Lecture 5: Security in System Malware Protection

Administration 1.​ Viruses - a type of malware that

attaches itself to legitimate programs
Importance of Security in System or files and spreads from one
Administration computer to another when the
Securing systems and data is critical for infected program or file is executed.
modern organizations, as it helps prevent 2.​ Worms - a standalone malware that
unauthorized access, protects against replicates itself to spread to other
potential data breaches, and maintains the computers, often without user
integrity and reliability of systems. intervention.
3.​ Trojans - or Trojan horse, is a type
The CIA Triad—Confidentiality, Integrity, of malware that disguises itself as
and Availability—is a foundational concept legitimate software or is hidden
in cybersecurity that helps define the within legitimate programs to trick
primary goals and priorities of protecting users into installing it.
information and systems. 4.​ Ransomware - a type of malware
that encrypts a user’s files or locks
User Access Control and Permission them out of their system, demanding
Controlling who has access to systems and a ransom payment to restore
data is crucial for maintaining security, access.
privacy, and operational stability within an
organization. This access control forms the Malware Protection
foundation of an effective security strategy, Using antivirus software and performing
ensuring that sensitive information and regular scans are vital components of a
critical resources are only available to comprehensive cybersecurity strategy. They
authorized personnel. provide proactive protection against
malware, help maintain system integrity and
System Updates and Patch Management performance, and foster a culture of security
When software, operating systems, or awareness. By prioritizing these practices,
applications are released, they often contain individuals and organizations can
vulnerabilities that could be discovered and significantly reduce their risk of malware
exploited by malicious actors. Security infections and their associated impacts.
patches are updates provided by vendors to
address these vulnerabilities, closing the Malware Protection
gaps that attackers could use to access or Safe browsing practices are essential for
compromise systems. protecting users from cyber threats, such as
phishing attacks and malware infections.
Malware Protection
Malware, short for malicious software, Safe Browsing Practices:
refers to any software intentionally designed 1.​ Use Strong and Unique Password
to cause damage to a computer system, 2.​ Enable Two-Factor Authentication
network, or device. It can disrupt normal 3.​ Be wary of Suspicious Links
operations, steal sensitive information, or 4.​ Look for HTTPS
gain unauthorized access to resources. 5.​ Keep Software Updated
 6.​ Use antivirus software and why educating users on security is
7.​ Avoid Public Wi-Fi for Sensitive important:
Transactions
1.​ Acceptable Use Policy (AUP):
Firewalls and Network Security Defines what employees can and
can’t do with company resources.
A firewall is a network security device or 2.​ Password Requirements: Sets rules
software that monitors and controls for creating strong passwords, such
incoming and outgoing network traffic based as minimum length, complexity
on a set of security rules. Acting as a barrier (using numbers and symbols), and
between a trusted internal network and regular updates.
untrusted external networks (like the 3.​ Incident Response Protocols:
internet), firewalls play a critical role in Having clear steps helps the
protecting systems from unauthorized organization respond quickly and
access and cyber threats. minimize damage if an issue occurs.

How Firewalls Work Importance of Educating Users

Firewalls enforce predetermined security Educating users on security is key to
rules to allow or block traffic based on preventing security incidents. Training
various criteria, such as: should include:

●​ IP addresses (where the traffic is ●​ Using Strong Passwords: Users

coming from or going to) learn to create secure passwords,
●​ Ports and protocols (types of making accounts harder to hack.
communication being used, like ●​ Recognizing Phishing: Users learn
HTTP or FTP) how to spot fake emails or
●​ Content filtering (blocking specific messages that try to steal
websites or keywords) information.
●​ Reporting Suspicious Activity: Users
Host-based vs Network-based Firewalls know to report anything unusual,
helping to catch threats early.

