Kelly Crooks
Forum Replies Created
-
Posts
-
From the information I gathered from the video on lesson 16, there are several ways to prepare and plan for a disaster. I have listed four of those ways below:
1. A company or organization needs to identify items, that if planned properly will not turn into a disaster. This includes making sure that they have redundant power supplies, backed up communication mechanisms, identifying single points of failure, and recognizing necessary fault-tolerant solutions.
2. An organization also can plan for and be prepared for a disaster by having fault tolerance and redundancy technology installed and working properly. Making sure that the right fire and safety inspections are in place and tested regularly which includes installation and testing of fire detection and suppression equipment.
3. Making sure that the equipment they have is maintained and tested regularly will help in case of a disaster. Having offsite data backups wheater that is other servers offsite or cloud computing backups. Making sure that the data is backed up and current on another device of some kind will ensure that the process goes well when trying to restore the data.
4. Employee training and testing are vital in planning for a disaster of any kind. If the employees know the procedures and protocols for a disaster and are trained in what to do it will make the process much easier. Making sure that each employee knows their role should a disaster occur will ensure that everyone is safe and that the data can be restored promptly depending on the situation.
Kevin, I do remember hearing about the EA breach and the theft of the source codes. I only remember this because I was talking to my son about it because he plays a lot of games made by EA. I agree with you that we are sitting ducks until the next digital breach. As we have learned about different security policies and protocols do you think there is more that some companies or organizations can do to protect their data?
Kevin, thanks for sharing your thoughts on security threats. As I mentioned earlier and commented on Marcena’s post, insider threats have always been a concern to me, even before starting IT classes. It seems to me that some organizations are easier to steal or leak information from than others, even with security protocols in place. I always keep in mind the old saying “too many cooks spoil the broth”.
Kevin, thanks for sharing your thoughts on why SDLC is important. I really appreciate your explanation of why and how both the Waterfall model and the Agile model are important in the SDLC. You always have great points in our discussions. While I do remember a little about the different models from a previous class, having you refresh them made it easier to understand them. I have found that Agile is easier for me to use than the Waterfall model. I am getting better at using them and I have found some programs and software that allow me to practice using them. I will get the hang of it.
Marcena, I agree completely with you when you said that as attackers become more sophisticated, security officers need to remain vigilant and proactive. It seems to me that as security measures change and become more proactive and better at preventing the loss and theft of data the attackers just try harder to get around those security measures. It is important as a security officers that we stay two steps ahead of the attacker and make it more difficult for them to gain access to that data.
Marcena, insider threats have always been a concern of mine as well. I think they have always been a concern because, as you said, individuals such as employees or contractors have access to the origination data. They have the authority to access sensitive data and information. There are too many variables that can play a role in the loss or theft of that data by those individuals. I think about what happened last month with the young man in the military stealing, copying, and sharing sensitive military data from the Pentagon. Even with all of the security protocols, procedures, policies, and background checks he was still able to leak that information. I often think that someone there wasn’t doing their job correctly.
Marcena, great post I agree with your reasoning with why it is important for a security officer to understand not only what the SDLC is but also how it works and the security risks involved with it. As a security officer it is their responsibility to mitigate and reduce data loss. By making sure they understand and can implement the correct security protocols will help them achieve their goals.
While I would say that I am not currently in a storm with my boat about to capsize, I, like all of us have been in many storms. I always find comfort in knowing that God is there and will always be there for me during those storms. It gives me such peace to know that in those storms when my boat was already capsized and I was about to drown, God reached out His hand and pulled me from those stormy waters. No matter what kind of storm we are facing it is important to remember that God will be there to guide us through those storms, guide us through the dark, starless nights. He is our navigational compass to get us through those storms safely, securely, and in one piece. We might be off course and our destination is not where we were headed for but God sailed with us and kept us safe. God is a loving God and wants to be the captain of our vessel.
One of the “more advanced attacks” discussed was ransomware. A more sophisticated type of ransomware is being used to target key and specific data. The agenda of the attackers may not be to take down an organization but to see what data it can steal and sell for the highest price. The attacker determines where the biggest payoff can be found and holds that data for money or ransom. I can think of several cases of this just within the last year or so where the attackers gained access to the data and held it for a high price.
Another “more advanced attack” they discussed was Trusted Third Parties. These kinds of attacks include attacks on our supply chain and the attack on the Microsoft Exchange Server. These kinds of attacks go undetected for a longer period. This kind of malware threat is concerning the fact it can go unnoticed for so long. This is a concern because it allows the threat to access more data and possibly steal that data and sell or dispose of it before the company even realizes there is a threat.
A security officer can try to mitigate and minimize the loss of data by making sure the right security policies are in place and as I mentioned before, making sure those policies and procedures are tested daily. A security officer can also make sure that the up-to-date and current firewalls and antivirus software are installed and working properly. Another way to minimize data theft or loss is to make sure only the right people have access to that data and that their credentials are checked and updated regularly.
