Post on 30-Jun-2020
transcript
COMPILED BY: WESLEY M. NYANDIKA wesleynyandika@yahoo.com Page 1
SECURITY THREATS AND CONTROLS
Data security core principles
The three core principles of data security/information security are:
1. Confidentiality
2. Integrity
3. Availability
Confidentiality
This means that sensitive data or information belonging to an organization or government should not be
accessed by or disclosed to unauthorized people.
Integrity
This means that data should not be modified without owner’s authority
Availability
This means that information should be available on demand.
This means that any information system and communication link used to access it, must be efficient and
functional.
Security threats and control measures
Security threats to a computer based information system include:
1. Unauthorized access
2. Alteration
3. Malicious destruction of hardware, software, data or network resources
COMPILED BY: WESLEY M. NYANDIKA wesleynyandika@yahoo.com Page 2
4. Sabotage
The goal of data security control measures is to provide security, ensure integrity and safety of an
information system hardware, software and data.
Information system failure
Some of the causes of computerized information system failure include:
1. Hardware failure due to improper use
2. Unstable power supply as a result of brownouts or blackout and vandalism
3. Network break down
4. Natural disaster
5. Program failure
Control measures against hardware failure
1. Use surge protectors to protect computers against brownouts or blackouts which may cause
damage or data loss
2. Use fault tolerant systems.
Disaster recovery plans
This involves the establishing of offsite storage of an organization’s database so that incase of disaster of
fire accidents, the company would have backup copies to reconstruct lost data
COMPILED BY: WESLEY M. NYANDIKA wesleynyandika@yahoo.com Page 3
Threats from malicious programs
Malicious programs may affect the smooth running of a system or carry out illegal activities such as,
secretly collecting information from an unknowing user.
Some types of malicious programs include:
1. Boot sector viruses: they destroy the booting information on storage media
2. File viruses: attach themselves to files
3. Hoax viruses: come as E-mail with attractive messages and launch themselves when E-mail is
open
4. Trojan Horse: they appear to perform useful functions but instead they perform other
undesirable activities in the background
5. Worms: a malicious program that self-replicates hence clogs the system memory and storage
media
6. Backdoors: may be a Trojan or worm that allows hidden access to a computer system
Control measures against viruses
1. Install the latest version of anti-virus software on the computers – make sure that you
continuously update the anti-virus software with new virus definition to counter the new viruses
2. Always scan removable storage media for viruses before using them
3. Scan E-mail attachments for viruses before opening or downloading an attachment
Physical theft
This involves the stealing of computer hardware and software
COMPILED BY: WESLEY M. NYANDIKA wesleynyandika@yahoo.com Page 4
Control measures against theft
1. Employ security agents to keep watch over information centers and restricted backup sites
2. Reinforce weak access points like the windows, door and roofing with metallic grills and strong
padlocks
3. Motivate workers so that they feel a sense of belonging in order to make them proud and
trusted custodians of the company resources
4. Insure the hardware resources with a reputable insurance firm
Piracy
It is a form of intellectual property theft which means illegal copying of software, information or data.
Control measures against piracy
1. Enforce laws that protect the owner of data and information against piracy
2. Make software cheap enough to increase affordability
3. Use licenses and certificates to identify original software
4. Set installation passwords that deter illegal installation of software
Fraud
This is stealing by false pretense
Sabotage
This is the illegal destruction of data and information with the aim of crippling service delivery or causing
great loss to an organization
COMPILED BY: WESLEY M. NYANDIKA wesleynyandika@yahoo.com Page 5
Threats to privacy and confidentiality
Privacy means that data belonging to an individual should not be accessed by or disclosed to other
people
Confidentiality means that sensitive data or information belonging to an organization or government
should not be accessed by or disclosed to unauthorized people
Eavesdropping
Refers to tapping into communication channels to get information.
Surveillance
Refers to monitoring use of computer systems and network using background programs such as spyware
and cookies.
Industrial espionage
Involves spying on a competitor to get information that can be used to cripple the competitor
Accidental access
Threat to data and information from people giving out information to strangers unknowingly
Hacking and cracking
A hacker is a person who gains unauthorized access to information just for fun, while a cracker violates
the security measures put in place such as by passing passwords or finding weak access points to
software
COMPILED BY: WESLEY M. NYANDIKA wesleynyandika@yahoo.com Page 6
Alteration
This is the illegal modification of private or confidential data and information with the aim of
misinforming users.
Control measures against unauthorized access
1. Firewall
This is a device or software system that filters the data and information exchanged between different
networks by enforcing the host networks access control policy
2. Data encryption
This is converting data (plain text-data that is not encrypted) to a form (cipher text-encrypted data) that
only the sender and receiver can understand
An algorithm key is used to encrypt the data while a decryption key is used to decrypt the data
3. Security monitors
This are programs that monitor and keep a log file or record of computer systems and protect them
from unauthorized access
4. Biometric security
Biometric security takes the user’s attributes such as voice, fingerprints and facial recognition
Other access control measures
Access control can also be enhanced by implementing multi-level authentication policies such as
assigning users log on accounts, use of PIN (personal identification number) and smart cards
COMPILED BY: WESLEY M. NYANDIKA wesleynyandika@yahoo.com Page 7
Policies and laws governing information security
International data security issues are governed by bodies such as ISO (International Organization for
Standards) and ISF (Information Security Forum)
ISO has published an Information technology Security techniques-Code of practice for information
security management
ISF is a global non-profit making body made up of several leading organizations in financial services,
manufacturing, telecommunication, consumer goods and governments
The organization provides research on best practices summarized in its report Standard of Global
Practice
Examples of regulation laws in Kenya, UK and USA
ICT related Acts in Kenya
ICT issues are considered under various legislations including:
The Science and Technology Act Cap 250 of 1977, The Kenya Broadcasting Corporation Act of 1988 and
the Kenya communications Act of 1998
Kenya ICT policy
The government has developed a national ICT policy that seeks to address issues of privacy, e-security,
ICT legislation, cybercrimes, ethical and moral conduct, copyright, intellectual property rights and piracy.
