The operating system is the primary level of software that allows your computer to accomplish beneficial work. The operating system and its roles are key to making informed decisions about your computer. It manages the computer’s memory and processes, as well as all of its software and hardware. It also allows you to communicate with the computer without knowing how to speak the computer’s language. With that said, the operating system contains the software, hardware, applications, programs that contain valuable information. If you do not secure your OS, the hacker can obtain proprietary information, practically control your machine, and could essentially destroy your computer (stolen, edited or deleted).
Indeed Ian, the operating system is the key to making informed decisions about one’s computer. I’d say that it is similar to a resource manager and handles decision making and interruption. It manages the time for tasks to occur.
Absolutely correct Ian and Alexandra.
Operating systems deals with memory management. It decides which process will get memory at what time.Trojan or virus affects the systems once they are picked up by the operating system and placed in RAM to be executed.
A memory protection key mechanism divides physical memory up into blocks of a particular size (e.g., 4 kiB). Each block is associated with a number value i.e the protection key. Each process also has a protection key value associated with it. Both the values are matched before memory block is accessed.
I totally agree with you that the operating system is the primary level of software that allows your computer to accomplish beneficial work. Therefore, it is so important to protect operating systems.
List common control issues associated with operating systems and remediation strategy/plan.
The OS must protect itself from security breaches, such as runaway processes ( denial of service ), memory-access violations, stack overflow violations, the launching of programs with excessive privileges, and many other like Breach of Confidentiality, Breach of Integrity, Breach of Availability, Theft of Service, and like I said above: Denial of Service, DOS.
Some of the ways they can do that include:
• Performing regular OS patch updates
o Issue: Lack of formal change management procedures could lead to a compromise of system integrity by allowing unauthorized access gain access to resources like Patch Management
• Installing updated antivirus engines and software
• Scrutinizing all incoming and outgoing network traffic through a firewall
• Creating secure accounts with required privileges only
o Issue: Lack of Administration of accounts can lead to a compromise of system integrity by potentially allowing unauthorized access gain access to sensitive areas
Unauthorized modification of data, which may have serious indirect consequences. For example a popular game or other program’s source code could be modified to open up security holes on users systems before being released to the public.
• Strategic design of system, software, and hardware can help with security howver this can be expensive and take a long time to implement. Advancements with technology and the cloud have helped with this.
o Issue: Weak Design and Implementation can lead to a compromise of the system by potentially allowing unauthorized access.
One point to add to what it is important to protect operating system , The importance comes from the way OS manages shared compute assets in memory and disk. OS protection provides logical isolation of multi-tenant compute environment, in which each application need not to interact with memory/disk/CPU cache allocated to other application.
Why is it so important to protect operating systems?
The operating system provides an interface to the underlying hardware and data and is a platform on which various applications execute their operations. Hence, the security of the operating system is a necessity for the overall system security. Today most commercially developed operating systems provide security through authentication of the users, maintenance of access control mechanisms, and provide trusted applications to modify or manage system resources.
In an organization, critical data can be accessed through the operating system. It would be catastrophic for a competitor to obtain confidential files. Protecting the operating system is one way to take precautions to protect information assets.
As we learned from answering the second question, Yes, operating systems do offer some level of security but they are not as secured. Additional layers of security in the form of third party applications such as antivirus and administrative policies should be implemented.
Yang, what would be a good example of an admin policy here? Do you think instructions and education exercises to ensure, for example, proper user usage? I could see the helping security.. Could also serve the purpose of interpreting the requirements of the system and how employees or user could affect the system in negative ways if they do not follow code.
One example of the administrative policies that I can think of is the authorization controls. For example, in the Windows operating system, you can create accounts and allocate gradual accesses to those accounts by which actions or authorities you want to give to each account.
The operating system is the software that allows a user to operate a computer system. It is the interface that allows a user to communicate with an entire system that they would not independently be able to communicate with and operate. An OS is what manages all the processes, software, and hardware installed in system, and if that were to fail there would be no way to operate the system. Since the OS encompasses so many different aspects of a system, and because it is the software that controls every process on a system, it is vulnerable to many different threats. The OS also is very vast in size logically which allows many different avenues of potential access in unauthorized ways. Protecting the operating system is important because without an operable system everything stored on it will not be accessible. Not only would everything not be accessible if the OS is damaged, but a damaged OS could potentially be used to damage the processors, the applications installed, other software installed, the hardware and interfaces installed, and the data/files installed on the system.
This follow up question is for ALL of you: In your opinion, which OS is easier to protect, a Mainframe computer or Distributed computer environment (e.g windows and Unix/Linux) and why?
I think a mainframe computer would be easier to protect for several reasons. One, a mainframe computer is in a single location that is easier to restrict physical access to which helps prevent attacks from physical threat sources. Two, protecting a mainframe logically would be easier since there are less logical connections to the network as opposed to a distributed system with many connections to many different systems allowing multiple points of entry. Three, a big threat with a distributed system is human error, both intentional and unintentional, that can lead to threats exploiting vulnerabilities in the system. The mainframe doesn’t have direct user interaction like individual work stations do throughout a distributed network.
In my view, Mainframe is more secure due to following reasons:
1. Mainframes have centralized management and auditing features.
2. No monthly security patches are to be tested and rolled out.
3. Viruses, are almost unheard of on mainframe computers because their architecture makes it virtually impossible for unauthorized programs to execute functions that could bypass security.
4. Also, mainframe computer security tends to include additional access control functions, often due to their size and price, not commonly found on other types of computers. These include features such as verification of tape access, access control over printouts and the automated destruction of data when disk data sets are erased.
I would agree with Deepali and Sean. I think a mainframe computer operating system will much easier to protect mainly due to the fact that all one’s resources can be targeted to one computer system. In a distributed computer environment, there are multiple computers that make up one larger computing power. However, each computer within that network need to be monitored to make sure that malware wasn’t installed, if computers are vulnerable, or if computers are running ineffectively. With that being said, a mainframe has only one operating system that needs to be monitored and protected. One might be able to argue that with the cost savings of using a distributed computer environment can be utilized to protect the network security, however, I feel from a practical standpoint that a mainframe operating system is much easier to protect.
I do believe mainframes are more secure for the reasons above and…
They are usually in a secure environment. Data Center or Co-location, with extremely high amount of physical controls. This would prevent access, reduce natural disaster issues, and power outages.
I think Mainframe computers are easier to protect for the following reasons:
1. Mainframe computers provide for complete protection of all data from unauthorized reading and writing
2.Mainframe computers are usually kept behind locked doors in a secure data center.
