Basics and Beginning of Computer Security
As computers evolved from a very big building size calculator to today’s desktops and Laptops so also the computer attacks through various modes such as malware, virus, rootkits, worms, and botnets evolved so dangerously. Internet which contributed to the advancement of email and web applications as well as today’s digital footprints contributed to today’s dangerous cybercrimes such as Ransomware, Viruses, and DDoS attacks, etc. Great Learning’s online Stanford Cybersecurity course covers comprehensive computer security fundamentals
The history of malware dates back to the ’70s and ’80s and it is getting better and better in its malicious intents. Along with it evolved the security of the assets such as computers and other information technology infrastructure that gave birth to anti-virus software, Firewall, anti-DDoS, IDS/IPS, and other related technologies. Learn Cybersecurity with the Great Learning e-learning Cybersecurity program for a fruitful career in Cybersecurity.
What is computer security? Different computer security threats and computer security best practices
Computer security involves safeguarding assets such as computers including desktops, servers, and laptops, etc. It is part of Cybersecurity that is a vast field of securing and managing the assets of the Organization. Computer security has three main components in security they are as follows:
- Safeguarding the computers from thefts and damage to the computers
- Safeguarding the information from thefts and damage to the information
- And finally to avoid the disruption of the services
Today’s computer security is a vast field and is the branch of Cybersecurity. There are various ways to protect computers from cybercrimes and cyberattacks they are as follows:
- Anti-Malware — Safeguards the computer from internal and external threats such as viruses, malware, rootkits, botnets, and worms, etc. This is generally installed on all the workstations that are desktops and laptops. The anti-malware software client is installed on the computers and it talks to the anti-malware server for the updates and latest definitions and sends alerts to the central servers or SIEM solution. The anti-malware server is responsible for pushing the updates and latest definitions to the desktops or laptops.
- HIDS — This is nothing but Host-based Intrusions Detection System, which is installed in every client such as desktops and laptops. This prevents any unauthorized access privilege and unauthorized intrusions to the desktops or laptops, etc. The alerts are sent from client machines to the SIEM server. The alerts need to be analyzed by the security staff on any possible intrusions or possible reconnaissance to the endpoint systems. The endpoint systems or clients are nothing but desktops or laptops, this is repeatedly used in the article.
- Authentication — There must be authentication to enter your computers. The authentication prevents unauthorized access to your computer. In your home computer, you will have local authentication such as user name and password to enter into your desktops or laptops. In the office, the authentication is controlled by the Active Directory which allows you to enter into your workstations. You must have user authentication and not admin authentication in your computers; this ensures that all the critical software or data is not getting access to the intruder.
- Disk encryption — Usually the desktops and laptops will have disk encryption such as bit locker encryption which prevents thieves from opening any files, copying files or destruction of laptops or hard disk and from reading information once they are lost or stolen. Learn the Cybersecurity and computer security with Great Learning online courses.
- Local and Domain admin privileges — The local admin privileges is the administrative privileges in the local machines. This enables the installation of software or copying files etc. The domain privileges are the privileges that in domain provide by the active directory. These privileges must be avoided and when required for any purpose must be for limited use and limited time. Instead, you must only have local user privileges in the computer to avoid full access to the intruder if the desktops or laptops are breached.
- Patches — Patches for example, the Microsoft releases patches periodically that must be applied to the desktops and laptops regularly that have windows operating systems. There are different types of patches they are hotfixes and security patches. Both of them are critical and need to be applied to computers regularly. The hotfixes are the bug and error fixes to the applications or operating systems. The security patches are the patches which seal the security vulnerabilities that have been identified in the computers from advanced Cybersecurity threats.
- USB disablements — Unless required for the purpose the USB drives must be disabled to prevent sensitive data loss. This is one of the data loss prevention techniques. You need to ensure that the USB is not accessible when not needed and when allowed must be time-bound and once the purpose is over it must be disabled again.
