What is a COmputer Security Risk & Security Measure ?

Muhammad Ali: Fokus pada tujuan

Yang membuatku terus berkembang adalah tujuan-tujuan hidupku Muhammad Ali
Lihatlah kata kata motivasi sukses ini dan pertanyakan pada dirimu ‘Apa tujuanku hari ini?’ atau ‘apa tujuan hidupku?’. Jangan biarkan setiap hari mengalir tanpa anda tahu apa tujuan anda menjalani hari-hari.
Jika tujuanmu menyelesaikan pekerjaan kantor, lakukanlah dengan kebahagiaan. Bertekad dan berdoalah sehingga apa yang kamu lakukan hari ini tidak sia-sia. Bersemangatlah seakan tujuanmu akan tercapai esok hari.



What Is a Computer Security Risk?


·        computer security risk is really anything on your computer that may damage or steal your data or allow someone else to access your computer, without your knowledge or consent. There are a lot of different things that can create a computer risk, including malware, a general term used to describe many types of bad software. We commonly think of computer viruses, but, there are several types of bad software that can create a computer security risk, including viruses, worms, ransomware, spyware, and Trojan horses. Misconfiguration of computer products as well as unsafe computing habits also pose risks.
Perpetrators of cybercrime and other intrusions fall into seven basic categories:
q Hacker, refers to someone who accesses a computer or network illegally. Some hackers claim the intent of their security breaches is to improve security.
q Cracker also is someone who accesses a computer or network illegally but has the intent of. destroying data, stealing information, or other malicious action
q Script kiddie has the same intent as a cracker but does not have the technical skills and knowledge. Often use prewritten hacking and cracking programs to break into computers.
q Corporate spies have excellent computer and networking skills.
ü hired to break into a specific computer and steal its proprietary data and information.
ü to help identify security risks in their own organization.

q Unethical employees may break into their employers’ computers for a variety of reasons:
ü want to exploit a security weakness,
ü seek financial gains from selling confidential information
ü disgruntled employees may want revenge.
q Cyber extortionist is someone who uses e-mail as a medium for extortion.
ü They will send an organization a threatening e-mail message indicating they will expose confidential information if they are not paid a sum of money.
q Cyberterrorist is someone who uses the Internet or network to destroy or damage computers for political reasons. They might targets:
ü the nation’s air traffic control system,
ü electricity-generating companies,
ü a telecommunications infrastructure.
TYPE OF COMPUTER  SECURITY  RISK :
         Malicious Code



Ø (Virus, Worm, Trojan horse)
Ø Viruses are malware that are attached to other files in your system and may be used to destroy your data. Viruses have many capabilities, but, unlike worms, they usually require human interaction to spread from system to system, even if the user is unaware they are spreading it.
Ø Worms are like viruses, but, they have the ability to spread themselves from computer to computer, all on their own. They know how to attach themselves to portable storage devices, like USB drives or removable hard drives, or to move through the network by automatically moving to connected machines.
Ø A Trojan horse is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users' systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system.
 These actions can include:
Ø Deleting data . Blocking data . Modifying data . Copying data . Disrupting the performance of computers or computer networks
·         Unauthorized access & use :
Unauthorized access (The use of a computer or network without permission.)
Unauthorized use (The use of a computer or its data for unapproved or possibly illegal activiti

Ø To help prevent unauthorized access and use, they should have a written acceptable use policy (AUP) that outlines the computer activities for which the computer and network may and may not be used.
Ø An access control is a security measure that defines who can access a computer, when they can access it, and what actions they can take while accessing the computer.
Ø Many systems implement access controls using a two-phase process called identification and authentication.
Ø Most multiuser (networked) operating systems require that users correctly enter a user name and a password before they can access the data, information and programs stored on a computer or network.
Ø Authentication verifies that the individual is the person he or she claims to be.
Ø Three methods of identification and authentication include user names and passwords, possessed objects, and bio metric devices.
Ø A user name or user ID (identification), is a unique combination of characters, such as letters of the alphabet or numbers, that identifies one specific user.
Ø A password is a private combination of characters associated with the user name that allows access to certain computer resources.

·       Hardware theft:



Ø Hardware theft is the act of stealing computer equipment.
Ø Hardware vandalism is the act of defacing or destroying computer equipment.
Ø Companies, schools, and other organizations that house many computers, however, are at risk of hardware theft.
Ø Safeguards against Hardware Theft and Vandalism:
Ø physical access controls, such as locked doors and windows
Ø install alarm systems in their buildings
Ø physical security devices such as cables that lock the equipment to a desk.
Ø Software theft occurs when someone:
Ø Steals software media
Ø Intentionally erases programs
Ø Illegally copies a program
Ø Illegally registers and/or activates a program.
Ø Steals software media involves a perpetrator physically stealing the media that contain the software or the hardware that contains the media.
Ø Intentionally erases programs can occur when a programmer is terminated from, or stops working for a company.
Ø Although the programs are company property, some dishonest programmers intentionally remove or disable the  programs they have written from company computers.
Ø Illegally copies a program occurs when software is stolen from software manufacturers.
Ø This type of theft, called piracy, is by far the most common form of software theft.
Ø Illegally registers and/or activates a program involves users illegally obtaining registration numbers and/or activation codes.
Ø A program called a keygen, short for key generator, creates software registration numbers and sometimes activation codes.
Ø Some individuals create and post keygens so that users can install software without legally purchasing it.
Safeguards against Software Theft :
Ø To protect software media from being stolen, owners should keep original software boxes and media in a secure location, out of sight of prying eyes.
Ø All computer users should back up their files and disks regularly.
Ø To protect themselves from software piracy, software manufacturers issue users license agreements.
·       Information theft :

