do is calm yourself and your friends, do the steps above and you will be fine until your devices are patched.

** A great video to learn more about this topic**

Let me ask you this simple question, how often do you think about your security in the street at night? Do you know that you can also be victim on Internet or your computer?

Internet is another world, it have itself police, rules, security problems, users,a lot of information and their own currency, crazy right?

Computers also are in this topic, not only Internet, what about servers security problems or applications in end-users computers or smart phones.

Just think about it, you buy on Internet, you send messages all the days with private information, at work you share important documents on your laptop.

Let me say to you that I did a lot of things that are very dangerous, like pay online in a public network, sounds similar?

With this I want to give a simple vision about what happen in this digital world, and that you know that is not a secure world, and that studying this topic you will have a big responsibility to protect us.

Job Job

If you are worry about your economic, let me say to you that this career is one of the most profit, but money is not all, you can work at the industry you love, at this moment all the industries are on Internet and they need someone that help them to stay secure on Internet.

Never stop learning

All the time you have to be learning, security problems are constantly changing and all the days someone discover or break some security encryption like WPA2 ( I will write about this case in other post).

Check this video and then tell me if you want to study this career!