0% found this document useful (0 votes)
25 views23 pages

Cyber Security UNIT-V

Endpoints are devices that connect to a network and are vulnerable to cyber threats, making endpoint security crucial for protecting sensitive data. With the rise of remote work, organizations face increased risks from cyberattacks, particularly against small businesses. Effective endpoint security involves a combination of user education, device tracking, and implementing best practices to safeguard against various threats.

Uploaded by

rsgnr2006
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
25 views23 pages

Cyber Security UNIT-V

Endpoints are devices that connect to a network and are vulnerable to cyber threats, making endpoint security crucial for protecting sensitive data. With the rise of remote work, organizations face increased risks from cyberattacks, particularly against small businesses. Effective endpoint security involves a combination of user education, device tracking, and implementing best practices to safeguard against various threats.

Uploaded by

rsgnr2006
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 23

END POINT DEVICE:

Endpoints are physical devices that connect to and exchange information with a computer network. Some examples of
endpoints are mobile devices, desktop computers, virtual machines, embedded devices, and servers. Internet-of-Things
devices—like cameras, lighting, refrigerators, security systems, smart speakers, and thermostats—are also endpoints.
When a device connects to a network, the flow of information between, for instance, a laptop and a network, is much like
a conversation between two people over the phone.

Importance of endpoint security

Endpoint security, or endpoint protection, helps protect endpoints from malicious actors and exploits.

Cybercriminals target endpoints because they are doorways to corporate data and by nature vulnerable to attack. They are
outside network security and dependent on users to put security measures into place—leaving room for human error.
Protecting endpoints from attack has become more challenging as the workforce becomes more distributed, with office-
based, remote, and hybrid workers using more devices from anywhere in the world.
Businesses of all sizes are vulnerable. Forty-three percent of cyberattacks involve small businesses, according to a
Verizon Data Breach Investigations Report.1 Small businesses are prime targets because they can be entry points for
criminals to penetrate even larger companies, and they often don’t have cybersecurity defenses in place.

Endpoint security is essential because data breaches are costly, devastating ordeals for enterprises. The average cost of a
data breach is USD$4.24 million globally and USD$9.05 million in the United States, according to the Ponemon
Institute’s "Cost of a Data Breach Report 2021” (Commissioned by IBM). Breaches involving remote work cost an
average of USD$1.05 million more. Most breach costs—38%—are due to lost business, such as customer turnover, lost
revenue due to system downtime, and the cost of acquiring new business due to tarnished reputation.

How endpoint security works

Endpoint security uses a range of processes, services, and solutions to protect endpoints from cyber threats. The first
endpoint security tools were traditional antivirus and antimalware software designed to stop criminals from harming
devices, networks, and services. Endpoint security has since evolved to include more advanced, cloud-powered, and
comprehensive solutions that help detect threats, investigate, and respond to threats, and manage apps, devices, and users.

Common endpoint security risks

Organizations are increasingly vulnerable to endpoint security threats as more workforces become more mobile. Some of
the more common endpoint security risks include:

1. Phishing, a type of social engineering attack that manipulates targets into sharing sensitive information.
2. Ransom ware, malware that holds victim’s information until a sum of money is paid.
3. Device loss, one of the leading causes of data breaches for organizations. Lost and stolen devices can also lead
to costly regulatory fines.
4. Out-dated patches, which expose vulnerabilities in systems, creating opportunities for bad actors to exploit
systems and steal data.
5. Malware ads, or advertising, which uses online ads to spread malware and compromise systems.
6. Drive-by downloads, the automated download of software to a device without the user’s knowledge.

Endpoint security best practices

Safeguarding endpoints can help keep organizational data secure. Follow these best practices to defend against
cyberthreats.
Educate users
Employees are the first line of defense in endpoint security. Keep them informed with regular security and compliance
training, and alerts.

Track devices
Keep track of all devices that connect to your network. Update your inventory frequently. Make sure endpoints have the
latest software updates and patches.
AdoptZero Trust
Support a Zero Trust security model. Manage and grant access with continual verification of identities, devices, and
services.

Encryptendpoints

Strengthen security with encryption, which adds another layer of protection to devices and data.

Enforcestrongpasswords

Require complex passwords, enforce regular password updates, and prohibit the use of old passwords.

Keepsystems,software,andpatchesupdated

Conduct frequent updates of operating systems, application, and security software.

MOBILE PHONE SECURITY :

Mobile Device Security refers to the measures designed to protect sensitive information stored on and transmitted by
laptops, smartphones, tablets, wearables, and other portable devices. At the root of mobile device security is the goal of
keeping unauthorized users from accessing the enterprise network. It is one aspect of a complete enterprise security plan.

Components of mobile device security


Here are some solutions that can help keep your mobile devices more secure.

 Endpoint security: As organizations embrace flexible and mobile workforces, they must deploy networks that allow
remote access. Endpoint security solutions protect corporations by monitoring the files and processes on every mobile
device that accesses a network. By constantly scanning for malicious behavior, endpoint security can identify threats
early on. When they find malicious behavior, endpoint solutions quickly alert security teams, so threats are removed
before they can do any damage.
 VPN: A virtual private network, or VPN, is an encrypted connection over the Internet from a device to a network. The
encrypted connection helps ensure that sensitive data is safely transmitted. It prevents unauthorized people from
eavesdropping on the traffic and allows the user to conduct remote work safely.
 Secure web gateway: Secure web gateways provide powerful, overarching cloud security. Because 70 percent of
attacks are distinct to the organization, businesses need cloud security that identifies previously used attacks before
they are launched. Cloud security can operate at the DNS and IP layers to defend against phishing, malware, and
ransomware earlier. By integrating security with the cloud, you can identify an attack on one location and
immediately prevent it at other branches.
 Email security: Email is both the most important business communication tool and the leading attack vector for
security breaches. In fact, according to the latest Cisco Midyear Cybersecurity Report, email is the primary tool for
attackers spreading ransomware and other malware. Proper email security includes advanced threat protection
capabilities that detect, block, and remediate threats faster; prevent data loss; and secure important information in
transit with end-to-end encryption.
 Cloud access security broker: Your network must secure where and how your employees work, including in the cloud.
You will need a cloud access security broker (CASB), a tool that functions as a gateway between on-premises
infrastructure and cloud applications (Salesforce, Dropbox, etc.). A CASB identifies malicious cloud-based
applications and protects against breaches with a cloud data loss prevention (DLP) engine.
What are the benefits of Mobile Device Security?

Mobile device security, or mobile device management, provides the following:

 Regulatory compliance
 Security policy enforcement
 Support of “bring your own device” (BYOD)
 Remote control of device updates
 Application control
 Automated device registration
 Data backup
How does Mobile Device Security work?

Securing mobile devices requires a multi-layered approach and investment in enterprise solutions. While there are key
elements to mobile device security, each organization needs to find what best fits its network.

To get started, here are some mobile security best practices:

 Establish, share, and enforce clear policies and processes

Mobile device rules are only as effective as a company’s ability to properly communicate those policies to employees.
Mobile device security should include clear rules about:

1. What devices can be used


2. Allowed OS levels
3. What the company can and cannot access on a personal phone
4. Whether IT can remote wipe a device
5. Password requirements and frequency for updating passwords
 Password protection

One of the most basic ways to prevent unauthorized access to a mobile device is to create a strong password, and yet
weak passwords are still a persistent problem that contributes to the majority of data hacks. Another common security
problem is workers using the same password for their mobile device, email, and every work-related account. It is critical
that employees create strong, unique passwords (of at least eight characters) and create different passwords for different
accounts.

 Leverage biometrics

Instead of relying on traditional methods of mobile access security, such as passwords, some companies are looking to
biometrics as a safer alternative. Biometric authentication is when a computer uses measurable biological characteristics,
such as face, fingerprint, voice, or iris recognition for identification and access. Multiple biometric authentication
methods are now available on smartphones and are easy for workers to set up and use.

 Avoid public Wi-Fi

A mobile device is only as secure as the network through which it transmits data. Companies need to educate employees
about the dangers of using public Wi-Fi networks, which are vulnerable to attacks from hackers who can easily breach a
device, access the network, and steal data. The best defense is to encourage smart user behavior and prohibit the use of
open Wi-Fi networks, no matter the convenience.
 Beware of apps

Malicious apps are some of the fastest growing threats to mobile devices. When an employee unknowingly downloads
one, either for work or personal reasons, it provides unauthorized access to the company’s network and data. To combat
this rising threat, companies have two options: instruct employees about the dangers of downloading unapproved apps, or
ban employees from downloading certain apps on their phones altogether.

 Mobile device encryption:


Most mobile devices are bundled with a built-in encryption feature. Users need to locate this feature on their
device and enter a password to encrypt their device. With this method, data is converted into a code that can only
be accessed by authorized users. This is important in case of theft, and it prevents unauthorized access.

What are the different types of Mobile Device Security?

There are many aspects to a complete security plan. Common elements of a mobile security solution include the
following:

 Enterprise Mobile Management platform: In addition to setting up internal device policies that protect
against unauthorized access, it’s equally important to have an Enterprise Mobile Management (EMM)
platform that enables IT to gather real-time insights to catch potential threats.
 Email security: Email is the most popular way for hackers to spread ransomware and other malware. To
combat such attacks, it’s critical for businesses to be armed with advanced email security that can detect,
block, and address threats faster; prevent any data loss; and protect important information in transit with
end-to-end encryption.
 Endpoint protection: This approach protects enterprise networks that are remotely accessed by mobile
devices. Endpoint security protects companies by ensuring that portable devices follow security standards
and by quickly alerting security teams of detected threats before they can do damage. Endpoint protection
also allows IT administrators to monitor operation functions and data backup strategies.
 VPN: A virtual private network, or VPN, extends a private network across a public network. This enables
users to send and receive data across shared or public networks as if their computing devices were directly
connected to the private network. VPNs’ encryption technology allows remote users and branch offices to
securely access corporate applications and resources.
 Secure web gateway: A secure web gateway protects against online security threats by enforcing
company security policies and defending against phishing and malware in real-time. This is especially
important for cloud security as this type of protection can identify an attack on one location and
immediately stop it at other branches.
 Cloud access security broker: A cloud access security broker (CASB) is a tool that sits between cloud
service consumers and cloud service providers to enforce security, compliance, and governance policies
for cloud applications. CASBs help organizations extend the security controls of their on-premises
infrastructure to the cloud.
PASSWORD POLICY:

With more of our private communication, financial transactions, and health care information being stored online, the

accessibility of this information to users comes with serious security risks. A strong password policy is the front line of

defense to confidential user information.

Administrators today play a more critical role than ever in educating and ensuring that users are aware of the security

risks they face, and that they need to use strong passwords as a first line of defense from scammers and hackers.

Technology should facilitate, not complicate passwords

Technologies like one-time passwords, client certificates, smart cards, and biometrics can add layers to account

security. Two-factor authentication combines multiple layers of security, thereby enhancing the overall security of the

system. The more critical the system, the greater number of layers of authentication it should include.

However, the traditional password still remains the primary method of user authentication. And despite the number of

layers included in the system, they all generally rely on a username and password combination. When creating a

password policy, administrators should focus on these three key elements:

1. Understand what a strong password policy is

A password policy is a set of rules created to improve computer security by motivating users to create dependable, secure

passwords and then store and utilize them properly. Normally, a password policy is a part of the official regulations of an

organization and might be employed as a section of the security awareness training.

Although most users understand the nature of security risks related to simple passwords, there’s still frustration when

users are required to spend time attempting to create a password that meets an unfamiliar criteria or attempting to

remember a previously created strong password.

2. Enforce using strong passwords


Passwords are a first line of protection against any unauthorized access into your personal computer. The stronger the

password, the higher level of protection your computer has from malicious software and hackers.

A strong password isn’t just about one password, it’s important that you guarantee strong passwords for each account

that you access through your computer. When you are utilizing a corporate network, the network administrator may

encourage you to use a strong password.

To be able to create a strong password, you should be aware of the criteria to make one. These criteria basically include

the following:

 A strong password must be at least 8 characters long.


 It should not contain any of your personal information — specifically, your real name, username or your
company name.
 It must be very unique from your previously used passwords.
 It should not contain any word spelled completely.
 A strong password should contain different types of characters, including uppercase letters, lowercase letters,
numbers and characters.

3. Educate users to manage their strong passwords

Having a password like "eC<My!chO,quaj^of)naD}uM}rIew>Ap[Ek}E*quaC.eib(Tyb” is very secure. It contains most


every element of a strong password. But how many users will remember a password like this? Chances are a strong
password like this is written down on a piece of paper taped to the user’s monitor, underneath their keyboard or sitting in
top their desk drawer. It might be even hidden among the random items on the user’s desk.

Users can instead relate their passwords to things they can easily remember, like a favorite sport or hobby. For instance,

“I enjoy playing basketball” can be “IEnjoiPlay!ngB@$k3tb@ll11.” This is secure and could also be easily remembered

by users.

Password management software like LastPass and Apple Keychain takes the hassle out of managing strong passwords.

For less than the price of a soda, you can easily create and manage strong passwords . But the combinations are

numerous and by just remembering one main strong password, you can rely on a password manager to take care of the

rest.

