...The World Wide Web...

Media News ! Customized Systems Measures To Be Taken Before & While Developing & Implementing A System For A Client ! Security Tips

Main Database Management System Server should have a user id & a password settled for use by system designers or administrator of that particular system at the client side.

The Database itself should have a separate/different User ID and a Password to be used by the developer/programmer fo the system at the client side.

User Interface (The Presentation Layer which is used to communicate with the database (or DBMS) for storing or retrieving data from it (Client Side System/Web Interface)), should have a different user id and a password for each user.

The User ID and the Password should be different for logging into windows to use the customized client system through a browser installed in windows OS.

Modems (Internet / Dial-Up / Mobile) / LAN Switches And Routers (Any Type { WIFI / LIFI }), the gateway user ID and password should be altered by the networking engineer and should not be kept to default settings ( Manufacturer Settings by default is user id: admin / Password: admin ).

The Firewalls also comes built-in with the communication devices like Modems, Routers and Switches, which should be enabled for outside network penetration by hackers if the customized system is over the internet using a domain for accessing it.

Antivirus should be properly installed and logging to it is to be with the separate user id and password. There are various types of antivirus systems software available in the market. That is stand alone (single use on a PC or a tablet or a mobile device which has an OS or runs using an OS{Operating System}), secondly the Antivirus can have a separate server and the clients just have an interface to it, so when the antivirus server gets updated by the antivirus software company, the clients gets updated themselves.

Customized firewalls can also be installed and used by the clients for extra protection. These can be an Artificial Intelligent System designed based on decision support system that is, firewall decide whether to give access to this particular user in an outside company or not. Like for example the client can be a lame user over the internet, so the client id will have this information of what type of information can be accessed and specially the internet connection which the lame user is using will have this details too. So the firewall (this functionality can be coded in an Antivirus system using centralized terminology) can decide whether to give access to the client or not.

Windows defender is the stand alone firewall and an antivirus in Microsoft Windows 10, and it gets updated through the internet. But this antivirus/firewall uses the client system memory as it continuously or timely using separate .exe programs bind with the software, checks for an update using the internet and connects to that particular antivirus company server where known virus / trojan's information is kept.

Use encryption keys / methods to encrypt confidential data while saving data into a database, like using hashes for example save a data and encrypt it using hash and save it on a different server probably data center server (connected to actual DBMS) and just save it address in the database table.

Use proper security modules customized for client side data access and entering it, I mean separate credentials for that particular client / End-User / Employee / Boss / Company (System) Owner with different and approved privileges, and proper logging should be used for who did what and when.

Design/Set the Network using the Latest Technology available in the local or international market, which includes Networking Devices like Modems, LAN Switches, Routers (Wireless {WIFI / { LIFI (Use Optical Fiber Technology for data transfer at Lightening Speed)}}), Servers (Both Operating Systems and the computer configuration itself) and in the last the clients systems (PC's / Phablet's / Tablets / Mobiles / PDA's / etc. and their OS).

Remember never to keep the User Details / Password / User ID's / Encryption techniques Used and the Encryption Keys itself used for saving/retrieving data from a database through a DBMS connected to a data center behind, on a separate stand alone computer / PC or a USB Hard Drive or a pen drive kept in a vault safely by an unknown computer engineer who is not known to the system user's.

Remote monitoring software should be installed on the main system server and on client PC's for remote desktop services.

Proper back up's of the systems and its database and its clients credentials should be taken by using automatic back up techniques or manually by that particular software engineer who is not known to the company user's/ employee's. The Back Up's can be taken on a daily / Weekly / Monthly Basis or what ever the company owner decides, it depends on how important the data is to the company.

The main gateway which connects the system server to the internet should be settled up very carefully, enabling/using all types of options like Firewalls, device gateway interface user id / password, should be altered by the system engineer and not to kept as default to manufacturer settings.

