Operating Systems - Hardening and Security - Case Study Example

Operating Systems: Hardening and Security Operating Systems: Hardening and Security Introduction NextGard technologies specialize in a number of network consulting services and are as a result faced with a number of network security vulnerabilities and risks. Consequently one of their priorities is to upgrade their current network into a secure system. With nearly 250 employees in 5 countries, the organization currently faces a number of security challenges. The vulnerability of NextGard technologies is further increased by the fact that all of their employees have internet access and are likely to visit unsecure sites. With regard to the nature of services offered by the company, ensuring information security is critically important as it will not only protect the organization from risks and threats of malicious access but will also enhance the reliability and confidentiality of the company’s current network system. To upgrade its current network into a secure system, NextGard technologies will have to implement a number of policies and guidelines. As a Security professional hired by NextGard technologies to help provide their windows security implementation model for their organization, I will recommend a number of changes in the organization’s current network system some of which include the adoption of appropriate Microsoft Windows access controls, use of cryptography methods as well as a number of prevention techniques and countermeasures for thwarting the risks posed by malicious codes such as worms, viruses and Trojan horses among other related malicious codes. Windows access control is particularly an integral component of the entire network security used by NextGard technologies and it directly affects the organizations information security, Integrity, confidentiality and availability. It is however worth noting that security threats on the organization will still occur even after the implementation of such measures. This report proposes a Windows security management model that should be implemented by NextGard technologies to help upgrade its current network into a secure system. Network security solutions and appropriate Microsoft Windows access controls The fact that all employees at NextGard technologies have internet access and are free to browse the web significantly increase the vulnerability of the organizations network system to the risks of malicious access by exposing its information to a number of serious security threats. According to Microsoft Corporation (2005), Microsoft windows access controls is a collection of security management technologies that can be used by organizations like NextGard technologies to access various management solutions as well as mitigate the information security vulnerabilities and threats to their network system. Throughout its district offices in five countries, NextGard technologies uses a mix of computers running on various versions of windows such as Windows 2000, XP, Vista and Windows 7. Access controls are not used to effectively protect an organizations information system from unauthorized access but are also important in the facilitation of legitimate and seamless utilization of the information technology resources. The three main tenets of Microsoft access controls include Authentication, authorization as well as accounting. In the context of organizational information security of NextGard technologies, the organization should upgrade its current network security through a number of authentication techniques. Authentication simply refers to the process of verifying the users accessing the network of the organization to prevent unauthorized access. This can particularly be achieved through implementing a number of strategies such as the use of passwords, digital certificates, biometrics and smart cards when logging onto the organizations network. To improve the security of its networks across all its five district offices, the organization should implement strong authentication that requires the use of a combination of at least two of the four major types of authentication (Cooke, 2004). For example, passwords can be used together with digital certificates. Additionally, NextGard technologies can also effectively enhance the security of its networks by implementing policies that ensure email authentication, verification of message integrity as well as confirming the integrity of transmitted messages. On the other hand, authorization, is a another important technique that can be used to control the access of the users and employees to the sensitive information resources of the company once such users have been strongly authenticated. Generally, authorization primarily involves establishing the privileges and rights of users during their interactions with the system. In the case of NextGard technologies, some of the methods that can be used to implement authorization include though the use of various access control lists (ACLs) which are usually text based property files which are designed to follow proprietary formats. Similarly, the company can also implement personal authentication to determine the identity of users accessing sensitive information, transactions and applications (Microsoft TechNet, 2003). Lastly, the operating systems used by NextGard technologies such as Windows 2000, XP, Vista and Windows 7 all have a number of sophisticated auditing capabilities that can be employed to account for the activities of the users. Cryptography Methods that should be implemented by NextGard technologies Cryptography is another critical method that can effectively be used to enhance the security of information resources at NextGard technologies. With the current high number of sophisticated security threats, traditional security measures such as the use o firewalls and virus scanners can no longer be effective for large organizations like NextGard technologies and this creates the need to use modern intelligent defenses such as cryptography. With increased usage of technology in the modern world there have emerged various challenges associated to the secrecy and confidentiality of vital information technology. This is what cryptography has been concerned about that information reaches only to the intended recipients and not third parties. Cryptography refer to the act of ensuring that there is secure communication and prevent relevant information leaking out to the third parties who are not supposed to get this information. It therefore includes the practices and all techniques that ensure this objective is met. In its elaborate understanding it majorly centers on information security by ensuring that the data meets aspects of confidentiality, integrity, authenticity as well as non-repudiation of data. There are various methods that have been used by computer scientists as well as software developers in order to ensure that these aspects are taken into consideration. One such method that has been extensively used is substitution method. In this method it entails replacement of certain alphabetical letters with symbols or numbers. For instance letters such as EFG can be replaced with