Playbook/Runbook Part 4 – Secure Data Backup Guidelines

Playbook / Runbook Parts 1-3

Student Name

University of Phoenix Online

CYB/110

Question 3

The scenario that happened involved the Win32/Virut malware that was notorious and wreaked havoc on one machine in the company (Microsoft). The malware was detected and stopped before it spread to any other computer on the network. It operates by modifying the software executables on the computers and spreads by targeting every software executable that opens and writes its code that introduces a backdoor that allows hackers to access the system from remote servers. The malware is introduced when an infected executable is run on the machine and once it has been installed along with the innocent-looking software, it copies itself to every other executable as soon as it is opened, meaning that it does not spread if no executable file is run. This, in turn, means that any software that is yet to be run is safe.

Upon realizing the corruption, which was done when an online scan using ESET antivirus was conducted, every executable was closed down (ESET). This allowed for antivirus to effectively isolate any executable affected and list it. Indeed, the executables were listed and it turned out that 7 executables had been affected already, these were immediately quarantined. Some of the software affected were office word and operating system executables. To effectively deal with the threat, I restored the quarantined files so that I could cleanly uninstall the software. After the uninstallation, the online scan was run again, since it was not vulnerable to infection through the executable corruption. This time around, every identified threat was removed and an operating system disc used to repair the corrupted operating system files. Finally, the ESET antivirus was installed so that such threats can be prevented before happening to reduce the extent of the damage. The affected software was then reinstalled and the system scanned with the offline antivirus and scheduled to automatically scan every day (Koret and Bachaalany).

Employees must be guided not to share the following information online:

· Usernames

· Office address

· Their medical history and records

· Their work experiences

· The place they have lived in

· Family member’s identity

· Date of births

· Personal information regarding bank detail or similar data (Norton).

If employees put this data online, their personal information can be misused and they may face an issue which can be severe.

Employees also need to be trained to interact securely while they use the internet. They must take care of the confidential information while sharing it in an email because if the emails are not protected, company data may be at high risk. If they have to share any document or attachment with the management, they need to develop a special code or a password to safeguard the sensitive and confidential information. Employees need to frequently change the passwords because the similar passwords for longer periods can be misused and easily hacked. While interacting online, they should not download any programs or need not install the unnecessary and untrusted applications because they can be a serious threat to their devices and the data kept in their devices may become at stake. They must develop passwords which are a mix of numeric and text to strengthen the security. When it comes to emails, they should not be downloading any emails from unknown sources and must also not click on the unknown links because they make give a security shock. Safe browser must be used and the antivirus should be updated (Kaspersky).

For the enhanced email security, employees must develop separate email accounts for the official use and their passwords must be updated and complex. No large or unnecessary attachment needs to be downloaded because they may contain malware. Email security features must be known to the employees. Using public Wi-Fi to send and receive emails is not recommended because there is a high risk of data to be stolen on public Wi-Fi. All those attachments which are of no use must be blocked. If an email has too many recipients, it should also be blocked. So, email communication must be protected (Tolly).

Following is the list of items that company employees should never share on the social media:

· Representation of the company with unauthentic statements

· Not talking about intellectual property rights

· Not disclosing any confidential information

· Not giving statements without having proper knowledge

· Taking in a negative tone about the competitor

· Posting any controversial thing

· Talking about job roles

· Posting office stories

· Posting any accounts information

· Talking in a hatred manner toward other people (Workable).

Part 3

It is imperative for any business to secure the equipment with respect to network connections, mobile devices and cloud services. There is a strong need for businesses to develop guidelines for enhancing security of network connection, mobile devices and cloud services.

To develop guidelines for the security of network connections, it is significant to understand about the components of a network. The main components of a network are router, firewall and switch. The router is a security barrier furthest from the center (Meier et al. para 26). The router sends IP packets to the networks to which it is attached. This router can be safeguarded in opposition to reconfiguration by making sure that it contains the advanced security patches and upgrades implemented. In addition, shielded administration interfaces can be utilized to enhance its safety (Meier et al. para 26). Firewall obstructs those ports which are not needed and permits the traffic from those ports that are recognized. To increase the security of firewall, it is necessary that firewall is patched on regular basis. The services which are not used should be eliminated. Moreover, the administration interfaces of the firewall should be safeguarded (Meier et al. para 27). Switch is the third main component of a network. Switches do not perform a greater part in the safe networking domain. Switches enhance the performance of a network. They can be made secure by testing and installing the updates and patches, and removing all those services or ports which are not utilized.

Cybercriminals persistently search for the methods to make complete use of and derive benefit from weaknesses in operating systems, applications and software attempting to discover security defects prior to producers discovering and patching those faults (“Best Practices” para 2). The main prey to them is the user information which ranges from credit card details to emails passwords. The users can enhance the security of their mobile devices by utilizing built-in anti-robbery applications such as Find My iPhone. With the help of this applications, the owner of a mobile device can delete all information from a distance in a case they are not able to find their stolen device (“Best Practices” para 8). Besides, the users can safeguard their data that is transferred and obtained online by establishing a VPN. Mobile devices should be set on automatic locks and a sound passcode should be created so that no one can immediately discover the personal data. Also, it is mandatory to scan any email, message or call from an unfamiliar sender prior to opening it.

It is very important to adopt a proactive approach when the security of cloud services is considered into account. It is recommended that the businesses should utilize two-factor authentication because the customary usernames and passwords combinations are not enough to offer high security to the users’ accounts. Two-factor authentication allows only official employees to log into the accounts and approach important information (Ntiva Editorial Team para 2). It is also important for a business to establish appropriate degree of authorization because each employee does not require a reach to every bit of data. Allocating user access rights will not only stop a worker from editing details which he/she is not allowed to approach, but also safeguards the systems of an organization from hackers (Ntiva Editorial Team para 3). It is also imperative to assure that an employee cannot approach an organization’s data, systems, intellectual properties and customer details when he/she is no longer a part of that particular organization. The organizations should implement a systemized deprovisioning procedure to make sure that the access entitlements of all leaving employees are cancelled (Ntiva Editorial Team para 5). Lastly, a cyber security training should be offered to the personnel.

Works Cited

ESET. Free Virus Scan | Online Virus Scan from ESET. 2018. Web. 19 June 2018.

<https://www.eset.com/us/home/online-scanner/>.

Kaspersky. Top 10 Internet Safety Rules & What Not to Do Online. n.d.