3. Overview
Desktop systems are a major source of information security
risk for an organization. The risk comes from:
Malicious code.
The Internet.
Physical tampering.
Increase in the use of server services (Web, FTP, and SQL
servers) on desktops.
4. Protect Against Malicious Code
The organization should have mechanisms in place for
identifying malicious code as it enters the organization via
electronic mail.
Anti-virus software should be installed on desktop
computers.
This software must be configured properly to provide the
greatest protection.
5. Protect Against Malicious Code
Issues with viruses, Trojan horses, and worms.
Effective use of anti-virus software.
6. Issues with Viruses, Trojan
Horses, and Worms
Malicious code can greatly affect an organization.
The time required to clean up after malicious code adds
hidden costs.
There are four primary mechanisms that deliver malicious
code are e-mail, instant messenger, disks, and shared files.
Employee access makes it difficult to stop the entry of
malicious code.
• 國防部外電腦遭病毒入侵 沒有機密外洩 (中廣新聞網,2005/11/28)
7. Issues with Viruses, Trojan
Horses, and Worms
The damage from malicious code ranges from deleted files
to system downtime and lost bandwidth to lost business.
In addition to loss in productivity, there is a risk of losing
sensitive data.
8. Effective use of Anti-virus
Software
Anti-virus software identifies a virus by matching the
program code with a known virus in its signature file.
Now a days anti-virus software scan a file, whenever one is
opened, executed, or copied.
A number of malicious programs that can ride on
documents are called macro viruses.
9. Effective use of Anti-virus
Software
Anti-virus software searches for malicious code by
comparing the file it is examining with a database of
signatures.
These signatures provide the information that allows the
software to identify which virus, worm, or Trojan horse
corresponds to the code.
Anti-virus software vendors update the signature database
as and when new malicious programs are identified.
11. Connecting to the Internet
Connections through a firewall provide some protection
against hackers looking for vulnerable systems.
Unlike dial-up connections, broadband (DSL and cable
modems) are always-on connections.
If a computer is attached to an always-on connection, it is
sure to be found by a hacker.
12. Connecting to the Internet
Desktops can be protected from attacks over Internet
connections in the following ways:
Anti-virus software that is updated frequently.
Patching the systems and following proper configuration
procedures.
Using some type of firewall system.
Home systems can be protected by any of the personal
firewall products that are on the market.
13. Sharing Files
There are two primary mechanisms for sharing files on the
Internet from desktop computer systems are by using
shares and using peer-to-peer file sharing programs.
In offices, network file servers make all or part of their hard
drives available for mapping across the Local Area Network.
The same type of sharing can be performed across the
Internet.
14. Sharing Files
Once a folder or drive is opened for sharing, a hacker may
find the share during a normal scan on the Internet.
Peer-to-peer (P2P) programs such as Gnutella and Kazaa
have found popularity because they can be used to share
music files.
A computer connected to a P2P network can share files with
hundreds of other computers.
15. Sharing Files
Once installed, the P2P program allows the user to identify
which files are to be shared.
Since these programs are downloaded from the Internet,
they may contain code that allows other users to browse
the entire hard drives.
16. Protect Against Physical
Tampering
Sensitive information is Encryption can be
often carried on portable accomplished by:
computer systems. Encrypting each file.
筆記型電腦失竊 9.8萬人的 Encrypting the entire
資料外洩 (CNET新聞專區, folder.
2005/3/30) Encrypting the entire
One mechanism used to hard drive.
protect the information on While traveling, ensure
the system is to encrypt it. computer systems and
data are not stolen.
17. Summary
Desktop systems are a major source of information security
risk for an organization.
The organization should have mechanisms in place for
identifying a malicious code as soon as it enters the
organization.
18. Summary
Connections through a firewall provide protection to some
extent against hackers looking for vulnerable systems.
Sensitive information is often carried on portable computer
systems.