Please enable JavaScript.
Coggle requires JavaScript to display documents.
SECURITY POLICIES AND PROCEDURES (2.1 UNDERSTAND SECURITY POLICIES (A…
SECURITY POLICIES AND PROCEDURES
2.1 UNDERSTAND SECURITY POLICIES
A security policy is a written document that states how can organization plans the company's information technology assets
A security policy is a collection of rules, guidelines, and checklists.
Having a written security policy empowers an organization to take appropriate action to safeguard its data.
A security policy includes the following elements:
An acceptable computer usage statement for the organization.
The people permitted to use the computer equipment.
Devices that are permitted to be installed on a network, as well as the conditions of the installation. Modems and wireless access points are examples of hardware that could expose the network to attacks.
Requirements necessary for data to remain confidential on a network.
Process for employees to acquire access to equipment and data. This process may require the employee to sign an agreement regarding company rules. It also lists the consequences for failure to comply.
2.1.2 SECURITY POLICY REQUIREMENTS
When developing a security policy for the first time, one useful approach is to focus on the why, who, where, and what during the policy development process.
Network technicians and the organization’s management must work together to develop a security policy that ensures that data and equipment are protected against all security threats.
When creating a security policy, these are some key areas to address:
Process for handling network security incidents
Process to audit existing network security
General security framework for implementing network security
Behaviors that are allowed
Behaviors that are prohibited
What to log and how to store the logs: Event Viewer, system log files, or security log files
Network access to resources through account permissions
Authentication technologies to access data: usernames, passwords, bio metrics, and smart cards
2.1.3 Usernames and Passwords
A username and password are two pieces of information that a user needs to log on to a computer.
It is important to change the default username for accounts such as administrator or guest, because these default usernames are widely known.
Three levels of password protection are recommended:
BIOS - Prevents the operating system from booting and the BIOS settings from being changed without the appropriate password.
Login - Prevents unauthorized access to the local computer.
Network - Prevents access to network resources by unauthorized personnel.
BIOS - Prevents the operating system from booting and the BIOS settings from being changed without the appropriate password.
Login - Prevents unauthorized access to the local computer.
2.1.4 Password Requirements
Passwords should be required to have a minimum length and include uppercase and lowercase letters combined with numbers and symbols.
These are some guidelines to creating strong passwords:
Length - Use at least eight characters.
Complexity - Include letters, numbers, symbols, and punctuation. Use a variety of keys on the keyboard, not just common letters and characters.
Variation - Change passwords often. Set a reminder to change the passwords you have for email, banking, and credit card websites on the average of every three to four months.
Variety - Use a different password for each site or computer that you use.
2.1.5 File and Folder Permissions
Restricting User Permission
When the permissions of a folder are changed, you are given the option to apply the same permissions to all sub-folders.
Principle of Least Privilege
Users should be limited to only the resources they need in a computer system or on a network.
Principle of Least Privilege
Users should be limited to only the resources they need in a computer system or on a network.
2.2 Understand Security Procedures
2.2.1 Security Procedures
Procedures are considered the lowest level in the policy chain because they are closest to the computers and users (compared to policies) and provide detailed steps for configuration and installation issues
Procedures are detailed step-by-step tasks that should be performed to achieve a certain goal.
There are a several of security procedures that can be implement in any organization. In this chapter, we will discuss about :
Security Policies (has been discussed)
Data Protection
Protecting Against Malicious Software
2.2.2 Data Protection
Software firewalls, bio metrics and smart cards, data backups and data encryption are some of the approaches that we can take to protect our data.
There are number of approach that we can take to protect our data.
Software firewalls
A software firewall is a program that runs on a computer to allow or deny traffic between the computer and other computers to which it is connected.
You can control the type of data sent to another computer by selecting which ports will be open and which will be blocked.
Bio metrics and Smart Cards
Bio-metric security compares physical characteristics against stored profiles to authenticate people.
In theory, bio metric security is more secure than security measures such as passwords or smart cards, because passwords can be discovered and smart cards can be stolen
Bio metrics and Smart Cards
A smart card is a small plastic card, about the size of a credit card, with a small chip embedded in it.
A security key fob is a small device that resembles the ornament on a key ring.
The computer must detect the signal from the key fob before it accepts a username and password.
Data Backups
A data backup stores a copy of the information on a computer to removable backup media that can be kept in a safe place.
Backup media is often reused to save on media costs.
Data Encryption
Encryption is often used to protect data.Encryption is where data is transformed using a complicated algorithm to make it unreadable.
Encrypting File System (EFS) is a Windows feature that can encrypt data.
EFS is directly linked to a specific user account.
2.2.3 Protection against malicious software
Certain types of attacks, such as those performed by spyware and phishing, collect data about the user that can be used by an attacker to gain confidential information.
You should run virus and spyware scanning programs to detect and remove unwanted software.
Many browsers now come equipped with special tools and settings that prevent the operation of several forms of malicious software.