Fundamental Security PDF

FUNDAMENTAL SECURITY IX. FUNDAMENTAL SECURITY Information security is crucial in today's digital world, and adopting fundamental principles like least privilege, encryption, access controls, and a security-conscious culture is essential to protect against threats and maintain data privacy, integrity, and availability. FUNDAMENTAL SECURITY A fundamental to building a secure information system and protecting sensitive data from threats and vulnerabilities. A secure information system relies on several essential components and must be designed to address various security threats and vulnerabilities. SECURITY IMPORTANC SECURITY E OF Security is crucial for protecting personal information, preventing cybercrime, ensuring business continuity, maintaining privacy, complying with regulations, and avoiding financial loss. It safeguards assets and reduces risks in an CYBERSECURITY Cybersecurity consists of all the technologies that keep our computer systems and electronic data safe. And, in a world that full of technologies where more and more of our business and social lives are online. IMPORTANC SECURITY E OF Data protection is for safeguarding your personal data, financial data, medical, and private property information from unauthorized access. Without security measures, sensitive data can be stolen, leading to identity theft, fraud, or exposure of SECURI TY Cyberattacks and data breaches can expose private information, which can be used for blackmail, discrimination, cyberbullying or to invade personal privacy. Strong security helps to protect personal privacy, which is increasingly important in the digital age. CRYPTOGRAPHY A practice of securing communication and information through the use of mathematical techniques and algorithms. It ensures that data is protected from unauthorized access and tampering. ENCRYPTI ONThe process of converting plaintext (readable data) into ciphertext (encoded data) using an algorithm and a key. EXAMPLES OF SECURITY Antivirus programs detect, prevent, and remove malicious software. It plays a critical role in protecting systems from a variety of threats. Firewall serve as the first line of defense by monitoring and controlling incoming and outgoing network traffic based on security rules. 6 REASONS TO USE Detect, prevent, and remove ANTIVIRUS viruses and malware form Protect external devices damaging your devices SOFTWARE Block annoying and dangerous Block scam sites pop-ups Scan systems and devices in Make devices faster real-time FIREWALL EXAMPLES OF SECURITY Multi-Factor Authentication adds an additional layer of security by requiring users to provide two or more verification factors to gain access to a system. Strong Password Policies is enforcing the use of strong, unique passwords that are regularly changed can help prevent unauthorized access. Encouraging the use of password managers can reduce the risk of password reuse. 5 TYPES OF AUTHENTIC SMS/Email Password codes ATION Fingerprint Face Voice Verification STRONG PASSWORD MUST: PASSWORD Have at least one letter Have at least one capital letter Have at least one number SECURI THREAT TY S A security threat is a malicious act that aims to corrupt or steal data or disrupt an organization's systems or the entire organization. A security event refers to an occurrence during which company data or its network may have been exposed. TYPES OF INFORMATION SECURITY INSIDER THREAT S An insider threat occurs when individuals close to an organization who have authorized access to its network intentionally or unintentionally misuse that access to negatively affect the organization's critical data or systems. VIRUSE AND S WORMS Viruses and worms are malicious software programs (malware) aimed at destroying an organization's systems, data and network. BOTNETS A botnet is a collection of Internet- connected devices, including PCs, mobile devices, servers and IoT devices that are infected and remotely controlled by a common type of malware. DRIVE- BY DOWNLOAD ATTACKS In a drive-by download attack, malicious code is downloaded from a website via a browser, application or integrated OS without a user's permission or knowledge. A user doesn't have to click on anything to activate the PISHING ATTACK S Phishing attacks are a type of information security threat that employs social engineering to trick users into breaking normal security practices and giving up confidential information. RANSOMWARE In a ransomware attack, the victim's computer is locked, typically by encryption, which keeps the victim from using the device or data that's stored on it. EXPLOIT KITS An