If the system is on a domain over the internet, then please make sure only those services and ports are enabled which are related to that particular system needs or if the domain is saving the data on a different data center on any other remote location, connecting the data center database through a domain web site (pages / portal) using different credentials, then proper ports and services should be enabled which are related to the company activities where the system is being implemented and installed for clients and employees of that company. The web pages have the connection values hiding inside the encapsulated programming language known to the domain server or system server. The web pages kept on a domain will be used through a web browser or an application for mobile (iOS application / Android Application), to connect to the company system used by various types of user's. The users can be employees and company clients also or even the boss or the owner itself, will just need separately privileged user id's and password for connecting to the system.

The clients will not have direct access to the system itself as they are connecting to it through a domain page which is connected in relay may be to the data center where the database is kept.

Now same goes for Email Exchange Servers / Software's, either you can buy an Exchange Server Software with Computer systems as needed to run the Exchange OS itself, confidentiality kept on a private facility used by the company employee's for day to day activities. for this the company has to buy a dedicated line with an fixed IP address if you set your own emails exchange server. This option is best suited for government firms and multinational companies as if they use other company services like email accounts provided when you register a domain with a web hosting firm. Can be costly or less costly, it depends on the company activities and client span. 

Separate exchanges are needed by those companies where the company does not want to share their information with the web hosting services provided. Fixed IP can be used with domain forwarding services. etc..

The complicate the system, the greater maintenance services and procedures are required to run it which includes proper data back up's.

The Employee's should be able to use their personal devices which can connect to the company system in company premises, devices like USB Modem's (Wingle), or their personal mobile itself.

All USB port's should be monitored for data copying or theft by the employee's themselves or the USB ports should be kept disabled by checking if their is need for it by the employee using the PC as this can be a problem when somebody puts an virus affected USB hard Drives or other USB devices available or a USB wingle device which can use to hack the company network as the wingle device will be connected to the telecommunication company. So, they can download or upload company information by hacking the company network from inside using a USB Wingle with internet enabled on it.

Bluetooth Device must be kept on and or hidden always, as when it is kept on the device doesn't stay's idle and the port's used by the device will not be open to hackers. Just the other mobile device connecting, the employee should know who it is connecting, I mean the employee can give access to the hacker requesting to connect to the Bluetooth device of that particular PC or mobile or a tablet.

As these days the Laptops and Other Personal Computers are coming with built-in USB ports, so what you can also do is to request the computer companies to make customized PC's and servers for that particular end-user company. Inside a multinational company there are various devices these days which are forbidden to take inside and take some company property outside like a computer, so what you can do is to use proper locking tables and cupboard's (for LAN/WAN Switches / Routers / Mobile Devices), to keep your device out of reach of unauthorized user. Because the Devices can be connected physically like connecting to LAN Switch directly using a Laptop and accessing its Interface using the gateway and if the unauthorized personnel is lucky then, the default user id and password for that modem router or switch is at default setting so admin and admin will be the user id and password to connect to it. If you want to see the password written in the **** form, so there are various software's to see this too, like Wheel to drag a wheel on to the **** password and it will come in a text box in the wheel software, I use to use.

Remember to use the POST method while transferring the form data (POST Method hides the values of passed parameters to the other scripting language web page for it to processed by that particular scripting page {like PHP (Personal Home Page, file extension .php and/or simple script's like VB or java script's, etc.)}) instead of transferring the form data using the GET (GET method passes the parameter values openly in a web browser link normally known as URL (Uniform Resource Locator), which is seen by in the browser where the website address is typed, after the question mark {?} all are parameter values passed to other pages for may be fetching data from a DB for a particular employee or customer) method by passing the parameters values, in an HTML 5 Form (Responsive HTML). In GET Method the data transmitted to another page or program gets hided/encapsulated inside a packet which is not seen at the presentation layer i.e. in the browser website address link bar. And https web url's are used by bank's and other financial firm's to communicate between and among the customer's and themselves as employee's. For designing a good web page or a website you can use software's like Blue Griffon, Microsoft Visual Studio .Net (ASP .Net), Flex for iOS, Linux (Red Hat / Ubuntu / Mandarin) for Android, Macromedia Dreamweaver, etc.

