Securing Your System: Protecting Your Digital Data and Devices

Chapter 9: Securing Your System: Protecting Your Digital Data and Devices

Common Threats:

  • Malware:

    • Definition: Malicious software that threatens systems and data integrity.

    • Types of malware:

    • Viruses: Attach themselves to files and spread when the file is executed.

    • Worms: Self-replicating malware that spreads across networks without user intervention.

    • Trojans: Disguise themselves as legitimate software to trick users into installing them.

    • Spyware: Monitors user activity and collects sensitive information.

    • Adware: Displays unwanted advertisements to users, often slowing down systems.

  • Phishing:

    • Definition: Fraudulent attempts to obtain sensitive information by impersonating a trustworthy entity.

    • Methods: Commonly executed through emails, malicious websites, or phone calls.

  • Ransomware:

    • Definition: A type of malware that encrypts files on the victim's device, demanding payment for decryption.

  • Other threats:

    • DDoS Attacks: Distributed Denial of Service attacks that overwhelm a target with traffic, causing service disruptions.

    • SQL Injection: A code injection technique that exploits vulnerabilities in a web application's software by inserting malicious SQL code.

    • Zero-Day Exploits: Attacks that occur on the same day a vulnerability is discovered, before developers can issue fixes.

    • Man-in-the-Middle Attacks: Interceptions of communications between two parties by an unauthorized third party.

Security Tools:

  • Firewalls:

    • Purpose: Blocks unauthorized access while allowing legitimate communication.

    • Types:

    • Stateful Firewalls: Track active connections and determine which packets to allow or deny.

    • Stateless Firewalls: Examine each packet independently, offering simpler security protocols.

  • Antivirus Software:

    • Function: Scans and detects known malware patterns (signatures) and suspicious behavior (heuristics).

    • Maintenance: Requires regular updates to defend against new threats.

  • Encryption:

    • Definition: Converts data into unreadable form for unauthorized users, requiring cryptographic keys for access.

    • Types:

    • Symmetric Encryption: Utilizes the same key for both encryption and decryption.

    • Asymmetric Encryption: Utilizes a pair of keys – a public key to encrypt data and a private key to decrypt.

    • Applications: Used in HTTPS for secure web browsing, VPNs for secure connections, and file encryption for data protection.

  • Other Security Tools:

    • Intrusion Detection/Prevention Systems (IDS/IPS): Monitors network traffic for suspicious activity and takes action.

    • Vulnerability Scanners: Identify potential vulnerabilities within systems or networks.

    • Security Information and Event Management (SIEM): Centralizes security monitoring and threat analysis.

Creating Strong Passwords and Using Two-Factor Authentication (2FA):

  • Strong Passwords:

    • Guidelines: Minimum of 12 characters; include a mix of uppercase letters, lowercase letters, numbers, and symbols.

    • Recommendations: Avoid using dictionary words and personal information; consider using passphrases for added security.

  • Password Managers:

    • Purpose: Tools to generate and securely store complex passwords (Examples: LastPass, 1Password, Bitwarden).

  • Two-Factor Authentication (2FA):

    • Definition: Security mechanism that requires two verification methods for account access.

    • Components:

    • Something You Know: A password.

    • Something You Have: A phone, security token, or hardware device.

    • Something You Are: Biometric verification such as fingerprint or facial recognition.

    • Types of 2FA:

    • SMS Codes: Verification codes sent via text message.

    • Authenticator Apps: Tools that generate time-sensitive codes (e.g., Google Authenticator).

    • Hardware Tokens: Physical devices that generate secure codes.

    • Biometrics: Scans of fingerprint, retina, or face for identity verification.

Safe Browsing and Email Habits:

  • Browsing Safely:

    • Recommendations: Always use HTTPS for secure connections (indicated by a padlock icon), avoid clicking on suspicious links or advertisements, ensure your browser is up-to-date, utilize privacy and security extensions, and regularly clear cookies from your browser.

  • Email Safety:

    • Recommendations: Do not open attachments from unknown senders, hover over links to view the actual URL before clicking, be cautious of messages claiming urgency or that appear too good to be true, refrain from replying to spam emails, and actively use spam filters to minimize unwanted correspondence.

  • General Safety Practices:

    • Implement regular software updates to keep systems secure.

    • Back up important data consistently to mitigate data loss.

    • Utilize separate accounts for different activities, such as banking, social media, and shopping, to enhance security.

Backing Up Data and Disaster Recovery:

  • Backup Strategies:

    • 3-2-1 Rule: Maintain three copies of important data, use two different media types for storage, and have one copy stored offsite to ensure data availability.

  • Backup Types:

    • Full Backup: A complete copy of all data, requiring more storage.

    • Incremental Backup: Saves changes made since the last backup.

    • Differential Backup: Saves changes made since the last full backup, requiring more storage than incremental but less than full.

  • Storage Media:

    • Options can include External Hard Drives, Network Attached Storage (NAS), cloud storage services, or tape drives, especially in enterprise scenarios.

  • Disaster Recovery:

    • Importance: A well-defined plan to restore normal operations after a disruption.

    • Key Metrics: Includes Recovery Time Objective (RTO) - the time within which systems must be restored, and Recovery Point Objective (RPO) - the maximum tolerable period in which data might be lost due to a major incident.