Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Overview Desktop systems are a major source of information security risk for an organization. The risk comes from: Malicious code. The Internet. Physical tampering. Increase in the use of server services (Web, FTP, and SQL servers) on desktops.
Protect Against Malicious Code The organization should have mechanisms in place for identifying malicious code as it enters the organization via electronic mail. Anti-virus software should be installed on desktop computers. This software must be configured properly to provide the greatest protection.
Protect Against Malicious Code Issues with viruses, Trojan horses, and worms. Effective use of anti-virus software.
Issues with Viruses, Trojan Horses, and Worms Malicious code can greatly affect an organization. The time required to clean up after malicious code adds hidden costs. There are four primary mechanisms that deliver malicious code are e-mail, instant messenger, disks, and shared files. Employee access makes it difficult to stop the entry of malicious code.
Issues with Viruses, Trojan Horses, and Worms The damage from malicious code ranges from deleted files to system downtime and lost bandwidth to lost business. In addition to loss in productivity, there is a risk of losing sensitive data.
Effective use of Anti-virus Software Anti-virus software identifies a virus by matching the program code with a known virus in its signature file. Now a days anti-virus software scan a file, whenever one is opened, executed, or copied. A number of malicious programs that can ride on documents are called macro viruses.
Effective use of Anti-virus Software Anti-virus software searches for malicious code by comparing the file it is examining with a database of signatures. These signatures provide the information that allows the software to identify which virus, worm, or Trojan horse corresponds to the code. Anti-virus software vendors update the signature database as and when new malicious programs are identified.
Use the Internet Connecting to the Internet. Sharing Files.
Connecting to the Internet Connections through a firewall provide some protection against hackers looking for vulnerable systems. Unlike dial-up connections, broadband (DSL and cable modems) are always-on connections. If a computer is attached to an always-on connection, it is sure to be found by a hacker.
Connecting to the Internet Desktops can be protected from attacks over Internet connections in the following ways: Anti-virus software that is updated frequently. Patching the systems and following proper configuration procedures. Using some type of firewall system. Home systems can be protected by any of the personal firewall products that are on the market.
Sharing Files There are two primary mechanisms for sharing files on the Internet from desktop computer systems are by using shares and using peer-to-peer file sharing programs. In offices, network file servers make all or part of their hard drives available for mapping across the Local Area Network. The same type of sharing can be performed across the Internet.
Sharing Files Once a folder or drive is opened for sharing, a hacker may find the share during a normal scan on the Internet. Peer-to-peer (P2P) programs such as Gnutella and Kazaa have found popularity because they can be used to share music files. A computer connected to a P2P network can share files with hundreds of other computers.
Sharing Files Once installed, the P2P program allows the user to identify which files are to be shared. Since these programs are downloaded from the Internet, they may contain code that allows other users to browse the entire hard drives.
Protect Against Physical Tampering Sensitive information is often carried on portable computer systems. One mechanism used to protect the information on the system is to encrypt it.
Protect Against Physical Tampering Encryption can be accomplished by: Encrypting each file. Encrypting the entire folder. Encrypting the entire hard drive. While traveling, ensure computer systems and data are not stolen.
Summary Desktop systems are a major source of information security risk for an organization. The organization should have mechanisms in place for identifying a malicious code as soon as it enters the organization.
Summary Connections through a firewall provide protection to some extent against hackers looking for vulnerable systems. Sensitive information is often carried on portable computer systems.