Microsoft Visual Studio .Net 2017 can be used for making 3D games using enhanced programming terminologies.

And always make sure the programming engine which you are using to run your website like for example if you a website or a customized desktop system use's CLR (.Net Engine) to process it's code's at the client side, then it should be regularly updated by subscribing to the Microsoft Website's for this particular software. Or if you are using java as the programming engine at the client side, then JVM (Java Virtual Machine) should be regularly and updated by subscribing to their information website or software update system. The security patches do come now and then so it is a must to have a very fast internet connection and fully activated windows operating system (copy righted), the OS should not be pirated, even though I learn all this by using pirated software's during my university course, but I never tried to earn from it by selling it may be.

Media News ! Communication 2.6 ! Bluetooth Technology ! Device ! Security Tips & News

Internet Speed Measurement's as compared to actual files on computer hard drive's

Internet Speed Measurement ! Megabytes Per Second (MBps) Vs Megabit Per Second (Mbps) MBps and Mbps speed measurements are available in calculating the speed of downloading and uploading a file from over the Internet onto a PC or a server or a mobile or a Tablet, etc. The downloaded or uploaded file itself, I mean it's size is calculated in (capital MB) Megabytes (MB) not Megabits (Mb). That is how a computer store's a downloaded or copied file on to itself, from any type of source it is connected to.

Latest Technologies like 4G (Fourth Generation) have a very high range of speed of upto 150 MBps (Megabytes Per Second) From minimum 1 MBps (Megabytes Per Second). This is what you need to be make sure that the Internet connection you are taking and it's package should be in capital MBps not in small Mbps. If it say's in small 2 Mbps (Megabits Per Second) then in actual it is 256 KBps (Kilobytes Per Second), which is 0.220 MBps (Megabytes Per Second) in actual.

Unlimited data packages provided by ISP's these day's have an internet connection speed in small Mbps (Megabits Per Second) i.e. how they earn through this, but this package has a benefit that it has a very high data download/upload limit, i.e. it might be 150 GB monthly.

There are more measurement speed's available like Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes and in small Bits, kilobits, Megabits, Gigabits and may be Terabits.

Remember that the file when it get's stored onto a PC's hard drive, its file size is calculated in capital measurement's like Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes.

These Two available download and upload a file speed measurement's are used only over the internet,

Bits, kilobits, Megabits, Gigabits and may be Terabits:
This will be slow while downloading and uploading a file over the internet, the reason for this is the file itself in actual is in capital measurement's like in Bytes, Kilobytes, Megabytes, Gigabytes and Terabytes, so the file will take time to get uploaded or downloaded.

Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes:
This will be fast/actual/real while downloading and uploading a file over the internet, the reason for this is the file itself is in already in capital measurement's like in Bytes, Kilobytes, Megabytes, Gigabytes and Terabytes, so the file will take the same time to get uploaded or downloaded as the speed of internet connection and the file size itself is in same calculation measurement. That is the data transfer rate and the file itself uses the same measurement's i.e. for example: if you download a 2 MB (Megabytes) file on a 2 MBps connection, it will take 2 seconds to get downloaded.

And if you download a 2 MB file using a 2 Mbps internet connection, it will take 16 Seconds to get downloaded, approximately.

And there are some other related details like if on an 2 MBps Internet connection, if you download several or more than one 2 MB files simultaneously (at one given time), so the bandwidth i.e. 2 MBps will be shared among the downloading files. And there are some other things like when you download a file from a server over the Internet, so isn't that server also connected to the Internet and using some Internet speed package and data limit package or unlimited data package and the machine configuration is also been dealt with as if that is a server over the Internet keeping that file you might be downloading, then it is for sure that the file you are downloading, other user's might also be downloading the same file, so ultimately the server speed also comes in. But server's these day's are of very high configuration and speed both machine and Internet Connection Speed, And Data Limit's, so if you want to check just by downloading a single file then if your connection speed is 2 MBps then the downloaded file will get downloaded in 2 seconds if its size is 2 MB.

