Lesson 14-Desktop Protection

Overview

Protect against malicious code.

Use the Internet.

Protect against physical tampering.

Overview

Desktop systems are a major source of information security

risk for an organization. The risk comes from:

Malicious code.

The Internet.

Physical tampering.

Increase in the use of server services (Web, FTP, and SQL

servers) on desktops.

Protect Against Malicious Code

The organization should have mechanisms in place for

identifying malicious code as it enters the organization via

electronic mail.

Anti-virus software should be installed on desktop

computers.

This software must be configured properly to provide the

greatest protection.

Protect Against Malicious Code

Issues with viruses, Trojan horses, and worms.

Effective use of anti-virus software.

Issues with Viruses, Trojan Horses, and Worms

Malicious code can greatly affect an organization.

The time required to clean up after malicious code adds

hidden costs.

There are four primary mechanisms that deliver malicious

code are e-mail, instant messenger, disks, and shared files.

Employee access makes it difficult to stop the entry of

malicious code.

Issues with Viruses, Trojan Horses, and Worms

The damage from malicious code ranges from deleted files

to system downtime and lost bandwidth to lost business.

In addition to loss in productivity, there is a risk of losing

sensitive data.

Effective use of Anti-virus Software

Anti-virus software identifies a virus by matching the

program code with a known virus in its signature file.

Now a days anti-virus software scan a file, whenever one is

opened, executed, or copied.

A number of malicious programs that can ride on

documents are called macro viruses.

Effective use of Anti-virus Software

Anti-virus software searches for malicious code by comparing

the file it is examining with a database of signatures.

These signatures provide the information that allows the

software to identify which virus, worm, or Trojan horse

corresponds to the code.

Anti-virus software vendors update the signature database as

and when new malicious programs are identified.

Use the Internet

Connecting to the Internet.

Sharing Files.

Connecting to the Internet

Connections through a firewall provide some protection

against hackers looking for vulnerable systems.

Unlike dial-up connections, broadband (DSL and cable

modems) are always-on connections.

If a computer is attached to an always-on connection, it is

sure to be found by a hacker.

Connecting to the Internet

Desktops can be protected from attacks over Internet

connections in the following ways:

Anti-virus software that is updated frequently.

Patching the systems and following proper configuration

procedures.

Using some type of firewall system.

Home systems can be protected by any of the personal

firewall products that are on the market.

Sharing Files

There are two primary mechanisms for sharing files on the

Internet from desktop computer systems are by using

shares and using peer-to-peer file sharing programs.

In offices, network file servers make all or part of their hard

drives available for mapping across the Local Area Network.

The same type of sharing can be performed across the

Internet.

Sharing Files

Once a folder or drive is opened for sharing, a hacker may

find the share during a normal scan on the Internet.

Peer-to-peer (P2P) programs such as Gnutella and Kazaa

have found popularity because they can be used to share

music files.

A computer connected to a P2P network can share files with

hundreds of other computers.

Sharing Files

Once installed, the P2P program allows the user to identify

which files are to be shared.

Since these programs are downloaded from the Internet,

they may contain code that allows other users to browse

the entire hard drives.

Protect Against Physical Tampering

Sensitive information is often carried on portable computer

systems.

One mechanism used to protect the information on the system is

to encrypt it.

Protect Against Physical Tampering

Encryption can be accomplished by:

Encrypting each file.

Encrypting the entire folder.

Encrypting the entire hard drive.

While traveling, ensure computer systems and data

are not stolen.

Summary

Desktop systems are a major source of information security

risk for an organization.

The organization should have mechanisms in place for

identifying a malicious code as soon as it enters the

organization.

Summary

Connections through a firewall provide protection to some

extent against hackers looking for vulnerable systems.

Sensitive information is often carried on portable computer

systems.