Cyber Attack

A cyber attack is an attack initiated from a computer against a website, computer system or individual computer that compromises the confidentiality, integrity or availability of the computer or information stored on it.

Cyber attacks take many forms, including:

• Gaining, or attempting to gain, unauthorized access to a computer system or its data.
• Unwanted disruption or denial of service attacks, including the take down of entire web sites.

Every Organization should create a written compliance plan to monitor the highest risks for a potential cyber attack. The compliance plan must address cyber attack procedures in addition to other compliance matters. this should include:

• Policies.
• Codes of conduct.

Policies

Privileged password management Policy

Privileged password management is a type of password management used to secure the passwords for login IDs that have elevated security privileges. This is most often done by periodically changing every such password to a new, random value. Since users and automated software processes need these passwords to function, privileged password management systems must also store these passwords and provide various mechanisms to disclose these passwords in a secure and appropriate manner. Privileged password management is related to privileged identity management.

Firewall

The main aim of the firewall technology is to protect the sensitive information moving between the two networks. In a real world scenario firewall is placed between a private network and internet to prevent attacks. Firewall is one of the most essential barriers that can defend computer networks from many threats. The firewall at the perimeter of the network is the first line of defence against external attacks.

Padlock Software

Padlock is a very new entrant into the world of open source password managers. Currently available for Windows, Mac, iOS, and Android, with a Linux client in the works, Padlock is designed as a “minimalist” password manager. Its source is available on GitHub under a GPLv3 license. The project is also developing a cloud backend, also open source, which will be a welcomed addition to anyone tired of managing password files or setting up syncing across multiple computers.

Controls for implementation of Policies

Packet-filtering Firewall

This was the first type of firewall to protect the networks. Packet filtering firewall check the source and destination IP address of the packet and let the packets in or out according to the security policy of the organization. Normally gateway router on the network edge is used to filter these packets. Access control list (ACL) can be configured on the router to act like packet filtering firewall. Based on the access rules router can allow or deny access into the network.

ConfigServer Security

Configserver security and firewall is a cross-platform and a very versatile Firewall, it’s also based on the concept of Stateful packet inspection (SPI) Firewall. It supports almost all Virtualization environments like Virtuozzo, OpenVZ, VMware, XEN, KVM and Virtualbox.