Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security in the IT Industry (Network Security (IPS (An intrusion…
Security in the IT Industry
Social Engineering
The attacker identifies the victim
Deceives them
The attacker executes the attack
Gains a foothold
Disrupts business and siphons data
Makes up a story
Makes them believe they're on the victims side
Social Engineering is a cycle of human error
Physical
Server Room Protection
Access Control Cards
Access Control Cards are tied to a specific user and must be swiped in order to gain access
Biometrics
Uses a physical characteristic such as a fingerprint or retina to identify a user
Physical Computer Protection
Passwords
Strong passwords and screensaver passwords are effective methods of securing a computer from unauthorized access
User Awareness
Employees need to be made aware that strangers cannot be in the office without an escort
OS Hardenning
USB ports for drives and CD-R/DVD-R drives should be disabled on all laptops/desktops so that files cannot be easily copied and stolen by a malicious user wandering around in the office
Building Protection
Security Personnel
Security Personnel, armed or unarmed are very useful in securing a location. Trained security can easily spot people in a building who are suspicious and may not be authorized to be in there.
Computer Security
Keep anti virus up to date
Computers should have secure passwords
Back Up Data to a secure server or have backups at an off site location
Network Security
IPS
An intrusion prevention system (IPS) scans network traffic to actively block attacks.
VPN
A virtual private network encrypts the connection from an endpoint to a network, often over the Internet. Typically, a remote-access VPN uses IPsec or Secure Sockets Layer to authenticate the communication between device and network.
Firewalls
Firewalls put up a barrier between your trusted internal network and untrusted outside networks, such as the Internet. They use a set of defined rules to allow or block traffic.
Wireless security
Wireless networks are not as secure as wired ones. Without stringent security measures, installing a wireless LAN can be like putting Ethernet ports everywhere, including the parking lot. To prevent an exploit from taking hold, you need products specifically designed to protect a wireless network.
Network segmentation
Software-defined segmentation puts network traffic into different classifications and makes enforcing security policies easier. Ideally, the classifications are based on endpoint identity, not mere IP addresses. You can assign access rights based on role, location, and more so that the right level of access is given to the right people and suspicious devices are contained and remediated.