CYBER SECURITY
Computer Security (also known as Cyber Security or IT Security) is the protection of computing systems and the data that they store or access. It refers to the protection of information and services from unintended or unauthorized access, change or destruction. It also includes protection from unplanned events and natural disasters.
Computer security is associated with three core areas :
- Confidentiality — Ensuring that information is not accessed by unauthorized persons.
- Integrity — Ensuring that information is not altered by unauthorized persons.
- Authentication — Ensuring that users are the persons they claim to be.
Security Domains
Computer security can also be defined in terms of several interdependent domains that map to specific departments and job titles:
- Physical Security — Controlling the comings and goings of people and materials; protection against the elements and natural disasters.
- Operational/Procedural Security — Covering everything from managerial policy decisions to reporting hierarchies.
- Personnel Security — Hiring employees, background screening, training, security briefings, monitoring, and handling departures.
- System Security — User access and authentication controls, assignment of privilege, maintaining file and file system integrity, backups, monitoring processes, log-keeping, and auditing.
- Network Security — Protecting network and telecommunications equipment, protecting network servers and transmissions, controlling access from untrusted networks, firewalls, and detecting intrusions.
Computer Security Threats
To understand the techniques for securing a computer system, it is important to first understand the various types of "attacks" that can be made against it. These threats can typically be classified into following categories:
-
VIRUS
It is, perhaps, most common and well known computer security threat. Computer virus is a program or a piece of software written to alter the way a computer operates, without the permission or knowledge of the user. A virus replicates and executes itself, usually doing damage to your computer. The virus could corrupt, steal, or delete data on your computer—even erasing everything on your hard drive.
-
TROJAN
A Trojan horse, or Trojan is generally a non-self-replicating type of malware program containing malicious code that, when executed, carries out actions determined by the nature of the Trojan, typically causing loss or theft of data, and possible system harm. A Trojan is a piece of software which containing malicious code while appearing to perform a legitimate action.
-
SPYWARE
A serious computer security threat, spyware is any program that monitors your online activities or installs programs without your consent for profit or to capture personal information. Spyware is software that is secretly installed on a computer without the user’s consent. It monitors user activity or interferes with user control over a personal computer.
-
SPOOFING / PHISHING
Spoofing: Spoofing is an attack in which a person or program pretends to be as another.
Phishing: Pretending to be as a trustworthy person or business, phishers attempt to steal sensitive financial or personal information through fraudulent email or instant messages.
-
WORM
A worm is a self-replicating program that is self-contained and does not require a host program. The program creates a copy of itself and causes it to execute; no user intervention is required. Worms commonly use network services to propagate to other host systems.
-
BOTNET
A botnet is a group of computers connected to the Internet that have been compromised by a hacker using a computer virus or Trojan horse. An individual computer in the group is known as a “Zombie Computer” and collectively known as “Zombie Army”. The botnet is under the command of a “Bot Herder” or a “Bot Master,” usually to perform nefarious activities. This could include distributing spam to the email contact addresses on each zombie computer.
Security Measures
Physical Security Measures
Physical Security requirements include four basic areas: physical security protection, physical access controls, data file protection, and natural disaster protection.
Physical Security Protection:Physical security protection takes on two forms. The first is physical barriers, such as solid walls, locked doors etc. The second involves people and the procedures that we must follow, such as looking up names on the access list to determine who is authorized in a given space or area.
Physical Access Control: Physical access controls are implemented to prevent unauthorized entry to your computer facility or remote terminal areas. Physical access controls can be accomplished in several ways such as lock set, electronic key system, or electronic combination lock.
Data File Protection: Physical access to data files and media libraries such as magnetic disks, tape files etc. is authorized only to those personnel requiring access to perform their job.
Natural Disaster Protection: The effects of natural disasters must be prevented, controlled and minimized to the extent by the use of detection equipments like heat sensors, smoke detectors etc.
Operational Security Measures
Operational solutions include:
- Operational security policy: There should be clear guidelines on what operators are allowed to do and what they are not allowed to do. The operational security policy should clearly define the responsibilities and authorization, as well as disciplinary actions in case of breaches.
- Change management process: Every company running a network should create precise processes that define and control how changes to the network are executed. The state of the hardware, operating system and configurations should be monitored, and all changes should be logged and executed in a controlled way. The logs should be evaluated and checked for potential misconfigurations.