3.Mainframe computer security provides several additional access control functions not commonly found on other types of computers. These include verification of tape access by means of tape labels, access control over printouts before they’re printed, and automated obliteration of data when disk data sets are erased.
4.. Mainframe easily connects to all the other common types of computers and to the Internet.
5..The size of mainframe installations is large makes it possible to support separation of duties which is a key security technique.
Agree with you,The mainframe computer are regarded as the machines that won’t die. Many airlines, banks, and governments began processing sensitive transactions using giant mainframe computers—and their descendants are still in use. Now it turns out these living dinosaurs of computing also have a very modern vice: they over share on the Internet.
I will have to agree with my colleagues that mainframe, by its very nature, is a more secure computing environment than a distributed computing environment. I would add more but I think the 8 responses before mine pretty well summed up the conclusions haha.
I think Unix/Linux is more secure than windows in general going back to early days of both operating systems. Windows was built for personal use, while Unix/Linux was built as multi-user operating system.. Two UNIX/Linux features set it apart from windows, managing accounts privileges and how Linux separates file and directory permissions in multi user environment.
Common control issues associated with operating systems are worms, port scamming , and denial of service (DOS).
Worms, consume system resources, often, blocking out other, legitimate processes. Worms that propagate over networks can be especially problematic, as they can tie up vast amounts of network resources and bring down large-scale systems.
Port Scanning is a search for vulnerabilities to attack. The basic idea is to systematically attempt to connect to every known network port on some remote machine, and to attempt to make contact. Once it is determined that a particular computer is listening to a particular port, then the next step is to determine what daemon is listening, and whether or not it is a version containing a known security flaw that can be exploited.
Denial of Service ( DOS )I are a type of attacks that do not attempt to actually access or damage systems, but merely to clog them up so badly that they cannot be used for any useful work.
In order to remediate to those, companies can implement security defenses ranging from security policies to Virus Protection, auditing and intrusion detection, and also use cryptography security tools, which will help with preserving the trust and confidentiality of the system. These tools including: encryption and authentication . Encryption refers to the idea of encoding a message so that only the desired recipient can decode and read it. Authentication involves verifying the identity of the person who transmitted a message.
Great examples. OS is a very important component of a computer as it pretty much controls it. Virus protection is especially important as who knows who is able to use and control our computer once our computer is infected.
One of critical operating system controls should be the ones addressing vulnerabilities and patch management particularly with zero-day type exploits. There need to be comprehensive security policy in addition to layered security architecture to mitigate potential impact of zero day attacks.
Question 1: Why is so important to protect operating systems?
The operating system is the software preinstalled on your computer. Computers have no ability to function without the operating system software. Not only does the operating system allow your computer to function, but it allows the user (you) the ability to effectively communication to computer by translating your clicks to computer language (0,1).
Conversely, the operation system contains many components such as hardware, software, applications and your personal information. Without having proper security protection on your computer such as firewalls, anti-virus protection and authentication codes. You become vulnerable personally and virtually. If a hacker is able to access your operating systems, in essence you lose your machine whether it be your information, your physical control of your machine and the actual life of your system. It is very important to protect an operation system, without doing so you’re compromising your information as well as your computer as a whole.
Laly, as I mentioned to Said computers have the ability to function without and OS. Proof is that the early computers did not have an OS.
The only thing is that it is very hard to use computer without OS because everything need to be done manually. Users need to key in the programs by hand, which is a waste of time. I mean it would take hours to get the computer ready for simple operations like add or multiply.
It isn’t impossible but It is not something that you will enjoy using for sure.
Yes. But you have a lot of work to do. Without an operating system using and enforcing a standard, systematic approach to running the computer, you’re put in the position of writing code that must tell the computer exactly what to do. Think of every single option or possibility your word processing program has. You’d have to write code for every single one of those directly onto your hard drive. So, I’m definitely more into the idea of OS systems being pre installed and it’s technological advancement,
Absolutely, OS software make our user life better and feel more convenient, The Operating System is the heart of your computer, without it your computer can run.
True Magaly, apart from the counter points you stated, using a computer without an OS would make it almost impossible for a large number of users who might not have the specialized skills required to work on that system. The way OSs have built in usability in today’s age, even people who do not have basic education are able to easily work on a computer. OS has certainly made the world a smaller, closer space and even simplified some of the toughest tasks.
Rightly said, We need to enjoy using Operating Systems since they are existing for making our tasks in which related with any type of computer technology easier. In today’s nature of corporate America, technology takes a huge part of every business. And OSs are absolutely the key players to operate those technology systems.
Once again you are right, but it is counterproductive especially in the business world. The OSs were created to make the user life easier. And as I said it acts like the heart of the computer, it’s what allows the computer to be useful.
A lot good points, just one correction, OS is a software, facilitate the communication between applications and computer hardware components. Itself doesn’t include hardware part.
The discussion made me do a little research and I found this link to the history of Operating systems. Many of us only know about the last 20 years, but the first OS was created in 1950. Most computers were too expensive until the 70’s, when the PC & MS DOS took off but even then, they were a luxury for most families and was only a command line access. It wasn’t until the 90’s when Microsoft built a GUI (Graphical User Interface) or Windows. Shortly after Windows 3.0 came out and the craze for PC’s took off, in 1992 the first windows virus, WinVir was discovered, prompting Microsoft to implement user right controls (Admin vs. user).
From there, we have evolved into multiple different Microsoft windows versions, Apple Versions, Google versions, and others. The report ends with “The Internet of Things” (IoT).
The IoT is crazy technology that controls anything. The example it give is appliances talking to each other. One article I read a few years ago talked about window blinds adjusting based on where the sun was located throughout the day. What about your bed telling the coffee maker, radio, television, window blinds, or what ever else you use in the morning that you just got up. Crazy huh…
Question 2: List common control issues associated with operating systems and remediation strategy/plan.
Some common control issues associated with OS are as follows:
– File sharing
– Lack of malware protection
– Lack of firewall protection
– Weak or nonexistent drive encryption
– 3rd party software
– Weak authentication passwords
The strategy plan when combating these common control issues are sometimes right in front of you, your computer itself. Technology is constantly evolving and technically speaking, once you buy a piece of technology it becomes instantly old. Sometimes you can just update your computer with the newest OS which will most certainly help protect your computer or buy the latest version of your computer. However, that is not always the case.
Some suggestions could be:
-Screening your file sharing, by using secure sites
-Buying/ Installing the latest malware and firewall protection
– Using more complex passwords
– Only downloading software and applications provided by your OS
– Paying attention to your web traffic such as streaming sites, etc.
