Chapter 8 Security Issues and Strategies

Report
Chapter 8 Security Issues and
Strategies
Chapter 8
Security Issues
and Strategies
© Paradigm Publishing, Inc.
8-1
Presentation Overview
•
•
•
•
•
Risk Assessment
Network and Internet Security Risks
Computer Viruses
Hardware and Software Security Risks
Security Strategies for Protecting Computer
Systems and Data
© Paradigm Publishing, Inc.
8-2
Risk Assessment
Why is risk assessment important when
defining security strategies?
– In order to protect their systems adequately,
organizations need to assess the level of
security risk that they face.
– The two factors that determine the level of
security risk are
• Threat – the severity of a security breach
• Vulnerability – the likelihood of a security breach
© Paradigm Publishing, Inc.
8-3
Risk Assessment
The higher the level of
vulnerability and threat,
the higher the level of
risk.
© Paradigm Publishing, Inc.
8-4
Risk Assessment
Companies today face security problems in
three broad areas:
– Network and Internet security risks
– Computer viruses
– Hardware and software security risks
© Paradigm Publishing, Inc.
8-5
Network and Internet
Security Risks
What are the security risks on networks and
the Internet?
– Unauthorized access
– Denial of service attacks
– Information theft
© Paradigm Publishing, Inc.
8-6
Network and Internet
Security Risks
Unauthorized Access
– A hacker is a computer expert that seeks
programming, security, and system challenges.
– A cracker is a hacker with malicious or
criminal intent.
– A cyberwar occurs when a group of hackers
attacks a site in a competing country when
news events between two potential foes cause a
flare-up of tensions.
© Paradigm Publishing, Inc.
8-7
Network and Internet
Security Risks
Annual Percentage of Unauthorized Access to
Computers
© Paradigm Publishing, Inc.
8-8
Network and Internet
Security Risks
Unauthorized Access
– User IDs and passwords – hackers gain entry
by finding a working user ID and password
– System backdoor – a test user ID and
password that provides the highest level of
authorization
© Paradigm Publishing, Inc.
8-9
Network and Internet
Security Risks
Unauthorized Access
– Spoofing –fooling another computer by
pretending to send packets from a legitimate
source
– Online predator – an individual who uses the
Internet to talk young people into meeting or
exchanging photos with him or her
© Paradigm Publishing, Inc.
8-10
Network and Internet
Security Risks
In a denial of service
(DoS) attack, one or
more hackers run
multiple copies of a
program that asks for the
same information from a
Web site over and over
again, flooding the
system and essentially
shutting it down.
© Paradigm Publishing, Inc.
8-11
Network and Internet
Security Risks
Information Theft
– Stealing corporate information is easy to do and
difficult to detect.
– The limited security of wireless devices has
made it even easier.
Wired Equivalent Privacy (WEP) is a security
protocol that makes it more difficult for hackers to
intercept wireless data transmissions.
– Data browsing is when workers invade the
privacy of others by viewing private data.
© Paradigm Publishing, Inc.
8-12
Computer Viruses
• A computer virus is a program, written by a
hacker or cracker, that is designed to
perform some kind of trick upon an
unsuspecting victim.
• A worm doesn’t wait for a user to execute
an attachment or open a file with a macro;
instead, it actively attempts to move and
copy itself.
© Paradigm Publishing, Inc.
8-13
Computer Viruses
Viruses are often
transmitted over the
Internet and through
shared devices such as
flash drives.
© Paradigm Publishing, Inc.
8-14
Computer Viruses
Virus Symptoms
© Paradigm Publishing, Inc.
8-15
Computer Viruses
Impact of Viruses
– A nuisance virus usually does no real damage,
but is rather just an inconvenience.
– An espionage virus does not inflict immediate
damage, but it allows the hacker or cracker to
enter the system later to steal data or spy.
– A data-destructive virus is designed to erase
or corrupt files so that they are unreadable.
© Paradigm Publishing, Inc.
8-16
Computer Viruses
Methods of Virus Operation
– A macro virus is written specifically for one
program, such as Microsoft Word.
• If the user activates macros, infecting the program,
every file created or edited using that program will
become infected too.
– A variant virus is programmed to change itself
to fool programs meant to stop it.
– A stealth virus tries to hide from software
designed to find and destroy it.
© Paradigm Publishing, Inc.
8-17
Computer Viruses
Methods of Virus Operation
– A boot sector virus is designed to alter the
boot sector of a disk (which contains a variety
of information) so that whenever the operating
system reads the boot sector, the computer will
become infected.
