INTRODUCTION
The main purpose of security is to protect assets. Looking back into history, the big walls acted as a safeguard to a fortress or a kingdom. There were massive and strong doors which stopped any perpetuator from entering without permission. The same thing applies in the computer world, with the only difference being that it's virtual.
There are closed networks and open networks. The closed networks are available for a person who belongs to that entity. On the other hand, open networks are available for the rest of the people. Previously, networks were designed as closed for a set of people and sites which do not connect to other people. With the advent of personal computers, LANs, and the wide-open world of the Internet,
…show more content…
This paper generally aims at understanding the need for business security in terms of some very uncommon threats present. These threats can cause a lot of damage to the industry and thus aims at destroying the majority of crucial data of the company. This paper will show the statistics and data of some of the major threats like Pharming, Browser hijacker, Bluesnarfing and Botnet. To conclude, the threat should be taken more seriously with respect to the loss.
THREATS
A threat is generally defined as an object, person, or other entity that represents a constant danger to an asset. Sans described threat as “anything that would contribute to the tampering, destruction or interruption of any service or item of value”. Threats possessed to an organization or business generally aim at identity theft, financial fraud, data breach causing loss to company’s asset. Fraud tricks can be applied on online user to gain knowledge about password username mother’s maiden name birthdate etc. These information are enough to fraud into ones bank account or create a new identity. In an open WiFi zone several computers can be hacked using hacking tools. The system can even be hacked using Bluetooth technology.
There are 4 general classes of threats which are possessed to an organization’s network system
Unstructured threats- these threats are generally possessed by untrained individuals who use easily available
Threat modeling is the process of optimizing an organizations’ security of their network by finding vulnerabilities in that system, and then deploying countermeasures to protect against those threats should they happen in the future. If a company wants to know what vulnerabilities they may have then threat modeling is an excellent way of determining these threats. An individual threat is when an event occurs that has a negative impact on an organization’s daily operations. (Rouse, 2006). These negative impacts can manifest themselves in many ways from damaging the reputation of that organization to interrupting the functions of that organization. These threats can be in the form of destruction or stealing sensitive data, cracking of weak passwords, malware, phishing, or other scams and frauds. The goal of this paper is to address how the organizations code of ethics and security policies apply, what specific security policies can be deployed, and to identify the impact of asset security standards and governance. I chose Northrop Grumman as the focus of my paper
The topic is viable for study since in the previous years, the vulnerability of organizations to cyber theft and harassment have spiked. The war on terrorism has inadvertently increased the importance of the topic mainly basing the argument on the ability of the government to protect the citizens from attack. With the
The process of preventing and detecting the use of data in the computer by any individuals without authorization is referred to as Computer Security. It is also known as cybersecurity or IT security. It involves the process of protecting computer resources from intruders for their own gains. Anti-virus, firewalls, data encryption, password protection are the main measures that encompass the computer security. It is mainly concerned with four main areas:
Physical security is a standout amongst the most neglected when outlining a framework. While a percentage of the issues talked about underneath are normal, others, for example, the discovery of an inner organization assailant who tries to physically get to the working room of the same, no. This can prompt an aggressor that is less demanding to accomplish and make a tape duplicate of the room, attempting to get to the same coherent way. Therefore, security is the application of physical hindrances and control techniques as preventive measures and countermeasures against dangers to assets and delicate data (Khairallah, 2005). There are sure
The overall security for the networked environment is weak, and the team was able to move quickly through the information system and gain system level access on most of the attached hosts, within the scope of the penetration test. Had the organization been equipped with a firewall, the ability to conduct the following test would have become a more difficult task. However, because packets can move freely, the systems provide more data than they should. Secondly the team identified the requirement to segment the network. In its current configuration, Appendix B, the organization is easily exploitable. Coupled with a firewall, a segmented Local Area Network, and firewall to filter the local area traffic, the organization becomes a more
This paper describes the basic threats to the network security and the basic issues of interest for designing a secure network. it describes the important aspects of network security. A secure network is one which is free of unauthorized entries and hackers
Recently, a series of security incidents on the company 's website, workstations, and network have been brought to the attention of the company. These incidents include the slow and sluggish behavior of workstations, advertisement pop ups on workstations not accessing the internet, deletion and defacement of the website, and reports by customers of the website becoming unavailable. While the incidents are being remediated, this has necessitated compiling information on potential threats the company 's network assets face. In that endeavor, it is recommended to review this list of the current top 5 threats facing the server, workstations, and website. Understanding how these threats potentially impact the company is vital in developing controls and countermeasures to the threats listed and could prevent additional future threats that take advantage of the same vectors.