Ø Information theft occurs when someone steals personal or confidential information.
Ø If stolen, the loss of information can cause as much damage as (if not more than) hardware or software theft.
Ø An unethical company executive may steal or buy stolen information to learn about a competitor.
Ø A corrupt individual may steal credit card numbers to make fraudulent purchases.
Safeguards against Information Theft :
Ø Protecting information on computers located on an organization’s premises.
Ø To protect information on the internet and networks, organizations and individuals use a variety of encryption techniques.
Ø Encryption is a process of converting readable data into unreadable characters to prevent unauthorized access.
·       System failure :

Ø A system failure is the prolonged malfunction of a computer
Ø Can cause loss of hardware, software, data, or information.
Ø These include aging hardware; natural disasters such as fires, floods, or hurricanes; random events such as electrical power  problems; and even errors in computer programs.
Safeguards against System failure :
Ø To protect against electrical power variations, use a surge protector.
Ø A surge protector, also called a surge suppressor, uses special electrical components to smooth out minor noise, provide a stable current flow, and keep an overvoltage from reaching the computer and other electronic equipment.




WHAT IS A SECURITY MEASURE ?
Definition of security measures:
Ø  The precautionary measures taken toward possible danger or damage.
Type of Security Measure :
Ø  Anti-spyware
Ø  Cryptography
Ø  Anti-virus
Ø  Firewall
Ø  Physical access control
Ø  Human aspects: awareness

Data backup :
      A data backup is the result of copying or archiving files and folders for the purpose of being able to restore them in case of data loss.
      Data loss can be caused by many things ranging from computer viruses, hardware failures, file corruption, system failure or theft.




Cryptography :

·        How…
·        To read the data, you must decrypt it into readable form.
·        The unencrypted data is called plain text.
·        The encrypted data is called cipher text.
·        To encrypt, plain text converted into cipher text using an encryption key.
·        Importance…
·        The process of proving one's identity.
·        Ensuring that no one can read the message except the intended receiver.
·        Assuring the receiver that the received message has not been altered in anyway from the original.
·        A mechanism to prove that the sender really sent this message.
Anti-virus :
·        Anti-virus software is a program or set of programs that are designed to prevent, search for, detect and remove software viruses and other malicious software like worms, Trojan horses, adware and more.
·        If and when a virus is detected, the computer displays a warning asking what action should be done, often giving the options to remove, ignore, or move the file to the vault.
·        If a virus infected a computer without an antivirus program, it may delete files, prevent access to files, send spam, spy on you, or perform other malicious actions.
·        Examples: Norton anti-virus, AVG anti-virus, Kaspersky anti-virus
Anti-spyware :
         Spyware is a type of malware that is installed on a computer without the user's knowledge in order to collect information about them.
         Once installed, spyware can degrades system performance by taking up processing power, installing additional software, or redirecting users' browser activity.
         It also can monitors user activity on the Internet and transmits that information in the background to someone else.
         Spyware can also gather information about email addresses and even passwords and credit card numbers.
Firewall :
         A firewall is a system designed to prevent unauthorized access to or from a private network.
         A firewall can be implement either through hardware or software form, or a combination of both.
         Firewalls prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets.
         All messages entering or leaving the intranet (i.e., the local network to which you are connected) must pass through the firewall, which examines each message and blocks those that do not meet the specified rules/security criteria.
         Rules will decide who can connect to the internet, what kind of connections can be made, which or what kind of files can be transmitted in out.
Physical Access Control :
         Lock your laptop whether you're at home, in a dorm, in an office, or sitting in a coffee shop, use a security device, such as a laptop security cable.
         Lock doors and windows, usually adequate to protect the equipment.
         Put the access code at the door to enter the computer room or your office.
         Put the CCTV (closed-circuit television) in your office or computer room.
         Make a policies who can access the computer room or your data center.
Human aspects: awareness :
         Ethics - Be a good cyber citizen
q Do not engage in inappropriate conduct, such as cyber bullying, cyber stalking or rude and offensive behavior.
q Do not use someone else's password or other identifying information.
         Lock it when you leave
q It takes only a few seconds to secure your computer and help protect it from unauthorized access. Lock down your computer every time you leave your desk.

q Set up a screen-saver that will lock your computer after a pre-set amount of time and require a password to log back in.

Comments

Post a Comment

Popular posts from this blog

TEMPAT MAKANAN & DESSERT BEST DI KUALA TERENGGANU ! WAJIB TRY !

Image
TEMPAT MAKANAN & DESSERT BEST DI KUALA TERENGGANU ! Pokkem Fruit & Juice Lokasi Paya Bunga Square Mayang Sari Foodcourt Batu Burok ...   Lihat Lagi Big Tas Tea Chabang 3 Waktu operasi : 12:00pm-7.30pm - Jumaat Tutup 010-5504540 Lokasi :   Jalan Chabang Tiga https://maps.google.com/ ?q=5.314871%2C103.122818 FB  BIG tas'TEA Chabang Tiga Pizza Lizza berhadapan dgn Syrup vs Soda Waktu operasi : 11.30am-6.30pm +60 179777244 Lokasi: Jalan Batas Baru https://maps.google.com/ ?q=5.329017%2C103.136848 FB  PIZZA LIZZA Ikan & Sotong Celup Tepung Pok Nong Waktu operasi: 3.30pm-8pm Selasa Tutup Lokasi: Warung Pok Nong A1693 Jalan Pantai, T145, Kampung Teliput, 21030 Kuala Terengganu, Terengganu, Malaysia +60 9-612 7655 https://goo.gl/maps/ ZwzoYGqnfrr Pisang Kejuk di
Read more