4. Creating strong password policy best practices

A password may follow the traditional guidelines yet still be weak. Users who can’t remember their strong passwords
and end up writing them down or constantly having to reset their passwords undermine the benefits of a strong password
policy.
Passwords are one piece of the security puzzle in the enterprise. Keeping user accounts secure takes a combination of a

thorough process for strong password creation and an easy-to-use system for users to follow to keep those passwords

safe.
SECURITY PATCH MANAGEMENT:
Patch management is the process of applying firmware and software updates to improve functionality, close security
vulnerabilities, and optimize performance.
Why the patch management process matters

Patch management creates a centralized process for applying new patches to IT assets. These patches can improve
security, enhance performance, and boost productivity.

Security updates
Security patches address specific security risks, often by remediating a particular vulnerability.
Hackers often target unpatched assets, so the failure to apply security updates can expose a company to security breaches.
For example, the 2017 WannaCry ransomwarespread via a Microsoft Windows vulnerability for which a patch had been
issued. Cybercriminals attacked networks where admins had neglected to apply the patch, infecting more than 200,000
computers in 150 countries.
Feature updates
Some patches bring new features to apps and devices. These updates can improve asset performance and user
productivity.
Bug fixes
Bug fixes address minor issues in hardware or software. Typically, these issues don't cause security problems but do
affect asset performance.
Minimizing downtime
Most companies find it impractical to download and apply every patch for every asset as soon as it's available. That's
because patching requires downtime. Users must stop work, log out, and reboot key systems to apply patches.

A formal patch management process allows organizations to prioritize critical updates. The company can gain the
benefits of these patches with minimal disruption to employee workflows.

Regulatory compliance
Under regulations like the General Data Protection Regulation (GDPR), the Health Insurance Portability and
Accountability Act (HIPAA), and the Payment Card Industry Data Security Standard (PCI-DSS), companies must follow
certain cybersecuritypractices. Patch management can help organizations keep critical systems compliant with these
mandatory.

The patch management lifecycle

Most companies treat patch management as a continuous lifecycle. This is because vendors release new patches
regularly. Furthermore, a company's patching needs may change as its IT environment changes.

To outline the patch management best practices that admins and end users should follow throughout the lifecycle,
companies draft formal patch management policies.

The stages of the patch management lifecycle include:

1. Asset management

To keep tabs on IT resources, IT and security teams create inventories of network assets like third-party applications,
operating systems, mobile devices, and remote and on-premises endpoints.
IT teams may also specify which hardware and software versions employees can use. This asset standardization can help
simplify the patching process by reducing the number of different asset types on the network. Standardization can also
prevent employees from using unsafe, outdated, or incompatible apps and devices.

2. Patch monitoring

Once IT and security teams have a complete asset inventory, they can watch for available patches, track the patch status
of assets, and identify assets that are missing patches.

3. Patch prioritization
Some patches are more important than others, especially when it comes to security patches. According to Gartner, 19,093
new vulnerabilities were reported in 2021, but cybercriminals only exploited 1,554 of these in the wild (link resides
outside ibm.com).

IT and security teams use resources like threat intelligence feeds to pinpoint the most critical vulnerabilities in their
systems. Patches for these vulnerabilities are prioritized over less essential updates.

Prioritization is one of the key ways in which patch management policies aim to cut downtime. By rolling out critical
patches first, IT and security teams can protect the network while shortening the time resources spend offline for
patching.
4. Patch testing
New patches can occasionally cause problems, break integrations, or fail to address the vulnerabilities they aim to fix.
Hackers can even hijack patches in exceptional cases. In 2021, cybercriminals used a flaw in Kaseya's VSA
platform (link resides outside ibm.com) to spread ransomware to customers under the guise of a legitimate software
update.

By testing patches before installing them, IT and security teams aim to detect and fix these problems before they impact
the entire network.

5. Patch deployment

"Patch deployment" refers to both when and how patches are deployed.

Patching windows are usually set for times when few or no employees are working. Vendors' patch releases may also
influence patching schedules. For example, Microsoft typically releases patches on Tuesdays, a day known as "Patch
Tuesday" among some IT professionals.

IT and security teams may apply patches to batches of assets rather than rolling them out to the entire network at once.
That way, some employees can continue working while others log off for patching. Applying patches in groups also
provides one last chance to detect problems before they reach the whole network.

Patch deployment may also include plans to monitor assets post-patching and undo any changes that cause unanticipated
problems.

6. Patch documentation

To ensure patch compliance, IT and security teams document the patching process, including test results,

deployment results, and any assets that still need to be patched. This documentation keeps the asset inventory updated
and can prove compliance with cybersecurity regulations in the event of an audit.

DATA BACKUP:

What Is a Data Backup?


Data backup is the practice of copying data from a primary to a secondary location, to protect it in case of a disaster,
accident or malicious action. Data is the lifeblood of modern organizations, and losing data can cause massive damage
and disrupt business operations. This is why backing up your data is critical for all businesses, large and small.

What does backup data mean?

Typically backup data means all necessary data for the workloads your server is running. This can include documents,
media files, configuration files, machine images, operating systems, and registry files. Essentially, any data that you want
to preserve can be stored as backup data.

Data backup includes several important concepts:

 Backup solutions and tools—while it is possible to back up data manually, to ensure systems are backed up regularly
and consistently, most organizations use a technology solution to back up their data.
 Backup administrator—every organization should designate an employee responsible for backups. That employee
should ensure backup systems are set up correctly, test them periodically and ensure that critical data is actually backed
up.
 Backup scope and schedule—an organization must decide on a backup policy, specifying which files and systems are
important enough to be backed up, and how frequently data should be backed up.
 Recovery Point Objective (RPO)—RPO is the amount of data an organization is willing to lose if a disaster occurs, and
is determined by the frequency of backup. If systems are backed up once per day, the RPO is 24 hours. The lower the
RPO, the more data storage, compute and network resources are required to achieve frequent backups.
 Recovery Time Objective (RTO)—RTO is the time it takes for an organization to restore data or systems from backup
and resume normal operations. For large data volumes and/or backups stored off-premises, copying data and restoring
systems can take time, and robust technical solutions are needed to ensure a low RTO.

The Importance of a Disaster Recovery Plan: Alarming Statistics

To understand the potential impact of disasters on businesses, and the importance of having a data backup strategy as part
of a complete disaster recovery plan, consider the following statistics:

 Cost of downtime—according to Gartner, the average cost of downtime to a business is $5,600 per minute.
 Survival rate—another Gartner study found only 6% of companies affected by a disaster that did not have disaster
recovery in place survived and continued to operate more than two years after the disaster.
 Causes of data loss—the most common causes of data loss are hardware/system failure (31%), human error (29%) and
viruses, and malware of ransomware (29%).

