Post 1 by Shilpa
a) What types of threats can impact operations of the infrastructure? What steps can be taken to protect systems in the infrastructure (server or desktop systems and beyond)?
Threats have more impact an operation of infrastructure. Some of the threats we see in workplaces are Avenue attacks is done to outbreak the government systems to gather the secret information. Here hacker may attack on the websites to gather credit card information and collect company's information. Attacking viruses and worms into system, the well-known type of malicious code is virus. The virus and worms are software application or program which will destroy the firm’s data and network. Worms in a computer is a self-copying program. Botnet attack is type of threat, occur by a common type of malware. The devices connected to the internet like computers, smart phones, mobiles, etc. The goal for this type of threat is to infect as many devices connected to the network. Phishing threat occurs by clicking abnormal mails or messages. By one click hacker can pull out information like name, address, phone number, bank details etc. which is related to the victim.
Some of the steps which help in protecting system infrastructure:
• Implementing a security audit in the firm: By performing the security audit in the firm we can identify hacking or stealing the data from the firm’s systems by this we can secure data in the firm.
• By creating and applying IT policies in the company, we can safeguard our infrastructure for identifying the threats from the hackers.
• By updating the antivirus in our systems, we will protect from the virus induced applications by the hackers into our systems to steal the entire data in the firm
• By updating workplaces and servers in the firms we will safeguard our data from the beaches. Workplaces and serves plays an important role in data transformation.
• By auditing the firm servers, we can verify and examine the suspicious applications enter our servers to hack the system.
b) How can threats from Internet-based activities, such as the use of e-mail and web browsing, be mitigated? What is the responsibility of the user community in mitigating such threats?
The threats from internet-based activities by web browsing and e-mail usage can be mitigated by conducting a risk assessment to find out vulnerabilities. By conducting a cyber security risk assessment, firm can uncover possible gaps in security controls. Once problem is identified, setup network access controls. The mitigation is based on both the activities of the user and the firm. Installation of firewalls and antivirus software in the system will mitigate the security problems. Firewall will protect the suspicious applications trying to enter our system. If any breach is occurred in the organization every employee, IT and non-IT should work to face the problem with the available sources this is called incident response. As we know that cybercrime rate is growing high to face the breaches in any situation, we must be ready with the incident response plan.
Every company is facing problems from the hackers as they are hacking the company’s data. So, to avoid from hacking every user must follow some steps to mitigate such threats. Backup the data in the firm. Secure your data by encrypting, by encrypting the data in the firm, every information in the firm will be secured from inside and outside of the firm. It will protect firm data. Educating the staff in the firm. Access controls will help us in detection of the threats in the systems of the firms. By observing it we can know where the exact threat is occurred. Know different types of threats from inside and outside of the firm, monitor the devices frequently are the responsibilities of the user in mitigating the threats.