Saturday, December 7, 2019

Leaking Sensitive Information for Malware-myassignmenthelp.com

Question: Discuss about theLeaking Sensitive Information for Malware and Trojans. Answer: This is the threat that occurs mostly due to human error. The employees may unknowingly share potentially secured information such as personally identifiable information. The leakage of such potentially valuable information may pose serious threat to the organization as the information is shared to the attackers and is not restricted to the two parties involved. Fraud/Phishing These attacks is a type of social engineering attack in which the attacker, masquerading as a trusted official forces the victim to click on the malicious links via emails, text messages, and instant messages. It is essentially meant to steal the user data such as the login credentials, credit and debit card details as the details in the link appears official and trusted. Malware/Trojans Malware often termed as malicious software is a file or a program that poses a threat to the computer users. The software is meant to perform encryption of the files and leakage of potentially secured information. It also incorporates the potential to delete the vital information from the computer and usually transmitted through hyperlinks. Moreover, it also spreads through online viewing a file and through e-mail attachments. Compliance Pitfalls The compliance pitfall constitutes a set of rules that are primarily designed to protect the consumers from the incorrect information. The industries should maintain compliance with the regulatory bodies such that the information can be constantly reviewed and monitored by SEC, FINRA or IIROC. Design of a secure social enterprise networking system and reasoning The great utilization of social media poses a great threat to the security of the computers as well as the users. Thus, it is the utmost need of almost all industries to take preventive measures against the social media security threats such as phishing attacks, misuse of fake accounts and social engineering attacks through proper understanding of the key threats and the technique of attack. Moreover, there lies a dilemma as to suppress the utilization of the social media bear the loss of productivity benefits or allow the utilization of social media and indulge in data breach conditions and also incorporate malware infections. The next part describes the practices that can be implemented to boost the security measures of social media. The utilization of social media imparts huge benefits to the organization but also incorporates security issues. Thus, for the proper utilization of the social media the organization should enforce security policies and undertake employee education. The enforcement of stringent social media security policies and regulations could protect the enterprise against security risk and embarrassment. The requirements for designing a social media security plan are described below: Develop a social media security policy There is an utmost need of social media security policy that would govern the utilization of the social media not only by the employees but also by the company as a whole. The design of the policy should incorporate the requirements of the company and should also consider the risk factors. Moreover, the success can be achieved only when the policies are properly enforced to the employees and by the continuous monitoring of the implementation of the policy. Implementation of multidimensional, risk-based approach The social media that incorporate poor security policies and poor management systems are vulnerable to various security attacks. Moreover, there exists an ambiguity between responsibility and ownership of the information on the social media. Thus, stringent security policies need to be implemented. Social media security strategy should be enhanced, multi layered. Moreover, it should be based on risk mitigation and information centric consisting of tools and mitigations for the risk imparted by the social media. Identify safe social networking sites The social media that incorporate strict social media security policies should be utilized as there exists numerous social media that are not safe and pose serious threat to the computer security. Enhance enterprise network visibility Social media security policies should be designed so as to monitor, detect, and mitigate incidents. The greater network visibility allows the social media to detect threat and provide mitigation as required. This can be achieved through the utilization of data loss prevention activities and web content filtering. Classify sensitive data The enterprises need to identify the sensitive data while defining social media security policies. Classification of sensitive data includes protection of the employees from the Image spammers. In image spamming the recipient sends request to the spammers server thereby hosting the image each time the spam mail is operated and thus, revealing the email address. Protect endpoints The social networking sites are utilized through multiple endpoints such as Smartphone, laptops and desktops. Thus, the enterprise should maintain high protection in the endpoint usage. Social media security policies should be implemented on the sites that the device would access. Educate employees With the increased security risks of malware it is required to inform and educate the employees of the harmful effects of clicking on links from unfamiliar sites. Moreover, the employees should posses the discretion as to which URL should be viewed and which should be neglected thus, avoiding the malicious links. This would also prevent the computers and the companys network from the malicious softwares. Moreover, the social media security strategy should also educate the employees about what details should be made public about the organization.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.