– A Trojan horse virus hides inside another
legitimate program or data file.
© Paradigm Publishing, Inc.
8-18
Computer Viruses
Methods of Virus Operation
– A multipartite virus utilizes several forms of
attack.
– A logic bomb virus sits quietly dormant,
waiting for a specific event or set of conditions
to occur before it infects the computer.
© Paradigm Publishing, Inc.
8-19
Hardware and Software
Security Risks
Systems Failure
A power spike is a sudden rise or fall in the
power level that can cause poor performance or
permanently damage hardware.
• A surge protector can guard against power spikes.
• An uninterruptible power supply (UPS) is a more
vigorous power protection system which provides a
battery backup and can keep computers running
during a blackout.
© Paradigm Publishing, Inc.
8-20
Hardware and Software
Security Risks
Employee Theft
– Businesses lose millions of dollars a year in
stolen computer hardware and software.
– The costs involved include
• The cost of the stolen software and hardware
• The cost of replacing lost data
• The cost of the time lost while the machines are
gone
• The cost of installing new machines and training
people to use them
© Paradigm Publishing, Inc.
8-21
Hardware and Software
Security Risks
Cracking Software for Copying
– A crack is a method of circumventing a
security scheme that prevents a user from
copying a program.
• For example, copying a CD with a burner
– Some companies are trying to make duplication
difficult by scrambling some of the data on
their original CDs.
© Paradigm Publishing, Inc.
8-22
Security Strategies for Protecting
Computer Systems and Data
Components of
Physical Security
– The location of
devices
– The use of locking
equipment
© Paradigm Publishing, Inc.
8-23
Security Strategies for Protecting
Computer Systems and Data
Firewalls
– A firewall will generally allow normal Web
browser operations but will prevent many other
types of communication.
– The firewall checks incoming data against a list
of known, trusted sources.
If a packet does not fit the profile of anything on the
firewall’s list, it is rejected.
© Paradigm Publishing, Inc.
8-24
Security Strategies for Protecting
Computer Systems and Data
Network Sniffers
– A network sniffer is a software package that
displays network traffic data.
– It shows which resources employees are using
and the Web sites they are visiting.
– It can be used to monitor, prevent unauthorized
activity, or troubleshoot network connections
and improve system performance.
© Paradigm Publishing, Inc.
8-25
Security Strategies for Protecting
Computer Systems and Data
Antivirus Software
– Antivirus software detects and deletes known
viruses.
– The Internet helps antivirus software to update
itself.
• There are 10 to 20 new viruses reported daily.
• Antivirus programs must be upgraded constantly.
© Paradigm Publishing, Inc.
8-26
Security Strategies for Protecting
Computer Systems and Data
Data Backups
– Data should always be backed up and placed in
a safe spot.
– A rotating backup involves many copies of
data which are updated on a set schedule.
• This is a time-saving method of backup.
• If the database is lost or corrupted, many copies
exist, some of which may predate the problem.
© Paradigm Publishing, Inc.
8-27
Security Strategies for Protecting
Computer Systems and Data
Disaster Recovery Plan
– A disaster recovery plan is a safety system
that allows a company to restore its systems
after a complete loss of data.
– A typical disaster recovery plan includes
• Data backup procedures
• Remotely located backup copies
• Redundant systems
A mirrored hard drive is one that contains exactly the
same data as the original.
© Paradigm Publishing, Inc.
8-28
Security Strategies for Protecting
Computer Systems and Data
Authentication
– Authentication is proof that a user is who he
says he is, and that he is authorized to access an
account.
– Common forms of authentication include
•
•
•
•
Personal identification numbers
User IDs and passwords
Smart cards
Biometrics
© Paradigm Publishing, Inc.
8-29
Security Strategies for Protecting
Computer Systems and Data
Data Encryption
– Encryption scrambles information so that it is
unreadable.
This unreadable text is called ciphertext.
– Data encryption schemes include an encryption key
that is shared between the two computers that wish to
communicate.
© Paradigm Publishing, Inc.
8-30
Security Strategies for Protecting
Computer Systems and Data
Monitoring and Auditing
– Employers can monitor their employees at
work in a number of ways.
• Keyboard loggers store keystrokes on hard drive.
• Internet traffic trackers record the Web sites that
employees visit for later auditing.
– Auditing involves a review of monitoring data
and systems logins to look for unauthorized
access or suspicious behavior.
© Paradigm Publishing, Inc.
8-31
On the Horizon
Based on the information presented in this
chapter and your own experience, what do
you think is on the horizon?
© Paradigm Publishing, Inc.
8-32

similar documents