Definition of security measures:
The precautionary measures taken toward possible danger or damage.
Data Backup
➤A data backup is the result of copying or archiving files and folders for the purpose of being able to restore them in case of data loss.
➤Data loss can be caused by many things ranging from computer viruses, hardware failures, file corruption, system failure or theft.
➤If you are responsible for business data, a loss may involve critical financial, customer, and company data.
➤If the data is on a personal computer, you could lose financial data and other key files, pictures, music and others that would be hard to replace.
Cryptography
- To read the data, you must decrypt it into readable form.
- The unencrypted data is called plain text.
- The encrypted data is called cipher text.
- To encrypt, plain text converted into cipher text using an encryption key.
Importance…
- The process of proving one's identity.
- Ensuring that no one can read the message except the intended receiver.
- Assuring the receiver that the received message has not been altered in anyway from the original.
- A mechanism to prove that the sender really sent this message.
Anti Virus
➤Anti-virus software is a program or set of programs that are designed to prevent, search for, detect and remove software viruses and other malicious software like worms, Trojan horses, adware and more.
➤If and when a virus is detected, the computer displays a warning asking what action ➤should be done, often giving the options to remove, ignore, or move the file to the vault.
➤If a virus infected a computer without an antivirus program, it may delete files, prevent access to files, send spam, spy on you, or perform other malicious actions.
Examples: Norton anti-virus, AVG anti-virus, Kaspersky anti-virus
➤There are several different companies that build and offer anti-virus software and what each offers can vary but all perform some basic functions:
Scan specific files or directories for any malware or known malicious patterns
- Allow you to schedule scans to automatically run for you
- Allow you to initiate a scan of a specific file or of your computer, or of a CD or flash drive at any time.
- Remove any malicious code detected –sometimes you will be notified of an infection and asked if you want to clean the file, other programs will automatically do this behind the scenes.
Anti Spyware
➤Spyware is a type of malware that is installed on a computer without the user's knowledge in order to collect information about them.
➤Once installed, spyware can degrades system performance by taking up processing power, installing additional software, or redirecting users' browser activity.
➤It also can monitors user activity on the Internet and transmits that information in the background to someone else.
➤Spyware can also gather information about email addresses and even passwords and credit card numbers.
➤Anti-spyware is a type of software that is designed to detect and remove unwanted spyware programs.
➤Anti-spyware software can be used to find and remove spyware that has already been installed on the user's computer.OR it can act much like an anti-virus program by providing real-time protection and preventing spyware from being downloaded in the first place.
Examples :
- Spyware Blaster
- Spy Sweeper
Firewall
➤A firewall is a system designed to prevent unauthorized access to or from a private network.
➤A firewall can be implement either through hardware or software form, or a combination of both.
➤Firewalls prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets.
➤All messages entering or leaving the intranet (i.e., the local network to which you are connected) must pass through the firewall, which examines each message and blocks those that do not meet the specified rules/security criteria.
➤Rules will decide who can connect to the internet, what kind of connections can be made, which or what kind of files can be transmitted in out.
Physical Control
➤Lock your laptop whether you're at home, in a dorm, in an office, or sitting in a coffee shop, use a security device, such as a laptop security cable.
➤Lock doors and windows, usually adequate to protect the equipment.
➤Put the access code at the door to enter the computer room or your office.
➤Put the CCTV (closed-circuit television) in your office or computer room.
➤Make a policies who can access the computer room or your data center.
Human Aspect : Awareness
Ethics - Be a good cyber citizen
- Do not engage in inappropriate conduct, such as cyber bullying, cyber stalking or rude and offensive behavior.
- Do not use someone else's password or other identifying information.
- Lock it when you leave
- It takes only a few seconds to secure your computer and help protect it from unauthorized access. Lock down your computer every time you leave your desk.
- Set up a screen-saver that will lock your computer after a pre-set amount of time and require a password to log back in.
Phishing Emails
- Never respond to requests for personal information via email. Businesses will never ask for personal information in an email.
- Do not enter personal information in a pop-up screen.
- Dispose of Information Properly
- Destroy/shred hard copy confidential documents that contain personal information such as social security numbers, credit card numbers, bank account numbers, health records.
- Ensure you are using the right tools when destroying and disposing of personal information or media storage from your computer and mobile devices
Protect data on mobile device
- Choose a strong password. A good password should always include upper and lowercase letters, numbers, and at least one special character. Never use the same password for multiple devices or accounts.
- Store your portable devices securely. When not in use, store devices out of sight and when possible in a locked drawer or cabinet.
Expose employees or staff to computer security.
Make a routine check to update from new virus, worm or other malicious threat.