There are several main policies need for the companies,
Compromise recording.
- This principle states that sometimes it is more desirable to record the details .
- Internet-connected surveillance cameras are a typical example of an activities.
- This policy is need for this type of company.
Least privilege.
- Each program and user of a computer system should operate with the bare
- With minimum privileges necessary to function properly.
- If this principle is enforcing to abuse of privileges is restricted,
- and the damage caused by the compromise of a particular application or user account is minimizing.
Separation of privilege.
- This principle dictates that multiple conditions should be required.
- or have a program perform some action.
- This policy is helping to separate the one privilege from another one.
Fail-safe defaults.
This principle states that the default configuration of a system should have a conservative protection scheme.
There have mainly two main type of threats.
- Physical and non-physical threats (logically threats).
- A physical threat is a potential cause of an incident that may result in
- loss or physical damage to the computer systems.
Physical threats into three main categories.
- Internal: The threats include fire,
- unstable power supply,
- humidity in the rooms housing the hardware, etc.
- External: These threats include Lightning,
- floods,
- earthquakes, etc.
- Lightning protection systems can protect the computer systems against such attacks.
- Human: These threats include theft,
- vandalism of the infrastructure and/or hardware,
- disruption, accidental
- or intentional errors, mistakenly delete the files from the system.
A non-physical threat is a ,
- Loss or corruption of system data
- Disrupt business operations.
- Loss of sensitive information
- Illegal monitoring of activities.
- Cyber Security Breaches.
- Virus
- Worms
- Spyware
- Key loggers
- Adware
- Denial of Service Attacks
- Distributed Denial of Service Attacks.