An Overview of Essential Security Measures for Competitive Organizations

Antivirus

A computer virus is a software program designed to spread to different computers and interfere with its operations. The virus contains code that attaches itself to a program and then takes control of the program’s access [12]. Viruses are dangerous because they can delete and corrupt data; use the owner’s access to spread itself and can even erase the entire hard drive on any machine that it self-installs on.

Virus Types

Browser hijackers are a common type of virus that can spread through numerous ways, even voluntarily. The virus hijacks browser functions and redirects user to a particular website. CoolWebSearch is a well-known example of this type of virus. In addition, there are viruses that insert themselves into the browsers’ code and log all of the keystrokes that a user enters whenever they are browsing the internet. Such viruses are very dangerous because they can record multiple different passwords and potentially steal credit card numbers from users who shop a lot via online retailers. The key loggers are not the only malicious viruses out there, there are spyware viruses that can replicate a specific website in order to get the user to enter their password information, an example of such virus is the Google replicator virus. There are many more viruses, and in fact there can be a whole paper written on viruses, but below are the most common viruses:

• Direct action viruses work when the file containing the virus is directly executed.
• Web scripting virus uses complex code and inserts itself onto a website without the Webmaster’s permission.
• A macro virus is embedded in the macrocodes used by word processors, database, and spreadsheets.

Antivirus in Action

Antivirus is always recommended to be installed to protect computers and data. Antivirus is a software used to detect, prevent, and destroy computer viruses. There are methods that an antivirus software can use to detect identify malicious malwares and spywares. Once installed, the software works by scanning your computer’s files, memory³, and registry files. You can choose an automatic scan, where the antivirus can automatically perform the scan at certain set timed intervals. It is also important to do a manual scan whenever you download files from an outside source. The software can scan all media files including CDs and DVDs. Also due to new developments in technology the software can scan USB devices and block them from opening if they are found to be malicious.

What happens when the antivirus program detects any malicious programs? When software locates a 4virus, it may prompt an alert and ask if you want to continue to the removal process of the virus. Other times, it may delete the virus itself. There are different settings that a user can change in order to improve the security.

Installing antivirus software will certainly improve your level of protection. They all perform the same functions but may vary by certain extra features and prices. However, it is critical to carefully choose the right antiviruses because some viruses may mask as an antivirus itself. Through emails and advertisements, viruses will make you think you need to install a software to remove it and therefore, infecting your computer if downloaded.

The following are the top and trusted antivirus software to protect your computers. BitDefender Total Security has been voted the top security suite in 2014 [6]. It has a customizable interface and parental controls. It allows parents to monitor children’s social media accounts and protect bank information. Symantec Norton 260 is another great antivirus program that is affordably priced. It contains a top-notch protection engine and privacy tools. Norton’s home screen is organized and user-friendly [6]. Finally, the McAfee software provides protection for laptops, desktops, tablets, and a mobile security app [6].

In order to always stay protected from dangerous computer viruses; be sure to be up-to-date on the latest virus information. Most antivirus has options to receive updates on virus definitions and new ones. Although installing an antivirus is easy and effective, there may always be loopholes in security that allows virus attacks and other malware onto your computer. Be sure to take other safety precautions as well when surfing the Internet and downloading.

Encryption: Mobile and OS

Encryption or also known as cryptography is the one of the more basic methods of protecting one’s information on the computer from unauthorized viewers [7].

Suppose someone was able to illegally access a computer system. Any private data saved on the system could then be viewed and stolen. When emails are sent through the internet anyone is able to intercept the message, and therefore able to view and possibly steal any data in the message [4].

Encryption is the solution to this issue. A person can use an encryption program to encrypt the readable data to unreadable data. When the data is needed again, the authorized user would decrypt or decipher the data [5]. There are two types of situations where somebody would encrypt or decrypt data - whenever something is at rest or in transit.

Encrypting data at rest means a person or an organization is encrypting data that remains in a storage media such as a database, desktop, or even a smartphone. This way any hacker or intruder will not be able to use the data.

Encrypting data in transit is when it is sent through the internet, like email, as discussed above. The main tool that makes encryption possible is the key.

A key is an algorithm made up of binary code or bits that turns the data to unreadable code. The lowest level security key is 8-bits. This means there are 2 to the power of 8 or 256 possible combinations of the correct key. A hacker may use what they call the “brute force method” to figure out the code. This means they take the time to run through every possible combination to find the right key. The highest legal standard key right now is 56-bits which means there is 72 quadrillion possible combinations. It has been estimated that a hacker running through code would need 14 thousand computers running around the clock for four months to figure out the key. The next highest level is 128-bits, but this is considered illegal by the U.S. government. Since 128-bits are considered practically unbreakable, the government sees it as a national security risk since they would not be able to investigate illegal activity. The legality of 128-bits remains to be debated.

