Upload
alfred-hicks
View
220
Download
2
Tags:
Embed Size (px)
Citation preview
© Paradigm Publishing, Inc. 8-1
Chapter 8 Security Issues and Strategies
Chapter 8Security Issues and Strategies
© Paradigm Publishing, Inc. 8-2
Presentation Overview
• Risk Assessment• Network and Internet Security Risks• Computer Viruses• Hardware and Software Security Risks• Security Strategies for Protecting Computer
Systems and Data
© Paradigm Publishing, Inc. 8-3
Risk Assessment
Why is risk assessment important when defining security strategies?
– In order to protect their systems adequately, organizations need to assess the level of security risk that they face.
– The two factors that determine the level of security risk are• Threat – the severity of a security breach• Vulnerability – the likelihood of a security breach
© Paradigm Publishing, Inc. 8-4
Risk Assessment
The higher the level of vulnerability and threat, the higher the level of risk.
© Paradigm Publishing, Inc. 8-5
Risk Assessment
Companies today face security problems in three broad areas:
– Network and Internet security risks– Computer viruses– Hardware and software security risks
© Paradigm Publishing, Inc. 8-6
Network and Internet Security Risks
What are the security risks on networks and the Internet?
– Unauthorized access– Denial of service attacks– Information theft
© Paradigm Publishing, Inc. 8-7
Network and Internet Security Risks
Unauthorized Access– A hacker is a computer expert that seeks
programming, security, and system challenges.– A cracker is a hacker with malicious or
criminal intent.– A cyberwar occurs when a group of hackers
attacks a site in a competing country when news events between two potential foes cause a flare-up of tensions.
© Paradigm Publishing, Inc. 8-8
Network and Internet Security Risks
Annual Percentage of Unauthorized Access to Computers
© Paradigm Publishing, Inc. 8-9
Network and Internet Security Risks
Unauthorized Access– User IDs and passwords – hackers gain entry
by finding a working user ID and password– System backdoor – a test user ID and
password that provides the highest level of authorization
© Paradigm Publishing, Inc. 8-10
Network and Internet Security Risks
Unauthorized Access– Spoofing –fooling another computer by
pretending to send packets from a legitimate source
– Online predator – an individual who uses the Internet to talk young people into meeting or exchanging photos with him or her
© Paradigm Publishing, Inc. 8-11
Network and Internet Security Risks
In a denial of service (DoS) attack, one or more hackers run multiple copies of a program that asks for the same information from a Web site over and over again, flooding the system and essentially shutting it down.
© Paradigm Publishing, Inc. 8-12
Network and Internet Security Risks
Information Theft– Stealing corporate information is easy to do and
difficult to detect.– The limited security of wireless devices has
made it even easier.Wired Equivalent Privacy (WEP) is a security protocol that makes it more difficult for hackers to intercept wireless data transmissions.
– Data browsing is when workers invade the privacy of others by viewing private data.
© Paradigm Publishing, Inc. 8-13
Computer Viruses
• A computer virus is a program, written by a hacker or cracker, that is designed to perform some kind of trick upon an unsuspecting victim.
• A worm doesn’t wait for a user to execute an attachment or open a file with a macro; instead, it actively attempts to move and copy itself.
© Paradigm Publishing, Inc. 8-14
Computer Viruses
Viruses are often transmitted over the Internet and through shared devices such as flash drives.
© Paradigm Publishing, Inc. 8-15
Computer Viruses
Virus Symptoms
© Paradigm Publishing, Inc. 8-16
Computer Viruses
Impact of Viruses– A nuisance virus usually does no real damage,
but is rather just an inconvenience.– An espionage virus does not inflict immediate
damage, but it allows the hacker or cracker to enter the system later to steal data or spy.
– A data-destructive virus is designed to erase or corrupt files so that they are unreadable.
© Paradigm Publishing, Inc. 8-17
Computer Viruses
Methods of Virus Operation– A macro virus is written specifically for one
program, such as Microsoft Word.• If the user activates macros, infecting the program,
every file created or edited using that program will become infected too.
– A variant virus is programmed to change itself to fool programs meant to stop it.
– A stealth virus tries to hide from software designed to find and destroy it.
© Paradigm Publishing, Inc. 8-18
Computer Viruses
Methods of Virus Operation– A boot sector virus is designed to alter the
boot sector of a disk (which contains a variety of information) so that whenever the operating system reads the boot sector, the computer will become infected.