Personnel Security Measures
Teaching your employees about safe online habits and proactive defense is crucial. Educating them about what they are doing and why it is dangerous is a more effective strategy than expecting your IT security staff to constantly react to end users’ bad decisions. The following measures can be taken:
- Train your staff to use a strong password having a combination of upper and lower case letters, numbers and the special keyboard characters like the asterisk or currency symbols;
- Train your staff not to send offensive emails about other people, their private lives or anything else that could bring your organization into disrepute;
- Train your staff not to believe emails that appear to come from your bank that ask for your account, credit card details or your password.
- Train your staff not to open spam – not even to unsubscribe or ask for no more mailings. Tell them to delete the email and either get spam filters on your computers or use an email provider that offers this service.
Data / System Security Measures
These Measures apply to anyone who accesses, uses, or controls computer and data resources The following section describe the Basic and Intermediate System Security Measures and the Data Security Measures.
- Establish Strong Passwords: Implementing strong passwords is the easiest thing you can do to strengthen your security. According to Microsoft, you should definitely avoid using: any personal data (such as your birth date), common words spelled backwards and sequences of characters or numbers, or those that are close together on the keyboard. As for how often you should change your password, industry standard is "every 90 days," but don't hesitate to do it more frequently if your data is highly-sensitive.
Another key: make sure every individual has their own username and password for any login system. Never just use one shared password". And finally, "Never write it down".
- Put Up A Strong Firewall: Install a firewall and virus-checking on your computers. Make sure that your operating system is set up to receive automatic updates. A firewall protects your network by controlling internet traffic coming into and flowing out of your business. They're pretty standard across the board.
- Install Antivirus Protection: Antivirus and anti-malware software are essentials in your arsenal of online security weapons, as well. They're the last line of defense" should an unwanted attack get through to your network.
- Update Your Programs Regularly: Frequently updating your programs keeps you up-to-date on any recent issues or holes that programmers have fixed. While applications are not 100 percent fool-proof, it is important to regularly update these tools to help keep your users safe.
- Secure the Laptops: Because of their portable nature, laptops are at a higher risk of being lost or stolen than average company desktops. It's important to take some extra steps to make certain your sensitive data is protected..Encrypting our laptop is the easiest thing to do.
- Backup Regularly : Scheduling regular backups to an external hard drive is a painless way to ensure that all your data is stored safely. Servers should have a complete backup weekly, and incremental backups every night; personal computers should also be backed up completely every week, but we can do incremental backups every few days if we like.
- Be careful with E-Mail, IM and Surfing the Web: It's not uncommon for a unsuspecting employee to click on a link or download an attachment that they believe is harmless — only to discover they've been infected with a nasty virus, or worse. We have to be smart when surfing the Web. We should take every "warning box" that appears on our screen seriously and understand that every new piece of software comes with its own set of security vulnerabilities.
- Educate the Employees: Teaching the employees about safe online habits and proactive defense is crucial. Educating them about what they are doing and why it is dangerous is a more effective strategy than expecting your IT security staff to constantly react to end users’ bad decisions.
Network Security Measures
- Activate firewalls and adjust administrator settings on each terminal to prevent employees from disabling them.
- Go into control panels and ensure settings critical for security can only be changed by administrators.
- Install port blocking and IP blocking software to prevent phishing and adware from slipping through antivirus software. Communicate any potential weaknesses with employees, such as email alerts about particularly sneaky worms getting through security.
- Email can be made super-secure by specifying what addresses it will accept. If this is not an acceptable option, remind employees that personal emails sent through the system are technically company property and discourage wide use of personal emailing. Remind them that email is particularly vulnerable to security breaches.
- Make sure your wireless network is secure and password-protected. You can also set software to keep the network invisible to the outside world. Use WAP or WPA or WPA2 for secure wireless. This way, only legitimate users know the network name and password.
Name - Neeraj Kumar July 2, 2014 at 6:36 am
Neeraj Kumar liked this on Facebook.
Name - Tasleem Ali July 2, 2014 at 6:36 am
Tasleem Ali liked this on Facebook.
Name - Garima Saini July 2, 2014 at 7:28 am
Garima Saini liked this on Facebook.
Name - Anil Kumar July 2, 2014 at 9:34 am
Anil Kumar liked this on Facebook.