Security should be implemented in such a way that it secures system and network resources. It should not become a problem for users who need to perform their everyday jobs on computers. Users should be able to access system and network resources with convenience but should be restricted from accessing confidential data of the organization. The following sections outline some of the common security-related problems and methods of performing regular preventive mainte- nance tasks for ensuring a secure working environment.
Security-related problems
The following sections provide a summary of some common security-related problems:
BIOS
BIOS in computers can be protected with a password. If a user does not know the password for accessing the BIOS setup, she will not be able to access the BIOS setup program and make any changes.
Smart cards
Smart cards are used to authenticate users. Problems with smart cards appear when the card is either worn out or an unauthorized person uses it.
Biometrics
Biometric devices use human characteristics to verify the identity of a person. A biometric device will immediately detect if an unauthorized person is trying
A+ Essentials
Study Guide
Malicious software
The purpose of malicious software is to destroy data on a user’s computer or to obtain personal information. If an antivirus application is installed, it should be able to detect the presence of malicious software, provided that virus signatures are up-to-date.
Filesystem and data access
Filesystem problems result due to incorrect settings of NTFS permissions. In some cases, unauthorized users may gain access to data that they are not supposed to. On the other hand, authorized users may complain that they are unable to access data that they should be usually allowed to access.
Backup
Backup problems result from a system’s inability to access backup media, bad media, or an incomplete backup process. The best way to ensure that backup problems are prevented is to perform test restores.
Data migration
Problems arising after data migration are related to differing sets of permis- sions on the source and target computers.
Preventive maintenance procedures
Some of the important preventive maintenance procedures for computer security include installation of antivirus software, keeping the applications and operating system updated, securing networkdevices, configuring auditing and logging, and educating users. The following is a summary of these procedures.
Antivirus software. Every computer in a networkshould have antivirus software
installed on it. This software regularly monitors for the presence of viruses and malicious software in computers. It helps with early detection and removal of malicious code. Antivirus applications use virus signatures to detect the presence of a malicious code in a computer. As new virus programs are written, the vendors of antivirus applications also update virus signatures for their applications. Administrators should ensure that the virus signatures are updated regularly.
Operating system updates. Manufacturers of operating systems such as Microsoft, Novell, and others keep updating their operating systems and applications. These updates are known as software updates and are available free of cost for down- loading from the manufacturers’ web sites. Every computer user is not required to download and install all updates. Some updates are meant to add a new feature to an application, and some others are meant for repairing a security bug. Operating system updates fall into the following categories:
Hotfixes
This is a small piece of software that is used to address a specific problem with the operating system. Hotfixes are generally released as soon as the manufacturer discovers a serious issue with the operating system. Test the hotfixes on nonproduction desktops before installing them on production systems. In some rare situations, hotfixes have opened up security holes in critical servers.
Patches
Software patches are released to immediately address a small problem in an application or an OS. Most of the patches are related to security but they often address other problems, such as compatibility issues or malfunctioning of a particular component of the OS.
Service packs
This is a collection of a number of hotfixes and updates released by the manufacturer of the OS or NOS. Manufacturers usually test service packs on a variety of hardware platforms and checktheir compatibility with various applications. As with updates and hotfixes, service packs must be fully tested on nonproduction servers before they are installed on production servers.
Application updates. Software applications should be kept updated with the latest patches or hotfixes. These updates are usually available free of cost from the vendors’ web sites.
Auditing and logging. Auditing is the process of tracking or monitoring activities of users and services. Auditing allows administrators to keep an eye on malicious activities of internal users as well as of outside attackers. For example, the Object Access audit policy can reveal which users have tried to get unauthorized access to confidential data files. Audit entries are written to log files. Log files should be regularly checked to detect potential problem areas with system, network, or data access.
Network devices. As with operating systems and applications, networkdevices also need to be updated with the latest device drivers, firmware updates, and proper configurations. An improperly configured networkrouter can expose the entire networkand critical servers to outside attackers. Default configurations of several network devices are known to professional attackers. Administrators should disable default usernames and passwords so that attackers do not use these credentials to launch attacks against the corporate network.
Security policies. Security policies in an organization ensure that everyone follows the same set of rules related to computer and data security. Security policies in large networks are usually implemented using Group Policies. Procedures ensure that the policies are followed as required. If required, administrators can perform auditing to monitor that the security policies are followed as expected.
User education. Perhaps the most important aspect of effectively implementing secu- rity polices in a networkis to train and educate users about the importance of computer security in the organization. For example, there is no use implementing a strong password policy if users write their username or password on a piece of paper and stickit to their monitors. Users should know how important the secu- rity of the organization’s data is for conducting its business. They should be trained to secure their individual workstations, applications, and data.
A+ Essentials
Study Guide
Safety and Environmental Issues
This section is not covered in Exam 220-603.
As a computer technician, you must be aware of safety and environmental issues related to installation and maintenance of computers and their peripherals. This section covers some important aspects of safety and environmental protection.