numbers such as 123. In addition this alphabetical numbers can also be slid over some given number of spaces. Through such manner the security of information can be guaranteed. There have been various arguments from scholars and computer scientists who claim that far much as this method sounds easier, its demerits is based on the fact that such a combination of replaced numbers or letters are easily to crack hence putting the issue information security at stake. The other method that has been used widely is Symmetric method that is also known as single key ciphers. This is where a key is used for encrypting and decrypting a given plain text. It is this key that is passed to the recipient which makes the recipient the only person to be able to access the information hence ensures aspects of information security. The key can either be block cipher which is several bits at a time or stream ciphers which simply imply that one bit of plain text is used at a time (Oded, 2001). Additionally public key-key method which involves use of two keys that is the private key and the public key can also be used. One key is given to the sender and the other is given to the recipient or uploaded to the server meaning that only those in possession of the key can access the information that is meant for them and not any other person. The reciprocal method has also been used in cryptography. This method entails substitution of letters in pairs .once the plaintext is input into the cryptography machine it replaces certain numbers or letters in the plain text and in the cipher such that the letter that was in the cipher is replaced with one that was in the plain text. Once this has been created, if the cipher is put into the same machine having the same key it produces a plain text. It has been found that this method is more secure than the substitution method (Oded , 2001). In this regard, the increased research and study around cryptology owing to the modernization of the world and inclusion of computers and other electronic gargets as a way of keeping and storing data requires an efficient and proper method that can be used for cryptology. This will in turn increase the aspects of security of information that is a major concern in the world. Protecting organizational information against malicious activity Continuous monitoring is a critical element that can significantly help NextGard technologies at to improve the security of their information resources. This will not only prevent malicious threats from getting into an organization’s network but will also allow legitimate data to flow efficiently. Organizations display data on their storage guidelines referred to as data at rest. They should as well audit all the devices in their networks and their distinctive configurations. In the recent technology landscape, network constraints are constantly evolving thus making it nearly impossible for the IT experts to manage the growing gap in the infrastructure when even the smallest configuration can leave solidest resistance susceptible to attack. The following three ways are normally applicable in thwarting malicious activity; Another important strategy that can be employed is the use of malware removal tools. Malware software removal tool is an anti-malware utility that usually checks at computers running windows vista, windows server 2012, windows 8, windows 7 and other related soft wares in a computer. It helps in the removal of malware and other infections found therefore it is recommended for use in an organization’s computer operational systems to protect vital information against malicious activity. When the revealing and malware removal is complete, the tool shows a report unfolding the outcome showing all the malwares detected and removed. The organization should also ensure that it always use robust operating systems. A robust operating system is that which performs well on only under ordinary conditions but also under unusual conditions that stress its designer’s assumptions. Software are typically vulnerable and fragile. This could be due to programmes which are too big or complicated for a programmer to understand it wholesomely. This makes it cumbersome for the developers to be able to detect and eradicate all the flaws or even to some extent be sudden on the amount of the existing errors. An efficient operating system within an organization should operate for quite a number of years without crashing or requiring rebooting although individuals applications systems may sometimes crash. Robustness results from transparency and simplicity. A transparent software is that which a skilled programmer can examine its source code and comprehend how it works as well to avoid inconveniences that may arise through them in an organization. Under certain conditions, security personnel at NextGard technologies will have to remove the MacAfee manually. A failed upgrade leaves mismatched that usually stopped removal of some agents in a computer system. A computer virus is a small software programme that spread from one computer to another and interferes with computer operation. A computer virus might corrupt or delete data on a computer, use an email programme to spread the virus to other computers or even delete everything on the hard disk. They get spread by instant messaging messages or attachments in email messages between different or similar organizations. A worm is a computer code that spreads without user’s interaction. Most worms begin as email attachments that infect a computer when they are opened. The worms scan the infected computer for files, such as address books or temporary web pages that contain email address. Worms uses the addresses to send infected email messages and frequently mimic the ‘from’ address in latter email messages so that those infected messages seem to be from someone known to you. Worms can then spread through networks, operating systems and email messages before it is discovered. Finally, Trojan horse is a malicious software programme that hides inside other programmes. it enters a computer hidden inside a legitimate programme such as screen savers and puts codes into the operating system that enables a hacker to access the infected computer. In conclusion logic bombs are a piece of code intentionally inserted into a software system that sets off a malicious function when specified conditions are met. References Bott, E., Siechert, C. (2003). Microsoft Windows Security Inside Out: for Windows XP and Windows 2000. New York: Microsoft Press. Cooke, P. (2004). How Access Control Works. Retrieved March 14, 2013, from http://searchwindowssecurity.techtarget.com/originalContent/0,289142,sid45_gci1025647,00.html Microsoft Corporation. (2005). Access rights and access masks. Retrieved on March 13, 2013 from http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/access rights and access masks.asp Microsoft TechNet. (2003). Authorization and Access Control Technologies. Retrieved March 14, 2005, from http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/addc004e- a1ad-4fba-8caa-1c9c3eb0fa86.mspx Oded , G. (2001), Foundations of Cryptography, Volume 1: Basic Tools, Cambridge University Press. Read More