exploit kit or exploit pack is a type of toolkit cybercriminals use to attack vulnerabilities in systems so they can distribute malware or perform other malicious activities. MALVERTISING Malvertising is a technique cybercriminals use to inject malicious code into legitimate online advertising networks and web pages. SECURITY PROCEDURES SECURITY Security procedures are an important PROCEDURES consideration for organizations, as they help to protect against threats and ensure the confidentiality, integrity, and availability of the organization's systems and data. It is important for organizations to regularly review and update their security procedures in order to stay current with best practices and evolving threats. CONFIDENTIALITY Roughly equivalent to privacy, confidentiality measures are designed to prevent sensitive information from unauthorized access attempts. It's common for data to be classified according to the amount and type of damage that could be done if it fell into the wrong hands. More or less stringent data security measures can then be implemented according to those categories. INTEGRITY The consistency, accuracy and trustworthiness of data must be maintained over its entire lifecycle. Data must not be changed in transit, and steps must be taken to ensure it can't be altered by unauthorized people for example, in data breaches. AVAILABILITY Information should be consistently and readily accessible for authorized parties. This involves properly maintaining hardware and technical infrastructure and systems that hold and display the information. THE THREE TYPES OF IT SECURITY POLICY Organizational: This focuses on creating a company-wide blueprint that outlines policies for all of the organization's digital infrastructure. Issue-specific: An issue-specific policy is designed around a specific issue, such as who can make configuration changes to the organization’s firewalls. System-specific: A system-specific policy aims to protect a particular system, such as the backend of the company’s website, making sure only authorized people can access it. THE MOST EFFECTIVE IT SECURITY POLICY HAVE A STRICT PASSWORD MANAGEMENT EXAMPLES AND BEST PRACTICES POLICY Passwords are usually necessary to access important systems, so managing them needs to be a priority. Effective password management involves requiring everyone to use unique, strong passwords, as well as outlining how to change them securely when needed. THE MOST EFFECTIVE IT SECURITY POLICY EXAMPLES AND HAVE AN BEST PRACTICES ACCEPTABLE USER POLICY AN ACCEPTABLE USER POLICY DESCRIBES THE PROPER WAY TO USE COMPUTERS, THE INTERNET, SOCIAL MEDIA, EMAIL SERVERS, AND SENSITIVE DATA. IT IS BEST PRACTICE TO NEVER PRESUME THAT PEOPLE KNOW THE RIGHT WAYS TO ACCESS AND USE DATA. THE MOST EFFECTIVE IT SECURITY POLICY EXAMPLES AND BEST PRACTICES INSTITUTE A REGULAR BACKUP POLICY FOLLOW THE “3-2-1 RULE:” MAINTAIN THREE COPIES OF DATA, PLACE THEM ON TWO DIFFERENT KINDS OF BACKUP MEDIA, AND HAVE ONE BACKUP SAVED OFF-PREMISES SO IT CAN BE USED FOR DISASTER RECOVERY. COMMON PREVENTIVE MAINTENANCE TECHNIQUES FOR SECURITY COMMON PREVENTIVE MAINTENANCE TECHNIQUES FOR SECURITY Common examples of preventive maintenance tasks are regular cleaning, lubrication, replacing of parts, and equipment repairs. Preventive maintenance scheduling requirements differ depending on the equipment being maintained. The goal of preventive maintenance is to prevent equipment failure before it occurs and to reduce the risk of accidents. IMPORTANCE PREVENTIVE MAINTENANCE Importance Preventive maintenance is important because it lays the foundation for successful facility management. Preventive maintenance keeps equipment and assets running efficiently, maintains a high safety level for your employees, and helps you avoid large and costly repairs down the road. Overall, a properly functioning preventive maintenance program ensures operational disruptions are kept to a minimum. TYPES OF PREVENTIVE MAINTENANCE TIME-BASED MAINTENANCE (TBM) A time-based approach schedules a preventive maintenance task using a set time interval, such as every 10 days. Other examples include triggering preventive maintenance (like a regular inspection of critical equipment) on the first day of every month or once in a three-month period CONDITION-BASED MAINTENANCE (CBM) Condition-based maintenance (CBM): Condition-based maintenance is a form of proactive maintenance. It's a maintenance strategy that monitors the actual condition of an asset to determine what maintenance tasks need to be done. Condition-based maintenance dictates that maintenance should only