The more the number of Internet user's over one single connection, the Bandwidth of that connection shared among the devices the end-user's are using over the same network.

In distributed system's this terminology is used as the the Database is kept on various server's and the table's inside the database are kept in a distributed format like distributing the field's for example of customer in separate table's with same primary key's so one can access some part of data quickly without searching the whole database and fetching the whole record of that particular customer. Keeping such type of table's and record's give us a high access speed to fetch that record from a table if there thousand's of record's in a table. This is called optimization of a Database.

Keeping records or a database centrally has the benefit that it's maintenance is easily done but the record's fetching speed might degrade as while searching all the database record's are searched, so if there are thousand's of records in a table of a database, the a very high server, network and Internet connection is needed. There are various other method's of saving data, one is directly saving a record with it's hash address like memory address or hard drive address, so just keep it's file path or this hash address in a table database or one other idea is to give that hash address to the customer or client who passes parameter's to the system for fetching records, so if the client has the hash address or memory address or hard drive address of a cylinder in a track, then the system can directly access the record and show it to the end user but fetching using hash address or memory address should only be through the system interface not by any other means.

While transferring the parameters from a web page to another program or a web programming language web page, we need to take care that when we transfer values using parameter's, the value's are seen on the browser url textbox. These value's can be like http://www.xxxxxxxx.com/index.asp?customerid='1'. The parameter value of a customer id is seen in the weblink. One of the security loophole is that it can run sub query, like for example, http://www.xxxxxxxx.com/index.php?customerid='select * from customer where customerid ='1', and status='active';' and press enter. Similarly these subquery has other functionalities built-in the DBMS, i.e. many function's are available to get stored database information using DBMS function's and object's. This method of passing values is known as GET method. While POST method hide's the parameter's value's while transferring or calling or executing to another web page with scripting languages like php and asp .net.

Make sure to check for if there any services or port's opened and not needed by the customized system for that particular company, who's system you are making, need's to be closed or be disabled and not remain idle or opened. Open Service's or port's are vulnerable for hacker's getting access to it may be by using brute forcing i.e. even if it is password protected.

FING (available in iOS by Apple (Mobile/Computer's/Tablet's/Watche's, etc. Company)) can be used to check what are the services provided on a domain or an IP Address over the Internet.

Well hacking is not Ok if it is not ethical, that is the hacker's should not harm the system or any other device or it's data stored or it's peripheral's or BIOS or it's software's or browser's history or the account's its use like Email's, Social Networking Website's, blog's, User's bank details over Internet Banking over the Internet. There are various Ethical Hacking Courses available in the market. Metasploit Project is also a very nice coding software to get information on the OS vulnerabilities or like for example what services or port's are available for getting access to it.

Click Here for More Info on Harmless Hacking Known as Ethical Hacking for World / Continent / Country / City / Area or Any crime done by an individual to check or monitor it's activities,

Click Here for More Info on Harmless Hacking Known as Ethical Hacking Sample Exam

Click Here for The Microsoft Press Store (eBooks For Programmers / Software / Network Engineer's / Etc.) ! Microsoft Virtual Academy

Click Here for The Microsoft Courses ! Microsoft Virtual Academy

One of the given options in Database from Microsoft, named as Microsoft Access, comes with Microsoft Office Software's, currently known as Office 365, is that you can hide the whole table inside a database, like for example hiding a User ID's and Password's table from the application user or the interface itself i.e. when or if the user of application have access to the database even with the password protected Database, you can hide the table separately from the user and only access that table through the user interface that is the application through which you are entering or retrieving the data and processing it through the application engine for company business activities.

