320 likes | 512 Views
Chapter 8 Security Issues and Strategies. Chapter 8. Security Issues and Strategies. Presentation Overview. Risk Assessment Network and Internet Security Risks Computer Viruses Hardware and Software Security Risks Security Strategies for Protecting Computer Systems and Data.
E N D
Chapter 8 Security Issues and Strategies Chapter 8 Security Issues and Strategies
Presentation Overview • Risk Assessment • Network and Internet Security Risks • Computer Viruses • Hardware and Software Security Risks • Security Strategies for Protecting Computer Systems and Data
Risk Assessment Why is risk assessment important when defining security strategies? • In order to protect their systems adequately, organizations need to assess the level of security risk that they face. • The two factors that determine the level of security risk are • Threat – the severity of a security breach • Vulnerability – the likelihood of a security breach
Risk Assessment The higher the level of vulnerability and threat, the higher the level of risk.
Risk Assessment Companies today face security problems in three broad areas: • Network and Internet security risks • Computer viruses • Hardware and software security risks
Network and Internet Security Risks What are the security risks on networks and the Internet? • Unauthorized access • Denial of service attacks • Information theft
Network and Internet Security Risks Unauthorized Access • A hacker is a computer expert that seeks programming, security, and system challenges. • A cracker is a hacker with malicious or criminal intent. • A cyberwar occurs when a group of hackers attacks a site in a competing country when news events between two potential foes cause a flare-up of tensions.
Network and Internet Security Risks Annual Percentage of Unauthorized Access to Computers
Network and Internet Security Risks Unauthorized Access • User IDs and passwords – hackers gain entry by finding a working user ID and password • System backdoor – a test user ID and password that provides the highest level of authorization
Network and Internet Security Risks Unauthorized Access • Spoofing –fooling another computer by pretending to send packets from a legitimate source • Online predator – an individual who uses the Internet to talk young people into meeting or exchanging photos with him or her
Network and Internet Security Risks In a denial of service (DoS) attack, one or more hackers run multiple copies of a program that asks for the same information from a Web site over and over again, flooding the system and essentially shutting it down.
Network and Internet Security Risks Information Theft • Stealing corporate information is easy to do and difficult to detect. • The limited security of wireless devices has made it even easier. Wired Equivalent Privacy (WEP) is a security protocol that makes it more difficult for hackers to intercept wireless data transmissions. • Data browsing is when workers invade the privacy of others by viewing private data.
Computer Viruses • A computer virus is a program, written by a hacker or cracker, that is designed to perform some kind of trick upon an unsuspecting victim. • A worm doesn’t wait for a user to execute an attachment or open a file with a macro; instead, it actively attempts to move and copy itself.
Computer Viruses Viruses are often transmitted over the Internet and through shared devices such as flash drives.
Computer Viruses Virus Symptoms
Computer Viruses Impact of Viruses • A nuisance virus usually does no real damage, but is rather just an inconvenience. • An espionage virus does not inflict immediate damage, but it allows the hacker or cracker to enter the system later to steal data or spy. • A data-destructive virus is designed to erase or corrupt files so that they are unreadable.
Computer Viruses Methods of Virus Operation • A macro virus is written specifically for one program, such as Microsoft Word. • If the user activates macros, infecting the program, every file created or edited using that program will become infected too. • A variant virus is programmed to change itself to fool programs meant to stop it. • A stealth virus tries to hide from software designed to find and destroy it.
Computer Viruses Methods of Virus Operation • A boot sector virus is designed to alter the boot sector of a disk (which contains a variety of information) so that whenever the operating system reads the boot sector, the computer will become infected. • A Trojan horse virus hides inside another legitimate program or data file.
Computer Viruses Methods of Virus Operation • A multipartite virus utilizes several forms of attack. • A logic bomb virus sits quietly dormant, waiting for a specific event or set of conditions to occur before it infects the computer.
Hardware and Software Security Risks Systems Failure A power spike is a sudden rise or fall in the power level that can cause poor performance or permanently damage hardware. • A surge protector can guard against power spikes. • An uninterruptible power supply (UPS) is a more vigorous power protection system which provides a battery backup and can keep computers running during a blackout.
Hardware and Software Security Risks Employee Theft • Businesses lose millions of dollars a year in stolen computer hardware and software. • The costs involved include • The cost of the stolen software and hardware • The cost of replacing lost data • The cost of the time lost while the machines are gone • The cost of installing new machines and training people to use them
Hardware and Software Security Risks Cracking Software for Copying • A crack is a method of circumventing a security scheme that prevents a user from copying a program. • For example, copying a CD with a burner • Some companies are trying to make duplication difficult by scrambling some of the data on their original CDs.
Security Strategies for Protecting Computer Systems and Data Components of Physical Security • The location of devices • The use of locking equipment
Security Strategies for Protecting Computer Systems and Data Firewalls • A firewall will generally allow normal Web browser operations but will prevent many other types of communication. • The firewall checks incoming data against a list of known, trusted sources. If a packet does not fit the profile of anything on the firewall’s list, it is rejected.
Security Strategies for Protecting Computer Systems and Data Network Sniffers • A network sniffer is a software package that displays network traffic data. • It shows which resources employees are using and the Web sites they are visiting. • It can be used to monitor, prevent unauthorized activity, or troubleshoot network connections and improve system performance.
Security Strategies for Protecting Computer Systems and Data Antivirus Software • Antivirus software detects and deletes known viruses. • The Internet helps antivirus software to update itself. • There are 10 to 20 new viruses reported daily. • Antivirus programs must be upgraded constantly.
Security Strategies for Protecting Computer Systems and Data Data Backups • Data should always be backed up and placed in a safe spot. • A rotating backup involves many copies of data which are updated on a set schedule. • This is a time-saving method of backup. • If the database is lost or corrupted, many copies exist, some of which may predate the problem.
Security Strategies for Protecting Computer Systems and Data Disaster Recovery Plan • A disaster recovery plan is a safety system that allows a company to restore its systems after a complete loss of data. • A typical disaster recovery plan includes • Data backup procedures • Remotely located backup copies • Redundant systems A mirrored hard drive is one that contains exactly the same data as the original.
Security Strategies for Protecting Computer Systems and Data Authentication • Authentication is proof that a user is who he says he is, and that he is authorized to access an account. • Common forms of authentication include • Personal identification numbers • User IDs and passwords • Smart cards • Biometrics
Security Strategies for Protecting Computer Systems and Data Data Encryption • Encryption scrambles information so that it is unreadable. This unreadable text is called ciphertext. • Data encryption schemes include an encryption key that is shared between the two computers that wish to communicate.
Security Strategies for Protecting Computer Systems and Data Monitoring and Auditing • Employers can monitor their employees at work in a number of ways. • Keyboard loggers store keystrokes on hard drive. • Internet traffic trackers record the Web sites that employees visit for later auditing. • Auditing involves a review of monitoring data and systems logins to look for unauthorized access or suspicious behavior.
On the Horizon Based on the information presented in this chapter and your own experience, what do you think is on the horizon?