University Physical Security: Threats and Prevention Report

Verified

Added on 2022/08/11

AI Summary

This report provides a comprehensive overview of physical security threats to organizations, emphasizing the importance of protecting IT infrastructure and sensitive data. It identifies various threats, including insider threats, worms and viruses, phishing attacks, DDoS attacks, and ransomware, explaining their nature and potential impact. The report delves into specific prevention strategies for each threat, such as limiting employee access, implementing two-factor authentication, installing anti-malware software, training users to avoid phishing, monitoring networks for DDoS attacks, backing up computing devices, and updating security programs. The report highlights the evolving nature of cyber threats and the need for organizations to remain vigilant and proactive in safeguarding their networks and data.

Running head: PHYSICAL SECURITY
PHYSICAL SECURITY
Name of the Student:
Name of the University:
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1PHYSICAL SECURITY
Security threats to organization
Security threat to an organization is malicious act which aims in corrupting or stealing
data or could disrupt systems of an organization. Security event is occurrence in where network
or data might be exposed. Such an event which results in network or data breach is termed as
security incident. As threats of cybersecurity continue in evolving and turn to be more
sophisticated, IT should be vigilant when this is about protecting the networks or data. All
organizations are aware of security’s importance: security of building, financial security and
security of the employees are all essential (Kalaiprasath, Elankavi & Udayakumar, 2017).
However, several other assets are comprises by the organizations which need security for their IT
infrastructure. Network of organization is lifeline which employees depend on for doing their
jobs as well as make money subsequently for their organization. Hence, it is essential in
recognizing that IT infrastructure is essential asset which needs top security.
Over past decade, number of threats of system security has soared. As professionals of IT
scramble in staying abreast of latest issues to secure their organizations’ environment, they
should navigate increasingly complicated field. Data could be of sensitive type. Data is most
essential part for the organizations. For protecting data of the organizations, security threats
should be understood first. Few of the major security threats which IT team should counter are
insider threats, worms and viruses, botnets, attacks of drive-by download, phishing attacks,
DDoS attacks, ransomware, exploit kits, attacks of advanced persistent threats and malvertising
(Woldemichael, 2019). Few of the most crucial threats are as follows:
 Insider threats: It takes place when the individuals who are close to organization have
access to network, misuse it unintentionally or intentionally for negatively affecting

2PHYSICAL SECURITY
crucial systems or data of the organization. Employees who are careless and do not
comply with business policies and rules of their organization could cause the insider
threats within the organization (Silander, Wallace & Janzekovic, 2016). For instance,
they might inadvertently email data of customers to the external parties, share
information of their login with others or could click on the phishing links within emails.
Prevention: Access of employees should be limited to specific resources. Two-factor
authentication should be implemented that needs every user in providing second piece to
identify information.
 Worms and viruses: These are malicious programs that are aimed to destroy system,
network and data of the organization. Virus is malicious code which replicates through
copying itself into other program. Worm is program of self-replication which does not
require in copying itself host program. Worms don’t need human interaction for
spreading. Its major function is infecting other systems while being active on infected
system.
Prevention: For reducing these threats, antimalware and antivirus software should be
installed in the systems of the organizations. Users must be very careful while using
sharing services of P2P file.
 Phishing attacks: These are one type of security threat breaks into security system and
give up sensitive information which includes names, login credentials and addresses.
Hackers try to make users do few recommended action, like clicking on the links within
the emails (Talebi, Ayaburi & Chakravarty, 2019). Opening such attachments within
emails could install malware within the devices of the users which are designed for
harvesting sensitive information.

3PHYSICAL SECURITY
Prevention: Users should be trained in not clicking the links or download the
attachments within emails from the unknown senders.
 Distributed Denial-of-service (DDoS) attacks: Within this attack, multiple machines
that are compromised attack target like server, network resource or website, making
target inoperable totally. Flood of incoming messages, malformed packets or connection
requests forces target systems in slowing down or in crashing, denying service for
legitimate systems or users (Hettiarachchi & Wickramasinghe, 2016).
Prevention: For preventing attacks of DDoS, organizations should implement
technology for monitoring networks. Visual clues are offered by DDoS, so administrators
understanding their networks’ normal behavior would be able in catching the attacks.
They ensure that servers have capability in handling heavy spikes of traffic. Firewalls and
security programs of network should be updated.
 Ransomware: In this attack, computer of victim would be clocked through encryption
that prevents victim is using that data or device which is stored in it. For regaining access
to data or device, victim needs to pay ransom to hacker (LOBOV & BOGOVIZ, 2018).
Ransomware could be spread by malicious attachments in email, infected external
storages, compromised websites and infected applications.
Prevention: For preventing ransomware, the users must back up computing devices
regularly. All software should be up to date, which includes antivirus software. The users
must not click on links within emails. Traditional firewalls should be implemented by the
organizations within their system which would block unauthorized access.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4PHYSICAL SECURITY
References
Hettiarachchi, S., & Wickramasinghe, S. (2016). Study to identify threats to Information Systems
in organizations and possible countermeasures through policy decisions and awareness
programs to ensure the information security.
Kalaiprasath, R., Elankavi, R., & Udayakumar, D. R. (2017). Cloud. security and compliance-A
semantic approach in end to end security. International Journal Of Mechanical
Engineering And Technology (Ijmet), 8(5), 987-994.
LOBOV, S. V., & BOGOVIZ, A. V. (2018). The subject-object identification of personnel
security threats. Revista ESPACIOS, 39(24).
Silander, D., Wallace, D., & Janzekovic, J. (Eds.). (2016). International organizations and the
rise of ISIL: global responses to human security threats. Routledge.
Talebi, N., Ayaburi, E., & Chakravarty, S. (2019). Data Security Threats Sources: An Empirical
Examination of Institutional Characteristics. In Global Information Diffusion and
Management in Contemporary Society (pp. 153-171). IGI Global.
Woldemichael, H. T. (2019). Emerging Cyber Security Threats in Organization. International
Journal of Scientific Research in Network Security and Communication, 7(6), 7-10.