To Download Latest Microsoft Office, click here

For Free Download's And Security Update's For Microsoft Product's, click here

For Microsoft Education / Product's, click here

Latest Windows From Microsoft

Database User's:

Unrestricted administrative accounts There are two administrative accounts (Server admin and Active Directory admin) that act as administrators. To identify these administrator accounts for your SQL server, open the Azure portal, and navigate to the properties of your SQL server.

Server admin:
When you create an Azure SQL server, you must designate a Server admin login. SQL server creates that account as a login in the master database. This account connects using SQL Server authentication (user name and password). Only one of these accounts can exist.

Azure Active Directory admin:
One Azure Active Directory account, either an individual or security group account, can also be configured as an administrator. It is optional to configure an Azure AD administrator, but an Azure AD administrator must be configured if you want to use Azure AD accounts to connect to SQL Database. For more information about configuring Azure Active Directory access, see Connecting to SQL Database or SQL Data Warehouse By Using Azure Active Directory Authentication and SSMS support for Azure AD MFA with SQL Database and SQL Data Warehouse.

The Server admin and Azure AD admin accounts has the following characteristics:
These are the only accounts that can automatically connect to any SQL Database on the server. (To connect to a user database, other accounts must either be the owner of the database, or have a user account in the user database.)
These accounts enter user databases as the dbo user and they have all the permissions in the user databases. (The owner of a user database also enters the database as the dbo user.)
These accounts do not enter the master database as the dbo user and they have limited permissions in master.
These accounts are not members of the standard SQL Server sysadmin fixed server role, which is not available in SQL database.
These accounts can create, alter, and drop databases, logins, users in master, and server-level firewall rules.
These accounts can add and remove members to the dbmanager and loginmanager roles.
These accounts can view the sys.sql_logins system table.

Configuring the firewall
When the server-level firewall is configured for an individual IP address or range, the SQL server admin and the Azure Active Directory admin can connect to the master database and all the user databases. The initial server-level firewall can be configured through the Azure portal, using PowerShell or using the REST API. Once a connection is made, additional server-level firewall rules can also be configured by using Transact-SQL.

Administrator access path
When the server-level firewall is properly configured, the SQL server admin and the Azure Active Directory admin can connect using client tools such as SQL Server Management Studio or SQL Server Data Tools. Only the latest tools provide all the features and capabilities. The following diagram shows a typical configuration for the two administrator accounts.

For More details Kindly have a look at the following web link from Microsoft on SQL Server Database's

This means very high class of web based and desktop based system's can be developed using all type's of options available in the front-end {(C# .Net, ASP .Net, PHP, VB .Net, etc.)} and {back-end (Microsoft Access, SQL Server, MySQL, etc.)} programming languages and RDBMS.

The Database user's should be used only by the developer's, I mean the client's should not be able to connect to the DBMS directly by using SQL Server Management Studio for SQL Server Database(s), the client's should only be able to connect through the front-end (presentation layer) interface developed for them by the Programmer's.

You can also use web function's or API's from other web site's like facebook.com, outlook.com, twitter.com and google.com, etc., to validate a user in your system, the benefit of this is that you don't have to keep complete user information for your system and guarding all type's of Password's and bank details, only logging will be needed that is who did what after logging in and when it logged out. And only valid user's who are genuinely over the internet will be able to log in your system.

Some Details on How To Adjust Windows 10 Firewall Rules And Settings : In Windows 10, the Windows Firewall hasn’t changed very much since Vista. Overall, it’s pretty much the same. Inbound connections to programs are blocked unless they are on the allowed list. Outbound connections are not blocked if they do not match a rule. You also have a Public and Private network profile for the firewall and can control exactly which program can communicate on the private network as opposed to the Internet.