Earlier on, during the 1970s, people used a symmetric or single-key system to encrypt. This meant that only a single identical key was used for both encrypting and decrypting. In the case of sending encrypted data in transit, the same key used to encrypt the data would be sent with the message so the receiver can decrypt the message. This system negates the security purpose of encrypting. Later on, the asymmetric or dual-key system was developed to address this security issue.

The dual-key system is made up of a public and a private key. Obviously, the public key is made available to the public. Once data is encrypted with the public key, only the corresponding private key can decrypt the data. Although this system is a great improvement over the single-key system, it is not fool proof. Again, suppose data is sent in transit. Party B, receiving the message with the encrypted data will not know if it is coming from party A. To solve this party A can first encrypt the data with party B’s public key and then encrypt it again with party A’s own private key. Party B will then decrypt the first encryption level with party A’s corresponding public key. Therefore, party B can confidently know the data came from party A.

Therefore, in general, the main security risk when it comes to encryption revolves around the key [12], but today many encryption providers use other security measures to protect the misuse of the key. A user of the encryption may need to put in a pin or password or some providers have coupled a smartphone with an encryption account to make sure it is the correct person accessing the key. Today smartphones also have built in either at rest encryption or encryption apps depending on the phone operating system.

Network Monitoring

Network monitoring is the use of a system that constantly monitors a computer network for slow components, failing components and breaches; then notifies the network administrator with some type of registered alarm in case of outages. Network monitoring is a great security measure to implement to centrally manage the entire IT infrastructure from one location. Network monitoring tools offers the network administrator manageability of the entire fabric. It allows customizing alerts and SNMP notifications in certain events or triggers. For example, if an organization has a large amount of virtual machines that it manages with critical applications. The network administrator can utilize network monitoring tools specifically designed for VMware virtual machines that are event or time based. In the event of a specific trigger, such as CPU utilization over 80%, the network administrator would receive a low warning alert. In the event of extremely high CPU utilization over 95% for a period of 5 minutes, the network administrator would be notified of the more severe event. These are just a few examples of the endless capabilities of network monitoring that are available to be fully customized based on the need of the organization.

When implementing network-monitoring tools, it is vital to have a network topology diagram of the network. A network topology is a layout of the connected devices in the entire network of an organization. Think of topology as being a drawing of the structure or shape of the network. Some of the most common network topologies are mesh topology, star topology, bus topology, ring topology, and tree topology. In a mesh topology, devices are connected with many redundant interconnections’ between network nodes. Every node has a connection to every other node in the network. In a star topology, network devices are connected to a central computer, called a hub.

The devices on the network communicate across the network by passing through the hub. In a bus topology, the main wire that connects all devices on a local area network is called the backbone. Ethernet systems use a bus topology due to its low cost advantage. In a ring topology, all nodes are connected in a closed loop. The benefits of the ring topology are long distances it is able to reach. Finally, a tree topology is a combination of bus and star topology. A group of star networks are connected to a linear bus backbone cable. This allows for large computer networks to be subdivided into specific sections. This allows for easier manageability of the entire network.

Network monitoring tools are an effective way for an organizations IT department to analyze and alert about what is going on in the environment. Network monitoring tools offer real time analysis. This can be used to improve the performance and security of the organization and is an essential component to a network.

Education

Security breaches are becoming more of a threat to businesses every day. Big companies such as Yahoo!, Target, Neiman Marcus, and White Lodging Services are recent companies where their customers’ information has been compromised [1]. These major security breaches have companies being more attentive to their information security. This is the reason why educating employees about the risks and vulnerabilities of their actions in the cyber world is important. In order for companies to protect their information, they need all their employees to understand and follow security procedures, not just the employees in the information technology department. Learning about information security will help employees understand the different types of cyber threats and attacks. Also it will teach employees about protect themselves with security measures

Before a company can start learning how to protect themselves with different types of security measures, they must first learn the different types of cyber threats and attacks. Common types of cyber-attacks and threats include viruses, worms, malware, Trojans, unpatched software, phishing, and advance persistent threats [15]. Viruses, worms, and malware are security threats. Malware is a type of software that someone (usually a hacker) creates in order to gain access to end users computer system and collect private information.

Viruses and worms are different types of malware that can disrupt a computer operation. Trojans, unpatched software, phishing, and advance persistent threats are common types of security attacks. Phishing and unpatched software attacks are very likely in organizations. Employees check their emails and update software on their computers frequently, which can lead to cyber-attacks if the employee cannot distinguish a real email/software update from a fake one [15].

After an organization is aware of the different types of security attacks and threats, it is important for them to know about the different security measures to protect themselves. Important security measures that organizations should know of are passwords, data protection/disaster recovery, firewalls, antivirus, and encryption: mobile and OS, and network monitoring.

