Unauthorised access to files/folders by employees
Natural Disasters and data loss
- A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files (such as a salary database trigger), should they ever be terminated from the company.
- Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre-defined time or when some other condition is met. This technique can be used by a virus or worm to gain momentum and spread before being noticed. Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fool's Day. Trojans that activate on certain dates are often called "time bombs".
- To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software. As an example, trial programs with code that disables certain functionality after a set time are not normally regarded as logic bombs.
Hardware Failures & Software Failures
- Hardware Failure - Failure of main systems components such as CPUs and memory; or peripherals such as disks, disk con ers, network cards; or auxiliary equipment such as power modules and fans; or network equipment such as switches, hubs, cables, etc., can be the causes of hardware failures.
- Software Failures - The possibilities of failure of software mostly depends upon the type of software used. One of the main causes for software failure is applying a patch. Sometimes, if a patch does not match the type of implementation, then the application software may start to behave in a strange way, bringing down the application and reversing the changes, if possible. Sometimes, an upgrade may also cause a problem. The main problem with upgrades will be performance related or the misbehaving of any third party products, which depend upon those upgrades.
Access rights Dylan Evans
Access rights are the rights that are set out by the administrator on the network, that state what documents and files each person can access. For instance, you may have a personal folder in which you and delete files. Parts of the network may have files that you are only able to read and not edit and there may be parts of the network you can’t access at all. In which case a message will often pop up to inform you "You do not have sufficient access rights" or something similar.You may be able to access certain areas because you are part of a group, for example a student group. If you are part of a group on the network, you will have the same access rights as everyone else in the group.
Acceptable use policy
An acceptable use policy is a set of rules applied by the owner/manager of a network, website or large computer system that restrict the ways in which the network, website or system may be used. AUP documents are written for corporations, businesses, universities, schools, internet service providers, and website owners often to reduce the potential for legal action that may be taken by a user, and often with little prospect of enforcement.
Acceptable Use Policies are an integral part of the framework of information security policies; it is often common practice to ask new members of an organization to sign an AUP before they are given access to its information systems. For this reason, an AUP must be concise and clear, while at the same time covering the most important points about what users are, and are not, allowed to do with the IT systems of an organization. It should refer users to the more comprehensive security policy where relevant. It should also, and very notably, define what sanctions will be applied if a user breaks the AUP. Compliance with this policy should, as usual, be measured by regular audits.
Firewalls are commonly used as a source of protection for keeping networks safe and secure. They can either be Hardware based or Software based. However, its primary objective is to control the incoming and outgoing network traffic, this is generally done by the software analyzing the data packets then determining whether or not it should be authorized to pass through the network into the computer. If the data packet is declined then it is just forgot about by the Firewall, but if it is accepted then once in the computer the packet will then do what is was programmed for