Click here for more Information on how to control Inbound and Outbound Data On a Private or Public Network using Microsoft Windows 10

The Inbound and Outbound Data can also be setted on a pure Windows Server also, through using policies and active directory /port's. Even a computer with Microsoft Windows 10 Minimum version should be Professional or higher version should be Enterprise, can also be used as a server for desktop or web based system on a LAN or WAN. If on WAN then leased lines with registered IP address is needed to run it without registering a domain. If using a domain then it is a must that interface (coded pages with script's and HTML probably HTML 5 if using latest HTML version) designed to access the database should be on that hosting server where the domain is registered.

You can also control the inbound and outbound traffic over the Public / Private network using McAfee solutions, McAfee solutions deliver complete virus protection and internet security. Download McAfee anti-virus and anti-spyware software to protect against the latest ....
One of the best Antivirus / Firewall, I have used to block hacker's even on the same network i.e. inside a LAN is Norton Antivirus. Click here for more details on Norton Product's

Click here for more details on Norton Mobile Security for your Mobile Device's like Phone's and Tablet's

Click here for more details on Norton WiFi ! Protect your data with a no-log virtual private network (VPN) that encrypts your personal information and doesn’t track or store your online activity or location.

Click here for more details on Introducing Norton Core — The secure router for your connected home ! the ultimate in WiFi security for the connected home ! Norton Core secure WiFi router protects your digital life, while delivering the highest level of performance. All the WiFi coverage you need—even prioritize speed to any device you want. Powerful tools for parents to monitor and manage screen time, control time limits and set content filters. Iconic design that is beautiful from every angle; no need to hide this work of art.

Norton AntiVirus Basic ! Powerful Security ! Simply Affordable

Norton ! Internet Security

Firewall these day's have the options to login remotely to other computer's with the same version of firewall from the same company. So, managing it is very convenient from the developer's premises. It uses IP Addresses and Password's may be User ID's too, to connect remotely. All Network traffic can be managed remotely even by using remote desktop connection even on a Windows 10 OS Professional/Enterprise Version PC / Server.

You can get a domain registered using any host too, and get it forwarded to a leased/Permanent IP Address on a Private server, i.e. the code can also be kept on a different server than the domain hosting server with a forwarder on that domain through cPanel for example. The example link will be like this https://alkahaftechnologies.com and when you enter it on web browser and enter it, it might forward you to this link with leased IP Address,, and it will open the main index page may be for that particular web browser based company system linked to their database.

Microsoft Windows Operating System Security Feature:-

Just right click on the drive or a folder or a single file itself, and select the tab with the text security.

You will be seeing the local windows user's and microsoft outlook email user's of the window's on this tab.

Now, select the user you wan to give access to your files or the drive itself.

don't change the setting of system user, because system user needs full control in order to boot the operating system. Just change the setting for the administrator's, local or Standard User's or simply user's, and then your outlook email user's.

if you make your outlook email user full control and remove the full control from other user's like administrator's, local or Standard User's or simply user's or any other outlook email user, then only you will have access to the files in a drive or folder or a file itself.

These day's the thumb or finger print login facility or option is there so if you setup your system like this then only you can access your file's.

And if for some reason the hacker's gain access to your system through the internet then even they cannot edit or delete or copy your file if you have shut control's like read, edit, delete, create, full control to the other user's apart from your own outlook email user or local user. But I haven't seen the thumb login facility using the local windows user.

Just one thing you have to keep in mind, if you setup your PC using the outlook email option, then you can setup any number of PC's using the same user ID of your outlook email address. But what if somebody have access to your outlook email address and set it up on a pc, so when it will gain access to all your file's on cloud, and if it use's that pc to hack your this PC where you have setted up the security feature, so as the hacker will have the same user installed in it's system, the hacking software will give it access to your PC. So, in order to escape this you should never give your outlook ID to anyone for anything I mean the id password, and the recovery code's or the two step verification code if it's set. So, the best method is to use thumb login option that use fingerprints to login, as finger prints are unique so only you can access your system using your ID.