Sunday, February 28, 2010

Security Measures

There are 6 types of security measures which are :
1. Data backup
2. Cryptography
3. Antivirus
4. Anti-Spyware
5. Firewall
6. Human aspects.


Data backup

Data backup is a program of file duplication. Backups of data applications are necessary so that they can be recovered in case of an emergency.Depending on the importance of the information, daily, weekly or biweekly backups from a hard disk can be performed


Cryptography

Cryptography is a process of hiding information by altering the actual information into differentrepresentation. Almost all cryptosystem depend on a key such as a password like the numbers or a phase that can be used to encrypt or decrypt a message. The traditional type of cryptosystem used on a computer network is called a symmetric secret key system. With this approach, the sender and the recipient use the same key, and they have to keep the share key a secret from anyone else.


Antivirus

User should install an Antivirus program and update it frequently.

An Antivirus program protects a computer against viruses by identifying and removing any computer viruses found in the computer memory, on storage media or incoming e-mail files.

Identifying virus:

v Two techniques are use to identify the virus:

a) Virus signature – also called a virus definition. It is a specific pattern of the virus code.

b) Inoculating a program file – the Antivirus program records information such as the file size and file creation date in a separate inculcation file. The Antivirus program then uses this information to detect if a virus tampers with the data describing the inoculated program file.

v If an Antivirus program identifies an infected file, it attempts to remove its virus, worm or Trojan horse. If the Antivirus program cannot remove the infection, it often quarantines the infected file. Quarantine is a separate area of a hard disk that holds the infected file until the infection can be removed. This step ensures other files will not become infected.


Antispyware

Spyware is a program placed on a computer without the user’s knowledge. It secretly collects information about the user. The Spyware program communicates information to the outside source. An Anti-Spyware application program sometimes called tracking for threat or a Spybot is used to remove Spyware.

Among the popular Anti-Spyware programs are:

a. Spybot Search and destroy

b. Ad-aware

c. Spyware Blaster


Firewall

Firewall is a piece of hardware or software which functions in a networked environment to prevent some communications forbidden by the security policy.

The purpose of a firewall is to keep bad thing outside a protected firewall implement a security policy. It might permit limited access from in or outside the network perimeters or from certain users or for certain activity.

There are three types of firewall

a. Screening routers

i. Simplest

ii. Sees only addresses and service protocol type

iii. Screen based on connection rules.

b. Proxy gateway

v Complex

v Sees full text of communication

v Screen based on behaviour proxies

c. Guard

v Most complex

v Sees full text of communication

v Screens based on interpretation of message content.


Human Aspect

Human aspects refer to the user and also the intruder of a computer system.

It is one of the hardest aspects to give protection to. The most common problem is the lack of achieving a good information security procedure. There are three ways to protect computer from human aspect threat:

a. Organisation Self Awareness

i. Organisations need to be aware of the people they work with.

ii. Some threat also come from within the organization and not just from the outside.

b. Organisational User Self Awareness

v Provide employee with adequate training and the importance of security and control.

v Even a very high-tech protection system could not protect the system against incompetent users.

c. Individual User Self Awareness

v Threat often comes in beautiful offers and packages.

v Do not download or install software from unreliable sources.

v Do not expose important information to strangers.

No comments: