Potential Threats and Countermeasures

How organisational policies and procedures can help to minimise security breaches in a network and can be used to try and manage staff behaviour when using PCs at work and the consequences to the staff in failing to adhere to the contract or codes
P3- There are many different policies and procedures that can minimise breaches of security in networked systems, and can be used to manage staff behaviour on company PCs. The main policies and procedures that you would want are:
Control panel restrictions – You would put a control panel restriction to be able to decide which types of users can access the control panel. This means that people without access will not be able to access it and in turn not be able to change any settings meaning the computer is less likely to brake the network/computer.
Internet Restrictions – This would limit what the users are able to access on the internet, this means users are less likely to go onto websites that will infect or attack there computer in any way. It also makes the user less likely to be distracted when they are supposed to do work.
Download restrictions –Putting restrictions on what users can download will greatly reduce the risk of infections. This is because there is no chance of the user downloading any dodgy files, it is also stops the hard drive from filling up with unnecessary programs meaning the computer will carry on running at optimal speed.
Backups – Taking daily backups reduces the risk of you losing your important work, whether it be from system failure of from an employee deleting it.
Folder permissions – Setting up folder permissions means only certain users can access certain files, this stops the risk of users being able to change/delete files they are not there’s or that will ruin the system. It also stops them from being able to access sensitive files about other users or about the company.
Password strength – Setting a minimum requirement for users on their passwords means the passwords will be much more secure. This is because the passwords will be much harder to guess and much harder for a dictionary to crack.
Upgrading software – If you regularly update your software the holes that had been found will be patched and the people that are looking for exploits will need to look for new ones which take time. This means that by the time they find one there is a new update patching it.
Another thing I would suggest is making your employees sign a contract that’s states clearly what they can and can’t do on the network, and what the consequences of braking this is. And lastly changing the group policy settings on the network so you could restrict sites like Facebook, YouTube and any sites that cause a threat to the network.
How users can be authenticated when trying to gain access to a network system.
Biometrics – Biometrics are an expensive method of authentication and for them to work you would need sensitive information on everyone, there finger or retinal prints. An example of biometric authentication is a retina scanner, this scans a person’s eye to allow access. This is not a common form compared to its counterpart the fingerprint scanner, this is because it’s cheaper and is more practical. The main benefit of biometrics is that it is very secure compared to passwords or keypads, but it is a lot more expensive and time consuming to set up.
Security questions – Security questions are basic, when you first setup an account it will ask you to choose one of a few questions and you will give an answer that only you will know. It is not that secure as but it is still a secondary form of identification when you log on.
Code generator – A code generator is a device that you can attach to a keychain and it will generate a code that you will need to enter after you have entered your password. This makes sure that a human is accessing the account and not a bot and it is really cheap to set up.
Second Password – This is another basic