MIT University resources like labs and printers are shared by all the visitors, they turn out to be target for security threats. In order to safeguard the confidentiality, integrity, and availability (CIA) triad, the university can implement physical and administration controls.
Even though the university has implemented an efficient authentication scheme, developed an effective access control, and installed firewalls, the security is not complete without the deployment of physical controls. The physical control is the security of the authentic networking and hardware constituents that accumulate and convey data resources [2]. To execute physical safety, the university must recognise all the unsafe resources and take steps accordingly. The steps are enlisted below:
If the stolen resources embedded with biometric readers and security software are connected with the Internet, they can provide physical safety measures.
Fig 1: Physical Controls
Apart from the physical controls, the university should apply security procedures based on the steering ethics through administration control [3]. A proper security procedure provides guidelines for the visitors who are accessing resources and offers the remedy in case if the visitor has violated the security policy.
A good example of security strategy is web use policy implemented in Harvard University’s “Computer Rules and Responsibilities” policy. Moreover, the security policy should be able to meet any government regulations. The university should be familiar with Family Educational Rights and Privacy Act (FERPA) that limits the acquirement of student information.
The security policies are implemented mainly by fulfilling the CIA since there are many ways to shatter the security of Internet of Things (IoT) devices [1]. The more utilization of these devices will result in high risk of confidential information within the university.
Fig 2: Figure Depicting Administration Controls
Some categories of risks that are logical, instinctive, and easily applicable can be accepted [10]. The accidental and non-malicious risks are given in the figure below:
Fig 3: Categorization of Accepted Risks
The primary aim of Major incident team is to safeguard the confidential information of the students/staff/visitors, and to make sure that the recovery is possible earlier from other impacts of incidents [4].
The DR and business continuity alludes to the university capability to recuperate from the unexpected events and recommence the operations.
The successful DR plan clearly provides their actual organizational objectives like site allocation, data backup and key personnel backup in the assessment plan [9].
The incidence response will be administered by the Incident response team of the department.
|
HIDS |
NIDS |
|
It is inexpensive |
The implementation is more expensive |
|
The Trojan or backdoor attacks cannot be tracked |
It can track and terminate such obtrusion attacks |
|
It contains software agents that are installed on individual systems [1] |
They are standalone hardware containing network obtrusion monitoring ability |
|
It needs comparative less management and instructing |
It needs more training and administration |
|
The network traffic can be analyzed to and from the designated system on which the obtrusion monitoring software is installed |
The data packets are analyzed both inbound and outbound and proffers monitoring at real-time [2] |
This presents a review on the anomaly based and signature based detection systems approaches and advantages.
It includes discerning the network traffic for a sequence of malevolent packets or byte sequences. The benefit of this method is that the signatures can be easily developed and interpreted if we are aware of the network behaviour [5].
It depends on the definition of network performance. If the network characteristics conform to the specified behaviour, it is accepted otherwise an event will be activated in the anomaly detection.
Memorandum on key Breaches
MEMO FOR HEADS OF EXECUTIVE DEPARTMENTS
FROM: XXX
Security Manager
SUBJECT: Preparing and Reacting to a Personally Identifiable Information (PII)
This memo is intended to assist stability in the manner organization arrange for and make a response to an encountered breach by demanding general processes and standards. While assisting stability, this memo also offers organizations with the ability to customize their feedback to the breach depending on the situations of each breach and investigate on risks that are created to affect the individuals.
The main audience for this memo is Senior Agency Official for Privacy (SAOP) and other security officials who help to mitigate the risks.
The contractor after accessing the servers by using the IP acquired from administrator, can either sells the stolen PII on the black market or utilizes the PII for other malevolent activities. They can use the stolen credit card numbers to apply credit in other individual’s name or to open a new bank account. From the years 2013-2015, 27% of increases in the security threats are reported [6]. This incident has the ability to straddle the confidentiality of the information and poses threats to individuals and the important assets of the organization.
PII
The notion PII relates to the data that can be employed to differentiate or stole an identity of individuals, when alone or when merged with some other data that is connected to the designated person. In order to recognize whether the data is PII, the organization can perform evaluation of the risk.
