Security Mechanisms and Strategies to Protect Against Malware Attacks
It is of vital importance if businesses establishes an all round security check system that seeks to protect both information and documentation system of the business, with globalization of the business world in the twenty first century a security system is necessary given the competitive operating environment of the business world. It is recommended that each firm take serious security concerns and measures to prevent any loss of data or property. In the twenty first century, business environment security of the business is of vital importance.
The security control system has to be located in an underground location and fitted closely with fire proof system that seeks to protect the control system from fire destruction in case of an outbreak. This also ensures that the system runs for all time given that security risks cannot be taken as it happened before. The entrance to the control room should be well guarded and fitted with grills to protect the system from breaking into and unwarranted access. This is also another security control strategy.
Malware attacks occur in different phases. The company management needs to identify the threat. These attacks could be Trojan horses, worms and viruses. Trojan horses come into the system as harmless software and then with time they change and exploit the data and information in the system. Worms are self-propagating codes whose nature is malicious. Viruses come as a replica and are transferred from one computer to another by attaching themselves on a host program. In order to keep our systems safe, we need to create safe backup systems (Dunham 2009). This will help the company when accidental lose of information occurs and will offers a restore point.
As the Director of Information systems, I thought that in order to counter these malware attacks, we should offer user education to the employees since most of them do not understand the precautions taken to reduce the probability of risk into our systems and subsequent loss of data. Some of the few precautions to be taken includes: the employees should not reply to e-mail requests which are personal in nature. The security company should warrant a warning against installation of unauthorized applications into the information systems. These applications could be harboring malicious Trojans which might literally harm our systems (Lopez, J., Huang, X., & Sandhog 2013). The security company should also install a strong modern and auto-updated firewall on all systems at the control unit and other branches. Installation of programs that automatically switches off the systems when not in use or securing them with password when the system is running is essential. Password should remain confidential to the employees and should be strong and secured (Pettier, Thomas 2012).
There should be a secured network through which communication with other remote sites are minimized. Transfer of data should be secured to reduce the spread of malware attack. This ensures the system remains with safe information and auto deletes malicious information saved by mistake. This offers a solution to the information given by Tom.
The security company should heavily configure the wireless network that is present to prevent the malware from harming our systems through internet based avenues. The human resource manager should acquire enough funds for the company to attain malware-free systems. For this dream to be accomplished the management should install machines that will be able to handle the modern viruses and other types of malware.
Willie is a vendor in the department of security monitoring and surveillance in the company for over ten years and his department has proven expertise in the disk operating system and command prompt unit that meets my credentials and requirements. This department has proven beyond doubt that they can meet timelines and provide the best money can buy and has strived to achieve the best in customer friendly and secure information system.
Security of information and crucial documents of high importance and the company has engaged in modern security and technological inventions to ensure the company remains safe and secure and to prevent piracy in the company and data mining by competitors. To achieve this we establish the true cause of the problem. This involves the provision of system command system that seeks to establish the protected devices and sensors that are highly resistant against malware and system protection. This involves creating a reliable and efficient command system. The creation of this system will by command from the Chief Information Officer automatically move data files from one disk to an emergency disk within system without any loss of data or virtual documentation.
This system seeks to upon malware detection and invasion sensation it automatically sends the warning to the CIO. The system has been advanced with voice prompts that seek to give vocal prompts to the CIO via the cell phone upon malware detection and security invasion. If the CIO is not online currently, the system gives him an option of upon pressing certain codes on their cell phones will command the DOS command to retrieve the secured files and information to a safe storage system aware from threat and latter shut down where reboot will be command based and unlocked using the main control unit (Strategies for Managing Malware Risks 2008). Some of the key factors that need to be address to enhance the system security include: assessing risk, evaluating program effectiveness, implementing controls and carrying out decision support.