– Shutting your computer down habitually
Overall, there isn’t one-size-fits-all strategy approach but, understanding the common control issues associated with computers is a first step in the right direction. The majority of this issues have to deal with outdated software or hardware and human error; at the end of the day it’s up to the user themselves to protect their OS by being vigilant across all boards.
Q1: Why is so important to protect operating systems?
You can compare the OS (operating system) to the heart of a human body. That’s why the operating system is considered to be the most important software on a computer. It manages the computer’s memory and processes. It also allows the communication of hardware components of a computer to the software components of the computer system. Operating systems provide access to computer services which is possible only via working of both the hardware components and the software components. Hence not to mention protecting the operating system is crucial. The operating system is the key to access to all the software , so if the operating system is compromised or hacked, the computer itself is in danger.
Great explanation Daniel. In case of open source operating systems it becomes easy to to insert malicious code in OS using those applications. A study of more than 2.5 million apps last year found that 97% of malware targeted Android.
[http://www.makeuseof.com/tag/secure-mobile-operating-system/]
Thank you for the information! Yes I’ve also heard of that Android is very vulnerable in terms of a virus protection. As an Android user, I always need to clean my phone once in a while because somehow another it gets viruses or malware all the time. And also I need to admit it that I sometimes let my phone connect to public wifi. Public wifi is the very open source to increase your possibility to get malware.
Laly – Analogies can help explain and remember things in the IT world. A professor helped me remember by saying: An operating system is like a manager because its role is to make sure that all of the programs on the computer are doing their job. So, Linux and Windows are just like different managers. They do the same thing, but have different styles of management.
I really like your explanation. You are absolutely right that Windows and Linux for example, are different managers that have totally different managing styles. And personally, if he/she gets comfortable with either one, he/she tends to continue using the one he/she choose at the beginning because there are a lot of switching costs he/she needs to pay for a change.
That is a really good analogy to have. To add a little bit to it, not only do managers have different styles, but because of these different styles they are assigned to management different departments. For Linux, this is used in many operating systems that house databases or small applications that you might see in an atm or car. For Windows you generally see this in your everyday personal computer or throughout an organization. So therefore, each OS does the same thing, but have different styles which make them fit in some processes better than others.
Ian, I really like the analogy you brought up and It’s very easy to understand. You are right that operating system is software that supports the functions of a computer, just like managers who play major role in companies. People tend to choose the operating systems that they like, just like employees might switching jobs because they don’t like managers’s managing style.
absolutely, critical data or central database system can be accessed through the operating system within an organization. It would be catastrophic for a competitor to obtain confidential files. therefore, protecting operation system is significant
Good example and clear explanation in comparing the OS to the heart of human body. Indeed, an effective and safe operating system allows the OS users smoothly operating the applications on the PC or other mobile device. Additionally, users prefer to store information in the PC, protect the OS away from virus like Trojan Horse or Worm, and ensure the users’ information assets are safe.
An OS is what manages all the processes, software, and hardware installed in system, and if that were to fail there would be no way to operate the system. Since the OS encompasses so many different aspects of a system, and because it is the software that controls every process on a system, it is vulnerable to many different threats.
Nice point. An operating system is a set of program files and routines that controls a computer’s resources and provides access to a computer’s services. More specifically, an operating system allows a computer’s hardware components, including processors and drives, to communicate with its software components, such as applications and data instruction sets. In modern personal computers, workstations and other computing devices, operating systems are essential components, which computers cannot function without. So I think that’s why we compare OS to the heart.
The Operating System is the heart of your computer, without it your computer can “live” (operate). It is like a translator between the user and the computer. That being said, it is crucial to protect your OS; otherwise you will find yourself in a bad situation. In fact, the OS controls your computer hardware and allows communication between your applications and hardware. Not being able to protect it will allow hackers to take over your whole system.
Said, it may seem impossible for a computer to not operate without an operating system, but that is not the case. computer can operate without an operating system, however the user will be put in the position of writing code that must tell the computer exactly what to do. For example if the user want to type up a document in a word processing program, they would have to create from scratch code that tells the computer to respond to each character pressed on your keyboard. Without an operating system, users will be stuck doing one, and only one, process at a time.
Operating system makes it easier to navigate the computer and use software, but i wouldn’t say that they are indispensable.
You are right, but most people don’t know how to do what you are saying. Giving a computer without an OS to someone who does not know how to code is like giving a bike without pedals. Theoretically, you can still ride it but it won’t be practical.
Great point Said. It is very important to protect the communication between application and hardware. One of the example can be remote access(VPN). It is most vulnerable if not protected by a strong password to ensure safety. Also they can use SSL for outlook during the remote access. Network access control(NAC) systems should be well configured.
In this way we can protect communication between application and hardware.
List common control issues associated with operating systems and remediation strategy/plan.
Some common control issues associated with Operating Systems are “Password-Based Attacks”, “Denial-of-Service Attack”, and “Application-Layer Attack”.
A “Password-Based Attacks” is when an attacker gain access to your computer via your user name and password. Once he/she has access to your computer, he/she can modify server and network configurations, reroute, or delete your data. The best way to protect yourself against this type of attack is to use more complex passwords.
A “Denial-of-Service Attack” prevents normal use of your computer or network by valid users. On way to protect yourself from that is to update constantly your firewall protection.
An “Application-Layer Attack” targets application servers by deliberately causing a fault in a server’s operating system or applications. The attacker can read, add, delete, or modify your data or operating system. To mitigate this risk, protect your system with firewall and install security patches released by your OS.
Denial of Service is more of a network based attack. A distributed DOS can cause more harm. In DDos an attacker may make use of the vulnerabilities in your system to use your system to launch further attack by sending huge chunks of data from your system.
Along with great firewall, good and up to date antivirus, keeping track of email and spam mail will help prevent the attack.
Rightly said Priya. We can also used personalized antivirus as using the windows antivirus is also not that much secure. Using personalized antivirus will add another layer of security to the system.
Another way to prevent DOS is applying reverse proxy, rather a collection of reverse proxies spread across multiple hosting location. By deploying many reverse proxies at different locations, the crush of incoming traffic is split into fractions, lessening the possibility of the network becoming overwhelmed.
Priya I guess both Denial of service and DDos have same effect. Both types of attacks want the same result, and it just depends on how many source machines are used in the attack as to whether it is called DoS or DDoS.
An operating system is the most important software on a computer and provides the graphical interface that allows users to use the computer. It manages the processes, memory, in addition to all hardware and software. Most operating systems are preloaded in computers because they would be useless without one. It allows the average user to communicate with the computer with an intuitive visual interface instead of using a complex computer language.
Multiple programs use the computers memory and processor simultaneously and the OS manages each program and allocates the computers resources. If a OS is compromised, than all of the computers functions, including hardware and software are vulnerable.
Rightly said Joshua. Computer functions along with the data-sets that resides on the Operating system become vulnerable to security breach if operating system is not properly protected. A properly protected OS ensures the availability, confidentiality and integrity of the data sets residing on it.
Operating systems are vulnerable to external and internal risks. Internal control issues can be employees accessing sensitive information that they do not have a need to know. For example, a marketing employee accesses payroll data restricted to HR. Or an employee at a healthcare company accesses patients healthcare data, which would violate HIPAA. Often internal risks can increase external risks. Such as employees downloaded unauthorized software, or not regularly updating software with latest security patches. These lapses can leave information systems vulvernable to malware and other malicious software and hacks.
There are many strategies and controls for these types of risks. A log-on procedure helps protect against unauthorized access by requiring each user to use an individual ID and Password to access the network. Then an Access Token control can be use which contains information about the user including, ID, password, user group, and privileges specific to each user. All actions taken by the user on the network can be regulated by the access token. Such as preventing an employee from editing a database that they may not be authorized to, or accessing sensitive data which is outside of their purview. Logs are also important because it allows user behavior to be scrutinized, which is especially important after a security incident. Logs can also store other information about the system such as firewall activity to monitor unauthorized external attempts to access the network. One more important strategy is to encrypt data in the event that there is a security breach. If sensitive data is accessed by with malicious intent, it is more difficult to decrypt without the keys.
Joshua you brought up 2 great points,One, internal risks can increase external risks- this is absolutely true. A employee using unauthorized software has potential of ip breaches and malware entering the organization. Data retention policy must be followed rigorously. Classification of data for internal entities to clearly understand how to handle that data is important. Second, encryption of data is also a must. Especially in case of physical loss of laptop, flash drive, any storage media. Even if the hacker has physically got the device, if good encryption is in place he data will be secure. At Accenture, we had a software installed on laptops and phones, in case of theft of storage devices this software would delete data from the device whenever the thief would connect it to any network,
List common control issues associated with operating systems and remediation strategy/plan.
Some common control issues and methods of remediation with Operating Systems are as follows:
– Unnecessary Services/Protocols Running – Run protocol scanners and shell commands such as “netstat” to find out all services running on a system. Then determine which are unnecessary vulnerabilities and disable them.
– Privileges Based Upon Groups – Privileges based upon user groups can easily grant authority/access to system areas to users inappropriately. Review each user group, its associated privileges, and user lists to determine if policy is followed correctly regarding access and authorization. Change the policy controls if necessary to ensure that users are grouped and granted privileges appropriately.
– Password Strength – Weak passwords, and password policies, make OS’s vulnerable to intrusion. Attempt to crack passwords with password cracking tools/methods to test for weakness. Review and implement a password policy that requires strong passwords with minimum lengths and character usage, sets password aging, and sets a maximum number of incorrect entries before lockout to prevent brute-force cracking.
– System Updates/Patches – Patches must be installed to prevent known vulnerabilities to continue to exist. Ensure a policy is set to test patches on a segregated network before implementation to prevent interruptions to production environment. Set a policy to install outside peak operation periods.
– System Security – An OS is an enticing target for malware and attacks because an attacker can enter other systems and apps once inside the OS. Add protective measures such as host/cloud based Anti-virus, install NIDS/NIPS/HIDS/HIPS, implement a firewall, and set policy for access for all users at a minimum privilege base setting.
Very insightful answer, Sean. The point you made about unnecessary services/ protocols running is a very good one as it’s very easy that these go unnoticed. Other option is to use the system configuration utility to get an idea of what unfamiliar or suspicious programs are installed and then take the necessary action to safeguard the system. In addition to that, we can also look for open ports by running a netstat -an command for a windows OS as hackers can take advantage of open ports to attack a system.
Q2: List common control issues associated with operating systems and remediation strategy/plan.
There are some popular operating systems that are commonly used by users. Windows, Mac OS, Linux for example. Honestly, I’ve been a PC user for my entire life. Windows is one of the world most popular operating system used by individuals, companies, and educational institutions. Windows has many advantages including user-friendly interface, available software, backwards compatibility, support for new hardware, etc. As opposed to those great features of Windows, there is one common control issue that I want to emphasize associated with Windows.
– Poor security: Compared to other operating systems, Microsoft has a very poor security. It is more vulnerable to virus or malware attacks and easier to be hijacked. Windows itself has its own security settings that require configuration; however, like many other software requiring some type of configurations, it is also very time-consuming process. And not many users are knowledgeable about that.
Remediation Plans
– Poor security
–> Install external firewalls to improve the security
–> Take a time and effort to complete security configuration settings within Windows
–> Periodically check the system in terms of viruses or malware
–> Periodically updates the security patches
Security is definitely a big issue in operating system. Windows security is not that great at all. I remember reading an article mentioning that nearly one million malware threats that can affect Windows systems, are released every day. That’s crazy.
A good way to protect the operating system should be to configure it in a way that it would be used to monitor activity on the network easily and efficiently. This would allow it to reveal who is and isn’t making connections, and point out potential security events.
Is it Windows security is not that great, or is it that the majority of businesses use the Microsoft OS which increases the percentage of attacks on that platform? I think a lot of the security vulnerabilities with Windows has to do with the fact that the majority of businesses use that product as their OS which means that the system is constantly facing attacks from many hackers everyday. I don’t necessarily think iOS, Unix, or Linux are better protected so much as they don’t face as many threats as Windows does on as frequent a basis. With that said, I imagine MS does its best to find vulnerabilities and patch them as quickly as possible because they don’t want to lose market share to competitors or open source platforms.
Great insight Sean. After reading your post, I looked into the differences between Windows and Microsoft OS features.
I’ve came across some key differences as listed below:
-Full access vs. no access
-Licensing freedom vs. licensing restrictions
-Online peer support vs. paid help-desk support
-Full vs. partial hardware support
-Command line vs. no command line
-Centralized vs. noncentralized application installation, etc.
I have enclosed the website below. However, after reading about the differences. I still completely agree with your statement. At the end of the day, it’s whether a company has strong IT Governance in place.
