Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security - Coggle Diagram
Security
Non-Technical Threats
-
Simple or reusing codes:
Codes shouldn't be easy to crack and reusing them doesn't help if there's a rogue employee.
-
Door codes:
Building off of reusin codes, door codes should be changed every few months or so as a safety precaution.
-
Cyber hygiene:
Maintaining a system's health by checking for any breaches or deleting any files taking up space.
Unnecessary staff access to secure areas:
Not all staff need access to secure areas as they could easily pass on vital information just from joining the company.
-
Not following policies and procedures:
Reinforce policies and procedures on your workers so that they don't break them resulting in problems.
Weather conditions:
Make sure that if there is a dangerous weather conditions that outside technology doesn't result in the shut down of indoor systems.
-
Risk Mitigation Controls
National Cyber Security Centre Cyber Essentials:
A UK Government organisation providing advice/support for public and private sectors on how to avoid threats
-
Firewalls (Software/Hardware):
Hardware - Physical appliance that enforces a network boundry.
Software - Monitors and filters incoming/outgoing network traffic.
Intrusion Detection & Prevention Systems:
IDS is a monitoring system that detects suspicious activity and alerts when issues are detected.
IPS is a network security tool that monitors networks for malicious activity.
-
User access:
Any type of user acces that allows/permits the user to act on the behalf of the account holder.
Staff training & CPD:
Creating a programme employees can learn from. CPD is the learning you undertake which increases your knowledge, understanding & experiences of a subject area or role.
-
Honeytrap:
Steal information from unauthorised attackers who a tricked due to files seeming legitimate.
-
Technical Threats
Outdated OS:
This can lead to easier attacks from hackers since the protection would also be outdated.
-
-
-
-
-
-
-
Outdated Software:
Software should, like hardware, stay up to date and software not being supported anymore should not be considered.
Cyber Terrorists:
Groups like Anonymous and so on, will try to stop the process of work, therefore a company should be prepared for any sort of terrorist attack.