– A Trojan horse virus hides inside another legitimate program or data file.
© Paradigm Publishing, Inc. 8-19
Computer Viruses
Methods of Virus Operation– A multipartite virus utilizes several forms of
attack.– A logic bomb virus sits quietly dormant,
waiting for a specific event or set of conditions to occur before it infects the computer.
© Paradigm Publishing, Inc. 8-20
Hardware and Software Security Risks
Systems FailureA power spike is a sudden rise or fall in the power level that can cause poor performance or permanently damage hardware.
• A surge protector can guard against power spikes.• An uninterruptible power supply (UPS) is a more
vigorous power protection system which provides a battery backup and can keep computers running during a blackout.
© Paradigm Publishing, Inc. 8-21
Hardware and Software Security Risks
Employee Theft– Businesses lose millions of dollars a year in
stolen computer hardware and software. – The costs involved include
• The cost of the stolen software and hardware• The cost of replacing lost data• The cost of the time lost while the machines are
gone• The cost of installing new machines and training
people to use them
© Paradigm Publishing, Inc. 8-22
Hardware and Software Security Risks
Cracking Software for Copying– A crack is a method of circumventing a
security scheme that prevents a user from copying a program.• For example, copying a CD with a burner
– Some companies are trying to make duplication difficult by scrambling some of the data on their original CDs.
© Paradigm Publishing, Inc. 8-23
Security Strategies for Protecting Computer Systems and Data
Components of Physical Security
– The location of devices
– The use of locking equipment
© Paradigm Publishing, Inc. 8-24
Security Strategies for Protecting Computer Systems and Data
Firewalls– A firewall will generally allow normal Web
browser operations but will prevent many other types of communication.
– The firewall checks incoming data against a list of known, trusted sources.
If a packet does not fit the profile of anything on the firewall’s list, it is rejected.
© Paradigm Publishing, Inc. 8-25
Security Strategies for Protecting Computer Systems and Data
Network Sniffers– A network sniffer is a software package that
displays network traffic data.– It shows which resources employees are using
and the Web sites they are visiting.– It can be used to monitor, prevent unauthorized
activity, or troubleshoot network connections and improve system performance.
© Paradigm Publishing, Inc. 8-26
Security Strategies for Protecting Computer Systems and Data
Antivirus Software– Antivirus software detects and deletes known
viruses.– The Internet helps antivirus software to update
itself.• There are 10 to 20 new viruses reported daily.• Antivirus programs must be upgraded constantly.
© Paradigm Publishing, Inc. 8-27
Security Strategies for Protecting Computer Systems and Data
Data Backups– Data should always be backed up and placed in
a safe spot.– A rotating backup involves many copies of
data which are updated on a set schedule.• This is a time-saving method of backup.• If the database is lost or corrupted, many copies
exist, some of which may predate the problem.
© Paradigm Publishing, Inc. 8-28
Security Strategies for Protecting Computer Systems and Data
Disaster Recovery Plan– A disaster recovery plan is a safety system
that allows a company to restore its systems after a complete loss of data.
– A typical disaster recovery plan includes• Data backup procedures• Remotely located backup copies• Redundant systems
A mirrored hard drive is one that contains exactly the same data as the original.
© Paradigm Publishing, Inc. 8-29
Security Strategies for Protecting Computer Systems and Data
Authentication– Authentication is proof that a user is who he
says he is, and that he is authorized to access an account.
– Common forms of authentication include• Personal identification numbers• User IDs and passwords• Smart cards• Biometrics
© Paradigm Publishing, Inc. 8-30
Security Strategies for Protecting Computer Systems and Data
Data Encryption– Encryption scrambles information so that it is
unreadable.This unreadable text is called ciphertext.
– Data encryption schemes include an encryption key that is shared between the two computers that wish to communicate.
© Paradigm Publishing, Inc. 8-31
Security Strategies for Protecting Computer Systems and Data
Monitoring and Auditing– Employers can monitor their employees at
work in a number of ways.• Keyboard loggers store keystrokes on hard drive.• Internet traffic trackers record the Web sites that
employees visit for later auditing.
– Auditing involves a review of monitoring data and systems logins to look for unauthorized access or suspicious behavior.
© Paradigm Publishing, Inc. 8-32
On the Horizon
Based on the information presented in this chapter and your own experience, what do you think is on the horizon?