After you did this, I decided to compare Windows to Linux. Below are some interesting things I found out:
Windows has a fairly straightforward version structure, Linux is much more complex. It is common for people to customize Linux because it is open source so it is difficult to pick which Linux distro you want and easier to pick between Windows 7 and Windows 8 for example. Installing Linux is more complex and can involve live-booting while Windows installations can take longer but are a lot simpler, requiring a minimum of user input compared to many distros. Another key difference from Windows is the method of software installation. Rather than downloading a nice, neat .exe file, most Linux programs install from within your distro’s software repositories.
You are absolutely right. I used to think that Windows was weak and that iOS is unbreakable, until I had a discussion with an IT expert. In fact, Windows is not at all weak or inferior than iOS. It just that more people use Windows which makes it a preferable target for hackers.
I agree with you Said. Generally, the PC users are more than IOS users especially in business. My previous company only use Windows operating system and PC related antivirus software. From the hackers’ perspective, if most companies are using Windows OS, they might focus on hacking Windows system, and that might be the reason why Windows OS seems less safe than the IOS.
I agree that hackers might be favorable to windows operating system because a lot individuals and businesses use it today. It’s interesting that I was reading a report earlier, the statistics showing that Apple OS X ranked as most vulnerable operating system.
I think all operating system are vulnerable to hackers, however the risks can be reduced if people adopt some basic computer security measures. For example, installing anti-malware software and run application security updates promptly.
A blue screen of deah is when Window can not operate safely. In general, it is cause by an issue with the hardware (overheating of components or the hardware running beyond its specification limits).
Blue screens are caused by hardware problems and issues with low-level software running in the Windows kernel. In addition, viruses and malware is one of the causes of blue screen.
BSOD is when the operating system reaches a state where it can’t function properly. It appears when Microsoft window encounter’s issue either with software or hardware related and it can’t recover from it.
It occurs when driver running in kernel mode faces an error from which it cannot recover.
It could be due to improper installations of softwares or installation of bad applications, or error caused while uninstalling a particular application.
It be also due to hardware failures like over heating, motherboard issues, faulty RAM.
Most of the times a simple restart fixes it(incase it is a software issue). Else a system restore or repair can help fix it. Worst case reimage may be required.
One of the key aspects of modern computing systems is the ability to allow many users to share the
same facilities. These facilities may be memory, processors, databases, or software such as compilers or subroutines. When diverse users share common items, one is naturally concerned with protecting various objects from damage or from misappropriation by unauthorized users.
Protection ensures that the resources of the computer are used in a consistent way. It ensure that each object accessed correctly and only by those processes that are allowed to do so.
As computer systems have become more sophisticated and pervasive in their applications, the need to protect their integrity has also grown. We need to provide protection for several reasons. The most obvious is the need to prevent the mischievous, intentional violation of an access restriction by user. An unprotected resource cannot defend against use (or misuse) by an unauthorized or incompetent user. A protection-oriented system provides means to distinguish between authorized and unauthorized usage. The role of protection in a computer system is to provide a mechanism for the enforcement of the policies governing resource use. These policies can be established in a variety of ways. Some are fixed in the design of the system, while others are formulated by the management of a system. Still others are defined by the individual users to protect their own files and programs. A protection system must have the flexibility to enforce a variety of policies.
An operating system is the most significant system software related to a computer. It contains programs that interface between the user, processor and applications software. It provides the primary means of managing the sharing and use of computer resources such as processor, memory and I/O devices. It does so by simplifying complex computer language into a GUI which allows users to easily operate a computer.
In essence, the operating system is important because it allows the user to use a computer.
List common control issues associated with operating systems and remediation strategy/plan.
1) Lack of malware protection and firewall – Installing antivirus and firewall
2) Poor password policy – Establishing a strong IT governance which educates employee to use strong passwords.
3) Missing patches/ system updates – DBA keeping up to date with patches and informing the organization of updates and patches that needs to be done.
4) File and share permission to everyone in the network – Establishing a strong IT governance which educates employee to review file sharing groups.
What are your thoughts on administrative mitigation controls regarding malware protection? I think an administrative policy should be in place regarding malware as well. That policy, along with an employee training program, would help to create security awareness in employees regarding threats in email, web usage, flash drives, etc. The policy would not fully eliminate threats from employee actions, but it would certainly help mitigate their occurrence and frequency. Employees, through awareness training, could also become another layer of defense against malware as well.
Sean, indeed, one of the very important tasks for IT auditors is to verify technology policies are adherences. In this case, what do you think a firm should do in addition to develop a malware related IT policy? Let’s discuss during the class. Thx.
Definitely, there should be an administrative policy regarding malware such as using personal flash drives on company computers, visiting suspicious websites on company network. Employee training on security awareness will supplement administrative policies so it makes sense to the employee on why such policies exist in the first place.
These are all great points guys,
A friend’s company (30 employees) had an issue that could have been mitigated with a policy like the ones you’ve described. An intern had found a thumb drive on the ground over the weekend, and when he came in to work on Monday had plugged it in to the USB port. The thumb drive was full of malware that had encrypted all of the company’s data and then asked for a ransom in order to decrypt the data. Eventually, the company engaged a cyber security firm and were able to decrypt the data without the need to pay the ransom. I remember him telling me afterwards that they were considering having some new employees/interns log in using a VDI and a very basic setup to avoid this in the future. Pretty crazy stuff.
List common control issues associated with operating systems and remediation strategy/plan.
Blue Screen of Death (BSoD)
Many people think of blue as a calming color; however, when it comes up on your computer screen with a bunch of white text, it probably has the opposite effect. The blue screen of death (BSoD or STOP Error) may appear to be one of the scariest computer problems you’ll come across. However, all your computer may need is for you to reboot it. This STOP error appears on your screen for a variety of reasons: failing hardware, damaged software, corrupt DLL files, problems with drivers and more. The remedy for a blue screen of death depends on the original problem. The screen provides you with codes that can help you identify and fix your computer problems.
Missing DLL File
Dynamic-Link Library (DLL) files house information for your operating system on how to perform certain functions. Occasionally, your computer loses DLL files or something damages them. When your PC can’t read the particular DLL file, it doesn’t know how to respond in certain situations. You may have a missing or corrupt DLL file if you receive an error message every time you perform a certain function, such as saving. If your computer problems are stemming from missing and damaged DLL files, you can restore them by downloading them back onto your PC.
Applications That Won’t Install
If you’re having trouble with an application not installing, it may be because your computer doesn’t have enough hard drive space. If this is the case, you need to free up some space. This is one of the computer problems that’s, well, least problematic. You can free up some hard drive space by getting rid of files and folders you don’t need. These may be temporary files, duplicate files or data for software you’ve uninstalled.
