Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Copy of Unit 9 M3
Transcript of Copy of Unit 9 M3
by a network become unavailable. There is a number of
reasons why service may be lost; it could be due to a technical
fault, for example a server goes offline or a cable is damaged, or
it could be done deliberately, such as when Sony recently took
their PSN network offline after a severe security breech.
Whatever the reason, loss of service has a negative impact on
businesses and their clients. When a fault causes a companies
internal network to fail, the impact can be anything from a couple
of missed sales oportunities to the loss of many customers to a
competitor, depending on the amount of time service is lost for.
In Sony's case they offered a free game to their customers who
had been affected, as a good will gesture. Loss of service can also
result in a loss of customer records; this can lead to a loss of
customers as they lose confidence and take their custom
elsewhere, loss of income for the business and, ulitimately, a loss
of jobs within a business. Businesses with unsecured networks are at risk of incuring
increased costs. For example, when data is lost, due to a
network being compromised, a business must redo work
that is lost. This in itself can increase costs but there is also
the problem of no new work can be acomplished while the
original work is being redone or repaired. A business may
have contracted work out to specialists and consultants; it
is possible that these outside contractors have copies and
backups of their work, but if they don't, and the work has to
be started from scratch, considerable costs can be incured. Loss of confidentiality occurs when information can be
viewed by unauthorised users. This can be either electronic;
when data passing between clients and servers in not
encrypted, or physical; where equipment is lost or stolen. There
have been several reports over the last few years of data being
compromised in this way by equipment, such as laptops and USB
memory sticks being left on public transport by politicians and
civil servants. The impact of this is a loss of confidence in the
individuals and departments who are responsible for the loss and
there is a danger of personal information of many people falling
into the hands of those who may wish to use it for their own
personal gain. The term Data Integrity describes accuracy of data.
Compromised data integrity occurs when the validity of the data is no longer guaranteed. This can happen in several ways; human error; a mistake could be made when the data is being entered or some or all the data could be deleted unintentionaly, during transmission; data could be corrupted while being transfered between devices, malware; viruses could cause data to be altered and hardware malfunctions; a hard disk drive could become unstable and the data cannot be fully read. The impact of this is that people and organisations may loose trust in the company that has supplied the data. People may no longer trust data that is correct, checking the accuracy of the data will become necessary, this is time consuming for both businesses and individuals, this can lead to loss of revenue due to time lost on on other duties. There are many security issues to consider; unauthorised access and malware are perhaps the two most common. Unauthorised access occurs when a user is logged on to a network when they should not be. This could be someone internal to the organisation who is accessing areas of the network they are not entitled to see or externally; where the network is accessed remotely. The impact on businesses are many but they all come down to one thing - people are seeing data they should not be, this is illegal as it is a breach of the data protection act. It can lead to large fines for a company, loss of confidence in that company, loss of revenue and ultimately job losses. There are many types of malware that can affect a network:
Viruses: these require user interaction to infect and move between computers, e.g. They are most commonly found as attachments to emails, they emails are distributed between people and the attachments are opened causing the virus program to be executed.
Worms: a worm can replicate and send itself to other devices without the interaction from a user. E.g. A worm could send a copy of itself to everyone in an email applications address book.
Trojans: Named after the Trojan Horse of myth, this is a type of malware that appears to be a useful piece of software, or is hidden within another program. The user opens the software believing it to be genuine, the Trojan is then able to infect the host computer and/or the network.
Spyware: this type of malware does not infect a computer directly, what it does is monitor user inputs in an attempt to gain usernames, passwords and other sensitive data. Keyloggers that can record keyboard inputs and then send them to a remote location is a common example of this type of software.
Adware: adware is often not actually harmful to a computer of network, it simply monitors user activity, e.g. Websites visited, and tailors popup adverts and possibly spam emails to the information it has obtained. While adware is not usually dangerous, it is annoying and the performance of a network can suffer due to the increased data traffic. The impact of malware entering a network can be great; many of the security issues discussed could be caused by malware; for example, loss of service, loss of income, loss of confidence and increased costs can all start with a pice of malicous software entering a network. How Can the risks be minimised? Passwords and usernames can help secure a network by preventing access by unauthorised users.
Authentication management will authenticate the client workstation that is trying to gain access and confirm to the client is genuine. Authentication management can also be used by the client to ensure the server they are attempting to connect to is correct and not a clone set up to try and obtain username and password information.
