Information Technology and Ethics/Types of Security
IntroductionEdit
- There are an abundance of security types, in this chapter will briefly cover the following types: physical, network, application, cloud and database.
Physical SecurityEdit
Introduction to physical securityEdit
Let's start with physical security. Physical security is an extremely important defense that uses physical and tangible safeguards to protect assets. Specifically, physical security helps to defend against any harm and destruction of valuable property or possessions. Physical security can also help to protect individuals, knowledge, or data. They are an extremely necessary basic security that is usually always in place, and it is a building block in other securities as well.[1]
How is physical security implemented?Edit
Different organizations will require different physical implementations depending on the organization’s layout. It is important to look into the risks to find out which physical security implementations are necessary. It is necessary for physical security to be approached by looking at the outer layers of physical security protection which look into the outside of the organization and the inner layers of physical security protection which look into inner environments[2].
Types of physical securityEdit
There are many different types of physical security which can be implemented to protect assets. Each type of physical security has a different purpose to fulfill. Some examples of physical security use include EAC (access cards), barriers, surveillance and alarms.
- EAC (Access Cards)
- Access control is an important mechanism of physical security which controls specific access points through traffic flows throughout an area. Electronic access control (EAC) is a specific access control which uses a card reader. These card reader devices have a sensor which reads data on the card, changes the data into a code number, and then directs the data to a computer. The data has a person’s information which can allow access to be approved or rejected. EAC parts are made up of access cards and card readers. There are many different types of access cards which can include proximity cards (commonly used and uses passive circuits), magnetic cards (uses magnetic data that is encoded where individual swipes card through card reader and example is a magnetic stripe), smart cards (uses a chip with implanted microprocessor like a computer), and optical cards (uses a light spot pattern which is read by a source of light like infrared)[3].
- Barriers
- Barriers are physical in nature and can include types like walls, fences, and gates (2). Doors are also very necessary with locks on them to prevent intruders. There can be natural barriers as well which can include water, cliffs, or human made barriers which provide obstacles for the individual to deal with making getting in very difficult[4].
- Surveillance
- Surveillance can be an extremely important physical security mechanism which can involve either a security guard or cameras. Important things to consider regarding how surveillance is implemented is high-risk sections, the planned use of surveillance (whether its for monitoring or intimidation), or if there is a need for hidden cameras, what kind of cameras should be implemented (wide or narrow view-points, amount of light, and solar-powered vs electric-powered), location to place cameras, how much recording is needed, and combination of security guard and cameras[5].
- Alarms
- Alarms help to bring attention to issues that aren’t stopped by surveillance or barriers. They specifically provide extra detection and awareness. They can be either silent or audible. Audible alarms tend to be better since they can activate a loud alarm which brings to everyone’s attention that an alarm has been set off. Alarms can be part of both inner and outer areas, and they can provide a good balance to physical security levels[6].
Network SecurityEdit
Introduction to Network SecurityEdit
Network security is a term that describes tools and tactics implemented to prevent or protect unauthorized intrusion into your network.[7] In a much simpler term, network security helps keep unwanted people away from your network and sensitive information. Network security has become a necessary tool for companies and individual residents who are keen in keeping their data safe. As we are all familiar with hackers finding every loophole to gain access to one’s information, network security is critical in our daily lives and every precaution must be taken.
Why is Network Security Needed?Edit
Effective network security is not only beneficial to keep data safe, it exists to help the reputation of different organizations, trust of its customers and continued operational ability. It is better to prevent intrusion rather than making amends after data has been leaked. Many customers are reluctant in sharing their data with companies and are ready to terminate their relationship with said business if there is as little as a rumor circulating that their network security has been breached. This can do serious damage to companies and they may never be able to reclaim their reputation, a good example is Yahoo, Myspace, etc.. Network security usually consists of three main controls[8],
- Physical Network Security:
- This is for keeping unauthorized people from the physical network component like routers.
- Administrative Network security:
- Works more to control behavior, who has access control and how much acces they have.
- Technical Network Security:
- This is to protect information that is stored and shared, and also prevent unauthorized personnel from coming in.
Types of Technical Network Security:Edit
There are over 14 technical network security tools that can be used to protect your network security and there are some environments, for example, Universities can benefit from running multiple firewalls to provide different zones of security. All listed network security techniques have different approaches to keeping the network secure. They include[9] :
- Anomaly Detection:
- Just like the name, it detects anomalies in the network and alerts you immediately.
