Thursday, October 10, 2019

Information Technology logical security Essay

Logical data security is the guarding of information against unauthorized access while at the same time making sure that their integrity is guaranteed. If logical security is laid down in a shoddy way, then it would cause risks and its vulnerability may lead to the compromise of the data. System intrusion is one of the vulnerabilities for logical IT security. Software bugs may not all be eliminated by system administrators or programmers (Perry, 2006). The intruders therefore use the bugs to find holes and hack into system computers or server computers. These bugs can be in the form of buffer overflows, unconsidered inputs, and race conditions. Buffer overflows attack is extra information that can overwrite the actual data in the buffer and this data could be degrading the data integrity of the actual data. Race conditions attack is multiple processes access and use same data concurrently and end result is that one process may lose copying correct data since the other process may have changed the data. A system configuration is another issue that normally forms another form of system intrusion. Most systems have default manufacturers configurations. Customers find it easy to use since root/administrator passwords are usually empty/blank. If administrators overlook re-configuration of access controls, then the system can be intruded into even through the network. With the advent of technologies that can eavesdrop at the moving traffic, there has been the creation of sniffer software which are use to monitor the traffic. Sniffing unsecured traffic is poison for logical security. A sniffer can also be used legitimately or illegitimately to capture data transmitted on a network. It can be illegitimately used when the network router reads data packets then determining its intended destination in the network. A router may have a sniffer program that reads data in the packet and can see its source and destination then sends it to unintended destinations due to intrusion mechanisms in the network such as use of software bugs. Control on key directories for data should be factored in access standards to avoid unauthorized access. Limiting or eliminating access to everyone is important therefore restricting use of removable media such as flash disks and floppy disks for confidential information (Cole, & Krutz, 2005). Data integrity should be observed to ensure information stored is as original especially through performing synchronization from time to time to take care of bugs such as race conditions. Confidential information should be encrypted especially that which is sensitive and so done appropriately. Forgetting to back-up and store data on a regular schedule would run organization into crisis especially if the computer system breaks down, especially if the hard disk holding the crucial data crashes. Output devices such as scanners and printers on the network assigned for confidential information should at all time be under monitoring by use of monitoring utility software. Software for local systems should be legal. Vendors face the risk of software piracy for example illegal copying of their software. Organizations should ensure that they install software that has been licensed. Licensed software is beneficial since their updates and patches could easily be attained from the Internet (Perry, 2006). Open source software give users advantage of using them at their own disposal since they are freeware and don’t require license to install them. Their safety is questionable and may not be guaranteed, they could be prone to bugs as they are easily customizable. Pirated operating systems which access the Internet are dangerous and pose danger to the applications installed on it. Such systems can be in risk of being virus infected or may acquire worms and Trojans. Therefore organizations should ensure licenses bought are used for the OS and renewal of the licenses done at end of term for each license, this then will allow recommended updates and patches for the operating system (Cole, & Krutz, 2005). Building security levels on user data is crucial since it ensures confidentiality and integrity of sensitive data. The different levels would be such as access to workstations and desktop applications, access to computer servers and data, access to business bespoke applications. Access built only for authenticated persons using password and ID’s. Password policies should be in place such as allowing strong passwords of more than six characters, allow changing password on regularly basis say after 3 months, one password per one user ID. Password sharing among employees could cause malicious use of a user’s account by another user and this will be untraceable and unsuitable, users should therefore be formally notified their role in user ID and password protection for their user accounts. Web security attack is common in the cyber cafes and computer systems always accessing the Internet. Some of the HTTP (Hyper Text Transport protocol) vulnerabilities include cross-site scripting attacker gains control of the scripts location header and redirects the scripts. The second HTTP vulnerability is the web cache poisoning that allows attack websites visited by many users (Contos, Crowell, Derodeff, & Cole, 2007). The attacker redirects the URL of the website to the IP address of his computer. Web vulnerability is the cross-user defacement attacks where a website maybe seen defaced by a user and at this time attacker is stealing or resetting cookies sessions. Network infrastructure laid without software firewalls spell doom for logical security in the network. This is so because intruders can use software for maliciousness such as phishing where the attacker or program successfully masquerades as another by falsifying data and to the recipient the site appears as genuine but then the attacker will then manipulate or steal recipient’s credentials such as login details or financial information. This kind of masquerade is also called spoofing (Hoffer, Prescott, & McFadden, 2008). Local systems that have their firewalls disabled on system services provided by Operating systems such as Microsoft windows is a threat to security. All the time, firewalls should be set to enabled state and exceptions created for required software applications in the network. Viruses are programs or codes that can alter other programs functionality or render another program useless. Inadvertently leaving virus infected computer systems still connected on the network pose danger of infecting other computer systems in the same network through self-propagating viruses or Trojans or worms. Viruses can also be attained through e-mails. Some chain e-mails sent to users have attachments that have viruses attached to them. They infect a computer system once they are opened or downloaded to the computer hard disk. Distribution of such viruses could also be through the same network and media devices such as external hard disks and flash disks. Repudiation is the situation where one is able to deny being partisan to information manipulation. This is vulnerable for the data confidentiality and integrity of information. The best way to guarantee perpetrators don’t walk scot free is by ensuring data access controls are well defined such as event logs for applications and strong holding policies such as one user password per one user ID, remote monitoring the network activities and data sent and received and saving security logs for local system among other policies very important for non-repudiation.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.