- CD/DVD drive access — The CD/DVD access must be avoided in the workstations to prevent data loss by writing on to the CD/DVD. This is also one of the data loss techniques.
- Email security — Do not use your emails for office purposes and vice versa. The email attachment sent outside the private network must be scanned for sensitive information and captured if it contains sensitive information before the emails reach the external domains from the private domains. This is another data loss prevention technique; it prevents the data from the computers in private domains to reach the public domains.
- File upload — This technique prevents the sensitive file upload from the computers to public websites such as filedropper, wetransfer, and udrop, etc. These sites must be prevented from access by the user by blacklisting these categories in the firewall.
- Firewall — Firewall is the software on the desktop or laptops that prevents malicious traffic in and out of the computers. For example, you will have a windows defender firewall in the Windows operating systems. We need to ensure that this is always enabled and if possible the firewall traffic must be controlled by blacklisting the categories which are sensitive and malicious. Learn this Cybersecurity engineering in the Great Learning Cybersecurity course.
- Training and awareness — The training and awareness of computer security and threats identification along with the basics of the security must be understood. You must know about password security, do not share the credentials with anyone, avoid phishing emails and malicious websites, etc. Do not write passwords in clear text on computers or any other places. This basic awareness of computer security is a must.
- Leaving the system unattended — Many a time we leave our system unattended without locking the system this will help anyone to steal files, destroy files or collect sensitive information from the computers. Whenever we are going on a break we must lock the system so that no one has access to our computer.
- Passwords — User name and password are the authentication mechanism to enter any computer. The password will have some policy set up by your company or must be set up by you. They must be as strict as possible and no one other than you must have access to the passwords. The password policy must be as follows:
- Must be more than 8 characters long.
- Must have at least 1 special character.
- Must be alpha-numeric.
- Must have at least 1 upper case alphabet.
- Must have at least 1 lower case alphabet.
- Must have at least 1 number in the password.
- Must not be a dictionary word or contain user name as password.
- Must have a history of 12 passwords that must not be repeated.
- Must not be stored anywhere in clear text.
- Must be changed every 90 days or periodically.
- Must not be shared with anyone even if they are very close to you etc.
Learn these Cybersecurity concepts in the Great Learning Cybersecurity course.
15. VAPT — If you have a computer with you at home or if you have an office computer you need to ensure that vulnerability and penetration testing is carried out periodically at least once annually to ensure that the security vulnerability in the computer system is fixed. You can use popular open-source free tools to do this. After the vulnerabilities are discovered based on the criticality they must be closed such as critical vulnerability must be closed in 15 days, High vulnerability in 30 days, and medium and low in 60 and 90 days respectively.
16. Laptop and Desktop locks — Sometimes if we are traveling or moving our systems from one place to another very often they must have a physical lock to prevent from being stolen. This lock ensures that the system is locked and tied to immovable objects such as a window or large table etc.
17. Phishing — This is a way of gathering personal information such as credit/debit card information and credentials by way of sent emails from the hacker to lure you to his website which is a replication of the genuine website and making you provide credentials on his website. The credentials thus obtained may be used for malicious purposes.
18. Accessing malicious websites — HTTPS is the computer certificates that show that the website is genuine and secured. Do not browse through the contents on the malicious websites as they transfer a virus or will be built in to take your credentials etc.
How to implement computer security in your organization
We have discussed some of the computer security threats and best practices in this article. This article is meant for covering only computer security and not covering the entire security portfolio. That is why we have discussed in detail computer security which is part of a larger domain called Cybersecurity. Part of the implementation is covered however to cover all the implementation methods for all subjects discussed above you must be a system administrator of having Cybersecurity basics. It requires technical details that cannot be covered in this article for brevity.
However Great Learning in partnership with Stanford University has come with the Cybersecurity course that covers this part of the topic. It has a comprehensive curriculum and is ranked 1 in the industry. It also offers a great mentorship program and encourages you to join the community of experts.