Chapter 8 Security Issues and Strategies

Download Report

Transcript Chapter 8 Security Issues and Strategies

Chapter 8 Security Issues and Strategies

Chapter 8

Security Issues and Strategies

8-1

Presentation Overview

•

Risk Assessment

Network and Internet Security Risks

Computer Viruses

Hardware and Software Security Risks

Security Strategies for Protecting Computer Systems and Data

8-2

Risk Assessment Why is risk assessment important when defining security strategies?

– In order to protect their systems adequately, organizations need to assess the level of security risk that they face. – The two factors that determine the level of security risk are • •

Threat – the severity of a security breach Vulnerability – the likelihood of a security breach

8-3

Risk Assessment The higher the level of vulnerability and threat, the higher the level of risk.

8-4

Risk Assessment Companies today face security problems in three broad areas:

– Network and Internet security risks – Computer viruses – Hardware and software security risks © Paradigm Publishing, Inc.

8-5

Network and Internet Security Risks What are the security risks on networks and the Internet?

– Unauthorized access – Denial of service attacks – Information theft © Paradigm Publishing, Inc.

8-6

Network and Internet Security Risks Unauthorized Access

– A

hacker

is a computer expert that seeks programming, security, and system challenges.

– A

cracker

is a hacker with malicious or criminal intent.

– A

cyberwar

occurs when a group of hackers attacks a site in a competing country when news events between two potential foes cause a flare-up of tensions.

8-7

Network and Internet Security Risks Annual Percentage of Unauthorized Access to Computers

8-8

Network and Internet Security Risks Unauthorized Access

–

User IDs and passwords

– hackers gain entry by finding a working user ID and password –

System backdoor

– a test user ID and password that provides the highest level of authorization © Paradigm Publishing, Inc.

8-9

Network and Internet Security Risks Unauthorized Access

–

Spoofing

–fooling another computer by pretending to send packets from a legitimate source –

Online predator

– an individual who uses the Internet to talk young people into meeting or exchanging photos with him or her © Paradigm Publishing, Inc.

8-10

Network and Internet Security Risks In a denial of service (DoS) attack , one or more hackers run multiple copies of a program that asks for the same information from a Web site over and over again, flooding the system and essentially shutting it down.

8-11

Network and Internet Security Risks Information Theft

– Stealing corporate information is easy to do and difficult to detect.

– The limited security of wireless devices has made it even easier.

Wired Equivalent Privacy (WEP)

is a security protocol that makes it more difficult for hackers to intercept wireless data transmissions.

–

Data browsing

is when workers invade the privacy of others by viewing private data.

8-12

Computer Viruses

• •

A computer virus is a program, written by a hacker or cracker, that is designed to perform some kind of trick upon an unsuspecting victim.

A worm doesn’t wait for a user to execute an attachment or open a file with a macro; instead, it actively attempts to move and copy itself.

8-13

Computer Viruses Viruses are often transmitted over the Internet and through shared devices such as flash drives.

8-14

Computer Viruses Virus Symptoms

8-15

Computer Viruses Impact of Viruses

– A

nuisance virus

usually does no real damage, but is rather just an inconvenience.

– An

espionage virus

does not inflict immediate damage, but it allows the hacker or cracker to enter the system later to steal data or spy.

– A

data-destructive virus

is designed to erase or corrupt files so that they are unreadable.

8-16

Computer Viruses Methods of Virus Operation

– A

macro virus

is written specifically for one program, such as Microsoft Word.

•

If the user activates macros, infecting the program, every file created or edited using that program will become infected too.

– A

variant virus

is programmed to change itself to fool programs meant to stop it.

– A

stealth virus

tries to hide from software designed to find and destroy it.

8-17

Computer Viruses Methods of Virus Operation

– A

boot sector virus

is designed to alter the

boot sector

of a disk (which contains a variety of information) so that whenever the operating system reads the boot sector, the computer will become infected.