Data Backup Options

There are many ways to backup your file. Choosing the right option can help ensure that you are creating the best data
backup plan for your needs. Below are six of the most common techniques or technologies:

Removable Media

Removable media backup, such as CDs, DVDs, and flash drives, has long been a popular method of data protection. This
type of backup is affordable and easy to use, making it an attractive option for many users. Removable media is portable,
and can be stored in a safe deposit box or off-site location, providing an extra layer of security in case of a disaster.

Drawbacks of removable media for backup include the limited storage capacity compared to other backup options. As a
result, you may need to use multiple discs or drives to store larger amounts of data. Additionally, removable media can
be prone to damage, such as scratches or exposure to heat and moisture, which can result in data loss. Finally, the speed
of data transfer and backup can be slower compared to other methods, which could be a concern for users with large
amounts of data to backup.
Removable media backup may be a suitable option for those who require a simple, affordable, and portable data backup
solution. However, if you have large amounts of data to protect or require a faster backup process, you may want to
consider other backup options.

Redundancy

Redundancy is a vital aspect of data backup, as it involves creating multiple copies of your data to ensure its safety and
accessibility. By having more than one copy of your data, you can minimize the risk of data loss in case of a hardware
failure, natural disaster, or other unforeseen circumstances. Redundancy can be achieved through various means, such as
using multiple hard drives, employing RAID (Redundant Array of Independent Disks) technology, or utilizing cloud
backup services.

RAID technology is a popular method of achieving redundancy in data storage. RAID combines multiple hard drives into
a single storage unit, distributing data across the drives in various ways, depending on the RAID level used. This
configuration provides increased data protection and, in some cases, improved performance. RAID levels include RAID
0, which offers increased performance but no redundancy, RAID 1, which mirrors data across two drives, and RAID 5,
which distributes data and parity information across multiple drives for both performance and redundancy.

Choosing the appropriate level of redundancy for your data backup needs depends on factors such as the importance of
the data, the potential impact of data loss, and your budget. Typically, a higher level of redundancy is needed for
mission-critical data.

External Hard Drive

External hard drives are a popular choice for data backup due to their convenience and ease of use. These devices
connect to your computer via USB or other connection types and offer a large amount of storage space for your data.
External hard drives are portable, allowing you to easily move and store your data off-site for added security. They also
provide a relatively fast backup process compared to other methods, such as removable media.

Despite their many benefits, external hard drives do have some drawbacks. One major concern is that they are susceptible
to physical damage and theft, which could result in data loss. Additionally, external hard drives can fail, just like any
other hard drive, leading to potential data loss. Finally, while external hard drives are more affordable than some other
backup options, they can still be costly, especially if you require multiple drives for redundancy or large storage
capacities.

External hard drives can be an excellent backup option for users who require a portable, easy-to-use, and relatively fast
data backup solution. However, it’s essential to consider the potential risks associated with this method and ensure that
you have adequate redundancy measures in place to protect your data.

Hardware Appliances

Hardware appliances are dedicated devices designed specifically for data backup and storage. These appliances often
come with built-in backup software and can support various storage types, such as hard drives, tape drives, or cloud
storage. Hardware appliances can provide a comprehensive, all-in-one backup solution for businesses and may include
features such as data deduplication, encryption, and automated backup scheduling.

One of the main advantages of using a hardware appliance for data backup is the convenience and ease of use they offer.
Since these devices are specifically designed for backup purposes, the setup and management process can be more
straightforward than other methods. Hardware appliances also often include features that can improve the efficiency and
security of your backup process, such as data deduplication and encryption. Additionally, many hardware appliances
support multiple backup destinations, allowing you to easily achieve redundancy and off-site storage.

The primary disadvantage of hardware appliances is their cost, as they can be quite expensive, particularly for small
businesses. Additionally, hardware appliances can become outdated over time as technology advances, potentially
requiring you to upgrade or replace the device to maintain optimal performance and data protection.
Hardware appliances can be an excellent data backup solution for businesses that require a comprehensive, easy-to-
manage, and secure backup process. However, the cost of these devices may be prohibitive for some users, and it’s
essential to consider the long-term investment and potential need for upgrades when choosing this option.

Backup Software

Backup software is an essential component of any data backup strategy, as it helps automate and streamline the backup
process. There is a wide range of backup software available, from simple, free tools to more advanced, feature-rich
offerings. Backup software can help ensure that your data is backed up efficiently and securely, allowing you to recover
your data quickly and easily in case of a disaster.

Some key features to look for include:

 Automation: Good backup software should allow you to schedule backups automatically, ensuring that your data is
consistently protected.
 Incremental and differential backups: These backup types only save changes made since the last backup, saving time
and storage space.
 Encryption: Backup software should offer encryption options to ensure that your data is secure and protected from
potential breaches.
 Compression: Some backup software includes compression options, which can help reduce the amount of storage space
required for backups.
 Multiple backup destinations: Having the ability to backup to multiple locations or devices can provide added
redundancy and protection.

While there are many free backup software options available, paid software often includes additional features and
support that can be beneficial for businesses or those with more complex backup needs. Paid software may also offer
faster data transfer speeds and more reliable backup processes.

Cloud Backup Services

Cloud backup services are a popular option for data backup, providing off-site storage and accessibility via the internet.
These services store your data on remote servers, typically run by a third-party provider, allowing you to access your data
from anywhere with an internet connection. Cloud backup services often include features such as encryption,
redundancy, and automated backups.

One of the most significant benefits of cloud backup services is the convenience and accessibility they offer. Since your
data is stored remotely, you can access it from anywhere, at any time, provided you have an internet connection.
Additionally, many cloud backup services include robust security measures, such as encryption and redundancy,
providing added protection for your data. Finally, cloud backup services typically offer scalable storage options, allowing
you to increase or decrease your storage as needed.

One potential concern with cloud backup services is the potential for data breaches or other security issues. While many
providers offer robust security measures, because these services are accessible from the Internet, there is a higher risk of
misconfiguration and unauthorized access. Additionally, cloud backup services can be costly, especially for users with
large amounts of data to store.

What Is a 3-2-1 Backup Strategy?

A 3-2-1 backup strategy is a method for ensuring that your data is adequately duplicated and reliably recoverable. In this
strategy, three copies of your data are created on at least two different storage media and at least one copy is stored
remotely:

 Three copies of data—your three copies include your original data and two duplicates. This ensures that a lost backup or
corrupted media do not affect recoverability.
 Two different storage types—reduces the risk of failures related to a specific medium by using two different
technologies. Common choices include internal and external hard drives, removable media, or cloud storage.
 One copy off-site—eliminates the risk associated with a single point of failure. Offsite duplicates are needed for robust
disaster and data backup recovery strategies and can allow for failover during local outages.

This strategy is considered a best practice by most information security experts and government authorities. It protects
against both accidents and malicious threats, such as ransomware, and ensures reliable data backup and restoration.

Server Backup: Backing Up Critical Business Systems

The easiest way to backup a server is with a server backup solution. These solutions can come in the form of software or
appliances.

Server backup solutions are typically designed to help you backup server data to another local server, a cloud server, or a
hybrid system. In particular, backup to hybrid systems is becoming more popular. This is because hybrid systems enable
you to optimize resources, support easy multi-region duplication, and can enable faster recovery and failover.

In general, server backup solutions should include the following features:

 Support for diverse file types—should not include any file types. In particular, solutions should support documents,
spreadsheets, media, and configuration files.
 Backup location—you should be able to specify backup locations. The solution should support backup to a variety of
locations and media, including on and off-site resources.
 Scheduling and automation—in addition to enabling manual backups, solutions should support backup automation
through scheduling. This helps ensure that you always have a recent backup and that backups are created in a consistent
manner.
 Backup management—you should be able to manage the lifecycle of backups, including number stored and length of
time kept. Ideally, solutions
 also enable easy export of backups for transfer to external resources or for use in migration.
 Partition selection—partitions are isolated segments of a storage resource and are often used to separate data within a
system. Solutions should enable you to independently backup data and restore partitions.
 Data compression—to minimize the storage needed for numerous backups, solutions should compress backup data. This
compression needs to be lossless and maintain the integrity of all data.
 Backup type selection—you should be able to create a variety of backup types, including full, differential, and
incremental backups. Differential backups create a backup of changes since the last full backup while incremental
records the changes since the last incremental backup. These types can help you reduce the size of your backups and
speed backup time.
 Scaling—backup abilities should not be limited by the volume of data on your servers. Solutions should scale as your
data does and support backups of any size.

DOWNLOADING AND MANAGEMENT OF THIRD PARTY SOFTWARE:

third-party software refers to reusable software components supplied or developed for a particular purpose by a different
company/person from the one that built the existing product on a particular system (source).

Third-party solutions come in various forms. Here’s our breakdown of the most common types of third-party software:

1. Libraries

Libraries come in handy for writing web or mobile applications by delivering source code for a component. They can be
open-source (available to everyone at no cost) or closed-source/proprietary (where a purchase may be necessary).

Examples:
 SnapKit (iOS) – library for building application layout from code, helping developers to be more productive and
achieve more with fewer lines of code,
 Lottie (Android) – library for designing animations that developers can enrich with interactions, you can find
example animations here,
 Moya – (iOS) library for networking and communication with the backend, very popular among iOS developers
looking to save a few days of work.

2. Platforms

Platforms are integrated, ready-made solutions that developers can use to realize a specific feature – for example – user
logging, chat, or maps. They’re SaaS (Software as a Service) products to which developers can outsource certain
functionalities for a fee (usually monthly), or in some cases for free.

Examples:

 Firebase – it delivers ready-made components for logging in, a database for storing application data that can
replace an application backend, the option to use deep links, remote configuration of application features
(perfect for A/B testing!), a space directly to Facebook.
 Auth0 – this platform allows developers to rapidly integrate authentication and authorization for web, mobile,
and legacy applications so you can focus on your core business.
 Google Maps Platform – the Google Maps Platform is a set of APIs and SDKs that allows developers to embed
Google Maps into mobile apps and web pages, or to retrieve data from Google Maps.

3. Tools

A variety of tools that in many ways make the app development more effective and increase the quality of the final
product.

Examples:

 SwiftLint – an open-source tool for enforcing Swift style and conventions. Developers can set their coding style
rules and enforce them during development. SwiftLint has a command-line tool, Xcode plugin, AppCode, and
Atom integration. So, it always fits any development environment. It’ll show us warnings and/or errors if we
violate the linting rules (learn more here).
 Danger – a tool used by many developers to automate common code review chores. You can use it to codify
your team’s norms, leaving humans to think about harder problems. Danger leaves messages inside your Pull
Requests based on rules that you create.
 Zeplin – a tool for UI designers and developers, enabling them to collaborate efficiently and save time. Among
others, it allows designers to share the design system with the team, and generate development resources
automatically. Everyone in the team can access the latest design resources and gets notified of changes without
you having to ping them.

Manage third-party apps & services with access to your account

To help you safely share your data, Google lets you give third-party apps and services access to different parts of your
Google Account. Third-party apps and services are created by companies or developers that aren’t Google.

For example, you may download an app that helps you schedule workouts with friends. This app may request access to
your Google Calendar and Contacts to suggest times and friends for you to meet up with.

Learn about how data sharing works for apps with account access.

Sharing your Google data with Apps

Learn about how you can share your Google data with apps to make your life easier -- and what you can do to protect
your personal information.
Review what third-party apps & services can access

You can review the access a third party has to your Google Account and the Google services you use.

1. Make sure you’re signed in to your Google Account.


2. View the apps & services that have access to your Google Account.
3. Select the app or service you want to review.

Remove a third party’s access

If you no longer trust or want to use a third-party app or service, you can remove its access to your Google Account. It
won’t have access to any more Google Account info, but you may need to ask them to delete the data they already have.

1. Make sure you’re signed in to your Google Account.


2. View the apps & services that have access to your Google Account.
3. Select the app or service whose access you want to remove.
4. Under “{App name} has some access to your Google Account,” select See details.
5. Select Remove access.

Important: If you remove account access from a third-party app or service, it may keep the data and info that you shared
when you connected, such as data from your Google Calendar or Google Drive.

Report a third-party app or service

Report a third-party app or service if you believe it misuses your data, creates spam, impersonates you, or uses your data
in harmful ways.

Tip: This option may not be available if a third-party app or service only has access to your basic profile info.

1. Make sure you’re signed in to your Google Account.


2. View the apps & services that have access to your Google Account.
3. Select the app or service you want to report.
4. Under “{App name} has some access to your Google Account,” select See details.
5. Select Report this app.

How to Manage Third-Party Applications


In Genesys terms, a third-party application is an application not instrumented with Genesys libraries. This chapter
describes which Management Layer functions you can use with third-party applications and how the Management Layer
processes the related commands. It also lists the software prerequisites for and describes how to configure these
applications.

Prerequisites
In Genesys terms, a third-party application is an application not instrumented with Genesys libraries. The Management
Layer can monitor, start, and stop a third-party application as long as that application:
 Supports startup from a command line.
 Starts if the computer it runs on is unattended (for instance, on a Windows computer with no user logged in);
however, this is not mandatory.
 Works without a console window on Windows; however, this is not mandatory.
 Is registered in the Configuration Database as an Application of the Third Party Server type.
 Runs on an operating system that Genesys supports.
Important

You cannot perform the centralized logging and alarm-signaling functions (including switchover) over a third-party
application because they require built-in support on the application side.
Required Components
If you have configured third-party applications in the Genesys Configuration Database, Management Layer can control,
monitor, start, and stop them. Even if you do not use the Management Layer to start a particular application, the
application’s runtime status is displayed. This functionality is also supported for:
 Third-party applications installed as Windows Services
 Third-party applications started with a script.

