Network Security
Preventative measures, Detective measures, Corrective measur
Passwords
Passwords are used throughout most computer systems to protect data on computers even computers without precious data files normally have passwords just for a sense of security. Passwords now when created have strength meters to check how strong it is against hackers. Sometimes it won’t even allow weak passwords because it is such a danger. Passwords are classified in strength by the amount of letters numbers and cases and symbols for example an extremely strong password could be: Fa4%0Op$; this is because it is quite long, uses all cases some symbols and some numbers. However weak passwords would use one case or just numbers or just symbols.
Passwords are like locks they will only let somebody into a computer system if they have the code. They can also be used to lock files and other things such like. If a hacker should try attacking the system and guess the password; a good password security system will give a number of tries to get into the computer then the computer will lock itself and you will have to wait a predetermined time until you can try again.
Access rights
Access rights are the rights that are set out by the administrator on the network, that state what documents and files each person can access. For instance, you may have a personal folder in which you and delete files. Parts of the network may have files that you are only able to read and not edit and there may be parts of the network you can’t access at all. In which case a message will often pop up to inform you "You do not have sufficient access rights" or something similar.You may be able to access certain areas because you are part of a group, for example a student group. If you are part of a group on the network, you will have the same access rights as everyone else in the group.
Acceptable Use Policy
An acceptable use policy is a set of rules applied by the owner/manager of a network, website or large computer system that restrict the ways in which the network, website or system may be used. AUP documents are written for corporations, businesses, universities, schools, internet service providers, and website owners often to reduce the potential for legal action that may be taken by a user, and often with little prospect of enforcement.
Acceptable Use Policies are an integral part of the framework of information security policies; it is often common practice to ask new members of an organization to sign an AUP before they are given access to its information systems. For this reason, an AUP must be concise and clear, while at the same time covering the most important points about what users are, and are not, allowed to do with the IT systems of an organization. It should refer users to the more comprehensive security policy where relevant. It should also, and very notably, define what sanctions will be applied if a user breaks the AUP. Compliance with this policy should, as usual, be measured by regular audits.Firewalls
Firewalls are commonly used as a source of protection for keeping networks safe and secure. They can either be Hardware based or Software based. However, its primary objective is to control the incoming and outgoing network traffic, this is generally done by the software analyzing the data packets then determining whether or not it should be authorized to pass through the network into the computer. If the data packet is declined then it is just forgot about by the Firewall, but if it is accepted then once in the computer the packet will then do what is was
Back up
Redundant hardware and Failover
The failover (or switchover) process is where a device is switched to a secondary, redundant or standby system after a glitch or failure, so that it can continue to function properly. Whist failover occurs automatically upon error, switchover requires activation or approval from an external source so that the system proceeds to switch to the secondary system. When a system is designed, it will often have incorporated failover systems where continuous availability is essential. A failback system then restores a system to its original state after it has defaulted to failover; it is basically a backup drive and restoration system.
In server systems, it is common to have multiple or duplicate servers. When the primary server fails, the secondary server detects this and takes over to provide continuity.
A recent example is that of Nasa’s “Curiosity” Mars Science Laboratory Rover, which swapped to its B side computer on 28th February after a memory issue on its A side computer. As it is such a distance from Earth and thus cannot be manually repaired, “Curiosity”, like many spacecraft, carries a pair of redundant main computers in order to have a backup available if one fails. Each of the computers, A-side and B-side, also has other redundant subsystems linked to just that computer. This is quite an extensive failover system that ensures that the rover can continue to function remotely.
Hardware and Software Failure
- Hardware Failure - Failure of main systems components such as CPUs and memory; or peripherals such as disks, disk con ers, network cards; or auxiliary equipment such as power modules and fans; or network equipment such as switches, hubs, cables, etc., can be the causes of hardware failures.
- Software Failures - The possibilities of failure of software mostly depends upon the type of software used. One of the main causes for software failure is applying a patch. Sometimes, if a patch does not match the type of implementation, then the application software may start to behave in a strange way, bringing down the application and reversing the changes, if possible. Sometimes, an upgrade may also cause a problem. The main problem with upgrades will be performance related or the misbehaving of any third party products, which depend upon those upgrades.
Hackers
Unauthorised access to files and folders by employees are specific links or files not allowed. Lets say they need plans on the system but they don’t want people beneath them to see they will restrict access on the server to keep hackers inside the system out. This puts up firewalls and only administers are allowed to acess the restricted files. There is always one person who is in control of which data is allowed or not. Another example would be restricted sites which might distract the employee. For example a games website should not be allowed in the work area as it would distract them from their actual job.
Accidental data deletion/corruption by users.
Accidental data deletion is where a user removes/erases information on their computer without meaning to. This could mean that important data is lost which the user cannot retrieve. One way to avoid this is to back up files regularly, though incorrectly deleted file may be found in the archives of the computer.
- A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files (such as a salary database trigger), should they ever be terminated from the company.
- Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre-defined time or when some other condition is met. This technique can be used by a virus or worm to gain momentum and spread before being noticed. Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fool's Day. Trojans that activate on certain dates are often called "time bombs".
- To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software. As an example, trial programs with code that disables certain functionality after a set time are not normally regarded as logic bombs.
Natural Disasters
Disaster recovery procedures
- hacker attacks
- computer viruses
- electric power failures
- underground cable cuts or failures
- fire, flood, earthquake, and other natural disasters at a facility
- mistakes in system administration
there are many ways that you can save/ retrieve your data. Traditional backup strategies, for example, archive copies of critical data at a given point in time so that they can be restored later if needed. virus scanning software can be used to get rid of data wiping virus’.
Audit trails
For instance, the audit trail for the purchase of a carton of milk would consist only of the receipt for the transaction. This receipt details the exchange of cash for the item purchased (milk), the date, and the institution where it occurred (the store).
When a transaction is executed (e.g. a business purchase), each documented step taken makes up the audit trail. Depending on the transaction, the audit trail can be highly complex or very simple.
For instance, the audit trail for the purchase of a carton of milk would consist only of the receipt for the transaction. This receipt details the exchange of cash for the item purchased (milk), the date, and the institution where it occurred (the store).
Physical security
Recovery
- Recovery is when you restore data from either a cloud or external backup. There are many communities of the internet that uses cloud recovery, normally so you can share data between one or many clients with cloud backups.
The recovery process is normally used when a computer is either restored to factory settings, they have been hacked and they need to reset their computer or they have another problem that causes the loss of vital data. One of the most common ways to recover data involves an OS (Operating System), in which case the goal is to simply copy all the files onto a disk in case of data loss. Some data loss could be due to the file system or partition table, in which case, a piece of the original data can be recovered by repairing the damaged file system or partition table.
HDDs and SSDs can lose data if you physically overwrite it. There is a way to recover lost data from an HDD, and that is using a magnetic force microscope. An SSD is substantially easier to use, especially to recover data, than Most SSDs use flash memory to store data in pages and blocks, referenced by logical block addresses (LBA) which are managed by the flash translation layer (FTL). When the FTL modifies a sector it writes the new data to another location and updates the map so the new data appears at the target LBA. This leaves the pre-modification data in place, with possibly many generations, and recoverable by data recovery software.