– A

Trojan horse virus

hides inside another legitimate program or data file.

8-18

Computer Viruses Methods of Virus Operation

– A

multipartite virus

utilizes several forms of attack.

– A

logic bomb virus

sits quietly dormant, waiting for a specific event or set of conditions to occur before it infects the computer.

8-19

Hardware and Software Security Risks Systems Failure

power spike

is a sudden rise or fall in the power level that can cause poor performance or permanently damage hardware.

• •

surge protector

can guard against power spikes.

uninterruptible power supply (UPS)

is a more vigorous power protection system which provides a battery backup and can keep computers running during a blackout.

8-20

Hardware and Software Security Risks Employee Theft

– Businesses lose millions of dollars a year in stolen computer hardware and software. – The costs involved include • • •

The cost of the stolen software and hardware The cost of replacing lost data The cost of the time lost while the machines are gone

•

The cost of installing new machines and training people to use them

8-21

Hardware and Software Security Risks Cracking Software for Copying

– A

crack

is a method of circumventing a security scheme that prevents a user from copying a program.

•

For example, copying a CD with a burner

– Some companies are trying to make duplication difficult by scrambling some of the data on their original CDs.

8-22

Security Strategies for Protecting Computer Systems and Data Components of Physical Security

– The location of devices – The use of locking equipment © Paradigm Publishing, Inc.

8-23

Security Strategies for Protecting Computer Systems and Data Firewalls

– A

firewall

will generally allow normal Web browser operations but will prevent many other types of communication.

– The firewall checks incoming data against a list of known, trusted sources.

If a packet does not fit the profile of anything on the firewall’s list, it is rejected.

8-24

Security Strategies for Protecting Computer Systems and Data Network Sniffers

– A

network sniffer

is a software package that displays network traffic data.

– It shows which resources employees are using and the Web sites they are visiting.

– It can be used to monitor, prevent unauthorized activity, or troubleshoot network connections and improve system performance.

8-25

Security Strategies for Protecting Computer Systems and Data Antivirus Software

–

Antivirus software

detects and deletes known viruses.

– The Internet helps antivirus software to update itself.

• •

There are 10 to 20 new viruses reported daily.

Antivirus programs must be upgraded constantly.

8-26

Security Strategies for Protecting Computer Systems and Data Data Backups

– Data should always be backed up and placed in a safe spot.

– A

rotating backup

involves many copies of data which are updated on a set schedule.

• •

This is a time-saving method of backup.

If the database is lost or corrupted, many copies exist, some of which may predate the problem.

8-27

Security Strategies for Protecting Computer Systems and Data Disaster Recovery Plan

– A

disaster recovery plan

is a safety system that allows a company to restore its systems after a complete loss of data.

– A typical disaster recovery plan includes • • •

Data backup procedures Remotely located backup copies Redundant systems

mirrored hard drive

is one that contains exactly the same data as the original.

8-28

Security Strategies for Protecting Computer Systems and Data Authentication

–

Authentication

is proof that a user is who he says he is, and that he is authorized to access an account.

– Common forms of authentication include • • • •

Personal identification numbers User IDs and passwords Smart cards Biometrics

8-29

Security Strategies for Protecting Computer Systems and Data Data Encryption

–

Encryption

scrambles information so that it is unreadable.

This unreadable text is called

ciphertext

– Data encryption schemes include an

encryption key

that is shared between the two computers that wish to communicate.

8-30

Security Strategies for Protecting Computer Systems and Data Monitoring and Auditing

– Employers can monitor their employees at work in a number of ways.

• •

Keyboard loggers

store keystrokes on hard drive.

Internet traffic trackers

record the Web sites that employees visit for later auditing.

–

Auditing

involves a review of monitoring data and systems logins to look for unauthorized access or suspicious behavior.

8-31

On the Horizon Based on the information presented in this chapter and your own experience, what do you think is on the horizon?

8-32