To achieve this company needs to have upon order specially designed computers that are conforming with the programming. The system does this where upon appending from the control unit it allows the security check system to access data files in specified directions simultaneously in the current running directory as if the first prompt never was. This highly engineered and designed command prompt is specifically designed for documents and system inspection. This is meant to prevent any security and malware detection system.
The CCTV surveillance system is also connected to a command prompt that seeks to establish the exact location of suspects near the business premises for scrutiny. It is also fed with External Dos and Attrib system that automatically prompts the change of data and the automatic retrieval upon malware and security breach detection. The system also has a strong back up in case of pilferage of unwanted personnel that seeks to ensure the data is secure.
To achieve all this architectural design of the building or the business premises of the organization is designs has to be compatible with the system and has to take every security precaution according to the security system. The premises have to be fitted with hidden micro cameras and other hidden detector that seeks to establish unknowingly what happens in the control system. The 24 hours micro CCTV surveillance has to be fitted with accurate information where the staff and control personnel are first identified before major security alerts could be send to the control system for data and files retrieval (Dunham 2009). The control system has to be placed in an inaccessible place where to access one need such unique data as bio data identification such as the cornea identification and the fingerprint code.
The cost of installing a security system is very high. The designing of user programmes and system installation has both hidden and open costs. The general costs of video and camera surveillance is approximated at around $ 175000 full with door and alarm system. The maintenance of such a security and alarm system is approximated at $ 25000 a year. The light system and malware detecting system has to be at the control room that establishes a control and security check at all times (Allen, Julia 2011).
In the recent past we have seen an increase in the number of malware attacks. Forms of these attacks have been varying. These attacks have advanced and there is less awareness of a common anti-virus program. As an organization, there is need to identify some of the possible ways which can be put up to counter these attacks. According to IBM reports on July 2013, a system is exposed to malware attack when exposed to external contacts such as exposure to external devices, contacts on a network and sharing with other systems. The above proposal will try and express some of the ways which will help try curb and mitigate this whole problem of malware attacks into our information systems as a security strategy. This will not only ensure that information system of the company is secured but also is a security strategy to be employed by all business across the world. Therefore, it is recommended that all businesses develop their own self managed and maintained security system.
The organization is advised to maintain up to date software and antivirus. Immobilize redundant services on workstations and server. This will help accomplish all the threats caused by outdated software’s and operating system. Users should exercise caution when using removable disc. The diagram below highlights important steps which should be taken to ensure the effectiveness of the security system is achieved as illustrated below.
Additionally, the organization is required to restrict user from downloading and installing unwanted program in the system. All programs downloaded from the internet should be scan before installation. This will helps reduces the dangers incurred by foreign software to our applications.
Introduce a system where users are required to have a strong password that hackers will find hard time trying to crack. Adding to this, introduce an auto alert system when a user is trying to log from an authorized location. This will help control hackers from access the system.
Finally, the organization ought to consider daily operation to be centralized to help reduced the chances of your computer being infected with the deadly coded malware. In the eight zones, all computers should be installed with anti viruses that should be used to scan all programs users install and down from the internet.
Dunham, K. (2009). Mobile malware attacks and defense Burlington, MA: Syngress /Elsevier. Feds Are Suspects in New Malware That Attacks Tor Anonymity | Threat Level | Wired.com. (n.d.). Retrieved from http://www.wired.com/threatlevel/2013/08/freedom-hosting/
Lopez, J., Huang, X., & Sandhu, R. (2013). Network and System Security: 7th International Conference, NSS 2013, Madrid, Spain, June 3-4, 2013. Proceedings Berlin, Heidelberg: Springer Berlin Heidelberg.
Strategies for Managing Malware Risks (2008) (n.d.) Retrieved from http://technet.microsoft.com/en-us/library/cc875818.aspx
Allen, Julia H. (2011). The CERT Guide to System and Network Security Practices. Boston, MA: Addison-Wesley.
Peltier, Thomas R. (2012). Information Security Risk Analysis. Malware Defense Mechanisms Boca Raton, FL: Auerbach publications.