Unfortunately, I have been the victim of several of the security issues listed in the textbook, especially when our company first had access to the internet and my parents were in charge of the business. The first one on the list was bad password hygiene. I have to take most of the blame on this one because it happened within the last few years. I decided it would be a good idea to try out a cloud-based bookkeeping program. I set it up using what I thought was a strong, secure password. I got all the customer information, banking information, payroll, reports, vendors, and tax information uploaded to the cloud. Everything was good for the first month or so, but then I had customers calling me asking me why charges were being made on their credit cards from my store. It took me a while to figure out what had happened. The password I thought was strong and secure turned out not to be so strong and secure. Someone had accessed my cloud storage and got over 330 customers’ data. Data that included banking and financial information, address, phone numbers, and email addresses. Luckily the cloud-based program fixed the problem right away and the charges that had been made on the customer’s cards were all refunded except for $1100 which our insurance took care of. I learned a very valuable and expensive lesson about how I set my passwords and where I store them.
The second security issue that I have been a victim of is phishing. This happened to my wife and I years ago. She was looking for a legit online work-from-home job. We found one and talked to the people and everything seemed good. We paid them $199.00 (which should have been our first clue) and they emailed us all the paperwork. That was the last we heard from them but they continued to take $69.99 out of our checking account each month. We talked to our bank and we filed a police report but there wasn’t much they could do. It cost us several hundreds of dollars and we lost our checking account because they kept letting the money be deducted and it put us in the hole more and more each time. Needless to say, that was another expensive lesson to learn about security threats. If I had known then what I know now, I wouldn’t have even thought about giving them our information.
The Software Development Life Cycle (SDLC) is a framework defining tasks performed at each step in the software development process. The SDLC consists of 5 phases initiation, development, acquisition, implementation and assessment, operation and maintenance, and disposal.
Phase one: Initaioton initiation is when the need for an IT system is expressed and the purpose and scope of the system are documented.
Phase two: Development and acquisition. In this phase, the IT system is designed, purchased, programmed, developed, or otherwise constructed.
Phase three: Implementation & Assessment. This phase is when the system security features should be configured, enabled, tested, and verified.
Phase four: Operation & Maintenance. Phase four is when the system performs its functions and any modifications are made during this phase.
Phase five: Disposal. The last phase is when the disposition of information, hardware, or software occurs.
A security officer needs to understand all phases of the SDLC because they will be involved in most of the phases and it is their reasonability to make sure the SDLC is running properly and maintained at all times and to make sure that only authorized people have access to the system. The security officer is involved in purchases and acquisitions, security daily tasks, and monitoring regular patch and configuration management functions down to “end of life” making sure that the correct plans and procedures are in place and followed to discard the system information, hardware, or software.
Another reason the SDLC is important to security officers is that they will need to know how to change and add new security measures as technology investments grow across industries. It is not only a security officer’s job to keep the system safe from unauthorized people, but also hackers, malware, and viruses. Security officers, need to know how the SDLC works and operates so that the correct security changes can be made with changes in technology. If they don’t understand the system and don’t change and adapt the security measures and protocols, the new technology may not be compatible with the new security and cause the system to fail or be vulnerable to threats, costing the organization time and money.
MArcena, I thought the same thing when I read the question, it is hard to identify one specific threat that could have serious consequences for a company, as you said they all can. I agree that cyber-attacks cause significant damage to a company or organization. There are some companies or organizations that make it too easy to steal their information or data. I think that if cybercriminals are determined enough to steal that information they will stop at nothing to get it.
I agree one hundred percent with your ways that a security officer can help to mitigate or stop the loss of crucial data and information. Making sure those protocols and policies are in place is critical but also like you mentioned making sure they are tested on a regular basis helps to ensure safety. I think sometimes a company or business thinks its systems are secure and get complacent with what they have and forgets to test the systems. Then when something happens they don’t understand how or why it happened. It doesn’t do any good to have the right security measures in place if they fail at the time they are needed.
Marcena, of the three cybersecurity threats you listed, I have been a victim of two of them. Years ago my wife and I were looking for online jobs to do from home. We thought we had found one and we downloaded the information it said to download. It was a malware virus. They stole all of our banking and financial data, took $900 out of our savings account, and continued to try to take money out. They demanded we pay an additional $2500 to get our information back. We filed a police report and changed all of our banking information. I learned a very important and expensive lesson that time about ransomware.
The same basic thing happened about six years ago with the phishing scam. My wife clicked and opened an email she got, thinking it was legit. Fortunately, at that time we had some security protocols in place on our computer and even though she opened the email, they weren’t able to steal any of our information.
I agree that employee education is important to stop a lot of the cyber attacks that happen. Everything is done online any more theater that is banking, emails, financial transactions, shopping, or booking a hotel room. Cybercriminals don’t care about your privacy they just want your data and sometimes money.
Marcena, great explanation of what a firewall is, the characteristics of a firewall, and the different types of firewalls. Until I started studying computer IT I knew what a firewall was and what its basic task was, but I didn’t know exactly how they worked and how many different types there were. I found your explanation and example of how firewalls can be classified based on their location interesting. I have used firewalls on my store computers but not to the extent that they are truly designed for. I will be looking at changing the type of firewall I currently use.
Marcena, great choice on your topologies. I do remember a couple of these from an earlier class. It was interesting to me to understand a little bit more about each one and how they work. I didn’t realize there were so many of them. I agree with what you said about a security officer using network segmentation to mitigate loss. Having those protocols and policies in place helps to make sure that if there is data loss it can be easily restored and the amount of data lost or stolen is very minimal.
