Potential Security Threats To Your Computer Systems
A computer system threat is anything that leads to loss or corruption of data or physical damage to the hardware and/or infrastructure. Knowinghow to identify security threatsis the first step in protecting computer systems. The threatscould be intentional, accidentalor caused by natural disasters.
Topics covered in this tutorial
*.What is a threat?
*.What are Physical Threats?
*.What are Non-physical Threats?
What is threat ?
The ISO 27005 defines a threatasa potential cause of an incident that may result in harm of systems and organization. The cause could be physical such as someone stealing a computer that contains vital data. The cause could also be non-physical such as a virus attack. In thesetutorial series, we will define a threat as a potential attack from a hacker that can allow them to gain unauthorized access to a computer system.
What are Physical Threats?
A physical threat is a potential cause of an incident that may result in loss or physical damage of the computer systems.
The following list classifies thephysical threats into three (3) main categories;
*.Internal: The threats include fire, unstable power supply, humidity in the rooms housing the hardware etc.
*.External: These threats include lightening, floods, earthquakes etc.
*.Human: These threats include theft, vandalism of the infrastructure and/or hardware, disruption, accidental or intentional errors.
To protect computer systems from the above mentioned physical threats, an organization must have physical security control measures.
The following list shows some of the possible measures that can be taken:
*.Internal: Fire threats could beprevented by the use of automatic fire detectors and extinguishers that do not use water to put out fire. Unstablepower supply can be prevented by the use of voltage controllers. An air conditioner can be used to control the humidity in the computer room.
*.External: Lightening protection systems can be used to protect computer systems against such attacks. Lightening protection systems are not 100% perfect, but to a certain extent, they reduce the chances of lightening causing damage. Housing computer systems in high lands is one of the possible ways of protecting systems against floods.
*.Humans: Threats such as theft can be prevented by useof locked doors and restricted access to computer rooms.
What are Non-physical threats?
A non-physical threat is a potential cause of an incident that may result in;
*.Loss or corruption of system data
*.Disrupt business operations that rely on computer systems
*.Loss of sensitive information
*.Illegal monitoring of activitieson computer systems
*.OthersThe non-physical threats are also known aslogical threats.
The following list is the common types of non-physicalthreats;
*.Virus
*.Trojans
*.Worms
*.Spyware
*.Key loggers
*.Adware
*.Denial of Service Attacks
*.Distributed Denial of Service Attacks
*.Un-authorized access to computer systems resourcessuch as data
*.Phishing
To protect computer systems from the above mentioned threats, an organization must havelogical security measures in place.
The following list shows some of the possible measures that can be takenTo protect against viruses, Trojans, worms etc, an organization can use anti-virussoftware. In additional to the anti-virus software, an organization can also have control measures on the usageof external storage devices and visiting website that are most likely to download unauthorized programs onto the user’s computer.
Unauthorized access to computer system resources can be prevented by the use of authentication methods. The authentication methods can be, in form of user ids and strong passwords, smart cardsor biometric etc.
Intrusion-detection/prevention systems can be used to protect against denial of service attacks.There are othermeasures too that can be put in place to avoid denial of service attacks.
Summary
*.A threat is any activity that can lead to data loss/corruption through to disruption of normal business operations.
*.There are physical and non-physical threats
*.Physical threats cause damage to computer systems hardware and infrastructure. Examples include theft, vandalism through to natural disasters.
*.Non-physical threats target the software and data on the computer systems.
No comments:
Post a Comment