- Email Security:
- Phishing emails is one way hackers try to gain access to your network, email security helps detect dangerous emails and blocks you from sharing vital information.
- Access Control:
- Limits the amount of users that have access to specific parts of the network.
- Anti-Malware software:
- Identifies dangerous programs and prevents them from spreading.
- Application Security:
- It focuses on applications that may be relevant to your security and try to keep hackers from gaining entry.
- Data Loss Prevention(DLS):
- Humans are the weakest link in network security because we can literally give away important information. This security detects and blocks sensitive information.
- Firewalls:
- Help filter authorized and unauthorized authorities and helps with network traffic. Wireless Security:
- Wireless security
- is much more vulnerable than traditional networks, so we need to make sure all precautions are taken.
There are many other network security that tackles different vulnerabilities. We should always remember that network security is crucial.
Application Security[10]Edit
Introduction to Application SecurityEdit
Application security comes into the play during the application level, in which the goal is to try to inject before any code is taken unauthorized. Security measures are taken into consideration during the development and after apps are ready to use. Application security can be seen in different forms like within hardware or within software. This involves creating, adding, and assessing security features inside applications, to interject and protect anything open and vulnerable.[11]
Why is it important:Edit
As technology has developed and is still developing, more and more applications are connected to the network and the cloud. Through this development, there are more possibilities of having vulnerable areas to be approached through. With different testing methods, any flaws within the application level can be found and possibly prevented. Today, more people are trying to attack directly at apps rather than attacking in different areas like at the network[12] .
Types of application security features:Edit
- Combined security features:
- Authentication, this helps verify that the person logging on, for example, is who they state to be. Following authentication is authorization, this gives access based on the who the user is. Compares the user’s identity to the list with authorized users to see what the user has access to. Next comes encryption when the app is being used. To stop information from being seen, traffic is encrypted. This helps ensure that the data cannot be seen by others[13].
- Logging:
- When accessing something, the time, who and what was accessed is recorded. If someone were to get unauthorized access to certain information, one could find out through this logged record[14] .
- Application security testing:
- Tests are implemented to help ensure that all the security measures placed are correctly working[15].
Mobile & Web application security:Edit
One-way businesses implement application security in mobiles is by using a virtual private network. Through this, one can safely get remote access to company information. For web application security, firewalls are placed to check data packets and stop any possible damaging packets[16] .
Application security controls & testing:Edit
Controls are methods implemented to strengthen the code. To be able to have more control over the output when there is a surprising input. Testing is used to check that there are no vulnerabilities in any new software or any revised software. Some of the examples are fuzzing, security audit, and penetration testing.
- Fuzzing:
- One can test unexpected inputs to check whether there are any vulnerable holes, or any possible ways someone else can get unauthorized access[17] .
- Security audit:
- Checks to see if the application passes through the security criteria. When the application has all the set security criteria, the creators have to ensure that specific users get authorized access[18] .
- Penetration testing:
- Essentially this is putting a criminal hat on and testing the application. These tests are analyzed when a user is logged-in and logged-out, to rule out any possible openings[19] .
Cloud SecurityEdit
Introduction to Cloud SecurityEdit
Hackers have gained access to almost any technical device available. Even something as simple as surfing the web can provide hackers with people's personal information. Hackers used to harvest data from physical hard drives by installing a virus that opened a back door and sent the data directly to the hacker's server. Now they have a second option--to hack the cloud directly. Enterprises, small companies, and ordinary people have begun to store data in the cloud as a security precaution. What the customer or company does not realize is that information stored in the cloud is just as vulnerable to hacking as information stored on a hard disk. Cloud security refers to the safeguarding of cloud computing files, software, and infrastructures. Many facets of cloud protection (whether public, private or hybrid) are the same as they are with any on-premises IT architecture. Cloud computing is described by the European Network and Information Security Agency (ENISA) as “Cloud computing is an on-demand service model for IT provision, often based on virtualization and distributed computing technologies.” [20]We can also describe it as the distribution of hosted resources over the Internet, including applications, hardware, and storage. Cloud computing has become practically ubiquitous among enterprises of all sizes, mostly as part of a hybrid/multi-cloud service architecture, due to the advantages of accelerated rollout, availability, low up-front costs, and scalability.
