Reading Journal 12 - Shadowsarespooky/TechJournal GitHub Wiki

Security Policy

In a corporate setting a BYOD, Bring Your Own Device, is what an outside device of a workplace is called. The policy must be clear for what is allowed on the network, what is not allowed, and what is the consequences of said actions. Security Policy are the documents that list the guidelines and rules relating to computer and network security within a company. Every company, business, or school should have a security policy. Even small business should have a general security policy that is documented. Noncompliant systems that do not meet security policy guidelines are a threat to companies. Outside of businesses, areas of education, healthcare and the government require IT security. Guidelines within the policy include physical use, email use, and remote access. Security policies are implement by the user profiles. With all profiles, requirements such as password length and others. The easiest way to start implementing security policies is to use four methods of security prevention. Physical Security, Digital Security, User Training, and Principle of Least Privilege.

Physical Security

Physical Security could be locks, keys, fences and others things. In regards to computers, it could mean electronic key cards for physical access to a area or a service. The pros of electronic keys are easy to program, to issue/revoke permissions, the data is stored in a database instead on a physical paper, information relevant to the card is accessible such as check-in and checkout times, layers of control can be used, and when a card is lost it is easy to deactivate it and replace. Electronic keycards also help prevent tailgating, when an unauthorized person tags behind an authorized person. Some examples of electronic keys are key fobs(used for cars and buildings), ID badge(not as good as other methods), and Mantrap(a method of separating two areas with like a keypad or guards). Document Security: some data must be printed and kept in a secure area. When they are no longer needed, it can be shredded or destroyed by other means. Shredders are an easy method of removal but are easily reconstructed. Multifactor Authentication: Smart cards are often two-factor or multifactor types of security. This is more secure than a password which is only one factor. Biometrics is increasing becoming into use for authentication, using physical traits such as finger print or voice recognition. Anyway, multifactor authentication is the use of two or more methods to gain access to a system. Biometrics are harder to break through, thus is more secure

Logical Security (skip the 'BIOS/UEFI' subsection)

Some security prevention measures are antivirus/antimalware, which protects the software from small programs that may affect it. A firewall is hardware that protects an particular device, more than one can be used to protect a network. Filtering emails also is a method of protection. It scans what may come in or out and remove suspicious content and make sure content that should remain in the system doesn't get out. Then Windows may scan the online software to make sure it doesn't infect the computer. Finally, there are passwords and user ID that are another level of security.

End-User Education: Read only the following subsections:

Security Threats and Vulnerabilities

Malware is software made to damage a computer. In many cases, BYODs increase the risk of malware entering the network. Some symptoms of a virus include: Computer won't boot, applications won't start or work properly, antivirus message appears, unusual messages onscreen, and strange sounds from the computer. When a virus enters the computer, it is best to remove it from the network to stop it from spreading.

Social Engineering

This situation is when people are tricked into giving their personal information. This can happen over the phone, email, or text. No network security apps can prevent these types of risks.

Phishing

Similar to Social Engineering, Phishing are attempts to get personal information. It can appear as a email or website that asks you for emails or passwords regarding a bank account or other personal information. A variant is called spear phishing, which is when the attacker knows some of your information and tries to get you to give information through a more panic induced reaction.

Security Attacks

There many types of attacks that can be attempted on an organization. Some examples are: Brute Force, Man-in-the-middle, Spoofing, or Zombie. As there are many vulnerable points in a network, there are many points to break through.

Permissions: Read only the following subsections:

Share Permissions

With a folder on a computer, there can be shared folder for the entire network or a few individuals. You can find the permissions of a folder that is connected to the network and add or remove people with permission to view such folder. Maximum is 20 users to a folder. You should only give permission if they need it.

NTFS Permissions

NTFS Permissions are the types of control and permission you can give people who can access the folder. It varies from full control to only permission to read files in the folder. Even when copying files from the folder, if you don't have the permission to do that, the computer won't copy the files.

Protecting The Operating System And Data: Read only the following subsections:

Introduction section (right below the orange header)

The steps a person should take when securing a network or a series of computers are: Using the NTFS file system, having an alternative boot source, installing antivirus software, encrypting important data, creating a system restore backup, and disabling ports with BIOs.

Backup/Restore

Backing up data on a routine basis can ensure that your data stays relevant. That it is in a safe place just incase it is infected with a virus or if it is deleted or stolen. A second hard drive can be easily installed to a computer to back up a system. Most importantly an incremental backup is a good method of keeping your data up to date. Windows does not have a file recovery system, so a file recovery utility must be installed beforehand.

Account Recovery Options

**I did not see this section in the book?

Why would a door lock be problematic to maintain for Skiff 100? Which three physical security controls would you recommend be implemented to protect Skiff 100 if the card access that you currently have was not an option? Explain your response.

A door lock would be problematic as it restricts access to students at all times of the day so it would be harder to go in for class or work. Other devices to use other than cards could be a key fob if we wanted to continue with wireless devices, then there are security token or a keypad. I think uses a key would be too hard to keep track of, so different electronic devices can work since they can be replaced more easier and deactivated.

Which form of multifactor authentication could be implemented on Skiff 100 computers to prevent someone from being able to login if they stole credentials? (Refer back to Table 18.1) Why did you choose those options?

You can actually login to websites by scanning a qr code on your phone. Perhaps it there is a a mixture of using your phone, user id, password and then a final layer could be signing in by putting a PIN that only you know. I chose these methods because it is more discreet, so if someone did try to break, they may not know that they needed a PIN or Scanned QR code.