Managing third-party applications requires the installation of:

 Solution Control Server


 An instance of Local Control Agent (LCA) for each host computer running third-party applications
 Genesys Administrator
The monitoring views and control commands are available through Genesys Administrator, just as they are for managing
Genesys applications. Framework Genesys Administrator Help provides detailed instructions for viewing the
applications, and starting and stopping them.

Pros of using 3rd-party software in your app development

We believe that using 3rd party software in a reasonable way:

 improves the efficiency of the app development process,


 increases the quality of the product,
 reduces app development costs significantly.

WHAT IS DEVICE SECURITY?:

Device security is the defense of IT assets against harm and unauthorized use. Although the term “device security” is not
as widely used as “cybersecurity,” it is a relevant concept that denotes the full range of practices for securing desktop
PCs, laptops, smartphones, tablets, or Internet of Things (IoT) devices.
To reliably fend off modern security threats, a device security strategy must be multilayered, with multiple security
solutions working in tandem with one another and oriented around a consistent set of processes. Moreover, both security
personnel and end-users must be aligned on best practices such as keeping software up to date and using the right access
points or gateways when accessing applications remotely.
Device security has three fundamental components.

People: Security experts, whether in-house or at a cloud service provider, are the core of device security. They decide
what tools and controls are implemented and monitor environments for anomalies and threats. Security leaders are also
important in educating users about how to prevent sensitive data leakage and avoid risky behaviors, especially when
working remotely.

Processes: Effective device security requires a systematic approach to dealing with each threat, with security policies
and plans that follow best practices. For example, the National Institute of Standards and Technology offers a framework
with a continuous cycle of Identify > Protect > Detect > Respond > Recover that can be followed when confronted with
malware or ransomware.

Technologies: Many technical solutions are available for securing environments against threats. Web application
firewalls (WAFs), analytics, bot identification and management platforms, antimalware programs, email security, and
more are among the most commonly deployed for this purpose. The exact mix of tools changes over time. For
instance, secure internet access may replace a traditional virtual private network (VPN).

Why is device security important?


Data breaches have become costlier over time, and modern cybersecurity is the only way to prevent them. More
specifically, device security can mitigate the risks stemming from unauthorized access, unclosed vulnerabilities, and
malicious traffic and applications.

Device security is also important because remote work and cloud applications have become the norm. Applications are
accessed from numerous locations and mobile devices over the internet. Without the right protections for both the apps
themselves and their modes of access, organizations will be exposed to significant risks from hackers and cybercriminals.

What are the main types of device security?

There are several main subcategories of device security that must be integrated into any overarching cybersecurity
strategy, including but not limited to:
Network security

This is the protection of networks against the entry and spread of threats. In recent times, the secure access service edge
(SASE)has emerged as an important model for network security, as it combines the features of a software-defined WAN
(SD-WAN) with a variety of controls such as secure web gateways (SWGs) and cloud application security brokers.
Application security

Application security encompasses all of the measures for making applications themselves secure. Much of this work
happens during development, through the inclusion of relevant security features. Subsequent updates to software are then
critical to thwarting cyberattacks.
Cloud security

Cloud security includes both the mechanisms for protecting applications (e.g., encryption) and for securing access to
them. Across remote work environments, mechanisms in the latter category may include firewalls,
SWGs, malware defense, sandboxes, and more. Simultaneously, cloud service providers handle many app-specific
security controls on their end.
Data security

In addition to encryption, data security includes tokenization, key management and other measures for protecting
sensitive information and personal data. Access controls like multifactor authentication (MFA) and single sign-on, along
with data loss prevention (DLP) solutions, are also relevant to this device security subcategory.
Endpoint security

Endpoint security is used to protect end user devices and ensure they're safe to connect to corporate networks. This type
of device security especially important at organizations with BYOD (Bring Your Own Device) programs, where
employees may access corporate resources from personal devices that lack IT controls and oversight.
Mobile device management

Mobile device management refers to tools designed specifically to help IT implement mobile device security plans. This
type of device security is especially important at organizations where data, files, and applications are accessed from
personal devices
Device security threats are numerous, but there are a few that deserve particular attention.
 Malware: Malware is any type of malicious software. It may be designed to harvest and exfiltrate data, make an
operating system unusable or otherwise disrupt the target device. Subtypes of malware include spyware, trojans, worms,
viruses, and ransomware.
 Ransomware: Though it dates back to the 1980s, ransomware has become much more prevalent over time as digital
currencies have made it easier for cyberattack perpetrators to receive payments. Ransomware encrypts data and then
withholds the decryption key until the victim agrees to pay a ransom, typically in Bitcoin or something similar.
 Phishing: A phishing attack is a social engineering technique for deceiving a victim into visiting a high-risk domain,
handing over personal information, or accessing a malicious file. It most commonly happens via email but can also occur
through SMS and social media.

CYBER SECURITY BEST PRACTICES:

9 cybersecurity best practices to know

Let's discuss some best practices for organizations to consider as part of their cybersecurity strategy. These nine steps can
help eliminate vulnerabilities from systems and networks.

1. Implement a robust cybersecurity strategy.

It may be helpful to conduct a cybersecurity audit on your business to assess your current situation. What security measures
are in place? Are all employees aware of potential security risks and threats, and how to protect against them? Are all of the
company’s networks and data protected with several layers of security?

Now, it’s time to develop a people-centric cybersecurity strategy. It needs to be robust, meaning it protects all types of data
but especially sensitive and proprietary information. The strategy should also be people-centric, meaning the strategy
considers its employees and end users and acts in ways that are beneficial to them and their well-being.

2. Update and enforce security policies.

Businesses need to continually update security policies as different departments and functions adopt new technology, tools,
and ways of dealing with data. Security policies are crucial to have—they must be updated regularly and employees need to
be trained to comply with each policy update.

A best practice for enforcing security policies is zero-trust architecture, which is a strategic approach to cybersecurity that
continuously validates at every stage of a digital interaction with data. Examples of this include multi-factor authentication
and computer settings that require users to enter their password whenever they’re away for 10 minutes.

3. Install security updates and backup data.

Most organizations accumulate huge amounts of data on customers and users. This requires businesses to be strategic about
backing up their data—and how those backups are managed. Employees should be trained to update their software
whenever an upgraded version is available, which usually means the program added new features, fixed bugs, or improved
security.

4. Use strong passwords and multi-factor authentication.

Regular internet users might be familiar with password requirements such as using uppercase and lowercase letters,
symbols, and numbers to create a strong password. Company systems and tools tend to have similar requirements. Some
organizations might even provide complicated passwords to users to ensure maximum security.