Organizations should have their employees update their passwords regularly; install firewalls and antiviruses, and making sure these security measures are always up to date. These types of measures will help to protect employees from phishing emails, viruses, worms, and other types of malware. Getting employees’ mobile and PCs encrypted will help protect company information in case an employee’s laptop or phone is lost or stolen.

Once an organization is educated with the types of harmful security attacks, they can start implementing organizational wide policies and avoid legal conflicts. It is too often that companies only start implementing security policies once their company has had a security breach [8]. Having company security policies will help ensure that all employees are getting the type of security training needed and legal conflicts are minimized.

Conclusion

In conclusion, in order for an organization to maintain a high level of security, it is essential for an organization to implement security measures. Security measures such as passwords, firewalls, antivirus, network monitoring, encryption, data protection, disaster recovery and education are essential to assure the highest level of data integrity.

As highlighted multiples times, the most important asset of organizations is their information. Technical and organizational security measures should be implemented to minimize risk while maintaining confidentiality, manageability and scalability of the organization. These security measures will help maintain high level of security from internal and external incidents. Implementing security measures, policies, and regulations will allow an organization to maintain, implement, administer and audit its security. If there are any threats or attacks to the organization, the measures will help mitigate any risks as well as quickly implement countermeasures.

Acknowledgments

We would like to than the authors of the Principles of Information Security (4^th Edition) – Michael E. Whitman and Herbert J. Mattord for writing a very informative book about ins and outs of the information security.

References

[1] "10 Big Companies with Recent Major Security Breaches." GoLocalProv. N.p., n.d. Web. 27 July 2014.

[2] 2009, 7:05AM BST 02 Sep. "Security Risk as People Use Same Password on All Websites." The Telegraph. Telegraph Media Group, 09 Feb. 2009. Web. 24 July 2014.

[3] "2013 Trustwave Global Security Report." Trustwave Holdings, Inc. N.p., n.d. Web. 27 July 2014.

[4] Brandom, Russell. "Google Is Working on End-to-end Encryption for Gmail." The Verge. The Verge, 21 Apr. 2014. Web. 7 July 2014.

[5] "'Encryption Provides Security Cover'" The Economic Times. N.p., n.d. Web. 27 July 2014.

[6] Howley, Dan. "Best AntiVirus 2014." Toms Guide. N.p., 1 Apr. 2014. Web. 25 July 2014.

[7] Hozen, Fred. "Encryption." What Is Encryption? Search Security, 10 July 2006. Web. 27 July 2014.

[8] "Information Security Policy Articles - Advice - Training." Security Policy University. N.p., n.d. Web. 27 July 2014.

[9] Johnson, Caleb. "Hotmail Scam Reveals Most Common Password: 123456." Switched. Huffington Post, 7 Oct. 2009. Web. 7 July 2014.

[10] Kaspersky Lab. “Financial Cyber Threats in 2013. Part 1: Phishing” Securelist.com. SECURELIST. 2 April 2014. Web. 27 July 2014.

[11] Male, Bianca. "10 Essential Data-Security Measures Every Business Should Take." Business Insider. Business Insider, Inc, 08 June 2010. Web. 7 July 2014.

[12] McDowell, Mindi. "Security Tip (ST04-005)." Understanding Anti-Virus Software. Department of Homeland Security, 28 Feb. 2013. Web. 7 July 2014.

[13] "Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security." Top Stories RSS. N.p., n.d. Web. 7 July 2014.

[14] Schneier, Bruce. "Passwords Are Not Broken, but How We Choose Them Sure Is." The Guardian. Guardian News and Media, 13 Nov. 2008. Web. 7 July 2014.

[15] "The 5 Cyber Attacks You're Most Likely to Face." InfoWorld. N.p., n.d. Web. 7 July 2014.

[16] "What Are Network Topologies?" Webopedia.com. Webopediam, 5 May 2011. Web. 7 July 2014.

[17] "What Is a Firewall?" Palo Alto Networks. N.p., n.d. Web. 27 July 2014.

[18] ”Best Practices in Data Protection – Survey of U.S. IT & IT Security Practitioners” Mcafree.com. Ponemon Institute and McAfee. October 2011. Web. 27 July 2014.

Endnotes

1. WhiteHate Security. (2015). “WhiteHat Security 2015 Website Security Statistics Report.” Retrieved from: https://www.whitehatsec.com/press-releases/featured/2015/05/21/pressrelease.html
2. All of the security measures could potentially be examined on a more detailed scale in a separate paper. This paper simply examines how organizations could implement the security features and how it may benefit them.
3. Part of the reason why the passwords are easy to anticipate is because people nowadays simply choose the easiest passwords that they can remember such as “password” and “qwerty” [9]
4. Memory includes both RAM and in some cases ROM, the only thing that is never scanned is the kernel mode of an OS