What is computer security
Computer security basically is the protection of computer systems and information from harm, theft, and unauthorized use. It is the process of preventing and detecting unauthorized use of your computer system.
There are various types of computer security which is widely used to protect the valuable information of an organization.
What is Computer Security and its types?
One way to ascertain the similarities and differences among Computer Security is by asking what is being secured. For example,
• Information security is securing information from unauthorized access, modification & deletion
• Application Security is securing an application by building security features to prevent Cyber Threats such as SQL injection, DoS attacks, data breaches and etc.
• Computer Security means securing a standalone machine by keeping it updated and patched
• Network Security is by securing both the software and hardware technologies
• Cybersecurity is defined as protecting computer systems, which communicate over the computer networks
It’s important to understand the distinction between these words, though there isn’t necessarily a clear consensus on the meanings and the degree to which they overlap or are interchangeable.
So, Computer security can be defined as controls that are put in place to provide confidentiality, integrity, and availability for all components of computer systems. Let’s elaborate on the definition.
Components of computer system
The components of a computer system that needs to be protected are:
• Hardware, the physical part of the computer, like the system memory and disk drive
• Firmware, permanent software that is etched into a hardware device’s nonvolatile memory and is mostly invisible to the user
• Software, the programming that offers services, like operating system, word processor, internet browser to the user
The CIA Triad Computer security is mainly concerned with three main areas:
- Confidentiality is ensuring that information is available only to the intended audience
- Integrity is protecting information from being modified by unauthorized parties
- Availability is protecting information from being modified by unauthorized parties
In simple language, computer security is making sure information and computer components are usable but still protected from people or software that shouldn’t access it or modify it.
Now moving forward with this ‘What is Computer Security?” article let’s look at the most common security threats.
Computer security threats
Computer security threats are possible dangers that can possibly hamper the normal functioning of your computer. In the present age, cyber threats are constantly increasing as the world is going digital. The most harmful types of computer security are:
A computer virus is a malicious program that is loaded into the user’s computer without the user’s knowledge. It replicates itself and infects the files and programs on the user’s PC. The ultimate goal of a virus is to ensure that the victim’s computer will never be able to operate properly or even at all.
A computer worm is a software program that can copy itself from one computer to another, without human interaction. The potential risk here is that it will use up your computer hard disk space because a worm can replicate in create volume and with great speed.
Disguising as a trustworthy person or business, phishers attempt to steal sensitive financial or personal information through fraudulent email or instant messages. Phishing is unfortunately very easy to execute. You are deluded into thinking it’s legitimate mail and you may enter your personal information.
A botnet is a group of computers connected to the internet, that have been compromised by a hacker using a computer virus. An individual computer is called a ‘zombie computer’. The result of this threat is the victim’s computer, which is the bot will be used for malicious activities and for a larger scale attack like DDoS.
A rootkit is a computer program designed to provide continued privileged access to a computer while actively hiding its presence. Once a rootkit has been installed, the controller of the rootkit will be able to remotely execute files and change system configurations on the host machine.
Also known as a keystroke logger, keyloggers can track the real-time activity of a user on his computer. It keeps a record of all the keystrokes made by the user’s keyboard. Keylogger is also a very powerful threat to steal people’s login credentials such as usernames and passwords.
These are perhaps the most common security threats that you’ll come across. Apart from these, there are others like spyware, wabbits, scareware, bluesnarfing and many more. Fortunately, there are ways to protect yourself against these attacks.
Why is Computer Security Important?
In this digital era, we all want to keep our computers and our personal information secure and hence computer security is important to keep our personal information protected. It is also important to maintain our computer security and its overall health by preventing viruses and malware which would impact the system performance.
Risks to laboratory security include:
• Theft or diversion of mission-critical or high-value equipment;
• Threats from activist groups or individuals;
• Sabotage or vandalism of high-value equipment;
• Loss or release of sensitive information; and
• Rogue work or unauthorized laboratory activities.
The type and extent of the security system needed depend on several factors, including
• Known and recognized threats gleaned from the experience of other laboratories, institutions, or firms;
• History of theft, sabotage, vandalism, or violence directed at or near the laboratory, institution, or firm;
• Presence of valuable or desirable materials, equipment, technology, or information;
• Intelligence regarding groups or individuals who pose a general threat to the discipline or a specific threat to the institution;
• Regulatory requirements or guidance;
• Concerns regarding information security; and
• The culture and mission of the institution.
A good laboratory security system should, among other things, increase overall safety for laboratory personnel and the public, improve emergency preparedness by assisting with preplanning, and lower the organization’s liability.
Domains of Security
There are four integrated domains to consider when improving the security of a facility:
• Physical or architectural security—doors, walls, fences, locks, barriers, controlled roof access, and cables and locks on equipment;
• Electronic security—access control systems, alarm systems, password protection procedures, and video surveillance systems;
• Operational security—sign-in sheets or logs, control of keys and access cards, authorization procedures, background checks, and security guards; and
• Information security—passwords, backup systems, shredding of sensitive information.
These domains are complementary, and each should be considered when devising security protocols. Any security system should incorporate redundancy to prevent failure in the event of power loss or other environmental changes.
Expectations of Security Systems Security systems should help
• detect a security breach, or a potential security breach, including intrusion or theft;
• delay criminal activity by imposing multiple layered barriers of increasing stringency or “hardening” in the form of personnel and access controls; and
• respond to a security breach or an attempt to breach security.
Physical and Electronic Security
There are many systems available for physical and electronic laboratory security. The choice and implementation depend on the level of security needed and resources available. The following sections provide some examples, although new technologies are always under development.