Securing Data with Encryption

Encryption is the process of converting
data into a coded format so that only
authorized users can access it. This
ensures that, even if data is intercepted or
accessed by unauthorized people, it
remains unreadable and secure.
Security Policies and User Education
Security policies are essential for setting
rules that protect an organization’s data and
systems. Here’s how they work in key areas
Lecture 6: Storage Management and Implementing Data Storage Strategies
Backup Policies ●​ Tiered Storage: Dividing data into
categories based on how often it is
MANAGING STORAGE accessed, and placing them in
different storage devices
Resource Allocation for Storage accordingly.
- Resource allocation for storage is the ○​ Hot Data: Frequently
process of assigning and managing disk accessed and stored on fast,
space to ensure optimal performance and expensive storage systems.
data availability. Proper resource allocation ○​ Cold Data: Infrequently
helps maintain system efficiency and accessed, and stored on
minimize issues like fragmentation or slower, less expensive
storage overuse. systems.
●​ Data Deduplication: Reducing
Types of Storage Resources storage costs by eliminating
●​ Primary Storage: The immediate, duplicate copies of repeating data,
active storage where data is particularly used in backup
accessed frequently (e.g., hard environments.
drives, SSDs).
●​ Secondary Storage: Used for BACKUP STRATEGIES
long-term storage and data backups Backups are essential for protecting data
(e.g., tape drives, cloud storage). from corruption, hardware failure, human
error, and other forms of loss. Different
Data Retention Policies backup strategies allow businesses to strike
A data retention policy defines how long a balance between storage usage, backup
data is stored and when it is deleted or speed, and recovery time.
archived. These policies are vital for
regulatory compliance and efficient storage Full Backup - involves copying all data and
management. storing it in a backup file. This type of
backup is the most comprehensive, as it
Policy Considerations contains all files necessary to restore a
●​ Regulatory Compliance: Many system to its last known good state.
industries have laws regarding data Pros:
retention (e.g., healthcare, finance). ●​ Complete snapshot of all data.
●​ Business Needs: Balancing the ●​ Easy and fast recovery from a full
need for quick access to recent data backup.
with the cost of storing old data. Cons:
●​ Data Types: Different types of data ●​ Takes a long time to complete,
(e.g., operational data, financial especially for large datasets.
records, emails) may have different ●​ Consumes a lot of storage space.
retention requirements.
Differential Backup - only copies the data
that has changed since the last full backup.
It is a compromise between full and Implementing Disaster Recovery Policies
incremental backups.
Pros: Importance of Disaster Recovery
●​ Faster than full backups because Disaster recovery (DR) policies ensure that
only changed files are backed up. a business can recover its systems, data,
●​ Easier to manage and restore than and operations after an unexpected event
incremental backups. (e.g., system failure, cyber-attack, natural
Cons: disaster). A good DR plan minimizes
●​ As the backup chain lengthens, the downtime and data loss.
size of differential backups
increases. Key Components of a Disaster Recovery
Plan
Incremental Backup - only copies the data ●​ Business Impact Analysis (BIA):
that has changed since the last Identify critical systems and data,
backup—whether that was a full or and assess the potential impact of a
incremental backup. disaster on business operations.
Pros: ●​ Risk Assessment: Evaluate
●​ Fastest backup process since only potential risks to IT infrastructure,
newly modified data is copied. data, and operations.
●​ Efficient use of storage. ●​ Recovery Strategies: Define
Cons: procedures for recovering systems,
●​ Restoration is slower, as all previous applications, and data. This includes
incremental backups need to be cold site, warm site and host site.
applied on top of the last full backup.
Data Recovery and Backup Testing
Choosing the Right Backup Strategy ●​ Regular Testing: DR plans should
To choose the right backup strategy, be regularly tested through mock
consider: recovery drills to ensure they work
●​ Backup frequency: How often data when needed.
changes and how quickly it needs to ●​ Backup Integrity: Regularly check
be backed up. the integrity of backups and ensure
●​ Storage capacity: The amount of that they are usable for recovery.
available storage space for backups. This includes verifying backup
●​ Recovery time objective (RTO): How completeness, accuracy, and
quickly you need to restore data accessibility.
after an incident.
●​ Recovery point objective (RPO): Cloud-Based Disaster Recovery
How much data loss is acceptable Cloud-based disaster recovery is becoming
between backup points. a popular option because of its
cost-effectiveness, scalability, and flexibility.
It allows businesses to store backups
off-site and access recovery services
remotely.
 ●​ Disaster Recovery as a Service
(DRaaS): Cloud providers offer
disaster recovery solutions that allow
businesses to replicate their data
and systems in the cloud for rapid
recovery.

Recovery Time Objectives (RTO) and ​

Recovery Point Objectives (RPO)
●​ RTO is the maximum time allowed
for recovery after a disaster. It helps
define how quickly a system or data
should be restored.
●​ RPO defines the maximum
acceptable amount of data loss
(measured in time), which informs
backup frequency and strategy.

Best Practices for Storage and Backup

Management
1.​ Automate Backup Processes: Use
automated backup software to
schedule and execute regular
backups.
2.​ Use Encryption: Encrypt backup
data to ensure security and protect
sensitive information.
3.​ Monitor Backup Health: Regularly
monitor the status of backups to
ensure they are successfully
completed and data is safe.
4.​ Maintain Off-Site Backups: Store
backups in a secure off-site location
to ensure safety in case of a
disaster.
5.​ Keep Multiple Backup Copies:
Use the 3-2-1 backup rule: Three
copies of data, on two different
media types, with one copy off-site