| Along
with the great capabilities of today's modern eBusiness
comes the responsibility to protect it and its customers.
Your company will need a complete security solution
to armor plate your computer and data. It should include
protection against viruses, hackers, spam, spyware and
other Internet-borne threats.
Types
of Vulnerabilities
A (universal) vulnerability
is a state in a computing system (or set of systems)
which either: Allows an attacker to execute commands
as another user Allows an attacker to access data that
is contrary to the specified access restrictions for
that data Allows an attacker to pose as another entity
Allows an attacker to conduct a denial of service
Spyware
Adware Programs that secretly
gather personal information through the Internet and
relay it back to another computer, generally for advertising
purposes. This is often accomplished by tracking information
related to Internet browser usage or habits. Adware
can be downloaded from Web sites (typically in shareware
or freeware), email messages, and instant messengers.
A user may unknowingly trigger adware by accepting an
End User License Agreement from a software program linked
to the adware.
Dialers
Programs that use a system, without your permission
or knowledge, to dial out through the Internet to a
900 number or FTP site, typically to accrue charges.
Hack Tools
Tools used by a hacker to gain unauthorized access to
your computer. One example of a hack tool is a keystroke
logger -- a program that tracks and records individual
keystrokes and can send this information back to the
hacker.
Hoax
Usually an email that gets mailed in chain letter fashion
describing some devastating, highly unlikely type of
virus. Hoaxes are detectable as having no file attachment,
no reference to a third party who can validate the claim,
and by the general tone of the message.
Joke Programs
Programs that change or interrupt the normal behavior
of your computer, creating a general distraction or
nuisance. Harmless programs that cause various benign
activities to display on your computer (for example,
an unexpected screen saver).
Remote
Access
Programs that allow another computer to gain information
or to attack or alter your computer, usually over the
Internet. Remote access programs detected in virus scans
may be recognizable commercial software, which are brought
to the user's attention during the scan.
Trojan
Horse
A program that neither replicates nor copies itself,
but causes damage or compromises the security of the
computer. Typically, an individual emails a Trojan Horse
to you-it does not email itself-and it may arrive in
the form of a joke program or software of some sort.
Virus A program or code that replicates; that is, infects
another program, boot sector, partition sector, or document
that supports macros, by inserting itself or attaching
itself to that medium. Most viruses only replicate,
though, many do a large amount of damage as well.
Worm
A program that makes copies of itself; for example,
from one disk drive to another, or by copying itself
using email or another transport mechanism. The worm
may do damage and compromise the security of the computer.
It may arrive in the form of a joke program or software
of some sort. Risk assessment The computation of risk.
Risk is a threat that exploits some vulnerability that
could cause harm to an asset. The risk algorithm computes
the risk as a function of the assets, threats, and vulnerabilities.
One instance of a risk within a system is represented
by the formula (Asset * Threat * Vulnerability). Total
risk for a network equates to the sum of all the risk
instances.
Risk management
team
A group of people who hold varying views of a network:
the people who use the network, and those who define
the purpose of the network. The team should include
end users, system administrators, system security officers,
system engineers, and the owners of the data, residing
on the network
Port
A hardware location for passing data in and out of a
computing device. Personal computers have various types
of ports, including internal ports for connecting disk
drives, monitors, and keyboards, as well as external
ports, for connecting modems, printers, mouse devices,
and other peripheral devices.
In TCP/IP and
UDP networks, port is the name given to an endpoint
of a logical connection. Port numbers identify types
of ports. For example, both TCP and UDP use port 80
for transporting HTTP data. A threat may attempt to
use a particular TCP/IP port.
Types
of Safeguards
A process, procedure, technique,
or feature intended to mitigate the effects of risk.
Safeguards rarely, if ever, eliminate risk-they reduce
it to an acceptable level.
Safeguard
assessment
A process identifying the safeguards that best support
the risk-reduction strategy formed during the risk assessment
phase.
Antivirus
Software
Detects and eliminates all types of viruses.
Virus
Definitions File
A file that provides information
to antivirus software to find and repair viruses. In
the corporate anti-virus editions, the administrator
must regularly distribute updated virus definition files
to the servers and clients of the corporate edition.
Some versions allow for automatic updating of each workstation
which is connected to the anti-virus server.
Quarantine
To isolate files suspected to contain a virus, so that
the files cannot be opened or executed. Some antivirus
software heuristically detects suspect files and virus-infected
files that cannot be repaired with the current set of
virus definitions. From the quarantine on the local
computer, quarantined files can be forwarded to a central
network quarantine and submitted to anti-virus companies
for analysis. If a new virus is discovered, the updated
virus definitions are automatically returned.
Firewall.
Protection against hackers, preventing them from getting
into your PC. Blocks spam before it collapses mail accounts
or prevents it from working correctly. Privacy protection,
blocks spy programs and dialers. |