In addition to continuity planning organizations must maintain a current security policy that enforces employee training. Human threats either intentionally or unintentional can have a significant effect on an organization. Physical security is only half the battle organizations must also have those logical controls in place. Threats come from outside influences that want to penetrate the business the reasons range from stealing data to hacktivism. As corporations continue to face new risks they also have to contend with the difficult task of protecting both internal and external customers against identity theft.
Knowing that threats can occur within an organization and its many environments and disciplines will help in determining what threats will affect the asset and what is the likelihood of an attack occurring. It will also help in determining the consequence or impact of a threat. To help understand threats and their impact on assets, a mapping of threats with impact is necessary. The following five impact categories list threats, both direct and indirect may have an impact.
There are several benefits of security frameworks that are implemented for the purpose of information
A number of malicious attacks which causes disruption to the processes has been increased due to an increase in the tremendous expansion in the field of computer networks. The main aim of network administrators is to provide continuous services to which they are intended to. Currently, the main aim of researchers is to provide secure network whereas, little intervention has been given to the quantification of network security which includes assessing of the vulnerability and malicious attacks to these systems. One of the huge networks which has more possibility to malware is an Enterprise Network which is a large and diverse network that connects both major and minor sites within an enterprise.Thesecurity and trustworthiness of Enterprise Networks have been a major concern in
Safety of information is the most valuable asset in any organization particular those who provide financial service to others. Threats can come from a variety of sources such as human threats, natural disasters and technical threats. By identifying the potential threats to the network, security measure can be taken to combat these threats, eliminate them or reduce the likelihood and impact if they should occur.
Almost all kind of large and small organizations might face increasing number of attacks into their network or intellectual property. This may lead to data disclosure, data destruction, and damage of organization’s reputation. There are numerous threats in the cyber space which might be capable of stealing, destroying or making use of out sensitive data for financial and non-financial gains. As the amount of computer, mobile and internet users increases, so does the number of exploiters.
The three specific potential malicious attacks and threats that could be carried out against the network and organization are malicious attack, malicious, and the risk, threats, and vulnerabilities that is carried out against the network and organization. Malicious Attack is an attempt to forcefully abuse or take advantage of someone 's computer, whether through computer viruses, social engineering, phishing, or other types of social engineering. Malicious Attack have four general categories of attacks on computer systems and networks. The first it have to fabrications and that involve the creation of some deception in order to trick unsuspecting users. (Kim, D., & Solomon, M., 2012). That is like when you get a call on you home phone from Windows text support, when you give them your information and the information on your router. That mean you got trick by an unsuspecting users known as a scammer. Next it is interceptions and that involves eavesdropping on transmissions and redirecting them for unauthorized use. (Kim, D., & Solomon, M., 2012) Any wireless network using a username and password to allow entrance into a local network is susceptible to interception and traffic monitoring attacks. Then it is interruptions and it cause a break in a communications channel, which blocks the transmission of data. (Kim, D., & Solomon, M., 2012) Like when you online and you trying to get information offline and it take a long time to load up.
An era of technology has begun and we are living in with various technology around us and are using it in different aspect. With the technology we have its system on it which allocates and manages various resources like processors, memory, input/output and information on secondary devices. Here, in this essay we are going to find the important of computer operating system security its design and different aspect of it.