Another common practice these days is to use multi-factor authentication, where you’ll need to verify your identity on two
different devices (usually your phone and computer) to decrease the likelihood of fraudulent activity.

5. Collaborate with the IT department to prevent attacks.

Business leaders can benefit from working with their IT department and support staff to manage cyberattacks. They can also
prevent these risks and threats from happening in the first place. What those preventative measures look like will vary
depending on the organization’s size, industry, and other factors. This might involve working with a cybersecurity
consultant alongside your IT team to determine strategies like whether to use cloud technologies, which types of security
measures to take, and how to best roll out a plan for employees and end users.
6. Conduct regular cybersecurity audits.

In addition to collaborating with the IT team, it is wise to conduct regular cybersecurity audits. A cybersecurity audit
establishes criteria that organizations and employees can use to check they are consistently defending against risks,
especially as cybersecurity risks grow more sophisticated.

Audits should be conducted at least once a year, though experts recommend that businesses dealing with personal
information and big data should audit twice a year at minimum [1]. Cybersecurity auditing helps businesses keep up with
compliance and legal requirements. Auditors might encourage an organization to simplify and streamline their tools and
processes, which contribute to greater defense against cyberattacks.

7. Control access to sensitive information.

In every organization, the IT team is responsible for managing who gets access to information, and that includes controlling
access to security passwords, highly classified information, and more. At times, only a handful of people can be entrusted
with the company’s financial data and trade secrets. Most employees are granted the fewest access rights possible, and
sometimes given access only upon request or during specific circumstances.

8. Monitor third-party users and applications.

Third-party users with access to your organization’s systems and applications have the ability to steal your data, whether or
not it is intentional. Either way, they can cause cybersecurity breaches. By monitoring user activity, taking care to restrict
access to sensitive information, and providing one-time passwords, you can detect malicious activity and prevent breaches
from occurring.

9. Embrace IT training and education.

Finally, all of these cybersecurity best practices are meant for businesses to implement—but much of it relies on employees
to make sure they’re creating strong passwords and upholding all security policies. Cybersecurity and IT training should be
provided when employees receive onboarding at the start of their journey with your organization.

Ongoing education, IT support, and security updates should be ingrained in their workflow to continue to ensure
cybersecurity measures are taken. Companies should raise awareness to employees that they are complying with
cybersecurity practices, explain why they’re important, and provide clear guidelines on what’s expected of them.

SIGNIFICANCE OF HOST FIREWALL AND ANTIVIRUS:

Difference between Firewall and Antivirus



Firewall: Firewall is the specified version of router. In this all data packets are entering or leaving the network pass
through firewall and after examine firewall decide whether to allow or not.In firewall all traffic must pass through it and
only authorized traffic should be allow to pass. Firewall should be strong.

Antivirus: Antivirus is an application or software which provides security from the malicious software coming from the
internet. An antivirus chases the method in which it performs 3 actions which are:
 Detection
 Identification
 Removal
Antivirus deals with both external threats and internal threats. It is implemented only software not in hardware also.

Difference between Firewall and Antivirus:


S.NO Firewall Antivirus

1. Firewall is implemented in both hardware and software. Antivirus is implemented in software only.

Antivirus deals with both external threats and


2. Firewall deals with external threats only.
internal threats.

In firewall counter attacks are possible such as IP In antivirus no counter attacks are possible after
3.
Spoofing and routing attacks. removing the malware.>

Antivirus works on Scanning of infected files and


4. Firewall works on monitoring and filtering.
software.

5. Firewall checks the threat from incoming packets. Antivirus checks the threat from malicious software.

Firewall saves the system from all kinds of threats to the


6. Antivirus saves the system only from viruses.
system.

Antivirus’s programming is simpler as comparison


7. Firewall’s programming is complex than antivirus.
to firewall

MANAGEMENT OF HOST FIREWALL AND ANTIVIRUS:

Firewall management is the process of configuring and monitoring a firewall to maintain a secure network. Firewalls are
an integral part of protecting private networks in both a personal and business setting.

What are the three main types of firewalls?

To understand the tasks needed to manage firewalls, organizations should first understand the different available firewall
options. Organizations utilize a range of different firewall types to protect their networks. The different types of firewalls
will have a shared goal: protect the network and infrastructure from malicious external traffic. However, each type will
vary in the process of achieving this aim.

These firewalls can be in the form of software or hardware, and increasingly are cloud-based. There are three common
types of firewalls in use by organizations, each with a different way of functioning. Each firewall type has its benefits
and drawbacks when protecting a private network. Individual types also vary in terms of complexity and security. The
three main types of firewall are:
1. Proxy firewalls

A proxy firewall acts as a sort of ‘go-between’, preventing a direct connection between a device and network. A device
will first connect to the proxy, and then the proxy will make the relevant connection to the network destination. Because
it prevents a direct connection, it is one of the most secure types of firewall.

This type of firewall can be on a proxy device or can be cloud-based. A proxy server will act as a bottleneck for requests,
so will often cache commonly requested content and keep logs. However, as the gateway for numerous devices, the
speed of connection can sometimes be an issue.

2. Traditional firewalls

Stateful and stateless inspection firewalls are both often described as ‘traditional firewalls’. These firewalls control and
filter the flow of network traffic based on pre-set conditions such as source, destination, or port address. These firewalls
will allow only trusted traffic to enter and leave a network.

Rules can be created and enforced on specific traffic flows, and traffic with suspicious sources can be barred. These types
of firewalls are common in out-of-the-box solutions and products.

Older traditional firewalls tend to offer stateless inspection, which identifies and checks traffic based on static criteria.
Newer traditional firewalls offer ‘stateful’ inspection, which allows firewalls to gauge the state or context of connections
and traffic.

3. Next generation firewalls

As the name suggests, next generation firewalls (NGFW) are more advanced versions of traditional firewalls. Many next
generation firewalls have the added ability to filter traffic based on applications. This helps organizations protect against
more advanced threats. They can also act as an anti-virus, blocking specific malware from accessing networks. These
systems combine traditional firewalls with an intrusion detection system, which actively monitors the network for
malicious activity.

Next generation firewalls may also be updated in line with up-to-date cybersecurity threats, helping to identify and
mitigate emerging risks. For this reason, next generation firewalls offer high levels of security to organizations when
implemented.

Here are five best practice tips for getting the most out of firewall management, including setting up the firewall itself
and embedding the policies.

