By Batbold Munkhzul
The complexity of the cyber environment continues to grow as adversaries become more sophisticated and rapidly change their tactics. To deter motivated attackers, our organization needs continuous security verification techniques driven by timely and relevant intelligence.
Here is the list of potential security issues that may arise from all of the following:
· Loss of data
Accidental deletion or corruption of data can cause data loss. Viruses, physical damage, or formatting errors can render data unreadable by both humans and software. The financial health of your company can be adversely affected by the loss of files and documents.
· Hacking (unauthorized access to data/computers)
Obtaining unauthorized access to an account or computer system in order to compromise a digital device or cybercriminals most commonly use hacking to steal data and conduct illegal activity.
· Viruses
An infection caused by a virus, or malware, occurs when a piece of software is spread between computers and damages data or programs. As a result of computer viruses, systems can be disrupted, major operational problems occur, information can be lost or leaked, and data is lost.
· Malware
Using hacked websites, watching malicious advertisements on legitimate websites, downloading infected files, installing apps from unfamiliar providers, opening malicious email attachments (malspam), or downloading anything else we download from the web to a device that does not have a quality anti-malware security application can result in malware infection.
· Ransomware
The ransomware program, or ransomware, prevents users from accessing their systems or personal files while demanding a ransom payment.
Here is a brief explanation of company computer and data security methods and procedures:
· Firewalls
Unauthorized access to a network is prevented by firewall software or firmware. It detects and blocks threats by inspecting and analyzing incoming and outgoing traffic. It has been many years since firewalls were invented and yet they still play an important role in the development of modern security techniques. When networks needed new methods of security that could handle increasing complexity, they emerged in the early days of the internet.
In addition to acting as a 24/7 filter, firewalls will protect our network from malicious attacks by scanning all data entering our network and preventing anything suspicious from entering.
Firewall policies should only permit appropriate source and destination IP addresses to be used.
Traffic with invalid source or destination addresses should always be blocked, regardless of the firewall location.
· Antivirus software
Oftentimes, the security of data is a major concern in computer systems because unidentified hackers use viruses, worms, trojans, etc., to steal data or harm information for their own ends. Thus, antivirus software is developed to prevent computer systems from being infected by viruses or any other harmful activity.
The following procedures shall be followed:
Do not disable or bypass virus protection software
Virus protection software settings cannot be adjusted in a way that reduces its effectiveness
It is not possible to decrease the frequency of automatic updates
· Passwords
A password is used to prove one's identity or authorize access to a resource. It can be a word, phrase, or string of characters intended to differentiate an authorized user from an unauthorized user. There's a strong implication that passwords are confidential.
Create a password length of at least 12 characters.
Passwords should be unique, complex, and nonsensical, comprised of a mix of nonrepeating letters (upper and lower case), numbers, and symbols that do not contain dictionary words in any language, or have any other guessable context (employee ID, dates, etc.), or sequences from a keyboard like ‘qwerty’ or ‘zxcvb’.
· Signing out/in computer hardware
To login
To login to the computer workstation on our desk requires a username and a password. The username will be in the form of <first initial><last name>. For example, the username for John Doe will be jdoe. The password will be of your own choosing, within the framework of the CWSL password complexity requirements. Usernames are not case sensitive; however, passwords are case sensitive.
To logout
At the end of each day before you leave the office you should Restart your computer:
Click on Start
Click on the arrow next to Shut down
Click on Restart
· Spam email Spam is unwanted emails that are sent in bulk to dilute lists of recipients. Spam is usually sent for commercial purposes. It can be sent in large numbers through botnets and infected computer networks.
Do not give out your email address publicly.
Think twice before you click.
Does not respond to spam.
Download spam filters and antivirus software.
Avoid using your personal or work email address.
Comments