Unauthorized access is the use of a computer or network without permission. Unauthorized use is the use of a computer or its data for unapproved or possibly illegal activities.
Safeguards against Unauthorized Access and Use
Organizations should have a written acceptable use policy (AUP) that outlines the computer activities for which the computer and network may and may not be used. An organization’s AUP should specify the acceptable use of computers by employees for personal reasons.
Other measures that safeguard against unauthorized access and use include firewalls and intrusion detection software, which were discussed in the previous section, and identifying and authenticating users.
Identifying and Authenticating Users
Many organizations use access controls to minimize the chance that a perpetrator intentionally may access or an employee accidentally may access confidential information on a computer. An access control is a security measure that defines who can access a computer, when they can access it, and what actions they can take while accessing the computer.
In addition, the computer should maintain an audit trail that records in a file both successful and unsuccessful access attempts. An unsuccessful access attempt could result from a user mistyping his or her password, or it could result from a hacker trying thousands of passwords. Organizations should investigate unsuccessful access attempts immediately to ensure they are not intentional breaches of security. They also should review successful access for irregularities, such as use of the computer after normal working hours or from remote computers.
Many systems implement access controls using a two-phase process called identification and authentication. Identification verifies that an individual is a valid user. Authentication verifies that the individual is the person he or she claims to be.
Three methods of identification and authentication:
Safeguards against Unauthorized Access and Use
Organizations should have a written acceptable use policy (AUP) that outlines the computer activities for which the computer and network may and may not be used. An organization’s AUP should specify the acceptable use of computers by employees for personal reasons.
Other measures that safeguard against unauthorized access and use include firewalls and intrusion detection software, which were discussed in the previous section, and identifying and authenticating users.
Identifying and Authenticating Users
Many organizations use access controls to minimize the chance that a perpetrator intentionally may access or an employee accidentally may access confidential information on a computer. An access control is a security measure that defines who can access a computer, when they can access it, and what actions they can take while accessing the computer.
In addition, the computer should maintain an audit trail that records in a file both successful and unsuccessful access attempts. An unsuccessful access attempt could result from a user mistyping his or her password, or it could result from a hacker trying thousands of passwords. Organizations should investigate unsuccessful access attempts immediately to ensure they are not intentional breaches of security. They also should review successful access for irregularities, such as use of the computer after normal working hours or from remote computers.
Many systems implement access controls using a two-phase process called identification and authentication. Identification verifies that an individual is a valid user. Authentication verifies that the individual is the person he or she claims to be.
Three methods of identification and authentication:
- User Names and Passwords . A user name, or user ID (identification), is a unique combination of characters, such as letters of the alphabet or numbers, that identifies one specific user. A password is a private combination of characters associated with the user name that allows access to certain computer resources.
- Possessed Objects. A possessed object is any item that you must carry to gain access to a computer or computer facility. Examples of possessed objects are badges, cards, smart cards, and keys. The card you use in an automated teller machine (ATM) is a possessed object that allows access to your bank account.
- Biometric Devices. A biometric devic authenticates a person’s identity by translating a personal characteristic, such as a fingerprint, into a digital code that is compared with a digital code stored in the computer verifying a physical or behavioral characteristic. If the digital code in the computer does not match the personal char ac teristic code, the computer denies access to the individual.
Digital Forensics
Digital forensics, also called computer forensics, network forensics, or cyberforensics, is the discovery, collection, and analysis of evidence found on computers and networks. Digital forensics involves the examination of computer media, programs, data and log files on computers, servers, and networks. Many areas use digital forensics, including law enforcement, criminal prosecutors, military intelligence, insurance agencies, and information security departments in the private sector.
Digital forensics, also called computer forensics, network forensics, or cyberforensics, is the discovery, collection, and analysis of evidence found on computers and networks. Digital forensics involves the examination of computer media, programs, data and log files on computers, servers, and networks. Many areas use digital forensics, including law enforcement, criminal prosecutors, military intelligence, insurance agencies, and information security departments in the private sector.