Applications Run Slowly
There are several reasons software might be running at turtle speed. You may have computer problems that involve your operating system or an application, your operating system might be missing updates or your computer doesn’t have enough hard drive space. If you don’t have enough hard drive space, you can scan, clean and optimize your hard drive.
Abnormal Applications Behavior
Computer problems that involve applications acting strangely oftentimes leave you wondering what has happened. Your application has been working just fine, but now, seemingly without reason, it is doing something strange.
1. Why is so important to protect operating systems?
It is important to protect OS from below factors:
• Protecting the Security of an OS provides the ability to protect it from unauthorized access. It helps in managing the integrity of an OS system and provides the ability to restrict which programs can enter states to exercise hardware instructions.
• It is important to maintain Change Management procedures for an OS so as to keep the system secure from unauthorized access. For example, if an employee leaves the job, it is important to make the changes and remove the access rights.
• Monitoring of an OS is important to manage and analysis of the event log. It is also important to monitor the access to the sensitive directories.
• Availability of an OS is very important. It should be protected from factors such as downtime, system crashes etc.
• Protecting Resource protection: Any entity such as data-sets, programs on the z/OS system is considered a “resource”. These resources need to be protected
2. List common control issues associated with operating systems and remediation strategy/plan.
The following control issues are associated with the operating systems:
• File and share permissions that give up everything to everyone
• Lack of malware protection
• Lack of personal firewall protection
• Weak or nonexistent drive encryption
• No minimum security standards
• Weak security policy settings
• Unaccounted for systems running unknown, and unmanaged, services such as IIS and SQL Server Express
• Weak or nonexistent passwords
Remediation strategy/plan for the above mentioned controls issues can be:
• User groups should be established with properly defined access rights for all the files by the root user or admin user.
• Antivirus and anti-spyware software should be properly enabled and installed so as to ensure malware protection against any kind of breach.
• Personal firewalls must be set so as to ensure malware infiltration, wireless intrusions are blocked.
• It is important to manage the drive encryption of that in case the machine is stolen, it is the only way to protect the data breach. Only relying on the OS encryption is not a good way to control security breach.
• It is important for employees to follow company policies while using official machine even at the home such as SSL for outlook web access, using password with a strong paraphrase to ensure the safety. Network access control(NAC) systems should be well configured. Ensure to enforce it wherever possible.
• Activities like Audit logging, password complexity, password protected screen-savers ensure safety
• Patch management should be securely tested at a lower environment before being applied to higher environment.
Why is so important to protect operating systems?
Operating system (OS) helps run programs on the computer and helps a computer system executes multiple application concurrently in a single hardware containing multiple processing unit. Protection is any mechanism for controlling the access of users or processes to resources. OS integrity is a very important for the protection of data and below features are recognized for it.
1. Interference is in resource utilization imposes a very big threat to operating system. Ensure that there is no interference by the user programs to the main program or default program. Each process has to run independently and yet concurrently without interfering with the other and should not write into the memory of the other program.
2. Ensure that each process has limited privilege and escalated privilege is provided on request alone.
3. Ensure that the user is assigned the correct level of authorization and is authentication to access the resources. Need to protect from deliberate and inadvertent modification
To maintain integrity of the system and the data, the operating system has to be regularly monitored and updated by updating the latest security patches. Not updating the patches regularly can compromise the OS by penetration by external agents.
Any changes made to the system configuration files i. e. the registry can impose a risk to the confidentiality, integrity and availability of the system.
Reason to protect OS:
1. To prevent data loss
2. To prevent corruption of data
3. To prevent compromise of data
4. To prevent theft of data
5. To prevent sabotage
Great insight, Binu and well explained. I’d like to point out that apart from the reasons you shared, it makes sense to protect the Operating systems to avoid financial losses as well. Any company’s primary and long term objectives are to make greater profit and lower costs and minimal losses which would eventually translate to higher earnings per share. In this case, any financial losses and increases cost, means a direct impact (however small or insignificant ) to the gross profit. The cost to fix a broken operating system or one which runs at lower efficiency than required by the business, could run into a significant dollar amount. The higher financial losses could also be in the form of reduced employee productivity due to system downtime.
I agree with you Mansi that their might be financial implications in Operating system going bad, in-terms of data loss. But I do not think there will be any cost involved in a corrupt OS. Normally companies have their own image which is built according to the requirements of the company. If the OS is corrupt, then one can easily reimage the machine and restore the data from back up without any additional costs. And most operating System vendors do support the product as long as the licenses are valid. Cost involved here would only be on buying additional licenses.
You’re right Binu, that’s the case when we’re talking about the OS on a desktop or laptop thought not for the Server OS. Server OS, even if we donot incur license cost again, the downtime and the rebuild activity will add a sizeable cost over a large server estate. Imagine a remote server OS which isn’t protected and which keeps crashing. Everytime the server crashes, we’ll need to get an engineer possibly travel on site to fix the issue. This kind of server will most likely have localised impact to the users on site but it is still adding to lost productivity and added cost for an engineer’s onsite visit.
Q1. Why is it so important to protect operating systems?
Operating systems are an important part of a working computer system. They interact with programs and applications, as well as input and output devices, and control the computer’s memory. Because it is what manages all software and hardware on the computer, it is crucial that it is protected, since this represents a potential single point of failure and access for attackers looking to obtain confidential information.
I didn’t even consider an OS as a single point of failure, but you bringing it up in your response is important. A single point of failure makes protecting the integrity and availability of the OS that much more important, especially depending on the network resource the OS is used to interface with (i.e. an individual work station is not as important as an order application hosted on a Linux run server DB). I’m really glad you brought that point up to remind me and to highlight just how significant a failure of the OS could be for a system on the network.
I agree with you, the disaster recovery plan is significant. Business vulnerabilities are ever increasing and every organization is compelled to make appropriate disaster recovery plans and use advanced technology to keep its network secure and stable. Network-reliant companies find it an absolute necessity to frame disaster recovery policies and procedures to respond to the varied circumstances and problems. In any organization that prepares itself for Disaster Recovery, the three main points to be considered are Prevention, Anticipation, and Mitigation.
Q2. List common control issues associated with operating systems and remediations.
Some common risks associated with operating systems and their remediations include:
-Weak password policies. This can be strengthened by having certain requirements for passwords (character length, need of both upper and lowercase, etc.), as well as requiring it to be changed periodically.
-Improper account management. A solution for this is to create and assign different account levels based on job needs, and implement a regular recertification process to ensure continued justification of account assignment.
