Threats Flashcards
Accidental Threats
User Error
Power loss
Hardware/Software malfunction
Hardware loss
Lack of security or knowledge
Deliberate Threats
Malware
Phishing
Hacking
Denial of Service attacks (DoS)
Thief
Event based
These are a threat to data and information that is a result of a natural
event.
* This includes fires, flood, heatwaves, storms and earthquakes
* Power Surges are considered one type of event based
Security Controls
a measure designed to protect data and information form threats,
either accidental, deliberate or event based.
Security controls on their own, do not guarantee that the data and
information will be fully protected .Rather they reduce the chances of unauthorised access and/or data
loss
Software Security Controls
- Usernames and passwords
- Access Logs
- Audit trails
- Access restrictions
- Encryption
- Firewalls
- System protection
- Security protocols
- Two Factor authentication
Physical Security Controls
Zoned security strategies
Barrier techniques
Biometrics
Uninterrupted Power Supply (UPS)
Physical Procedures Backups Shedding Documents Checking Authorisation credentials
Common signs of intrusion
Increease resource use
New Software
Changed passwords
Spam email
Unknown Applications
Uninstalled system protection
A device completeing tasks by itself
Changes to web browser
Other issues to consider
Out of date software
Digital Signature
Ethical Hacking
Consequences for security failure
Loss of customer loyalty
Oenalities and prosecution
Loss of trade secrets
Decline in stock price
Loss of productivity
Inability to pay staff
Loss of income
Disruption to data and equipment
Evaluating information management strategies
These criteria need to correlate with the functional and non
functional requirements for a solution – the reasons for is
development and design, as well as its ease of use.
E.g. use of logs, interviews or questionnaires
Effectiveness of strategies
Data integrity
Security
Ease of Reteval
Currency of files