be performed when specific indicators show signs of decreasing performance or upcoming failure. For example, preventive maintenance will be scheduled when vibration on a certain component reaches a certain threshold, indicating that it should be replaced or lubricated. PREDICTIVE MAINTENANCE (PDM) Predictive maintenance (PdM): Uses condition-monitoring tools and techniques to track the performance and condition of equipment. Maintenance is then performed when certain thresholds or parameters are breached. Examples include monitoring vibration in bearings or checking for thermal hotspots in electrical systems. PREDICTIVE MAINTENANCE (PDM) Preventive maintenance, when executed effectively, offers numerous advantages to organizations, industries, and individual equipment users. Here are some of the key advantages: Reduced downtime: Scheduled maintenance prevents unexpected equipment failures that can lead to operational disruptions. Extended equipment life: Regular care and servicing can significantly prolong the life of machinery and equipment. PREDICTIVE MAINTENANCE (PDM) Cost savings: Though preventive maintenance requires upfront costs, in the long run, it can save organizations significant amounts of money by preventing expensive emergency repairs and replacements. Improved safety: Well-maintained equipment is less likely to malfunction in ways that could endanger workers or users. Increased efficiency: Regular maintenance ensures that machinery and equipment operate at peak efficiency, often resulting in energy savings and optimal output. CHALLENGES OF PREVENTIV MAINTENANCE Challenges of preventive maintenance While preventive maintenance offers numerous advantages, it's essential to understand its potential drawbacks or challenges. Here are some of the disadvantages associated with preventive maintenance: Upfront costs: Preventive maintenance often requires an initial investment in terms of resources, equipment, training, and system setup. These costs can be daunting for some organizations, especially small businesses. Possible over-maintenance: If not carefully planned, equipment might be serviced more frequently than necessary, leading to wasted time and resources. TROUBLE SHOOTING SECURITY Troubleshooting security involves identifying issues like unusual behavior or unauthorized access, checking firewall and antivirus settings, and ensuring software is up to date. Run security scans to detect threats and review access logs for suspicious activity. Reset passwords if needed, check for unauthorized devices, and follow security policies to stay protected. WHAT ARE THE STEPS TO TROUBLESHOOT NETWORK SECURITY IDENTIFY PROBLEM THE ✓ First step is to identify the problem and its scope. You need to gather information about the symptoms, the affected devices or users, the network topology, and the security policies and protocols in place. ISOLATE CAUSE THE ✓ Second step is to isolate the cause of the problem by eliminating the possible sources one by one. IMPLEMENT ASOLUTION ✓ The third step is to implement a solution that can resolve the problem and restore the network security. VERIFY THE RESULT ✓ The fourth step is to verify the results of the solution and ensure that the problem is solved and the network security is restored. DOCUMENT PROCESS THE ✓ The final step is to document the process and the outcome of the troubleshooting. You need to record the details of the problem, the cause, the solution, and the results in a clear and concise manner. PHISHING ATTACK DETECTED Problem: A user reports that He was receiving a suspicious email asking for login credentials or financial information. VERIFY THE EMAIL Ask the user to forward the email. Check for signs of phishing, such as poor grammar, unfamiliar email addresses, or URLs that don’t match the legitimate domain. CHECK FOR USER INTERACTION Find out if the user clicked on any links or entered credentials. If they did, change their password immediately. BLOCK THE SOURCE Use email filtering tools to block the sender’s domain or email address across the organization to prevent future phishing attempts. MONITOR FOR COMPROMISE Check the user’s account for any unusual activity, such as unauthorized logins, and run antivirus/malware scans on their machine. EDUCATE THE USER Provide security awareness training to help the user recognize phishing attempts in the future. FUNDAMENTAL SECURITY GROUP 1 Abiegail Mañalac Laurrence Popatco James Galang Jay Manaloto Catherine Guintu Lewis Masa Francis Dabu Jenard Lintag FUNDAMENTAL SECURITY IX.

Fundamental Security PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue