Security Vulnerabilities

Operating System

 An operating system a program that manages a computer's hardware and software resources, and provides services for other programs. It handles tasks such as input and output, memory allocation, and scheduling.

Examples of an Operating system can include:

  • Apple macOS
  • Microsoft Windows
  • Google's Android OS 
  • Linux Operating system
  • Apple IOS

Up-to-date OS:

It is important to keep an up-to-date operating system, this can prevent any cyber attacks and vulnerabilities to the system as well as making sure that they are performing well. Updates can improve the functionality and usability of your device. If you're using an old operating system , the vendor might not support it anymore. 

Weak Authentication Mechanisms

This is where multiple accounts are using default or weak passwords which can be vulnerable to the company as they can be easily accessed and used for malicious intent by hackers. To minimize this vulnerabilities, the company can make sure that each employee changes there passwords from there default. To create a strong a password they can implement combination of characters, numbers, and special characters. 

Authentication methods:

  •  Two-Factor authentication: This is a common method to verify the user, as it requires a user to provide two methods of authentication to verify there identity
  • Biometric authentication: This method uses physical characteristics of an user such as a fingerprint or facial recognition to confirm the users identity
  • API keys: This is a code used to identify and authenticate the user. API keys are available through platforms, such as a white-labelled internal marketplace. They also act as a unique identifier and provide a secret token for authentication purposes.

Misconfigured Firewalls

Firewalls and other networks settings can be a potential security vulnerability if they are not configured correctly. This usually occurs when there are open ports which are allowing unauthorized external connections to the network. This can be vulnerable to the network as hackers can intercept data throughout the network which can disrupt the way the users access data.

Insider Threats

Insider threats is a perceived threat to an organization from someone who has access to the organization's sensitive information. This could be an employee, former employee, contractor, or business associate. Insider threats can be intentional or unintentional, and can have serious consequences for an organization. This also bring consequences to the company of which they can lead to data theft, financial fraud, identity theft, and reputational damage. This can also result in fines and legal action.

Unsecured Wireless Network

This is a wireless network that doesn't require a password or login process to access. This means that anyone can use the network, and information transferred through is unencrypted. This also carries consequences such as intercept sensitive information, which include login details, the hackers can alter data which can lead to fraudulent activities or data breaches. This can allow other users to monitor traffic which means that end-to-end data can be intercepted and can be read. 

Comments

Popular posts from this blog

OS A3 Task 1

OS A3 Task 2