Each organization should draft training for all the staff on how to recognize the identity and make a response to breach involving the internal business processes without disclosing any confidential information to the attackers. In addition to that, they must send reminders by means of email and organize realization campaigns.
Each organization require all the staff having access to storage network to announce the reckoned or established breach to the organization immediately, un-deviated with the organization’s incident administration security procedures.
The individuals procuring access to high valuable information systems should not interlude for the confirmation on the occurrence of breach, since even such a time delay can affect the capability of the enterprises to take remedial measures for securing PII.
The breach feedback strategy constitutes the following elements:
Investigation Report on Data Breach
This investigation report is intended to present the incident patterns, attackers who cause them, activities of the attacker, assets targeted by hackers, time in which these malicious activities are occurred, and provide recommendations to foil them.
The data breaches in educational or professional information systems are due to Insider misuse, miscellaneous errors, and cyber-espionage.
This includes a phishing crusades utilized to offer complicated malware.
What can we do?
Patching on time and regular update of anti-virus software will work. The system and activity on network applications are logged on for providing base on incident feedback and announce remedies.
The potential attackers can be from every stage of the organization from front line employees to senior executives. Around 40% of the breaches are triggered for attaining monetary gains [7]. And the employees utilizing unauthorized defeat strategy also can produce damage to the sensitive information.
What can we do?
The major solution is to be aware of the data possessed by employees, data sources, and their access privileges. Then the places where extra auditing and fraud detection is mostly required is identified. The devices of the employees who left the company are also examined to determine the weaknesses in organization’s defence techniques.
Previously the employees are the main actors in many incidents. There are three major divisions in fraudulent incidents:
What can we do?
In order to protect the information, data loss prevention software tool must be implemented. This will not permit the individuals to transmit confidential information. Moreover, the employees are to be retrained about information security and disposition method for confidential data.
Be Alert: The log files can provide earlier warning on breaches.
Only maintain information on “Require knowing”: Only restricted access should be provided to the staff for doing their corresponding jobs.
Patch Correctly: If the IT environment is configured well, you can safeguard against many threats.
Encode Sensitive Information: The encryption will not fully avoid the stolen of data but it make it harder for the criminals.
Employ Dual-Factor Authorization: It can restrict the destruction of poached credentials.
References:
[1] U. Lindqvist and E. Jonsson, “How to systematically classify computer security intrusions,” IEEE Symposium on Security and Privacy, vol. 15, no. 2, pp. 154-163, Mar. 1997.
[2] J.Tang , D. Wang, L. Ming and X. Li, “A Scalable Architecture for Classifying Network Security Threats,” Science and Technology on Information System Security Laboratory, vol. 35, p. 475, Apr. 2012.
[3] S. Geric and Z. Hutinski. “Information system security threats classifications,” Journal of Information and Organizational Sciences, vol. 3, pp. 31-51, Jan. 2007.
[4] F. Swiderski and W. Snyder, “Threat Modeling”, Microsoft Press, 2004.
[5] M. Alhabeeb, A. Almuhaideb, P. Le, and B. Srinivasan, “Information Security Threats Classification Pyramid, “ 24th IEEE International Conference on Advanced Information Networking and Applications Workshops, pp. 208-213, Jun. 2010.
[6] F. Farahmand, S. Navathe, G. Sharp, and P. Enslow, “A Management Perspective on Risk of Security Threats to Information Systems,” Information Technology and Management archive, vol. 6, pp. 202-225, Feb 2005.
[7]K. Loch, H. Carr, and M, Warkentin. “Threats to Information Systems: Today’s Reality, Yesterday’s Understanding,” Management Information Systems, vol. 16, no. 2, pp. 110-120, Mar. 1992.
[8] A. McCue (2008, May 11). Beware the insider security threat, CIO Jury[online]. Available: https://www.silicon.com/management/cio-insights/2008/04/17/beware-theinsider-security-threat-39188671/.
[9] M. Rasmi, and A. Jantan, “Attack Intention Analysis Model for Network Forensics,” Software Engineering and Computer Systems, pp. 403-411, Jun. 2011.
[10] L. Rabai, M. Jouini, A. Aissa, and A. Mili, “An economic model of security threats for cloud computing systems,” International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), vol. 15, no. 3, pp. 100-105, Jul. 2012.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download