CYBER SECURITY

Module 5

END POINT DEVICES & MOBILE PHONE SECURITY

Endpoint devices and mobile phones are critical components of today's digital lifestyle.
Securing both of them is crucial due to the sensitive information they often hold and their
susceptibility to various threats.

End Point Devices Security:

• Keep Software Updated: Regularly update operating systems and applications. Patches
often contain security fixes.
• Use Antivirus/Malware Protection: Install antivirus and anti-malware software.
Schedule regular scans.
• Implement Firewalls: Enable firewalls to prevent unauthorized access to your device.
• Strong Authentication: Use strong & unique passwords. Implement multi-factor
authentication wherever possible.
• Encrypt Data: Encrypt sensitive data to keep your data safe even if the device is lost or
stolen.
• Backup Regularly: Maintain backups of important data. In case of a security breach,
you can recover your data.
• Limit User Privileges: Users should have only the necessary permissions to perform
their tasks to limit the potential damage from a compromised account.
• Secure Configuration: Configure endpoint devices securely, disabling unnecessary
services and features that could be exploited by attackers.
• Application Whitelisting: It allows only approved applications to run on endpoint
devices, reducing the risk of unauthorized or malicious software execution.
• Remote Wipe Capability: Enable remote wipe capabilities for end point devices to
erase sensitive data in case of loss or theft.

Mobile Phone Security:

• Lock Screen Security: Use passcodes, patterns, fingerprints, or facial recognition to
secure access to the device.
• App Permissions: Review and manage app permissions to limit what data apps can
access.
• Install from Trusted Sources: Only download apps from official app stores to reduce
the risk of installing malicious software.
• Encrypt Mobile Data: Enable encryption for data stored on the device. Most modern
smartphones have this option in settings.
• Remote Wipe/Find Features: Activate remote wipe/locate features so that if the device
is lost, you can erase its data or find its location.
• Regular Updates: Keep the phone's operating system and apps updated to patch
vulnerabilities.
• Use VPNs on Public Networks: When connecting to public Wi-Fi, use a Virtual Private
Network (VPN) for encrypted and secure browsing.

SHIVA KUMAR C, St. Philomena’s College 1

 CYBER SECURITY

• Avoid Jailbreaking or Rooting: Avoid modifying the phone's operating system beyond
the manufacturer's intended use, as it can expose the device to more risks.
• Two-Factor Authentication (2FA): Enable 2FA whenever possible to add an extra layer
of security to your accounts.
• Location Services: Review and manage location services settings for apps, enabling
them only when necessary to preserve privacy.

Password policy:
A password policy sets the rules that passwords for a service must meet, such as length and
type of characters allowed/disallowed, how passwords should be created, used, managed, etc.
Password policies are crucial for ensuring the security of digital accounts and systems.
• Password Length: A minimum number of characters (often 8-12) helps to create
stronger passwords.
• Complexity Requirements: A mix of character types (uppercase & lowercase alphabets,
numbers, special characters) makes passwords harder to crack.
• Regular Changes: Periodic password changes (every 60-90 days) reduces the risk of
prolonged exposure to potential breaches.
• Prohibiting Common Passwords: Blocking commonly used or easily guessable
passwords enhances security (Ex: 12345, 00000, using names in the password, etc).
• Account Lockout: Implementing a mechanism that locks the account after multiple
failed login attempts prevents brute force attacks.
• Multi-Factor Authentication (MFA): The use of MFA adds an extra layer of security,
requiring users to provide more than one form of verification.
• Education and Training: Providing guidance to users on creating strong passwords and
the importance of safeguarding them through regular training or resources.
• Restrictions on Password Sharing: Prohibiting the sharing of passwords helps maintain
individual account security.
• Password Managers: Promote the use of password manager tools to generate, store, and
manage complex passwords securely.
• Encryption and Storage: Safely storing passwords using encryption and secure hashing
methods mitigates the risk of exposing them in case of a data breach.

Security patch management:

Security patch management is a crucial aspect of maintaining a secure system or network in
order to address the weaknesses in the system.
• Identification: Monitor the vendor websites, security advisories, mailing lists, and other
sources to identify patches relevant to your systems. Keep yourself updated.
• Assessment: Evaluate the severity and impact of the vulnerability on your systems.
Determine if the patch is applicable and necessary for your system.
• Acquisition: Download or obtain the necessary patches/updates from the official,
trusted and verified sources to avoid installing malicious software.

SHIVA KUMAR C, St. Philomena’s College 2

 CYBER SECURITY

• Testing: Before installing patches to your system, test them in a controlled environment
(like a test network or system) to ensure they work as intended and don’t create conflicts
with existing software.
• Deployment: Once patches are tested & validated, deploy them to the production
environment.
• Verification: Confirm that the patches have been successfully applied and that systems
are functioning properly after the update.
• Monitoring and Maintenance: Regularly monitor for new vulnerabilities and keep track
of installed patches. Perform periodic checks to ensure all systems are up to date with
the latest security patches.
• Documentation: Maintain records of applied patches, dates, and any issues encountered
during the patching process. Documentation is essential for audits and future reference.

Data backup:
Data backup is all about creating duplicate copies of your files or data to protect against data
loss in case of hardware failures, human error, cyberattacks, or any unforeseen disasters.
• Regular backups: Set up a routine schedule for backing up your data depending on the
importance of the data and how frequently it changes.
• Multiple locations: Store your backups in multiple locations such as external hard
drives, cloud storage, or even offsite locations, which reduces the risk of losing all data
in case of a localized issue.
• Automate backups: Use backup tools that allow you to automate the process. This
ensures consistency and helps prevent forgetting to back up important data.
• Verify backups: Periodically check your backups to ensure they are complete and
accurate. Sometimes, backups may contain errors or become corrupted.
• Use encryption: If your data contains sensitive information, consider encrypting your
backups. This adds an extra layer of security, especially when storing data in the cloud
or on portable devices.
• Test restoration: Regularly test the restoration process to ensure your backups are
usable. It’s crucial to know that you can recover data effectively when needed.
• Prioritize important data: Prioritize what needs to be backed up more frequently or with
higher security measures. Not all the data will be equally important.
• Monitoring and Alerts: Implement monitoring tools to receive alerts for backup failures
or anomalies.

Downloading and management of third-party software:

Third-party software is a software created by the companies or developers that aren't Google
or Apple.
• Source: Obtain software from official websites or trusted app stores (Ex: Apple Store,
Google Play Store, Microsoft Store).
• Reviews and Ratings: Check reviews, ratings, and user feedback to gauge the software's
reliability, performance, and security.

SHIVA KUMAR C, St. Philomena’s College 3

 CYBER SECURITY

• Read Permissions: When installing, be cautious about the permissions the software is
requesting for.
• Security Software: Have reliable antivirus/anti-malware software installed and keep it
up-to-date. Run scans on downloaded files to ensure they're safe.
• Regular Updates: Keep all the third-party applications updated in order to patch security
vulnerabilities.
• Uninstall Unused Software: Remove any software that is no longer needed in order to
reduce the potential vulnerabilities on your system.
• License Agreement: Read the license agreement to understand the terms and conditions
of using the software.
• Back Up Data: Regularly back up your data to mitigate the impact of any potential
issues caused by third-party software.

Device security policy:

Device Security refers to the measures designed to protect sensitive information stored on and
transmitted by laptops, smartphones, tablets, wearables, and other portable devices.
• Device Usage Guidelines: Establish rules for how devices should be used within your
organization. This might include specifying who can use company devices, how they
should be used, and for what purposes.
• Acceptable Use Policy: Define what is and isn't permitted on company devices. This
can cover browsing certain websites, downloading software, or using external drives.
• Data Encryption: Mandate encryption for sensitive data stored on devices to prevent
unauthorized access.
• Remote Access Security: Define protocols for secure remote access to company
systems, including the use of virtual private networks (VPNs) and secure connections.
• Lost or Stolen Devices: Establish procedures for reporting and handling lost or stolen
devices to mitigate potential data breaches.
• Software and Application Management: Specify guidelines for installing, updating, and
removing software and applications on company devices.
• Monitoring and Reporting: Outline measures for monitoring device usage, detecting
security incidents, and reporting breaches or suspicious activities.
• Employee Training: Provide regular training and awareness programs to educate
employees about security best practices and potential threats.
• BYOD (Bring Your Own Device) Policy: If applicable, define rules for personal devices
used for work purposes, including security requirements and access limitations.

Cyber Security best practices:

Cybersecurity best practices are essential for protecting digital assets, data, and systems from
various cyber threats.
• Use Strong Passwords: Create complex passwords with a mix of letters (uppercase and
lowercase), numbers, and symbols. Consider using a password manager to keep track
of them.

SHIVA KUMAR C, St. Philomena’s College 4

 CYBER SECURITY

• Enable Multi-Factor Authentication (MFA): Implement MFA wherever possible. It adds

an extra layer of security by requiring users to provide more than one form of
identification to access an account.
• Keep Software Updated: Regularly update operating systems, applications, and
antivirus software. Updates often include security patches that protect against known
vulnerabilities.
• Regular Backups: Perform regular backups of important data and systems. This ensures
that if there's a security breach or data loss, you can recover your information.
• Educate Employees: Train staff on cybersecurity best practices, including recognizing
phishing attempts, avoiding suspicious links or downloads, and handling sensitive
information securely.
• Implement Firewalls: Use firewalls to establish barriers between your internal network
and untrusted external networks, such as the internet.
• Limit Access and Permissions: Grant access only to necessary data and systems.
Regularly review and update user permissions as roles change within the organization.
• Encrypt Sensitive Data: Encrypt data both in transit and at rest. This adds a layer of
protection even if data is compromised.

Significance of host firewall and Ant-virus:

Host Firewall:
• A host firewall component that monitors and controls incoming and outgoing network
traffic on an individual device (such as a computer or server).
• Its primary function is to act as a barrier between your device and potentially malicious
content from the internet or other networks.
• Its major significance/functions are:
o Protection: It helps prevent unauthorized access to or from a private network by
controlling the data traffic.
o Filtering: It filters network packets based on predefined security rules, allowing
or denying traffic based on various criteria like IP addresses, ports, protocols,
and applications.
o Defence: A host firewall is the first line of defence against many common
network-based attacks, such as port scanning, malware, and certain types of
cyber threats.
o Intrusion Prevention: Some advanced firewalls include intrusion prevention
features, which actively monitor and block suspicious activities, providing an
additional layer of defence.

Antivirus Software:
• Antivirus software is designed to detect, prevent, and remove malicious software
(malware) from a computer or device.
• Its major significance/functions are:
o Malware Protection: It scans files, emails, downloads, and other elements of
your system for known patterns and behaviours associated with viruses, worms,
Trojans, spyware, ransomware, and other types of malicious software.

SHIVA KUMAR C, St. Philomena’s College 5

 CYBER SECURITY

o Real-time Monitoring: Many antivirus programs run continuously in the

background, monitoring system activities and flagging or quarantining
suspicious files or processes.
o Updates: Regular updates help antivirus software to recognize new threats. It
also helps in identifying suspicious behaviour patterns.
o Complementary Protection: Host firewalls and antivirus software complement
each other. Firewalls protect against unauthorized network access, while
antivirus software safeguards against malware threats.
o Defence in Depth: Employing both provides a multi-layered defense, crucial in
cybersecurity, known as defence in depth. If one layer fails, others might still
provide protection.
o Preventative Measures: Together, they significantly reduce the risk of various
cyber threats, preventing unauthorized access, data breaches, and the potential
damage caused by malware infections.

