COMPUTER

SECURITY
 INTRODUCTION
The presentation is being carried out to lay down a solution to a

problem arising related to computer security. Various security

strategies are being discussed in this presentation. These

strategies would help in successfully coping up with the

computer security issues. The security strategies recommended

to address the issue and the effectiveness of mitigation strategy

in controlling the issue are also discussed in the presentation.

 OVERVIEW
The computer security is the protection
of assets from unauthorized access,
alteration, use or destruction.
Therefore, for such protection an
effective strategies is must needed.
 COMPUTER SECURITY ISSUES
There are some computer security issues which are normally faced

by the organization or by an individual as well. Following are

some of the issues:

Internet
and
network
attacks

Unauthor
ized Informati
access on theft
and use Computer
security
issues

Hardwar
e and System
software failure
theft
 SECURITY STRATEGIES
To cope up with the computer security issues, the
organization or an individual can use the following
security strategies to prevent the security of their system
and data or information.
These strategies will help the organization to improve
the level of security and safety of data.
 PROACTIVE STRATEGY
This strategy includes a set of predefined steps that can be

taken to prevent the computer systems from the attacks before

they occur.

This includes identifying how an attack could possibly affect

or damage the system and the vulnerabilities it exploits.

This pattern may help in determining the areas of

vulnerability that pose the greatest risk to the enterprise.

The proactive strategy has basically three
steps:
Determining the damage that the attack will cause

Determining the vulnerabilities and weaknesses that the

attack will exploit (Klti.et.al. 2013).
Minimizing the vulnerabilities and weaknesses that are
determined to be weak points in the system for that
specific type of attack.
 KEY FINDINGS OF PROACTIVE
STRATEGY
Use of policies for data security

Understanding about the sensitive data

It goes beyond the technology implementation

Take initiative for data security

Use of data centric security

 REACTIVE STRATEGY

The reactive strategies defines the steps that must be taken

after or during an attack.

It identifies the damage that was caused and the

vulnerabilities that were exploited in the attack.

This strategy will determine the why it took place, repair the

damage that was caused by it and implement a contingency

plan (Easttom II, 2016).
BENEFITS OF REACTIVE STRATEGY
Following are the key benefits of strategy:
Provides control over the use of computer system

Improve the accountability

Determine the level of threat

Anticipate the future changes

Help to assess the amount of damage and install

SECURITY BY DESIGN STRATEGY

A software is designed from the ground up to

be secure.
It includes code reviews and unit testing are
used to make modules more secure.
Audit trails tracking system activity for
determining the extent of the breach.
BENEFITS OF SECURITY BY DESIGN
STRATEGY
Following are the major benefits of using the particular
strategy:
Integration of methodologies

Detecting and resolving problems

Improve flexibility and adaptable architecture

Integration of application for better security

 APPLICATION WHITE LISTING
It is an effective means of ensuring the security, stability and

consistency of a computing environment.

Proper planning and pre-deployment activities are required for a

successful deployment of application white listing technology .

It can be deployed in support of policy which defines

applications which users are allowed to run or can run in the

course of their duties.

 MINIMIZING ADMINISTRATIVE
PRIVILEGES

Administrative privileges are designed to allow access of only

trusted personnel.

Accounts with administrative privileges to a window domain

typically have the ability to effect changes or to see such

information from any system on that domain (Goldman.et.al, 2011).

These privileges introduce a number of potential points of weakness

into that system.

 PASSWORDS AND APPROPRIATE
USER AUTHENTICATION STRATEGY

The best strategy for protecting the data from being accessed by an

unauthorized user.

The user authorization can be verified in any security system via piece of

information like password, something possessed by an individual like ID,

credit and a biometric characteristic of the individual like finger print
(White, 2015).

Through this the important and relevant information can be safe from the

authorized users.
 DISASTER RECOVERY PLANNING
A proper planning is a best strategy to overcome from the

problems related to eventuality of hardware failure or loss

and data loss or corruption.
Depending on the types of threats, disaster recover plans

may rely on one of a mix of strategies (Cichonski.et.al.

2012).
 INFORMING USERS ABOUT THE
SUSPICIOUS E-MAILS
The user using the computer system are require to

inform under this strategy to be careful of any

suspicious e-mails.
According to this, the user are should be careful when

the email is from the known source, caution should be

exercised when opening attachments or clicking on
links in emails.
IMPLEMENTATION OF A VULNERABILITY
MANAGEMENT PROGRAM

The most of the worms and viruses try to exploit bugs and

vulnerabilities within the operating system and applications.

The vulnerabilities can be introduced in network everyday

(Song, 2010). It is important to regularly review the network

and applications running on it for new vulnerabilities.
 After this, a proper plan is then prepare for proper

management of vulnerabilities.
The vulnerabilities can be managed by through patching,

upgrading, or managing the vulnerabilities using tools like

firewalls and Intrusion Detection Systems.
The discovered vulnerabilities should also be rated and

prioritized regarding their criticality and their impact (Rid

& McBurney, 2012).
 MAINTAINING BACKUPS AND
MONITORING LOGS AND SYSTEM

The critical data or information should be daily or periodically

must be regularly backup.

It is useful when a network gets infected with a computer virus or

system or hardware crash.

These backups must be stored safely in the offsite location .

Regular monitoring of network and system logs assist in

indentifying the computer virus or other criminal attacks.

Log files for the backups should be checked regularly in

order to insure that the backups succeeded.

Log files for anti-virus software deployed should be

regularly checked to ensure that PC are running the

latest version of antivirus.
These strategies ensure that the chances of attacks and

their impact is reduced and minimized to a greater

extend.
 DEVELOPMENT OF INCIDENT
RESPONSE PLAN
The incident response plan outlines the roles and

responsibilities that people may have in the event of

a computer virus infecting the network or indeed any
other type of security breach (Hsiao.et.al. 2014).
The plan is prepared and drawn up by the agreed

relevant parties before an incident occurs.

 CRYPTOGRAPHY STRATEGY
This strategy is best when the confidentiality and security of data

and information is to be maintained.

The modern cryptography exists at the intersection of the

disciplines computer science, mathematics and electrical

engineering.
It is conversion of the information from a readable state to

apparent nonsense (Kahate, 2013)

Only the authorized user can be decodes such encrypted data or

information.
 RECOMMENDED SECURITY
STRATEGIES
To address the current issue the best strategy that would be

recommended is a proactive and reactive strategy.

These strategy is best because it provides a suitable way to

identify and reduced the affects of the security issues

before their cause.
It the impacts and core area of infection are not identified

before then the reactive strategy would help in repairing the

damage caused through an implemented contingency plan.
 ACTIVITIES FOR IMPROVING
COMPUTER SECURITY
Using the following recommendation the security of
computer could be improved:
Use of Linux

Disable add-ons

Deploy a hardware based firewall

Enforce Strict password policies

Use of content filter

 EFFECTIVENESS OF MITIGATION
STRATEGY
The mitigation strategy would be effective in controlling the issues
with respect to other strategies in the following ways:
Ensures that the identified issues before their cause are removed to

the best possible way.

The damage occurred after their cause are repaired to the best

possible way as suggested in the contingency plan.

The organization is always ready to fight against the computer

security issues with the proactive and reactive plans without causing
any disturbance in the operations of the organization.
THANK YOU