Sample Cyber Security Profile - Essay Example

As society progresses to 21st security, the concept of security becomes a critical element in a very advanced world. Commerce, transactions,and work is conducted through the internet and technology. Leaving contemporary ways also results in more vulnerabilities with new technologies. This paper will discuss the many facets of protecting these vulnerabilities against large-scale attacks. One of the most crucial elements to understand within the realm of security are the User Domain, one of seven domains in an IT infrastructure, is considered to be the domain most at risk for attack and compromise, primarily due to the inherent weakness of the human interaction element. According to many publications, NIST is very proactive in this element as one of the main is attacks on User Domain. There are several types of attacks on the User Domain that are prevalent, as they can be quite successful against an uninformed or untrained employee. By implementing good company policies and ensuring that best practices against these attacks are used, an organization should be able to mitigate the risks found in the User Domain. Within the realm of User Domain, NIST is also very comprehensive in its understanding spoofing and DDoS. One of the worst vulnerabilities for user domains are insider attacks. Insider attacks occur. For instance, denial of service and spoofing are one the most common themes that occur. The problem is the fact that intercepting authentication or other sensitive information can be executed with the current WAN technology since it utilizes the traditional TCP/IP in user domains. (Best Practices for the Security 2013)Moreover, spoofing can also be conducted since an intruder can deceive the network that it recognizes a possible unauthorized access. The problem with installing firewalls in a user domain is the fact that they are fully feasible. Insider attacks occur when one user domain gains more privilege than the other user and shares that information. Tipton (2005) This becomes extremely dangerous because it allows the hacker to have one central location to exploit information. (Best Practices for the Security 2013) Inside attacks can be vast and potent depending on the type of attack. For instance, an executing script can copy sensitive information and can make one central machine a master. This can be detrimental to a data breach. This master to slave configuration can be used with full throttle for malicious attacks. Hence, segregation of duties as mentioned above should be embedded between the servers and the computer desktops to ensure sensitive information is not copied or modified. NIST is also very proactive in IT audits and ensuring that guidelines are created for security policies. AUP are set of standard and guidelines that are established by a user domain setting. AUP allows logical guidelines to ensure that audit practices are being conducted and risks are being controlled. AUP are extremely important component of framework of security policies because it dictates policies. AUP must be clear and concise in user domain. One of the most prominent factors of AUP is to ensure that user domains are separated by segregation of duties. It is crucial to understand that utilizing AUP allows suspension of user domains from an administrator standpoint. Accounts can be suspended, given limited access, administration rights to install programs, etc. Moreover, AUP encompasses managing passwords, software licenses, noncompliance consequences, and escalations. NIST is also very proactive in promoting administrator rights and segregation of duties. When administrator rights are breached or abused, PAA level agreements are crucial that are enabled to enhance accountability of user rights. Data centric needs are then breached which creates an issue for Plunder properties. In essence, the PAA is a written, explicit agreement that a user must acknowledge to. The PAA allows the security team to generally have a contingency plan, audit in timely manner. The PAA is a typically a two page document between administration and organization. It can also enhance the dictating policy utilizing social media. Security Assessment Policy is a governing legislation that outlines Information Security policies, employee orientation, security incidents and plans for new and existing users. It allows users to understand and analyze the security awareness level and avoid any future mishaps that will disrupt business flows. When it comes to Special Publication 800-53, Revision 4, of NIST, the documents provides a more a very comprehensive approach to information security and risk management by providing organizations with conducive security controls. It also provides IT governance approach by utilizing the "Build It Right" strategy. Furthermore, an effective patch management process can close vulnerabilities before malicious users or worms have an opportunity to exploit them. As organizations engage in e-commerce, it is clear that customers are also more involved in online transactions. However online security is always a concern that makes customers and even organizations weary as millions of transactions are conducted in cyberspace. One element of assurance that customers can have is the fact that when conducting these transactions involves the security of the organization. It is clear that when keys are exchanged, they are dealt in two parts-public and private. The algorithm is based on a logic that only the authentic organization can have the private keys, which ensures customer security. Furthermore, these keys cannot be replicated or reverse engineered based on perplexing mathematical formulas. This allows a safer exchange of keys between two parts. Lastly, most webpages convert themselves into HTTPS, which ensures that the page is secured. With the advent of SSL and MD5 encryptions, customers can have assurance that their transactions would not be hacked. With the advent of cloud computing, many black hat hackers continue to utilize many methods to exploit these types of environment. One type attack is known as network sniffing. Utilizing a packet sniffer, an attacker can capture sensitive data if unencrypted such as passwords and other essential configurations. Another threat that is used by majority of the hackers is known as port scanning. However, port 80 is always open since the server resides on top of it. In order to protect these intrusions, a user can easily encrypt date. With the usage of public and private keys, encryption can be achieved. Encrypting data clearly mitigates the risk of an intrusion attack that can cause drastic damage. Authentication and encryption are vital components that are outlined in NIST. In addition of NIST, HSS has provided some very crucial elements in the realm of security is social engineering. Social engineering for user domains should be based on layering approach. Hierarchy should be followed to ensure user domains have permissions based on hierarchy needs. Another huge aspect of social engineering is loopbacks and text fields. For instead, spoofing is conducted on regular basis for a user account domain password. The logic should be embedded that if an intruder tries to attempt to put incorrect passwords, the system recognizes that. In most cases, Windows and even other open OS such as Ubuntu have been embedding smart logic behind engineering of user domains. One of major exploits of this virus is that that they disable any security benchmarking parameters and tools. Large banks such as credit unions and financial institutions were using cloud-based security. Even with traditional mainframe, this would have been problematic. HSS outlines security measures such as DDoS, spoofing and firewall penetration as some elements that must be checked as IT audits. HSS is also very clear in logs and keystrokes as a result of security parameters. It is clear that downloading these logs will give the security team a better understanding of traffic and security vulnerabilities. Additionally, the timely deployment of these patches is crucial since it dramatically reduces corporate risk. Another aspect to consider is to ensure that networking protocols are rectified. Packet filtering is a crucial component of ingress and egress filtering must be conducted. Network protocols tend to protect traffic within the realms of their own networks. However, embedding ingress and egress network filtering will ensure that outgoing traffic gets approval. Although this can produce some latency in the network, it is an excellent method to embed in best practices. Enforcing an Access Control List along with VLAN can further mitigate these risks. References Best Practices for the Security APIs. (n.d.). (Windows). Retrieved February 25, 2014, from http://msdn.microsoft.com/en-us/library/windows/desktop/ms717796(v=vs.85).aspx Johnson, R. (2011). Security policies and implementation issues. Sudbury, Mass.: Jones & Bartlett Learning. RQ News & Blog. (n.d.). ReliaQuest. Retrieved February 25, 2014, from http://www.reliaquest.com/three-steps-to-building-a-successful-security-awareness-program/ Tipton, H. F., & Krause, M. (2005). Information security management handbook (5th ed.). London: Taylor & Francis e-Library. Windows Azure Load Balancing: What To Know. (n.d.). InformationWeek. Retrieved February 24, 2014, from http://www.informationweek.com/software/enterprise-applications/windows-azure-load-balancing-what-to-know/d/d-id/899840 Tipton, H. F., & Krause, M. (2005). Information security management handbook (5th ed.). London: Taylor & Francis e-Library. Windows Azure Load Balancing: What To Know. (n.d.). InformationWeek. Retrieved February 24, 2014, from http://www.informationweek.com/software/enterprise-applications/windows-azure-load-balancing-what-to-know/d/d-id/899840 Read More