P3 - Explain what an organisation can do to minimise security breaches in networked systems
Policies and Procedures
Security Policies
A security policy is a document containing the rules and regulations regarding computer network access within an organisation. The purpose of the security policy is so that all the users within the organisation have a set of rules to follow and also so the organisation can protect their devices. The security policy will be constantly changing and being improved because over time they will discover more and more things they have missed out. It is important to have a security policy in place so that all of their data is secure and can only be accessed by authorised people.
Education and training
All organisations should have policies in place regarding education and training, this is to ensure all colleagues are able to use the latest software and are aware of the latest and best techniques to use when working on the organization's network. If a colleague regularly uses a piece of software, and a 2013 version is released with new helpful features, training all of your colleagues to use the latest version will cost you money, but in return it will theoretically enable them to produce work faster and easier than before.
Backup
All organisations should have very clear policies regarding backup. In most IT organisations a backup is taken at the end of each day to ensure all work completed that day can not be lost. Usually at the end of each month all backups are checked to ensure they are being taken correctly. Backups are essential in any organisation to ensure no important files are ever lost.
Monitoring
Organisations should have policies in place regarding computer monitoring for all employees. Monitoring refers to watching an employees screen to ensure they are not doing anything they are not meant to be doing, and that they are getting on with their work as they should be. Random monitoring should take place at various times to ensure that the network stays secure and no employees are trying to do anything they shouldn't be.
Access permissions
Access permissions are a list of rules stating what things a user is able to do on their computer, for example some people may have access to more data than others. Every employee working for the organisation will have a set of access permissions unique to them, although usually it is done in groups, for example managers will have access to more than a regular employee would have access to.
Clarification of User Responsibility
Data Protection Policy
Software Installation
Internet use policy
Continuous Professional Development (CPD)
Physical Security
Organisations need to physically secure their computer
systems, there is no point spending time and money preventing hackers from
gaining access to your network when somebody could easily walk into the office
and sit down at one of your physical computers connected to the network. There
are a few methods you could use to physically secure your network:
•Lock and Key - Using a lock and key is a good method because only the keyholders will be able to gain access, the disadvantage of this method however, is that the key could be stolen and used by anybody.
•CCTV/Security Guards - Using cameras and security guards would be a very good method to use as it is very secure and will be harder for an attacker to bypass. The disadvantage of this method is that it is by far the most expensive as you will have to pay the guards a salary.
•Logging of entry - This is a secure method that will only allow card holders onto the organization's premises, however it shares the same disadvantage of the lock and key method where anybody can steal a card and use it to gain access.
•Biometrics Authentication - This method allows access based on physical attributes. I.e fingerprints, Retina Scan, Palm scan. These are all things an attacker can not physically steal or easily forge, which is what makes this method so secure. The disadvantages of this method are that it is very expensive to set up and maintain and it can also be more time consuming than simply entering a password.
Risk Assessment and Penetration Testing
Risk assessment takes place to assess what risks there are in the workplace, for example broken chairs, loose cables and other health and safety issues.Penetration testing is when the company hires an ethical hacker to try and gain access to their network, if the hacker is able to break their system they will then be able to fix it and improve their security.
Security Policies
A security policy is a document containing the rules and regulations regarding computer network access within an organisation. The purpose of the security policy is so that all the users within the organisation have a set of rules to follow and also so the organisation can protect their devices. The security policy will be constantly changing and being improved because over time they will discover more and more things they have missed out. It is important to have a security policy in place so that all of their data is secure and can only be accessed by authorised people.
Education and training
All organisations should have policies in place regarding education and training, this is to ensure all colleagues are able to use the latest software and are aware of the latest and best techniques to use when working on the organization's network. If a colleague regularly uses a piece of software, and a 2013 version is released with new helpful features, training all of your colleagues to use the latest version will cost you money, but in return it will theoretically enable them to produce work faster and easier than before.
Backup
All organisations should have very clear policies regarding backup. In most IT organisations a backup is taken at the end of each day to ensure all work completed that day can not be lost. Usually at the end of each month all backups are checked to ensure they are being taken correctly. Backups are essential in any organisation to ensure no important files are ever lost.
Monitoring
Organisations should have policies in place regarding computer monitoring for all employees. Monitoring refers to watching an employees screen to ensure they are not doing anything they are not meant to be doing, and that they are getting on with their work as they should be. Random monitoring should take place at various times to ensure that the network stays secure and no employees are trying to do anything they shouldn't be.
Access permissions
Access permissions are a list of rules stating what things a user is able to do on their computer, for example some people may have access to more data than others. Every employee working for the organisation will have a set of access permissions unique to them, although usually it is done in groups, for example managers will have access to more than a regular employee would have access to.
Clarification of User Responsibility
Password Policy
A password policy will dictate what an employee is allowed
to have as their password, for example how many letters it should contain and
whether or not it should contain numbers and characters. The policy will also
state that the password has to be changed every so often, usually around every
6 weeks. This is to ensure the network stays secure at all times. Password
policies are designed to keep all employees accounts safe and make it harder
for an attacker to gain access to the network.
Data Protection Policy
A data protection policy will control how personal information is used by
the organisation, they will have to follow strict rules called ‘data protection
principles’ to ensure personal data is used and lawfully and they abide by the
data protection act.
Software Installation
Employees cannot install any software they like on the
organization's computers, this is because software could contain harmful files
such as viruses that could access the network and the corrupt sensitive data.
When an employee needs to use a piece of software they will have to apply to
get it installed on their PC.
Internet use policy
an internet use policy will list the do's and don'ts when
using the internet at work, for example employees are not allowed to access the
internet for personal use i.e social networking. They must only access the
internet if it is work related.
Continuous Professional Development (CPD)
It is important to ensure that every member of staff working
for your organisation has up to date knowledge regarding security threats.
Organising training sessions is important to ensure your network stays secure.
Your organisation should have a policy regarding CPD for IT professionals.
•Lock and Key - Using a lock and key is a good method because only the keyholders will be able to gain access, the disadvantage of this method however, is that the key could be stolen and used by anybody.
•CCTV/Security Guards - Using cameras and security guards would be a very good method to use as it is very secure and will be harder for an attacker to bypass. The disadvantage of this method is that it is by far the most expensive as you will have to pay the guards a salary.
•Logging of entry - This is a secure method that will only allow card holders onto the organization's premises, however it shares the same disadvantage of the lock and key method where anybody can steal a card and use it to gain access.
•Biometrics Authentication - This method allows access based on physical attributes. I.e fingerprints, Retina Scan, Palm scan. These are all things an attacker can not physically steal or easily forge, which is what makes this method so secure. The disadvantages of this method are that it is very expensive to set up and maintain and it can also be more time consuming than simply entering a password.
Risk Assessment and Penetration Testing
Risk assessment takes place to assess what risks there are in the workplace, for example broken chairs, loose cables and other health and safety issues.Penetration testing is when the company hires an ethical hacker to try and gain access to their network, if the hacker is able to break their system they will then be able to fix it and improve their security.