Why is cloud security different?Edit
In the early 1990s, funds for cloud computing began to emerge. The fundamental concept behind cloud computing is to isolate a system's architecture and mechanisms from the software and resources that it provides. Clouds are built in such a manner that they can quickly scale, are always usable, and have low operating costs. Due to on-demand multi-tenancy of software, content, and hardware resources, this is possible. According to Peter Mell (NIST), Tim Grance (NIST) “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models.” [21] Cloud computing allows enterprises to share computing and storage services with the goal of lowering computing costs. Furthermore, cloud storage allows people inside a cloud to share knowledge. Despite the benefits, data stored in the cloud is also vulnerable to theft and other security concerns.
Risks and BenefitsEdit
Cloud computing security issues can be divided into two categories: the provider issue and the client issue. In theory, cloud providers are more responsible for securing the transition from Infrastructure as a server (IaaS) to Software as a server (SaaS), while in the IaaS model, the customer bears more responsibility. Many businesses that produce and sell cloud storage software and services haven't given enough thought to the consequences of processing, storing, and viewing data in a decentralized and virtualized environment. Many cloud-based applications developers, in particular, fail to provide encryption. In other contexts, existing technical technologies simply do not enable developers to have real protection. On the other hand, the cloud user will simply be given responsibility for these data security policies in the IaaS model. With Platform as a server (PaaS), the cloud provider must use specific tools to track and protect access to the database supported. The material and data are the user's responsibility. However, by moving to cloud security, clients are able to reduce the cost and save money.Privacy and security are major concerns of cloud storage. Since customers' data and business logic are stored on distrusted cloud servers that are managed by the service operator. Privacy and security both prevent information disclosure, privacy-preservability is a stricter mode of confidentiality in certain ways. As a result, if cloud confidentiality is ever breached, privacy-preservability will be breached as well. To sum up, Cloud protection has two meanings, unlike the other security services: data privacy and computation privacy.
Database SecurityEdit
Introduction to Database SecurityEdit
To start, a database is a collection of data formatted and structured stored in some form of medium, particularly in hard drives, servers or even cloud storages. Database security is the set of procedures, standards, policies, and tools used to protect the data inside the database from thieves, and unwanted intrusion[22].
Technical ProtectionsEdit
When it comes to the security of databases, there exist both the technical applications and the auditing and logging of activities.
- Configuring DBMS:
- When installing and starting the initial implementation of a database system, there are the configuration settings that take place. This step in the process of database security is critical to the protection of the database. Although there are different configuration steps for different types of database tools or software, they all have the ability to change how a password is created, account access and user privileges, as well as network connection.[23]
- Password:
- After the installation of the database software, there will be a root user with a default password. The root account allows every execution of command possible for the database, therefore a strong password must be created for that account.
When storing password it is never a good idea to store password as plain text. Rather it should be encrypted using strong encryption techniques.
Connection to the DatabaseEdit
When a database has been created there needs to be data that routes to the database. Because data from the outside world is being routed to the database, it’s important to configure the connection to the database to protect it from unwanted intrusion. Some best practices are[24]:
- Disable remote access.
- Secure the MySQL server behind a firewall.
- Do not leave your ports wide open.
- Use IP addresses to restrict access to the database.
- Encrypt your connection to the server using SSH or SSL.
System Hardening and monitoringEdit
When it comes to database hardening, it is the process of increasing the security to limit the amount of access and rights of the database, similar to OS hardening, so that attacks will find it harder to infiltrate in the database. Depending on the type of databases that one uses, they all have some form of methods to display tables, databases, and schemes. Every database system also has the ability to change and alter users that are on the database with different types of privileges. When it comes to database hardening, some of the few steps taken to increase the security is by hardening the privilege. Some of the best practice in doing so are:[25]
- Each user only has limited privileges and only has access to the databases it needs to run.
- Never use ALL TO … functions.
- Never use % for a hostname.
- Application user permissions should be restrictive as possible.
- Only allow super privileges to database accounts, and localhost.
- Never ever give users global privileges, except for root, backup user, monitoring user, replication user
AuditingEdit
Auditing or monitoring is a database security protocol that aims to view the entire database and make an assessment on its status. Auditing helps look for any problems with it, that if problems are found it can be addressed and prevented. When it comes to the processes there are three steps[26]:
- Planning and preparation phase
The step in which a detailed scanning of the entire infrastructure is conducted.
- Several interviews are done to assess the assets.