1. Block all access by default

When configuring a firewall, it’s important to start by blocking access to the network from all traffic. Rules and policies
can then be introduced to highlight the traffic that is permitted to connect to the network.
Blocking all devices and traffic by default lowers the risk of a data breach, as only trusted traffic is given access. Any
rules which give access to traffic should be tightly controlled, with close parameters. This will lower the risk of
unauthorized traffic entering or leaving the network.
2. Regularly audit firewall rules and policies

Regularly audit rules and settings to remove any unused, old rules, as well as any that conflict. Old or unused rules can
be exploited to gain access to the network, heightening the chance of cyber attacks. By highlighting and updating old
rules, firewalls can become more efficient as well as more secure.

Because a firewall may have hundreds of different rules, sometimes new rules may conflict with an existing one.
Conflicting rules may mean the firewall isn’t functioning as intended, causing unforeseen vulnerabilities. By auditing
firewalls, these conflicting rules can be resolved and replaced.
A good source of information will be the firewall logs. Changes, access, and events should be recorded within the log,
which help the process of improving firewall rules.
3. Keep the firewall up-to-date
Firewall software should be kept up-to-date so any vulnerabilities highlighted by the vendor can be fixed. The latest
version will ensure the firewall will be as efficient and secure as possible. Where possible, any software updates or
patches should be automated.

4. Keep track of authorized users

Firewall management is an important responsibility, and there’s a severe risk in allowing too many users access to
firewall settings. Those with access should be senior network administrators, and all changes to configuration should be
monitored.
Users should have varying degrees of access on a case-by-case basis. User access should be logged and audited regularly,
and only be granted if there is a business need. Control of authorized users limits the risk of accidental or malicious
changes to settings and configurations.

5. Document all firewall changes

Changes to firewall rules should be well documented within the organization so any damaging changes can be reversed.
If rules are documented, it lessens the risk of conflicting rules causing unforeseen access issues in the network.

A clear process for recording and approving changes to firewall rules should be set as part of the management system.
Documentation should record the business requirements for any change, and the context for the decision. New rules can
be assessed for their business needs and risk levels.
Documentation and logs should be centralized in the organization so that records are accessible. A centralized approach
will help with strategic decision-making.

WI-FI SECURITY:

Wi-Fi security is the protection of devices and networks connected in a wireless environment. Without Wi-Fi security, a
networking device such as a wireless access point or a router can be accessed by anyone using a computer or mobile
device within range of the router's wireless signal.

How do unsecured Wi-Fi networks create risk?


When wireless devices in a network are "open" or unsecured, they're accessible to any Wi-Fi-enabled device, such as a
computer or smartphone, that's within range of their wireless signals.

Using open or unsecured networks can be risky for users and organizations. Adversaries using internet-connected devices
can collect users' personal information and steal identities, compromise financial and other sensitive business data,
"eavesdrop" on communications, and more.

What are some ways to protect a Wi-Fi network?


One basic best practice for Wi-Fi security is to change default passwords for network devices.

Most devices feature default administrator passwords, which are meant to make setup of the devices easy. However, the
default passwords created by device manufacturers can be easy to obtain online.

Changing the default passwords for network devices to more-complex passwords—and changing them often—are simple
but effective ways to improve Wi-Fi security. Following are other Wi-Fi network security methods:
Media Access Control (MAC) addresses
Another basic approach to Wi-Fi security is to use MAC addresses, which restrict access to a Wi-Fi network. (A MAC
address is a unique code or number used to identify individual devices on a network.) While this tactic provides a higher
measure of security than an open network, it is still susceptible to attack by adversaries using "spoofed" or modified
addresses.

Encryption
A more common method of protecting Wi-Fi networks and devices is the use of security protocols that utilize encryption.
Encryption in digital communications encodes data and then decodes it only for authorized recipients.
There are several types of encryption standards in use today, including Wi-Fi Protected Access (WPA) and Wi-Fi
Protected Access 2 (WPA2). See the section "Types of wireless security protocols" on this page for more details about
these and other standards related to Wi-Fi security.

Most newer network devices, such as access points and Wi-Fi routers, feature built-in wireless-security encryption
protocols that provide Wi-Fi protection.

Virtual private networks (VPNs)


VPNs are another source of Wi-Fi network security. They allow users to create secure, identity-protected tunnels
between unprotected Wi-Fi networks and the internet.

A VPN can encrypt a user's internet connection. It also can conceal a user's IP address by using a virtual IP address it
assigns to the user's traffic as it passes through the VPN server.

Security software
There are many types of consumer and enterprise software that also can provide Wi-Fi security. Some Wi-Fi protection
software is bundled with related products, such as antivirus software. For more information about Wi-Fi security
software, see the next question.

CONFIGURE SECURITY POLICY SETTINGS:

This article describes steps to configure a security policy setting on the local device, on a domain-joined device, and on a
domain controller. You must have Administrators rights on the local device, or you must have the appropriate
permissions to update a Group Policy Object (GPO) on the domain controller to perform these procedures.

When a local setting is inaccessible, it indicates that a GPO currently controls that setting.

To configure a setting using the Local Security Policy console

1. To open Local Security Policy, on the Start screen, type secpol.msc, and then press ENTER.
2. Under Security Settings of the console tree, do one of the following:
 Select Account Policies to edit the Password Policy or Account Lockout Policy.
 Select Local Policies to edit an Audit Policy, a User Rights Assignment, or Security Options.
3. When you find the policy setting in the details pane, double-click the security policy that you want to modify.
4. Modify the security policy setting, and then select OK.

Note

 Some security policy settings require that the device be restarted before the setting takes effect.
 Any change to the user rights assignment for an account becomes effective the next time the owner of the account
logs on.

To configure a security policy setting using the Local Group Policy Editor console

You must have the appropriate permissions to install and use the Microsoft Management Console (MMC), and to update
a Group Policy Object (GPO) on the domain controller to perform these procedures.

1. Open the Local Group Policy Editor (gpedit.msc).

2. In the console tree, click Computer Configuration, select Windows Settings, and then select Security Settings.

3. Do one of the following:

 Select Account Policies to edit the Password Policy or Account Lockout Policy.
 Select Local Policies to edit an Audit Policy, a User Rights Assignment, or Security Options.

4. In the details pane, double-click the security policy setting that you want to modify.

5. Modify the security policy setting, and then select OK.

To configure a setting for a domain controller

The following procedure describes how to configure a security policy setting for only a domain controller (from the
domain controller).

1. To open the domain controller security policy, in the console tree, locate GroupPolicyObject
[ComputerName] Policy, click Computer Configuration, click Windows Settings, and then click Security
Settings.
2. Do one of the following:

 Double-click Account Policies to edit the Password Policy, Account Lockout Policy, or Kerberos
Policy.
 Select Local Policies to edit the Audit Policy, a User Rights Assignment, or Security Options.
3. In the details pane, double-click the security policy that you want to modify.

Note

If this security policy has not yet been defined, select the Define these policy settings check box.

4. Modify the security policy setting, and then select OK.

You might also like