TYPES OF COMPUTER SECURITY RISK
Physical access control
Human aspect : awareness
What Is a Computer Security Risk?
A computer security risk is really anything on your computer that may damage or steal your data or allow someone else to access your computer, without your knowledge or consent. There are a lot of different things that can create a computer risk, including malware, a general term used to describe many types of bad software. We commonly think of computer viruses, but, there are several types of bad software that can create a computer security risk, including viruses, worms, ransomware, spyware, and Trojan horses. Misconfiguration of computer products as well as unsafe computing habits also pose risks. Let's look at these in more detail.
Viruses, Worms, & Ransomware
Viruses are malware that are attached to other files in your system and may be used to destroy your data. Viruses have many capabilities, but, unlike worms, they usually require human interaction to spread from system to system, even if the user is unaware they are spreading it.
Worms are like viruses, but, they have the ability to spread themselves from computer to computer, all on their own. They know how to attach themselves to portable storage devices, like USB drives or removable hard drives, or to move through the network by automatically moving to connected machines.
Ransomware is a relatively new term for malware that, when installed on your system, makes all of your files unreadable, holding your data hostage until you pay the hacker the ransom. Ransomware may be delivered by a virus or by a worm and there is no guarantee that, even if you pay the ransom, you'll get your data restored.
Spyware & Trojan Horses
Spyware is malware that steals your data and may be used to spy on you by using your webcam or microphone without your knowledge. Once spyware is installed, it may steal your sensitive data by recording the login information you use or looking for sensitive files on your computer, then sending that data back to an attacker. In recent months, hackers have been able to access the webcam and microphone of computers and use pictures, video, or audio recordings to blackmail their victims.
SECURITY MEASURE
Data Backup
Definition of security measures:
The
precautionary measures taken toward possible danger or damage.
Types of security measures :
- A data backup is the result of copying or archiving files and folders for the purpose of being able to restore them in case of data loss.
- Data loss can be caused by many things ranging from computer viruses, hardware failures, file corruption, system failure or theft.
- If you are responsible for business data, a loss may involve critical financial, customer, and company data.
- If the data is on a personal computer, you could lose financial data and other key files, pictures, music and others that would be hard to replace.
Cryptography
- Technology of encoding information so it can only be read by authorized individuals
How ?
- To read the data, you must decrypt it into readable form.
- The unencrypted data is called plain text.
- The encrypted data is called cipher text.
- To encrypt, plain text converted into cipher text using an encryption key
Important
- The process of proving one's identity.
- Ensuring that no one can read the message except the intended receiver.
- Assuring the receiver that the received message has not been altered in anyway from the original.
- A mechanism to prove that the sender really sent this message.
Antivirus
- Anti-virus software is a program or set of programs that are designed to prevent, search for, detect and remove software viruses and other malicious software like worms, Trojan horses, adware and more.
- If and when a virus is detected, the computer displays a warning asking what action should be done, often giving the options to remove, ignore, or move the file to the vault.
- If a virus infected a computer without an antivirus program, it may delete files, prevent access to files, send spam, spy on you, or perform other malicious actions.
- Examples: Norton anti-virus, AVG anti-virus, Kaspersky anti-virus
Anti-spyware
- Spyware is a type of malware that is installed on a computer without the user's knowledge in order to collect information about them.
- Once installed, spyware can degrades system performance by taking up processing power, installing additional software, or redirecting users' browser activity.
- It also can monitors user activity on the Internet and transmits that information in the background to someone else.
- Spyware can also gather information about email addresses and even passwords and credit card numbers
Firewall
- A firewall is a system designed to prevent unauthorized access to or from a private network.
- A firewall can be implement either through hardware or software form, or a combination of both.
- Firewalls prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets.
- All messages entering or leaving the intranet (i.e., the local network to which you are connected) must pass through the firewall, which examines each message and blocks those that do not meet the specified rules/security criteria.
- Rules will decide who can connect to the internet, what kind of connections can be made, which or what kind of files can be transmitted in out.
Physical access control
- Lock your laptop whether you're at home, in a dorm, in an office, or sitting in a coffee shop, use a security device, such as a laptop security cable.
- Lock doors and windows, usually adequate to protect the equipment.
- Put the access code at the door to enter the computer room or your office.
- Put the CCTV (closed-circuit television) in your office or computer room.
- Make a policies who can access the computer room or your data center.
Human aspect : awareness
Ethics
- Be a good cyber citizen
- Do not engage in inappropriate conduct, such as cyber bullying, cyber stalking or rude and offensive behavior.
- Do not use someone else's password or other identifying information.
Lock
it when you leave
- It takes only a few seconds to secure your computer and help protect it from unauthorized access. Lock down your computer every time you leave your desk.
- Set up a screen-saver that will lock your computer after a pre-set amount of time and require a password to log back in.
Phishing
Emails
- Never respond to requests for personal information via email. Businesses will never ask for personal information in an email.
- Do not enter personal information in a pop-up screen.
Dispose
of Information Properly
- Destroy/shred hard copy confidential documents that contain personal information such as social security numbers, credit card numbers, bank account numbers, health records.
- Ensure you are using the right tools when destroying and disposing of personal information or media storage from your computer and mobile devices
Comments
Post a Comment