The task of preserving confidential and work information, as well as information containing personal data of a user or group of users, is the most important when creating protective systems that protect a computer from unauthorized access.
Actually, unauthorized access itself is a rather broad concept and can be carried out by an attacker through various physical and software paths. Countering all these ways in complex forms the task of creating a protection system as a multicomponent hardware and software structure.
What Methods An Attacker Use To Gain Unauthorized Access To A Computer?
- The physical method involves an external intruder with physical access to the hardware of the computer.
- A software method implemented by an insider who has certain access rights at different levels within the network.
- The remotely-software method is carried out through virus software or remote access from external networks located outside the “perimeter” of the security of the local network of a particular computer.
In the first method, an external intruder who has access to the premises where computers are installed can perform unauthorized access by booting from external media, or by using the credentials of other users known in advance. In another case, an intruder can open the computer case, gaining access to physical components, in particular, local storage of information – a hard drive, and dismantle it.
In the second method, a user working inside the “perimeter” of the local network carries out actions for unauthorized access to information and its theft by copying from resources that he is allowed to enter. In some cases, such a user can take advantage of privileged access to the network, which is known to him in advance (under someone else’s credentials).
In the third method, unauthorized access is carried out by a malicious software module that is remotely integrated into the system of the attacked computer. Such a module can act in conjunction with keylogging programs, using fixed data about user logins and passwords. This also includes low-level software systems for intercepting traffic at the link level, and remote access using open ports and operating system vulnerabilities.
All of the above is the initial data for organizing a computer protection system from unauthorized access. It is recommended to build a system according to the steps of countering the threats described above. Accordingly, protection methods can be classified into three main areas.
Protection Against Physical Unauthorized Access
Should be ensured by the absence or restriction of free access of unauthorized personnel and alleged violators directly to the hardware components and the computer case. This includes all physical access protection systems – access control systems, grilles, turnstiles, protective equipment that covers the case, etc.
The boot system must be password protected by setting a password in the BIOS (including a password to change the BIOS settings themselves).
It is also possible to use an electronic lock (for example, “Sobol”), which has its own “trusted” boot perimeter, which completely prevents the computer from starting with an untrusted operating system or using external media.
Protection Against Unauthorized Access Using Software Tools
Antivirus with the widest possible functionality should be installed to protect the network infrastructure and the server, preferably centrally managed, constantly updated
First of all, an isolated transport network of data transfer, closed from external influences, on which the machines of a domain or workgroup are based, must be provided. This can be achieved by certified network devices that provide virtual separation of network segments (using VLAN technology) with packet routing between them.
A protective “perimeter” should be provided, including a demilitarized zone in the form of a separate isolated subnet at the junction responsible for interfacing with external networks and the Internet. This is achieved by running hardware firewalls on edge routers and a set of rules for accessing and entering external networks.
The necessary level of crypto protection of communication channels providing exchange between segments of the local network should be provided, which is achieved by using hardware cryptorouters that encrypt IP traffic in the channel using certified tools integrated into them (for example, Crypto Pro information protection system).
It is also allowed to protect the connection of the information system directly with the required resource through software VPN clients that encrypt traffic in the created VPN tunnel.
At the level of operating systems, protection against external intrusions, detection and “catching” of malicious code acting from file “bodies”, scripts, inside memory and via e-mail should be provided by comprehensive anti-virus protection of all points of network interaction – client machines and servers.
Directly on the computer on which the user works, domain policies, as well as a system of permissive access to information systems, must be applied and operated in accordance with the approved access matrix. There should also be security policies controlled by administrators, according to which passwords are changed for users, access control is exercised, etc.
Thus, in terms of a set of methods, a comprehensive solution for protecting a computer from unauthorized access is determined by a set of software, organizational and physical protection methods applied to a particular workstation.
What are the security measures?
First of all, it is necessary to develop a set of safety rules, which every employee of the company must read and follow without fail.
1. Pay attention to passwords:
- Set different passwords, and do not repeat the same password on different sites and devices. This is especially true for those who enjoy slot machines online – often scammers hack your accounts on the websites of casinos and betting companies.
- Do not store passwords in public places. On external resources, use two-factor verification.
- Change passwords as soon as they become known to third parties, or better, do it once every 2-3 months.
- Never share passwords with anyone, not even the system administrator.
2. Be vigilant about access to computers and information on them:
- Lock your computer when you leave your workplace.
- Encrypt disks and storage media, since a password-protected system does not exclude the possibility of removing the disk from the system unit and reading its information on another device.
- Be sure to back up your information (preferably at least once a day, if this is done discretely). Archives must be stored remotely in a trusted location and in encrypted form.
3. Be careful when launching files and installing applications:
- Do not open suspicious emails.
- Do not run randomly found flash drives on work computers and do not connect unknown equipment to the computer at all, even if an “employee” of a neighboring office approached you and asked you to “print” a document
- Do not visit dubious sites, look at the address bars of sites that you have opened in your browser before entering logins and passwords.
4. Do not talk about specific information security measures taken in your organization.
Using all of the above tips, you can protect your computer from the hands of intruders and keep all confidential information.
Like This Post? Checkout More