Essay: Security, worms, trojan horses and solutions

“Security is the defense of digital information and IT assets against internal and external, malicious and accidental threats. This defense includes detection, prevention, and response to threats through the use of securities policies, software tools, and IT services” (Rouse, 2017).
Weak securities at the organization can caused unauthorized access to the company’s data, interception of data in transit, and many others so its is needed for the security system in one organization to protect company’s data, and for ensuring that the services that given by the organization will keep running without any threats nor delays. Malware is one of the most dangerous threats that can cause a big problem for an organisation.
Malware
“Malware is a software, a computer program used to perform malicious actions. In fact, the term malware is a combination of the words malicious and software. The end goal of most cyber criminals is to install malware on your computers or mobile devices.” (Zeltser, 2014)
Malicious software (malware) actually designed to cause harm for the computer and the user, there are different types of malware, here are some of the example:
1. Viruses
A virus is a code or program that attached it self to a software, it is very contagious, it transmits into different computer by sending infected file through email, or embedding infected file into removable device such as CD, or USB Drive.
2. Worms
Worm is one of the malicious software that can replicate and distribute it self via network, the difference between worm and virus is that worm don’t need human action to distribute them self.
Worm can cause lost of data because they actually destroying the data or files until the drive is empty.
3. Trojan horses
Trojan is the most dangerous one because Trojan is written to steal information like bank account.
Trojan can’t be replicate, there are different types of Trojan, the one that can be controlled remotely and receive command from attacker and the one that use word and viruses to infect victims’ computer. Both of them are dangerous because once the attacker have access an infected computer, they can steal data. The victims don’t even know it because they tend to disguise themselves as legitimate software.
Malware preventive measures
There are many ways to prevent the malware threats here are 5 ways how to prevent the malware and security threats
1. Use firewall, antivirus, anti-malware, and anti-exploit technology.
“Anti-malware and anti-exploit software can fend off sophisticated attacks  from unknown agents, stopping malware infection in real time and shielding vulnerable programs from exploit attack.” (Zamora, 2016)
Many security professionals are agreed in using multi layer protection to protect the company’s computer because they can save the company’s data from malware attacks.
2. Block P2P usage
Malware is spreading by hiding in files that is being distributed by peer-to-peer network. By using no-P2P policy, it can prevent company on malware threats.
3. Don’t open suspicious email attachment
Malware come in so many different ways, one of them is send email to the victim but pretend the email is from the bank they are in. If the email comes with a suspicious attachment and you doubt it don’t open it, because it can be very costly if the malware can reach the inbox and spread in the victim computer, it is advised before opening email with suspicious attachment they need to run it into anti-virus software first.
4. Keep the system updated
Whenever the operating system ask to update then the victim should do
It, because “these updates are essential for padded security against malware as anti-virus software alone doesn’t necessarily protect your computer network effectively.”(Mackey, 2015).
5. Encrypt Data
“Today’s hackers are on the hunt for standard company-held information that typically gets left lying around. For companies holding important data, be sure to take measures to always have this information encrypted. Keep your information safe by turning to full-disk encryption tools, which come standard with most operating systems on.”(Agrawal , 2017).
Why is it important to encrypt data, because if not hackers can steal the information and encrypt it themselves.
How to detect safe and unsafe website
There are a lot of websites in internet and not all of them are safe , there are website that have malware inside of it , and one of it goal is to steal the victim information.
Here are ways on how to detect safe website:
1. Make sure that the website is using HTTPS in the URL
If a website begin with https that means they have SSL certificate.
SSL certificate secure all your data, to get SSL Certificate Company must go through a validation process
2. Look for a lock icon in the address bar , if in address bar it have lock icon it mean that it is a secure connection so it’s harder for hacker to see information you type in
3. “Read the URL carefully. If this is a website you frequent, is the URL spelled correctly? Often times, phishers will set up websites almost identical to the spelling of the site you are trying to visit. An accidental mistype may lead you to a fraudulent version of the site.”(Bu.edu, 2017)
As an example there are three websites which are categorize as a safe website and those website can be detected by following those characteristic , those website are;
1. https://www.facebook.com
2. https://www.mail.google.com
3. https://www.digicert.com
And here are 3 examples of website that contains malware:
1. www.Google-analytics.com
2. www.Stackexchange.com
3. www.daffodeluxcursion.com
Recommendation of biometric device
“Biometrics are automated methods of identifying a person or verifying the identity of a person based on a physiological or behavioral characteristic. Examples of physiological characteristics include hand or finger images, facial characteristics, and iris recognition. Behavioral characteristics are traits that are learned or acquired. Dynamic signature verification, speaker verification, and keystroke dynamics are examples of behavioral characteristics.” (jaiswal, Bhadauria and Jadon, 2011)
Firstly, I strongly recommend the company to use;
1. Eyes recognition
Eyes recognition is a visual biometric device that use iris to identify an individual, it can heighten the security of a company because every iris for human being are different it is almost impossible that iris have the same pattern (identical). And iris won’t change throughout lifetime, for safety this is one of the best option for biometric devices.
2. Face Recognition
Face recognition is a Visual biometric that uses a person’s facial features or pattern for authentication identity. The system is able to automatically detect the employee’s information through the image captured by camera sensor. For this, people that are not authorized can’t access confidential data , this is also one of the best way to protect confidential or important company’s assets.
Jaiswal, s., Bhadauria, S. and Jadon, R. (2011). Biometric: Case Study. [online] Research & Reviews , international journals. Available at: http://www.rroij.com/open-access/biometric-case-study-19-49.pdf [Accessed 6 Dec. 2017]
Bu.edu. (2017). How to Identify and Protect Yourself from an Unsafe Website : TechWeb : Boston University. [online] Available at: http://www.bu.edu/tech/support/information-security/security-for-everyone/how-to-identify-and-protect-yourself-from-an-unsafe-website/ [Accessed 5 Dec. 2017].
Agrawal, A. (2017). 4 Easy Ways to Protect Your Company From a Cyber Attack. [online] Entrepreneur. Available at: https://www.entrepreneur.com/article/289680 [Accessed 5 Dec. 2017].
Mackey, N. (2015). 5 Ways to Avoid Malware Infection. [online] Topsec.com. Available at: https://www.topsec.com/it-security-news-and-info/5-ways-to-avoid-malware-infection [Accessed 5 Dec. 2017].
Zeltser, L. (2014). OUCH! what is malware?. [online] Securingthehuman.sans.org. Available at: https://securingthehuman.sans.org/newsletters/ouch/issues/OUCH-201402_en.pdf [Accessed 1 Dec. 2017].
Zamora, W. (2016). 10 easy ways to prevent malware infection – Malwarebytes Labs. [online] Malwarebytes Labs. Available at: https://blog.malwarebytes.com/101/2016/08/10-easy-ways-to-prevent-malware-infection/ [Accessed 5 Dec. 2017].
System limitation
Although e support from sony seems like providing a great service to help their customers , they don’t have what now called as live chat , it is a customer services that help customer 24/7 by live chat on the website , nowadays calling a customer service can be really difficult , busy line , need to wait for a long time , but with live chat it would be so much easier .
The company doesn’t provide language other than English for the online support, that could be hard for customer that’s not using English language at their country, so that need to be improved , because the customer of sony is not only speaks English , would be very helpful if the company provide all the language for the online support
Recommendation
Upgrade the website to create a live chat for the customer to solve the problem they have ,
Providing the language for different country ,