-Inadequate patch management. An organization should ensure that there is a policy dictating who is responsible for patch management, and how they should go about it.
-Limited monitoring. It is not enough for an organization to simply have event logs, an organization must also establish who is responsible for analyzing those logs, as well as how often they should do so.
Great post! I was wondering if you have a password policy asking users to have upper * lower case characters, etc. As the passwords become more complex for the users, don’t you think it will increase the number of calls to the help desk for “I forgot my password” requests?
This was one of the challenges for the password policy remedy that I came across.
Absolutely, I agree with you Kshirsagar. The more complex password policy will increase the number of people forgetting their password. This is also a challenge for the help desk service, how to solve it problem. If the password provide some information reminder, it will reduce the frequency of customers to forget their password.
I don’t think forgetting your password is that big an issue. I believe most application or software that required login information have the “Forgot your id/password” procedure. People should be able to retrieve their password on their own without contacting the help desk.
From my experience, user account passwords have to be requested from the help-desk. And I think the group that performs user access management duties has to create/reset/delete user profiles.
I worked in a tech support team and we had maximum no. of tickets for password reset. I agree it can be inconvenient but it is for the security of the data and it is worth the price.
Abhay, you are right. Some organizations’ account passwords have to be requested from help-desk, while others people are able to retrieve their password on their own. It really depends on where you working for. However, I agree with Wenlin that create password hints/reminders will reduce the frequency of people have to retrieve their passwords. Nevertheless, even it might cause “extra work” for the help-desk due to complex passwords but it is better than to have simple passwords that are vulnerable to the hackers and lead to data leakage. I think people forget their passwords all the time, even when the passwords are simple..
Abhay – For my company, yes. It is one of my biggest compalints about my job. I have so many passwords for signing on to many different things. It is very difficult to remember and keep track of. I asked the question to my boss about why and he said the amount of money risked is greater than the cost savings amount that would be saved with less help desk calls.
List common control issues associated with operating systems and remediation strategy/plan.
Some common control issues and their remediation strategies:
No proper definition of roles and responsibilities: The user has to be given the right level of access i.e. administrator or user and be assigned to the correct user group. Users need not be given access to make changes to the registry and restricted privilege to be given for installation of softwares. Make sure Administrator password should not expire.
Disabling unnecessary services: It is difficult to define unnecessary service. Every service has a potential for trouble. The worst vulnerability is 0-day. Apart from the services defined by the OS manufacturer or resource available, trial and error method can help us identify the services that can be disabled and yet not affect the performance of the daily operations.
Open ports: Open ports allow access for others into our system. If any of the ports are not necessary they have to be blocked.
Unpatched and legacy system: Proper security patches have to be updated regularly. If there are problems with the patches a new update has to be ready to fix this issue. There is an interval between when the patch is released and when it is updated. is most vulnerable and this period should be properly established. Make sure that the patches are tested before they are release and can be released phase wise.. Also ensure that the Operating system is still supported by the manufacturer, if not make sure to upgrade it when necessary.
Unencrypted channel: The communication to and between systems has to be encrypted especially while using external networks. The company can make sure that it has a VPN that is required to access the company network.
Unencrypted HDD: Normally without HDD encryption the data on the system can be easily copied. Encryption like bitlocker encryption encrypts the system which requires a 64 bit key to be able to copy content from the HDD.
Clear text Credentials: Credentials should be hashed with salt which will make it harder for bruteforce attack. Strong password policy should be in place. Make sure that the company has policies that require the customers to change password regularly.
Insecure protocols: Some protocols like communication protocol (SLIP) are insecure and should not be used. Another example use https instead of http which is more secure.
I forgot to address the concept of a legacy OS in a network in my response, so thank you for bringing it up. Many businesses run legacy systems because upgrading is not feasible for one reason or another, or not justifiable for the cost(s) associated. I know when I was in the military, there was a contract with Microsoft to continue to patch the Windows version we used, which was very old, solely to keep it operationally safe for use as much as possible until the cost to upgrade military was justifiable enough to get the funding to do so. The patches Microsoft created were not available to the public, so public users had to upgrade if they did not want to be vulnerable any longer with a legacy OS. Another method to respond to legacy OS systems is to segregate them on the network in a DMZ to prevent the rest of the network from being accessed by outside threats if the legacy system was accessed by an unauthorized entity.
I think you raise a good point about how it is very important for organizations to have relationships with their key operating system and application vendors to facilitate release and distribution of product security patches on time.
I agree with your point of open ports. It essential to close those ports since unused services are usually left with default configurations that are using default passwords and can be exploited to distribute unwanted content.
What a great detailed post. I really enjoyed hearing about the Unpatched and legacy system. Many companies forgets that old technologies pose risks as well, and those risks aren’t going away. As legacy systems continue to get more out-of-date, the world around them continues to evolve with that being said, the risks are increasing.
You mentioned hashing passwords with salt, which is something I’d heard about but honestly had no idea what it was. This caused me to research hashing a password with salt, and its use in defense against a brute force attack. Thanks!
2. List common control issues associated with operating systems and remediation strategy/plan
Common control issues that can affect an operating system are:
• High amount of access and share permissions granted
• Lack of malware and firewall protection
• Weak password policy
• Poor patch management
A way to remediate these issues is to:
• Check the group permissions and ensure that the right users are assigned to the right groups and no groups have rights that exceed their job responsibility.
• Ensure that proper antivirus software is installed and that a firewall is present.
• Set length, and complexity requirements for passwords. Also, require password changes within a reasonable amount of time.
• Check for patch updates to the OS.
Nice point, the lack of encryption is definitely a huge risk associated with operation systems, unencypted data or unencrypted channel for information communication means failing to protect your data and putting the brakes on business. Productivity, communication, and innovation decline because of the threat of letting business critical data fall into the waiting arms of hackers and competition.
1. Why is so important to protect operating systems?
In a business perspective, computer system is the basic operating asset of a company where it stores the most essential and sensitive data. An operating system is the platform of a computer, which supports a computer’s basic functions, such as scheduling tasks, executing applications, and controlling peripherals. Most large firms developed its own operating software that runs on different operating systems. Without an OS such as Windows, Linux, MacOS, a company cannot continue to operate, a computer cannot function properly.
The main reason to protect operating systems is to prevent data lose, data breach, malicious software installed in the system, unwanted use of data. According to our books, If the OS is not controlled properly, it’s like locking the door but leaving the windows open. People can exploit security weaknesses at those other layers in many ways and disrupt the integrity, reliability, and security of the application systems. That is why security controls should be inplace to prevent failure of operating system.