Management of host firewall and Anti-virus:

Firewall Management:
• Understand Firewall Rules: Learn how your firewall works & configure it to allow only
necessary traffic.
• Regular Updates: Keep the firewall software updated to ensure it has the latest security
patches and features.
• Logging and Monitoring: Enable logging to track firewall activities. Regularly review
logs for any suspicious activities or unauthorized access attempts.
• Default Deny Policy: Implement a default deny policy where all traffic is blocked
unless specifically allowed.
• Application Control: Use application-specific rules to control which applications can
access the network.
Antivirus Management:
• Regular Updates: Ensure your antivirus software is updated with the latest virus
definitions and software patches.
• Scheduled Scans: Set up regular system scans to check for malware, viruses, and other
threats.
• Real-Time Protection: Enable real-time scanning to monitor files and processes in real-
time for any suspicious behaviour or malware.
• Quarantine and Removal: Configure the antivirus to quarantine or remove identified
threats automatically.
• User Education: Educate users about safe browsing habits, downloading files from
trusted sources, and avoiding suspicious emails or websites that could introduce
malware.
• Compatibility and Performance: Ensure the antivirus software doesn’t conflict with
other applications or significantly degrade system performance.

SHIVA KUMAR C, St. Philomena’s College 6

 CYBER SECURITY

Wi-Fi security
Wi-Fi security is crucial in safeguarding your network from unauthorized access, data breaches,
and various cyber threats.
Here are some essential tips to enhance Wi-Fi security:
• Strong Passwords: Use a complex, unique password for your Wi-Fi network. Avoid
using default passwords provided by the router manufacturer.
• Encryption: Enable WPA3 (Wi-Fi Protected Access 3) encryption if available on your
router. WPA2 is also secure but might not be as robust as WPA3.
• WEP (Wired Equivalent Privacy): WEP was one of the earliest Wi-Fi security protocols.
However, it is now considered insecure and easily susceptible to attacks.
• WPA (Wi-Fi Protected Access): WPA was introduced as an improvement over WEP. It
introduced dynamic encryption keys, making it more secure than WEP.
• WPA2 (Wi-Fi Protected Access 2): WPA2 is a significant improvement over WPA. It
uses the AES (Advanced Encryption Standard) encryption algorithm and provides
stronger security features. WPA2 has been widely adopted and is considered secure for
most home and small business networks.
• WPA3 (Wi-Fi Protected Access 3): WPA3 is the latest and most secure Wi-Fi security
protocol. It addresses weaknesses found in WPA2 and introduces additional security
features, including stronger encryption, protection against offline dictionary attacks,
and enhanced security for open networks.
• Network Name (SSID) Hiding: Hiding the network name or Service Set Identifier
(SSID) will make it less visible to potential attackers. While this won’t fully protect
your network, it can add a layer of obscurity.
• Router Firmware Updates: Regularly update your router's firmware to patch any
security vulnerabilities and ensure it has the latest security features.
• Firewall: Activate the firewall on your router to control incoming and outgoing traffic.
This helps prevent unauthorized access.
• Use a VPN: When connected to public Wi-Fi networks, use a Virtual Private Network
(VPN) to encrypt your internet traffic and protect your data from potential
eavesdropping.

Configuration of basic security policy and permissions

Security policy settings are rules that administrators configure on a computer or multiple
devices for protecting resources on a device or network.
Creating a basic security policy involves several steps and considerations. Here’s a general
guide on how to approach setting up security policies and permissions:
• Identify Assets: Determine what data/systems/resources need protection. This could be
customer data, intellectual property, servers, etc.
• Risk Assessment: Evaluate potential threats and vulnerabilities to those assets. Consider
internal & external risks, such as cyber-attacks, unauthorized access, data breaches, etc.

SHIVA KUMAR C, St. Philomena’s College 7

 CYBER SECURITY

• Define Security Policies: Create a set of rules and guidelines to protect the identified
assets.
• Access Control Policies: Define who can access what. Use principles like least privilege
(giving users only the necessary permissions) and separation of duties.
• Data Encryption Policies: Specify when and where encryption should be applied to
sensitive data, both at rest and in transit.
• Password Policies: Establish guidelines for strong, regularly updated passwords and
multi-factor authentication.
• Security Update Policies: Define how often systems and software should be updated to
patch vulnerabilities.
• Incident Response Policies: Lay out procedures for responding to security incidents,
including reporting and mitigation steps.

SHIVA KUMAR C, St. Philomena’s College 8