EITC/IS/ACSS Advanced Computer Systems Security

Protecting computer systems and information from harm, theft, and illegal use is generally known as computer systems security, sometimes also referred to as cybersecurity. Serial numbers, physical security measures, monitoring and alarms are commonly employed to protect computer gear, just as they are for other important or sensitive equipment. Information and system access in software, on the other hand, are protected using a variety of strategies, some of which are fairly complicated and requiring adequate professional competencies.

Four key hazards are addressed by the security procedures associated with computer systems’ processed information and access:

• Data theft from government computers, such as intellectual property,
• Vandalism, including the use of a computer virus to destroy or hijack data,
• Fraud, such as hackers (or e.g. bank staff) diverting funds to their own accounts,
• Invasion of privacy, such as obtaining protected personal financial or medical data from a large database without permission.

The most basic method of safeguarding a computer system from theft, vandalism, invasion of privacy, and other irresponsible behavior is to track and record the various users’ access to and activity on the system. This is often accomplished by giving each person who has access to a system a unique password. The computer system may then trace the use of these passwords automatically, noting information like which files were accessed with which passwords, and so on. Another security technique is to keep a system’s data on a different device or medium that is ordinarily inaccessible via the computer system. Finally, data is frequently encrypted, allowing only those with a single encryption key to decode it (which falls under the notion of cryptography).

Since the introduction of modems (devices that allow computers to interact via telephone lines) in the late 1960s, computer security has been increasingly important. In the 1980s, the development of personal computers exacerbated the problem by allowing hackers (irresponsibly acting, typically self-taught computer professionals, bypassing computer access restrictions) to unlawfully access important computer systems from the comfort of their own homes. With the explosive rise of the Internet in the late twentieth and early twenty-first centuries, computer security became a major concern. The development of enhanced security systems tries to reduce such vulnerabilities, yet computer crime methods are always evolving, posing new risks.

Asking what is being secured is one technique to determine the similarities and differences in computer systems security. 

As an example,

• Information security is the protection of data against unauthorized access, alteration, and deletion.
• Application security is the protection of an application from cyber threats such as SQL injection, DoS attacks, data breaches, and so on.
• Computer security is defined as protecting computer systems that communicate over computer networks in terms of control by keeping them updated and patched.
• Network security is defined as securing both software and hardware technologies in a networking environment – cybersecurity is defined as protecting computer systems that communicate over computer networks in terms of control by keeping them updated and patched.

It’s critical to recognize the differences between these terms, even if there isn’t always a clear understanding of their definitions or the extent to which they overlap or are interchangeable. Computer systems security refers to the safeguards put in place to ensure the confidentiality, integrity, and availability of all computer systems components.

The following are the components of a computer system that must be protected:

• Hardware, or the physical components of a computer system, such as the system memory and disk drive.
• Firmware is nonvolatile software that is permamently stored on the nonvolatile memory of a hardware device and is generally transparent to the user.
• Software are computer programmes that provide users with services such as an operating system, word processor, and web browser, determining how the hardware operates to process information accordingly with the objectives defined by the software.

The CIA Triad is primarily concerned with three areas of computer systems security:

• Confidentiality ensures that only the intended audience has access to information.
• Integrity refers to preventing unauthorized parties from altering data processed.
• Availability refers to the ability to prevent unauthorized parties from altering data.

Information and computer components must be useable while also being safeguarded against individuals or software that shouldn’t be able to access or modify them.

Most frequent computer systems security threats

Computer systems security risks are potential dangers that could disrupt your computer’s routine operation. As the world becomes more digital, cyber risks are becoming more prevalent. The following are the most dangerous types of computer security threats:

• Viruses – a computer virus is a malicious program that is installed without the user’s knowledge on their computer. It replicates itself and infects the user’s data and programs. The ultimate purpose of a virus is to prevent the victim’s computer from ever functioning correctly or at all.
• Computer worm – a computer worm is a type of software that can copy itself from one computer to another without the need for human intervention. Because a worm can replicate in large volumes and at high speeds, there is a risk that it will eat up your computer’s hard disk space.
• Phishing – action of individual who pose as a trustworthy person or entity in order to steal critical financial or personal information (including computer systems access credenials) via so-called phishing emails or instant messaging. Phishing is, regrettably, incredibly simple to carry out. A victim is being deceived into believing the communication from the phisher is an authentic official communication and the victim freely provides sensitive personal information.
• Botnet – a botnet is a group of computers linked to the internet that have been infected with a computer virus by a hacker. The term zombie computer or a bot refers to a single computer in the botnet. The victim’s computer, which is the bot in botnet, will be exploited for malicious actions and larger-scale attacks like DDoS as a result of this threat.
• Rootkit – a rootkit is a computer program that maintains privileged access to a computer while attempting to conceal its presence. The rootkit’s controller will be able to remotely execute files and change system configurations on the host machine once it has been installed.
• Keylogger – keyloggers, often known as keystroke loggers, can monitor a user’s computer activity in real time. It records all keystrokes performed by the user’s keyboard. The use of a keylogger to steal people’s login credentials, such as username and password, is also a serious threat.

These are perhaps the most prevalent security risks one may encounter recently. There are more, such as malware, wabbits, scareware, bluesnarfing, and many others. There are, fortunately, techniques to defend computer systems and their users against such attacks.

We all want to keep our computer systems and personal or professional information private in this digital era, thus computer systems security is essential to protect our personal information. It’s also critical to keep our computers secure and healthy by avoiding viruses and malware from wreaking havoc on system performance.

Practices in computer systems security

These days, computer systems security risks are growing more and more innovative. To protect against these complicated and rising computer security risks and stay safe online, one must arm themselves with information and resources. One can take the following precautions:

• Installing dependable anti-virus and security software
• Because a firewall functions as a security guard between the internet and your local area network, you should activate it.
• Keep up with the newest software and news about your devices, and install updates as soon as they become available.
• If you are unsure about the origins of an email attachment, do not open it.
• Using a unique combination of numbers, letters, and case types, change passwords on a regular basis.
• While accessing the internet, be cautious of pop-ups and drive-by downloads.
• Investing the time to learn about the fundamentals of computer security and to keep up with the latest cyber-threats
• Perform daily complete system scans and establish a regular system backup schedule to ensure that your data is recoverable in the event that your machine fails.

Aside from these, there are a slew of other professional approaches to safeguard computer systems. Aspects including adequate security architectural specification, encryption, and specialist software can help protect computer systems.

Regrettably, the number of cyber dangers is rapidly increasing, and more complex attacks are appearing. To combat these attacks and mitigate hazards, more professional and specialized cybersecurity skills are required.