Need to respond to two student discussions with at least 150 words minimum for each response. Below in the bold are the questions the students are responding to.
For this assignment, create a new message and address the following items in your response.
Identify two specific ways in which security for enterprise computing is different from personal computing.
Describe two techniques to help reduce the insider threat.
Explain the difference between passive and active attacks on a network. Give an example of each
Student one:
Good Evening Class, we are now in the home stretch! Best of luck to everyone here.
Personal computing and enterprise computing are very simply the difference between a computer owned by you the end user and a computer used to perform a function on a higher level for a corporation. Protecting a personal computer is usually as simple as safe browsing and up to date anti-virus. Enterprise involves much more, firewalls, penetration testing, training, software standards and policies. Each of these functions of security serves a different purpose within a corporation.
The topic of an insider threat is such a hot button issue within corporations. This term covers many different aspects of threats to a company but the underlying connective concept is that a person within an organization uses that access to cause damage to an organization or its people. Many companies are employing specialists to limit the exposure and investigate the persons that may intend to cause harm. The US Army has employed 7 processes to limit the exposure to an insider threat.
Screen the Army
Clear the Army
Protect the Networks
Secure Installations
Share Information
Establish/Operate the Hub
Train, Report and Respond
(Caleb, 2016)
The most important aspects of this list is to notice a pattern. That is to secure what is valuable to the infrastructure, limit the damage done by training the employees (in this case soldiers) on what to notice for someone who is an insider threat in the making.
Due to this being such a new form of threat to organizations the criteria in which to evaluate and categorize possible threats is still evolving. Within my current occupation we are establishing an insider threat program and rely heavily on big data management and looking at patterns that exist within case studies for the various threats, theft, data piracy and hostile acts are some of the most common form of insider threat.
Finally the difference between active and passive threats on a network. A passive attack is something that is intended to not be noticed immediately and tends to hide in the background, this is similar to phishing attacks and Man in the Middle. An active attack is something that is unleashed to cause damage and interrupt the networks day to day activity and may not be intended to remain quiet and unnoticed.
Dan
Caleb. (2016, August 17). Reducing Insider Threat. Retrieved from https://www.army.mil/article/173551/reducing_insider_threat
Smith, R. E. (2016). Elemantary Information Security. Subury: Jones& Bartlett Learning.
Student two:
Enterprise computing, in contrast to personal computing, relies on more than just one person caring about cyber security. In order to have an effective computer security posture, all employees must be on board with making sure that their online practices are safe. In personal computing as well as enterprise computing, a single user can exercise great care while using the internet, however, “if an employee must choose between computer security and meeting a deadline for the company president, computer security isn’t going to win” (Smith, 2016). Another way that personal and enterprise computing differ is the amount and type of threats. An enterprise computing network is more likely to be attacked than an individual because companies have more information that hackers might want.
Reducing an insider threat is simply a matter of making some tasks only doable by multiple people. When a person is able to complete a task alone, they are much more likely to be an insider threat than when they are required to work with others. Monitoring personnel is another solution to insider threats. If an employer regularly checks on an employee or has a system where they can monitor work that is getting done, the employee is far less likely to do anything wrong.
A passive attack is when information is viewed and data is collected. If an attacker were to hack into a bank manager’s email and read how much money a person just transferred would be an example of a passive attack. An active attack is when someone prompts the user to do something by sending them information. If the person who looked into the bank manager’s email sent an email that asked for information on previous transactions, that would be an example of an active attack.
References
Smith, R. E. Elementary Information Security. [VitalSource]. Retrieved from https://online.vitalsource.com/#/books/97812840930″¦
-Austin