COMPILED BY: WESLEY M. NYANDIKA wesleynyandika@yahoo.com Page 8
United Kingdom data protection Act 1998
Protects an individual privacy. The act states that no processing of information relating to individuals,
including the obtaining, holding, use or disclosure of such information can be done without owner’s
consent
United Kingdom Computer Misuse Act 1990
It makes computer crime such as hacking a criminal offence. The act has become a model of many other
countries including Kenya, which they have used to draft their own information security regulations
Family Education Rights and Privacy Act (USA)
It is a USA Federal law that protects the privacy of student’s education records. To release any
information from a students’ education record, USA schools must have written permission from the
parent or the student.
Security Breach Notification Laws
Most countries require business, nonprofit, and state institutions, to notify consumers when
unencrypted “personal information” is compromised, lost or stolen
Copyright and software protection laws
Hardware and software are protected by either national or international copyright, design patents laws
or Acts.
These laws seek to address the following:
1. Data should not be disclosed to other people without the owner’s permission
2. Data and information should be kept secured against loss or exposure
COMPILED BY: WESLEY M. NYANDIKA wesleynyandika@yahoo.com Page 9
3. Data and information should be accurate and up to date
4. Data and information should be collected, used and kept for specified lawful purposes
APPENDIX
DATA SECURITY
This is the protection of programs and data in computer and communication system against
unauthorized access
Data control
Measures taken to enforce the security of programs and data in the computer system
Data security involves:
1. Protection of data and information against unauthorized access or modification
2. Denial of data and information to unauthorized user
3. Provision of data and information to authorized users
Data can be lost in various ways:
1. Viruses
2. Users error
3. Computer crashing
4. Hacking etc.
Viruses
Is a self-replicating segment of a computer code designed to spread to many computers causing
destruction of data.
Viruses are classified into:
1. Benign
It replicates but don’t cause anything i.e. they may beep or display messages on the screen
2. Malignant
They cause damage to the computer resources such as erasing the software
NB: viruses can be dormant for days or month before becoming active
Source of viruses
1. Pirated software
2. Fake computer games
COMPILED BY: WESLEY M. NYANDIKA wesleynyandika@yahoo.com Page 10
3. Through data transmission from one computer to another i.e. the internet or use of removable
storage devices
4. Freeware and shareware software
5. From software laboratories
6. Through the use of a network
7. An employee introducing such bugs knowingly
Characteristics of computers with viruses
1. Programs taking too long to load
2. Unusual error messages appearing all the time
3. Distortion of computer graphics
4. Changing the dates of files
5. Changing the size of files i.e. files occupying bigger portions of memory
6. Programs giving unusual results
7. Corruption of programs and computer files
Policies of preventing computer viruses
1. Install the latest version of antivirus software
2. Avoid foreign storage devices in the computer room
3. Avoid opening mail attachments before scanning them
4. Create backup of computer files and data regularly
5. Users should be informed on the need of data security and the potential threat to their data
6. Don’t open e-mails from unknown sender
7. All unlicensed software should be examined carefully before loading them in the computer
8. Procedures for evaluating new software should include testing the presence of viruses
9. Always scan the portable devices before using them
Computer viruses
1. Boot sector viruses
They destroy the booting information and procedure in the storage devices
2. File viruses
They attach themselves to files
3. Hoax viruses
They come as e-mail with attractive subject and launches itself when opening the e-mail
4. Trojan horse viruses
COMPILED BY: WESLEY M. NYANDIKA wesleynyandika@yahoo.com Page 11
That appear to perform necessary function but perform undesirable activities on the background
5. Worms
They attach themselves in the computer memory
6. Back doors viruses
They may be Trojan or worm that allows hidden access to the computer system
Computer crimes
1. Trespass
Illegal entry into restricted areas where it involves computer hardware, software or computer data
It is accessing of information illegally on the computer or a computer on a network
2. Hacking
A hacker is a person who breaks the code and passwords to access computer data and information
3. Tapping
Is the process where someone gains access to information that is being transmitted via communication
links
4. Piracy
Making illegal copies of a copyright software, information or data
5. Fraud
Use of computers to conceal information or cheat other people with the intention of getting money or
information
6. Sabotage
The illegal destruction of data and information with the aim of crippling service delivery or causing lose
to an organization
7. Tracking
Monitoring what someone is doing on the computer system to establish his/her activities or dealings.
8. Cracking
Is the use of guess work over and over until you discover weakness in the security codes
9. Alteration
COMPILED BY: WESLEY M. NYANDIKA wesleynyandika@yahoo.com Page 12
The illegal changing of data and information without permission with the aim of gaining or misinforming
the authorized user
10. Spam
Done by gaining access to a list of E-mail addresses
Detection and protection against computer crimes
1. Audit trial
Is keeping a record of who accessed the computer system and the operations he performed during a
given time.
It is done to maintain security and recover the lost information
It also detects trespassing and alteration
2. Data encryption
Data on transit over a network is coded by the sender in a form that cannot be understood by tappers
and decrypted upon reception
3. Log files
Are special files that gives a record of events on the use of the computer and its resources
It is done by a software
4. Firewalls
Is a software that filters data and information being received from the network/internet
This controls unauthorized access to restricted areas