What is Computer Security?

Computers and the internet are ubiquitous nowadays, no matter what kind you use. These are further connected to each other and the internet, which increases possible dangers. This article explains the framework of computer security.

Definition and Meaning

Computer security and cyber security are often used interchangeably because they have overlapping areas of operation. But they aren't the same. Cyber Security encompasses devices, the networks they access, and data shared. Computer security is a subset of cyber security that only deals with standalone hardware and its internal software. Cyber Security has an additional and a greater focus on electronic access and external threats as opposed to only internal fortification. Internet and Application Security are examples of cyber Security.

Computer Security

In a strict sense, computer security pertains to only a single system and its software. So, computer security provides internal Security for single systems or organization-wide computer groups. To this end, the following computer security measures will be adopted

• Access Control − Computer security regulates who can access devices and information such as files/databases. Passwords/pattern recognitions or methods like biometric identifiers, e.g., facial, pupil, or fingerprint scans, are generally used as administrative locks. Physical routers can prevent denial of service (DoS/DDoS) attacks in which criminals inundate the network with numerous requests to block legitimate users.

• Firewalls − These are hardware or software boundaries that keep attackers at bay. Examples include broadband routers, a built-in proxy, or next-generation firewalls (NGFWs). These supervise incoming and outgoing network traffic, preventing access from unauthorized third parties, malware file/application installation, or IP spoofing.

• Anti-virus/malware software − Such software may come built into operating systems or may have to be customized for each organization/person according to their needs. They prevent infected files or malicious programs from downloading onto your system and accessing sensitive information.

Information Security

Information Security can protect a system from within and without by following the securitytriad – Confidentiality, Integrity, and Availability (CIA).

• Confidentiality – Access to information is restricted to only those authorized to have it. It maintains the privacy of an individual/organization. One-time passwords (OTPs), VPN configurations, Multi-Factor Authentication, and digital keys are common examples of technical control to maintain confidentiality. Keylogging is an attempt where programs appearing genuine are downloaded, giving criminals back-door entry to defraud users by compromising their privileged data.

• Integrity – Your/ corporate data should remain untampered with - unauthorized changes or deletions can be disastrous. Spyware or other crypto-malware can embezzle finances, while phishing attacks may cloak seemingly authentic messages that, when clicked on, steal credentials or redirect you to shady servers for misappropriation. Regular software updates, website monitoring, and penetration testing can double-check the veracity of databases and web hosts.

• Availability – Owner/approved personnel need to be assured access to all the information they need round-the-clock. Data/memory and file backup, server clustering, and virtualization can save valuable time and resources. Continuity of Operations Planning (COOP) is vital - if any network/system crashes unexpectedly, there are contingency measures for a quick recovery with minimal loss. Attacks such as ransomware deny users availability by holding their system hostage in exchange for financial rewards.

Endpoint Security

This form of Security has more to do with people and their awareness. Human errors at physical and virtual endpoints can cause threats. Employees may unknowingly download malware from a suspicious email attachment, facilitating, amongst others, a silent rootkit presence that alters system configurations. They may also enter unsecured websites or connect tainted USB drives that spread Trojan horses that paralyze systems and servers. Procedural control, like personnel training on ICT awareness, website-blocking on botnets, and risk-assessment-based compliance and education of employees, are proactive measures to stave off intentional manipulation or accidental leakage.

Network Security

With the proliferation of networks, including multi-user networks, connection integrity is at risk. For example, WiFi systems used by many individuals in offices, apartment complexes, hotels, etc., are susceptible to being hacked. Man-in-the-Middle attacks may occur, as can eavesdropping or Bluesnarfing using Bluetooth connections. Criminals can intercept conversations or exchanges and steal or re-route data packets. Installing Data Loss Prevention (DLP) software, Network Access Control, and Wireless Security measures, amongst others, can be a barrier against illicit activity.

Internet Security

Perhaps the most pervasive threat comes from the vast internet. Internet Security protects zombie computers (single system) and botnets from hacking and viruses. Viruses can enter systems by clicking on advertisements (adware), infected websites, specious downloads, etc. Computer worms can spread from one system to another without assistance, corrupting files/ programs and destroying information. Be careful of web-scripting viruses, which target browsing activity, and multipartite viruses that affect the memory (RAM) and computer boot.

Application Security

Programs and software applications must be protected from those trying to steal application codes and make unapproved alterations impacting functioning. This can occur due to weak back-ends, vulnerabilities in code scripting, misconfigurations in HTTP headers for web applications, etc. SQL injections or Cross-site Scripting (XSS) invade code and enter statements in the field for harmful execution like web-hijacking and data theft. Code audits, data privacy policy enforcement, and Runtime Application Self-Protection (RASP) usage can mitigate these situations.

Specialized Areas of Cyber Security

As the nature and usage of electronic resources enlarge, so do the hazards. So sub-domains of Security have begun to rise. Cloud security shields online data/ servers to maintain privacy and confidentiality. Critical Infrastructure Security uses Cloud/Network/Application securities to protect public utilities like dams, electricity grids, hospitals, etc., which cyber-terrorists can bring down. Operational Security aims for an overall security policy, while Disaster Recovery and Data Protection streamline efforts to restore full operational capacity. Many of these are already embedded in other security policies seen above but seek precise, distinct solutions.

Conclusion

Security domains are interconnected in the techniques they adopt. Anti-malware software, for instance, is useful for security concerns. When devices, networks, and the internet are intertwined to this degree, a comprehensive security package that defends the maximum possible facets of Security is desirable.