Wednesday, July 24, 2019

Insider threat and Physical vulnerability Research Paper

Insider threat and Physical vulnerability - Research Paper Example Physical security of the database The growing technological advancements are posing a threat to the new requirements of the iTrust database. Cloud storage, a method of data storage that allows users to share information online is one of the basis on which the iTrust database is prone to attackers. Cloud computing can be misused to attack the database through dishonest activities. Cloud computing at the database, just like in other systems, deal with privacy and have a rather easy registration system. Although the easy registration system gets geared to make the software user friendly, criminals usually use advanced technologies to access the software. This poses the highest threat to businesses and consumers that use the system (Shaw et al, 2013). There have been cases of use of Botnets to attack a public cloud network and spread viruses. The Zeus Botnet has on several occasions attacked the Amazon cloud. The Zeus Botnet attacked Amazon’s EC2 cloud computing service managing t o install a virus. The Botnet further took control of a cloud platform. The malware remained hidden for a long time while transferring millions of dollars (Shaw et al, 2013).Two ways have been proposed to deal with such malware. The security threat posed by the malware can be addressed through implementing cloud analytics. The threat can also be addressed through employing more personnel to monitor the database. Another threat that comes with cloud computing is the difficulty with which consumers get to understand the security implications associated with usage of software like itrust database. Whereas most consumers would prefer a relatively easy set of application programming interfaces, this seems to deter efforts to safeguard the database from any threats. Ensuring that the database gets adequately safeguarded may call for complex application programming interfaces. Such interfaces are able to detect any unpermitted intrusion into the system and swiftly counter-attack the attemp t (Shaw et al, 2013) The issue of account service and traffic hijacking remains a legitimate threat to most of the iTrust users. Traffic hijacking has a wide range. It may involve spamming or use of stolen user credentials. Considering the sensitivity of the data stored in the iTrust database, hackers can in many ways put to risk the lives of the users. This can be done by just gaining a simple entrance. In a situation where the attack occurs on the urgent care, the attacker can manage to follow up on transactions, edit data stored on the database as well as steal users’ personal information .To curb this, preventive measures must be taken. Such preventive measures may include effecting password policies, use of tracking software and providing internet usage education to all employees (Researchomatic, 2012). The insider threat Insider threat can be defined as any threat that comes from people within the organization and who have the organization’s inside information re garding how the organization stores its information. The insider threat faced at the iTrust database is quite challenging. A lack of separation of duties seems to pose the greatest insider threat at the moment. Separation of duties ensures that an insider with too much power or authority is not able to attack the database using the power or authority that they have (SafeNet, 2013). Example of an incident of an insider threat is when a head of department

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.