Computer Security

Preventative measures

A preventive measure is a risk control that avoids or deters the occurrence of an undesirbable event. Passwords, keycards, badges, policies and encryption are examples of preventative data. A preventative measure computers take is not always pre installed. Most of the time users are required to install anti-virus and firewalls to prevent hackers from accessing the computer system and hard drive. Another way a computer can stop people from accessing there data is preventing an external threat. For example a username system and password would prevent anyone from logging into your computer. However a password can be guessed. This is the first step to keep a hacker out or loss of data.

Hackers

Hackers are other users with a computer. These people can either use their specific skills to either hack other computers or they can access usually blocked off files. They can be arrested for hacking someones computer as it goes against the data protection act. This act was put in place to keep hackers away. A hacker can literally be anyone with a computer. If they acquirer the computer IP address they can find a way to access your computer. Hackers can vary as they can just be hacking and guessing a computer password or they can create a complex program to bypass firewalls and go through anti-virus. Sometimes the hackers will create virus’ to extract the data. The hackers are not required for anything and are computer scum.

Unauthorised access to files/folders by employees

Unauthorized access to files and folders by employees are specific links or files not allowed. Lets say they need plans on the system but they don’t want people beneath them to see they will restrict access on the server to keep hackers inside the system out. This puts up firewalls and only administers are allowed to acess the restricted files. There is always one person who is in control of which data is allowed or not. Another example would be restricted sites which might distract the employee. For example a games website should not be allowed in the work area as it would distract them from their actual job.

Natural Disasters and data loss

If your computer is under warranty, you want to have the warranty information in your security box with other important documents. This allows you to grab the information when you get ready to evacuate. In some cases, companies will replace a computer that is damaged due to a natural disaster. You can also purchase replacement warranties that will replace the computer no matter what happens to it. While you may not plan on losing your computer, that doesn’t mean it won’t happen. You need to backup your important photos and financial files to a cloud storage system. This will allow you to access the files no matter where you are or whether or not your computer still works. This can save you a lot of time and heartache. With a backups they are easy to make and really good when you have lots of important information that can be devastating if you lose it. If there is a flood all of your possessions will be lost and a backup can restore all your information.

Logic Bomb

  • Bomb
  • A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files (such as a salary database trigger), should they ever be terminated from the company.
  • Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre-defined time or when some other condition is met. This technique can be used by a virus or worm to gain momentum and spread before being noticed. Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fool's Day. Trojans that activate on certain dates are often called "time bombs".
  • To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software. As an example, trial programs with code that disables certain functionality after a set time are not normally regarded as logic bombs.

Hardware Failures & Software Failures

  • Hardware Failure - Failure of main systems components such as CPUs and memory; or peripherals such as disks, disk con ers, network cards; or auxiliary equipment such as power modules and fans; or network equipment such as switches, hubs, cables, etc., can be the causes of hardware failures.

  • Software Failures - The possibilities of failure of software mostly depends upon the type of software used. One of the main causes for software failure is applying a patch. Sometimes, if a patch does not match the type of implementation, then the application software may start to behave in a strange way, bringing down the application and reversing the changes, if possible. Sometimes, an upgrade may also cause a problem. The main problem with upgrades will be performance related or the misbehaving of any third party products, which depend upon those upgrades.

Access rights Dylan Evans


Access rights are the rights that are set out by the administrator on the network, that state what documents and files each person can access. For instance, you may have a personal folder in which you and delete files. Parts of the network may have files that you are only able to read and not edit and there may be parts of the network you can’t access at all. In which case a message will often pop up to inform you "You do not have sufficient access rights" or something similar.You may be able to access certain areas because you are part of a group, for example a student group. If you are part of a group on the network, you will have the same access rights as everyone else in the group.


Acceptable use policy


An acceptable use policy is a set of rules applied by the owner/manager of a network, website or large computer system that restrict the ways in which the network, website or system may be used. AUP documents are written for corporations, businesses, universities, schools, internet service providers, and website owners often to reduce the potential for legal action that may be taken by a user, and often with little prospect of enforcement.

Acceptable Use Policies are an integral part of the framework of information security policies; it is often common practice to ask new members of an organization to sign an AUP before they are given access to its information systems. For this reason, an AUP must be concise and clear, while at the same time covering the most important points about what users are, and are not, allowed to do with the IT systems of an organization. It should refer users to the more comprehensive security policy where relevant. It should also, and very notably, define what sanctions will be applied if a user breaks the AUP. Compliance with this policy should, as usual, be measured by regular audits.


Firewall



Firewalls are commonly used as a source of protection for keeping networks safe and secure. They can either be Hardware based or Software based. However, its primary objective is to control the incoming and outgoing network traffic, this is generally done by the software analyzing the data packets then determining whether or not it should be authorized to pass through the network into the computer. If the data packet is declined then it is just forgot about by the Firewall, but if it is accepted then once in the computer the packet will then do what is was programmed for