Within a laboratory, perhaps the most obvious form of security is the door lock. There are many choices available, including
• Traditional locks with regular keys (which are subject to duplication, loss, theft, and failure to return after access) should no longer be utilized in areas where dual-use materials are located.
• Traditional locks with keys marked “Do Not Duplicate” have the same drawbacks as above, but maybe less likely to be duplicated.
• Cipher locks with an alpha or numeric keypad may be vulnerable to thieves who are able to deduce the access code from the appearance of the keys. Access codes should be changed from the factory default when the lock is installed.
• High-security cores are difficult to break into and to duplicate.
• Card access (dip locks) traditionally have data-logging capabilities that allow those with access to security records to identify which cards were used to gain access.
• Card access (swipe cards). These provide a transaction record and can be programmed for different levels and times of access.
• Key fobs or card access (proximity card readers) have the same benefits as swipe cards, but there is no requirement to place the card physically in the reader.
Biometric readers offer a high level of security but are expensive and require more intensive maintenance.
Video surveillance systems are often used to supplement locks for documenting access and may be continuously monitored by security personnel. Recordings of relevant videos may be reviewed after an incident.
When implementing a video surveillance system, document the purpose and ensure that personnel understand the objectives. Video surveillance may be used to
• Prevent crime by recognizing unusual activity in real-time, which requires staff dedicated to watching the camera output and is most effective when the presence of individuals alone is suspicious;
• Validate entry authorization by verifying the identity of the worker; and
• Verify the identity of unauthorized personnel after unauthorized access.
Video surveillance cameras should be located to provide a clear image of people in the area, particularly those entering or exiting. They are not as useful in the work area itself unless suspicious behavior is obvious.
There are many other methods of implementing physical and electronic security, ranging from simple to sophisticated, which can be employed for crime deterrence, recognition, or investigation. A few examples include
• Glass-break alarms for windows and doors,
• Intrusion alarms,
• Hardware to prevent tampering with window and/or door locks,
• Lighting of areas where people may enter a secure area,
• Bushes and other barriers to reduce the visibility of sensitive areas from outside the building,
• Locks on roof access doors,
• Walls that extend from the floor to the structural ceiling,
• Tamper-resistant door jambs,
• Blinds on windows,
• Locks and cables on equipment to prevent easy removal,
• Badges or other forms of identification, and
• Sign-in logs.
Operational security is responsible for the people within the laboratory. A security system is only as strong as the individuals who support it, and thus, among the goals of an operational security system are to increase awareness of security risks and protocols, to provide authorization for people who need access to a given area or material, and to provide security training.
Though far from comprehensive, elements of operational security include
• Screening full- and part-time personnel before providing access to sensitive equipment or information;
• Providing id badges;
• Working to increase the situational awareness of laboratory personnel (e.g., knowing who is in the laboratory, identifying suspicious activity);
• Encouraging the reporting of suspicious behavior, theft, or vandalism;
• Restricting off-hour access to laboratories;
• Providing entry logs at building and laboratory access points; and
• Inspecting and inventorying materials removed from the laboratory.
Information and data security can be as critical as security of equipment and materials. Loss of data and computer systems from sabotage, viruses, or other means can be devastating for a laboratory.
The issue of dual-use applies to information as well as tools. Over the years, several examples of cybersecurity breaches have led to the loss of sensitive information. Most institutions and firms have information security policies and procedures. As you learned in session five, you must create those policies. Laboratory managers and personnel must set examples and insist on them being followed.
If the laboratory produces private, sensitive, or proprietary data,
• Provide training to those with access to this information, stressing the importance of confidentiality. Review any procedures for releasing such information outside the laboratory or group.
• Consider a written and signed confidentiality agreement for those with access to such information.
• Keep passwords confidential. Do not store or write them in an obvious place.
• Change passwords routinely.
• Safeguard keys, access cards, or other physical security tools.
• Before discarding materials that contain sensitive information, render them unusable.
- Report any known or suspected breaches in security immediately.
• Establish policies and procedures for the storage of proprietary information on hard drives or portable storage media and for the removal of proprietary information from the laboratory or secure area.
Many services and programs are available to protect data from viruses and similar threats as well as high levels of security.
There is no template that can apply to every laboratory security plan, because several factors make each organization unique, including building architecture, building use (e.g., mixed-use with classrooms, offices, or meeting rooms), organizational culture, and so on.
You can follow this guidance to outline of elements that should be considered for any laboratory security plan:
• Identify the leadership structure for security issues.
• Secure the assets that are likely to be most vulnerable
• Deter cyber sabotage, including unauthorized on-site or remote access to critical process controls.
• Prevent diversion using secure shipping, receiving, and storage of target materials.
• Detect theft or diversion of target materials through inventory controls.
• Establish a process for personnel surety, such as background checks, of laboratory personnel, visitors, and others with access to the laboratory.
• Screen and control access to the facility using identification badges, electronic access controls, and security personnel.
• Train laboratory personnel on the security measures, response, and importance of compliance with security procedures.
• Monitor (detect) the security of those assets, such that a security breach would be noticed, and (for high-risk equipment) would prompt an immediate response
• Maintain monitoring, communication, and warning systems.
• Develop and implement response plans for security breaches, and exercise those plans.
• Investigate and track reports of security-related incidents. Document the incident reports, including findings and mitigation.
• Maintain records of compliance with the security plan.
• Develop a multilevel security plan that identifies appropriate security processes, procedures, and systems for normal security operations and increasing levels of security for periods of higher risk.