Uploaded by Spandan Mukherjee

Module 2-Part 2- System Security

advertisement
Module-2
System Security
System Security
• The objective of system security is the
protection of information and property from
theft, corruption and other types of damage,
while allowing the information and property
to remain accessible and productive.
• System security includes the development and
implementation of security countermeasures.
System Security
• Security can be compromised via any of the
breaches mentioned:
– Breach of confidentiality:
• This type of violation involves the unauthorized reading of
data.
– Breach of integrity:
• This violation involves unauthorized modification of data.
– Breach of availability:
• It involves unauthorized destruction of data.
– Theft of service:
• It involves unauthorized use of resources.
– Denial of service:
• It involves preventing legitimate use of the system.
System Security
• There are a number of different approaches to
computer system security,
– Firewall
– Data encryption
– Passwords and biometrics.
System Security
• Firewall
– One widely used strategy to improve system
security is to use a firewall.
– A firewall consists of software and hardware set
up between an internal computer network and
the Internet.
– A computer network manager sets up the rules for
the firewall to filter out unwanted intrusions.
These rules are set up in such a way that
unauthorized access is much more difficult.
System Security
• Firewall
– A system administrator can decide, for example,
that only users within the firewall can access
particular files, or that those outside the firewall
have limited capabilities to modify the files.
– You can also set up a firewall for your own
computer, and on many computer systems, this is
built into the operating system.
System Security
• Firewall
– Each institution/organisation that wishes to improve the efficiency of
filtering and increase the level of security in its network should apply
the following recommendations:
• 1. Traffic-filtering rules
– that will determine the manner in which the incoming and
outgoing traffic flows in the network will be regulated. A set of
traffic-filtering rules can be adopted as an independent packet
filtering policy or as a part of the information security policy;
• 2. Select a traffic-filtering technology
– that will be implemented depending on the requirements and
needs;
• 3. Implement defined rules
– on the selected technology and optimize the performance of
devices accordingly;
• 4. Maintain all the components of the solution,
– including not only devices, but also the policy.
System Security
• Encryption
– One way to keep files and data safe is to use
encryption. This is often used when data is
transferred over the Internet, where it could
potentially be seen by others.
– Encryption is the process of encoding messages so
that it can only be viewed by authorized
individuals.
– An encryption key is used to make the message
unreadable, and a secret decryption key is used to
decipher the message.
System Security
• Encryption
– Encryption is widely used in systems like ecommerce and Internet banking, where the
databases contain very sensitive information.
– If you have made purchases online using a credit
card, it is very likely that you've used encryption to
do this.
System Security
• Passwords
– The most widely used method to prevent
unauthorized access is to use passwords.
– A password is a string of characters used to
authenticate a user to access a system.
– The password needs to be kept secret and is only
intended for the specific user.
– In computer systems, each password is associated
with a specific username since many individuals
may be accessing the same system.
System Security
• Passwords
– Good passwords are essential for keeping
computer systems secure.
– Unfortunately, many computer users don't use
very secure passwords, such as the name of a
family member or important dates - things that
would be relatively easy to guess by a hacker.
– One of the most widely used passwords - you
guessed it - 'password.' Definitely not a good
password to use.
System Security
• Passwords
– So what makes for a strong password?
• Longer is better - A long password is much harder to
break. The minimum length should be 8 characters, but
many security experts have started recommending 12
characters or more.
• Avoid the obvious - A string like '0123456789' is too
easy for a hacker, and so is 'LaDaGaGa'. You should also
avoid all words from the dictionary.
System Security Tools
Public Key Infratsructure (Stores digital
certificates and public keys)
Managed Detection & Responses( security as a
service offering designed to provides
organizations with threat hunting services and
responds to threats once they are discovered.
Serves as a pro-active measure to try identify
vulnerabilities in services and organizations
before other attackers can
System Security Tools
• Antivirus Software
– Antivirus software is a program which is designed to
prevent, detect, and remove viruses and other
malware attacks on the individual computer,
networks, and IT systems.
– It also protects our computers and networks from the
variety of threats and viruses such as Trojan horses,
worms, keyloggers, browser hijackers, rootkits,
spyware, botnets, adware, and ransomware.
– Most antivirus program comes with an auto-update
feature and enabling the system to check for new
viruses and threats regularly. It provides some
additional services such as scanning emails to ensure
that they are free from malicious attachments and
web links.
System Security Tools
• PKI Services
– PKI stands for Public Key Infrastructure. This tool
supports the distribution and identification of
public encryption keys.
– It enables users and computer systems to securely
exchange data over the internet and verify the
identity of the other party.
– We can also exchange sensitive information
without PKI, but in that case, there would be no
assurance of the authentication of the other party.
System Security Tools
• PKI Services
– People associate PKI with SSL or TLS.
– It is the technology which encrypts the server
communication and is responsible for HTTPS and
padlock that we can see in our browser address
bar.
– PKI solve many numbers of cybersecurity
problems and deserves a place in the organization
security suite.
System Security Tools
• PKI Services
– PKI can also be used to:
• Enable Multi-Factor Authentication and access control
• Create compliant, Trusted Digital Signatures.
• Encrypt email communications and authenticate the
sender's identity.
• Digitally sign and protect the code.
• Build identity and trust into IoT ecosystems.
System Security Tools
• Managed Detection and Response Service
(MDR)
– Managed detection and response is focused on
threat detection, rather than compliance.
– MDR relies heavily on security event management
and advanced analytics.
– While some automation is used, MDR also
involves humans to monitor our network.
– MDR service providers also perform incident
validation and remote response.
System Security Tools
• Penetration Testing
– Penetration testing, or pen-test, is an important
way to evaluate our business's security systems
and security of an IT infrastructure by safely trying
to exploit vulnerabilities.
– These vulnerabilities exist in operating systems,
services and application, improper configurations
or risky end-user behavior.
– In Penetration testing, cybersecurity professionals
will use the same techniques and processes
utilized by criminal hackers to check for potential
threats and areas of weakness.
System Security Tools
• Staff Training
– Staff training is not a 'cybersecurity tool' but
ultimately, having knowledgeable employees who
understand the cybersecurity which is one of the
strongest forms of defence against cyber-attacks.
– Today's many training tools available that can
educate company's staff about the best
cybersecurity practices.
– Every business can organize these training tools to
educate their employee who can understand their
role in cybersecurity.
Download