Reasons for security lapses
There are three main ways a security breach occurs.
They are :
Control of the user account.
Mistake in the Configuration.
Mistake or bug in the software.
Physical Access to the machine.
Boost the utilization of your HCL environment by reevaluating use cases and f...
Effective and complete Cybersecurity HOWTO
1. 24x7 System Security Level for
non 24x7 organizations
By : Khawar Nehal
http://atrc.net.pk
Applied Technology Research Center
2 January 2020
2. Reasons for security lapses
There are three main ways a security breach occurs.
They are :
Control of the user account.
Mistake in the Configuration.
Mistake or bug in the software.
Physical Access to the machine.
3. Solutions to each
We shall provide the short and simple solution to each
breach method.
4. Control of the user account.
There are two ways to get access to the user account.
One is to get the user and get them to use their account
for unusual activity.
They ways to get users to do this range from threats of
danger to social engineering.
5. Control of the user account.
The second way is through getting control of their device.
This is possible through social engineering.
Social engineering works on people with a lack of
experience. So training is a solution for social
engineering. Like kids are taught not to talk to strangers.
6. Mistakes in configurations
This one is simple. Get careful and experienced
administrators and get experienced auditors to check
configurations in detail.
7. Bugs in software
Audit the code with the black and white box approach and
clean up all the bugs you can find.
The black box method includes monitoring for unusual
behavior during operations.
8. Physical Access
To avoid physical access, beef up security, make sure all
physical access by admins is audited for reasons and all
changes are monitored.
9. Auditing
Auditing of code, configurations and security procedures
by hackers and not by those who act like they know
security.
Examples of actors include : Crackers and Financial
Auditing companies turned security auditors with
certificates loaded with an emphasis on cracking.
To find the real security hackers, hire the best from the
following types of businesses :
More than 5 years of experience as the responsible
admin for a Telecom, ISP or Ecommerce businesses with
more than a million active users and 24x7 systems.
10. Details and explanations
This is a summary of the security situation globally for
most companies.
If you want an analysis of the situation in your company
and consultancy on how to implement these techniques in
detail, then please contact us for a paid appointment and
discussion.
11. Reason for this presentation
The reason was to guide companies which are not aware
of the better methods available to move in the direction of
eliminating almost all of their security issues which have
been rolling around in the IT industry at large for the last
20 years.
12. 24x7 System Security Level for non
24x7 organizations
By : Khawar Nehal
http://atrc.net.pk
Applied Technology Research Center
2 January 2020