Many networks have password requirements; these include such things as minimum length or mix of numbers and letters, e.g. when first setting up a password, a user may be informed the password must have a minimum number of characters and contain at least one number. Controlling access allows network administrators to control individual users access rights. E.g. Employees personal information can only be accessed by that companies human resources department or payroll information can only be accessed by the finance department.
Timed access can be set; a users can only access their account during their contracted working hours - this is especialy useful for user who work part time hours.
Work groups and domains can be set up to provide access level for groups of users. Once a group or domain is created, the level of access for that group can be set up, users can then be added to this group. This saves time; in large companies with many employees it would take a long time to set up each user individually. Also, any new users can be added to the appropriate group and have the correct access levels applied instantly.
Block and allow lists are a way for a network administrator to individually block users from certain resources. This can be used when a user is abusing their privileges, for example, a school or college could block a student who has been visiting unsuitable websites. Encryping data helps to prevent it from being read by unauthorised users
Any data that is transferred between devices on a network is at risk of being intercepted and viewed by someone other than the intended recipient.
Data is usually encrypted by specialist software found on many devices.
Any data can be encrypted, e.g. Data stored on a hard drive or removable media can be encrypted to keep it safe and emails and network packets can be encrypted to ensure they stay safe while travelling around a network.
Data encryption helps businesses to comply with the data protection act. Physical security is the best way to safeguard equipment and the data stored on them.
Ensuring the rooms where computers and servers are kept get locked when not in use is the easiest way to keep them secure.
Mobile devices, such as laptops and tablet computers, are small and easy to steal if someone wished, by securing these items in a lockable cupboard they can be monitored more closely.
Regularly counting the devices and checking them against a stock list of what should be there can help prevent theft of the computers and/or the data stored on them.
Installing CCTV in areas where sensitive equipment is stored can help deter unauthorised access. It can also help in tracing equipment that does go missing. Prevention tools are available to help combat security risks. Firewalls are the most common form of prevention. They create a barrier between a network and the outside word (the internet). They have many configuration settings allowing much customisation of security settings.
Hardware firewalls are often used in large networks, they can be configured so only traffic is only allowed in and out of certain ports. This can prevent malware from entering a network and also prevent data leaving a network when it is not authorised to.
Software firewalls perform a similar function but are software based. Used mainly by individual users they are sometimes standalone pieces of software but they are most often part of a computers operating system.
It is not uncommon for large networks to use a combination of hardware and software firewalls.
Firewalls can also be configured to prevent users within a network from accessing certain things. Ports can be closed to prevent access to certain websites, these are usually websites that are considered unsuitable, for example those displaying adult material, games related or file sharing websites. Virus detection and removal is most often carried out by specialist software designed for the job. The best software is able to detect malware as it tries to enter a network and block it before it has even started. Malware that is already present on a network can be detected by scanning the files stored on a network; any malware discovered can be quarantined by temporarily moving it to a ‘safe’ folder before it is permanently deleted. Some advanced anti-malware software is able to deal with all types, but many specialise in one particular area, e.g. a computer or server may have more than one anti malware application.
Anti-malware software requires regular updating, this is because new malicious programs are being written all the time. Many applications allow you to send data of any malware discovered to the software manufacture, increasing the chance of solution being created quickly.
Anti malware software is available as either free licence, e.g. AVG free, or as a paid for licence, e.g. Norton 360. The free licence software often only includes a basic anti-virus program and is considered unsuitable for large networks. Intrusion detection software is a type of security managements software which allows network administrators to discover possible flaws in a security system and correct them before the flaw is exploited.
The software monitors and analyzes user and system activities. It is designed to recognise the patterns associated with typical attacks on a network. This could be intrusions, where the attack comes from outside the network, or misuse, where the attack is coming from within.
The software will notify an administrator as soon as an attack is discovered.
Intrusion detection can be passive, inspecting components such as configurations, passwords,
Vulnerability software is a tool that can help stop unauthorised access in the first place. The software can run tests and simulations on a networks security system and looks for weaknesses.
Ethical hacking is a similar system; this is where someone is authorised to deliberately try and get past network security systems in order to expose any weaknesses and flaws. Knowledge of these flaws can help companies improve their security.