And to find the scope in which the audit should be conducted on.
- The auditing phase.
This is the actual conducting of the audit where tools and assessment are conducted to test for potential vulnerability.
- The reporting phase.
After the auditing is completed, a debriefing of all of the vulnerabilities are reported. This can be done both orally and written. This is so that by identifying the vulnerability controls are taken place.
--Notes--
ReferencesEdit
- ↑ Fennelly, L. J. (2016). Effective physical security. Butterworth-Heinemann.
- ↑ Fennelly, L. J. (2016). Effective physical security. Butterworth-Heinemann.
- ↑ Fennelly, L. J., & Perry, M (2016). Physical security: 150 things you should know.
- ↑ Fennelly, L. J., & Perry, M (2016). Physical security: 150 things you should know.
- ↑ Fennelly, L. J. (2016). Effective physical security. Butterworth-Heinemann.
- ↑ Fennelly, L. J. (2016). Effective physical security. Butterworth-Heinemann.
- ↑ Dan Daniels (June 13, 2019). "14 Network Security Tools and Techniques to Know". Gigamon. https://blog.gigamon.com/2019/06/13/what-is-network-security-14-tools-and-techniques-to-know/.
- ↑ Cyber edu (2021). "What is Network Security?". ForcePoint. doi:5/28/2021. https://www.forcepoint.com/cyber-edu/network-security.
- ↑ Dan Daniels (June 13, 2019). "14 Network Security Tools and Techniques to Know". Gigamon. https://blog.gigamon.com/2019/06/13/what-is-network-security-14-tools-and-techniques-to-know/.
- ↑ “Application Security”. VMware. Retrieved 26 April 2021.
- ↑ Edward Wang (2021). "Application Security". VMWare. https://www.vmware.com/topics/glossary/content/application-security. Retrieved 5-28-2021.
- ↑ Edward Wang (2021). "Application Security". VMWare. https://www.vmware.com/topics/glossary/content/application-security. Retrieved 5-28-2021.
- ↑ Edward Wang (2021). "Application Security". VMWare. https://www.vmware.com/topics/glossary/content/application-security. Retrieved 5-28-2021.
- ↑ Edward Wang (2021). "Application Security". VMWare. https://www.vmware.com/topics/glossary/content/application-security. Retrieved 5-28-2021.
- ↑ Edward Wang (2021). "Application Security". VMWare. https://www.vmware.com/topics/glossary/content/application-security. Retrieved 5-28-2021.
- ↑ Edward Wang (2021). "Application Security". VMWare. https://www.vmware.com/topics/glossary/content/application-security. Retrieved 5-28-2021.
- ↑ Edward Wang (2021). "Application Security". VMWare. https://www.vmware.com/topics/glossary/content/application-security. Retrieved 5-28-2021.
- ↑ Edward Wang (2021). "Application Security". VMWare. https://www.vmware.com/topics/glossary/content/application-security. Retrieved 5-28-2021.
- ↑ Edward Wang (2021). "Application Security". VMWare. https://www.vmware.com/topics/glossary/content/application-security. Retrieved 5-28-2021.
- ↑ ENISA (December 2012). [)https://resilience.enisa.europa.eu/cloud-security-and-resilience/publications/cloud-computing-benefits-risks-and-recommendations-for-information-security "Cloud Computing Benefits, risks and recommendations for information security"]. Heraklion. )https://resilience.enisa.europa.eu/cloud-security-and-resilience/publications/cloud-computing-benefits-risks-and-recommendations-for-information-security.
- ↑ Mell, P. & Grance, T. (September 2011). "The NIST Definition of Cloud Computing". NIST. https://csrc.nist.gov/publications/detail/sp/800-145/final.
- ↑ Basta, Alfred (2011-07-12). Database Security. Cengage. ISBN 9781435453906.
- ↑ Basta, Alfred (2011-07-12). Database Security. Cengage. ISBN 9781435453906.
- ↑ Basta, Alfred (2011-07-12). Database Security. Cengage. ISBN 9781435453906.
- ↑ Alessandro Tanasi (2018). "MYSQL Server". Sphinx 1.7.4 & Alabaster 0.7.11. https://docs.hardentheworld.org/Applications/MySQL/#rename-root-user. Retrieved 5-28-2021.
- ↑ Basta, Alfred (2011-07-12). Database Security. Cengage. ISBN 9781435453906.