Source: IT Auditing: Using Controls to Protect Information Assets
After reading your post I thought to myself, what would it be like if operating systems were only used by one company and there were no common operating systems like Windows or Mac OS? Think of it this way, if the operating systems were specific to each business, then growing up we would not develop the computer skills that can be transferable from business to business. Therefore, each company would have to spend a significant amount of money training new hires to their specific operating systems. I think have only a handful of different operating systems and GUI’s benefits organizations since users can develop these skills on their own time and bring those skills into the workplace.
I completely agree with you Paul. Indeed, developed a new operating software and new operating system can significantly enhance the safety of OS and better protect the company’s information assets. However, it requires huge amount of investment in developing and employee training. This method seems more reasonable for huge corporations which have demand in top level of information assets protecting. For the most common public companies, developing a new system may be not a reasonable choice.
Nice point, any breach of confidentiality, integrity and availability of operating systems may cause system outage, data loss. For an organization, insecure operating system may put the organization at high risks, financial loss, data leakage, reputation damage, which are very disastrous.
List common control issues associated with operating systems and remediation strategy/plan.
Control issues:
Trojan Horse – program that secretly performs some maliciousness in addition to its visible actions.
Virus – fragment of code embedded in an otherwise legitimate program, designed to replicate itself ( by infecting other programs ), and ( eventually ) wreaking havoc
Worm – process that uses the fork/spawn process to make copies of itself in order to wreak havoc on a system. Worms consume system resources, often blocking out other, legitimate processes.
Denial of Service ( DOS ) – attacks do not attempt to actually access or damage systems, but merely to clog them up so badly that they cannot be used for any useful work
Remediation strategy/plan:
Having the system print usage statistics on logouts, and to require the typing of non-trappable key sequences such as Control-Alt-Delete in order to log in
Configuring firewalls to prevent unauthorized Internet users from accessing organizations’ network connected to the Internet, especially intranets
Using spyware detection tools to detect and safely remove spyware
Good post, after reading your post, I realize that how important operation systems are. An operating system (OS) is system software that manages computer hardware and software resources and provides common services for computer programs.
2. List common Control issues associated with operating systems and remediation strategy/plan.
Common control issues:
1. Weak password setting
– Having certain requirements of password setting
– Constant change of password
2. Lack of malware protection
– Firewall
– Anti-virus software
– Hire hackers to hack to system to see how well the system can be protected
3. Authorized assess are given to employees inappropriately
– Clearly identify roles and responsibilities for employees
4. Infrequency in patch management and update
– Policies set up for patch updates
– Test the patch before release
I agree with your patch management point. Just to add on that, I think timing is important too. Especially, for the security updates, they should be done in a timely manner and must be made in a controlled and predictable way. If the patch application process is organized and controlled, the system may drift from the compliance with assigned patch.
Patches can slightly strengthen the resistance to malware such as zero day attack. However, I don’t think patch can affectively remediate risks caused by zero day attack because patch management and update takes longer time to write so the system can be compromised before the vulnerability is fixed. Zero-day threats are always one step ahead before or after the patch is updated,
To stop zero-day threats
1. Use firewall wisely
2. Use only essential authorized applications
I agree with you! The reason why “Zero-day attack” has its name is because it is exploited and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability. Therefore, patch cannot effectively remediate the risk caused by “zero day” attack
Good post, Yu Ming, today’s threats have substantially changed, creating a reality wherein Windows XP vulnerabilities can put an entire company and its data at risk. To protect against vulnerabilities for which software patches will no longer be made available, using a vulnerability protection solution such as Trend Micro™ OfficeScan™ Intrusion Defense Firewall is advisable. Vulnerability shielding works on the premise that exploits take a specific or definable network path to and from an application in order to use a vulnerability. It is, therefore, possible to manipulate the network layer through rules to control the communications being made to the targeted software.
The operating system is more important than the hardware. The OS not only manages a computer’s tasks but also optimizes the performance. When several tasks are running at the same time and trying to access the CPU, memory and storage, OS then organizes the requirements and allocates proper resources to tasks.
It is basically a tool for us to communicate with the computer through the user interface without knowing computer’s language.
Why to protect:
OS needs protection to ensure that each program component that is active on a system is using resources only in ways defined in stated policies. These policies are either developed by the management of the system or are fixed in the design of the system.
The OS is also allowing users to access organization data. With that in mind, a compromised OS can give permission to a hacker who can then damage different application, steal/corrupt/delete important data, etc.
I wouldn’t say that the operating system is more important than the hardware. A computer can still operate without an OS through computer language but a computer cannot operate without its hardware. It is as you said, an OS makes operating a computer much easier for people who do not have knowledge in computer language.
I meant in the context of an user, a hardware will be useless if there is no medium to communicate with the machine. And that’s where the importance of OS and the UI comes into the picture.
Good point Yang Li. You are right, without the operating system, the hardware can keep working. However, the OS makes the device easier to use for common PC users, besides, many attacks like malware or phishing attacks are using the weakness of operating system. Without appropriate protection of the OS, PC users’ personal identify information and other sensitive data like online banking account and the passwords may be monitored by attacker through Trojan Horse, which higher the risks in damaging the users’ assets.
I like your point about risking the organization’s data. Not only does exposing the OS to vulnerabilities effect the user’s data but also keeps the data of the organization (confidential/ client related/ business) in the hotspot.
Agreed Abhay, the operating systems provide access to those who are authorize. If that is compromised then it will be a huge risk since all the important information is stored within the OS. There must be safeguards in place that assign which users can access what system within the OS also. If everyone within the company has assign to all the databases then they can steal information or make changes that can be severe for the company. So making sure in the OS who has authorize access to what is very important and will mitigate potential risk.
List common control issues associated with operating systems and remediation strategy/plan.
The security controls depend on the configuration of the system and the sensitivity of data that is processed in the system.
The control issues are:
> Improper user access permissions
Remedy: Creating different user groups to define user privileges for files by the administrator.
> Unblocked ports: Port scanning can expose open ports and computer’s network services information can be obtained by an attacker to decide which port to use for an attack.
Remedy: Identify the processes that are keeping the ports open, check of the processes/services requiring the ports to be opened are required or not If not, configure the application to stop the service.
>Weak Password Policies: Weaker passwords or blank passwords can put the organization at risk.
Remedy: A password policy with a seven-character limit can be cracked by password decryption software in a matter of minutes. I think a good password policy should at least have a 20 plus character password (ideally a passphrase; easy to remember). It is important to also teach employees of the concept of passphrases.
>Patch Management: The common practice of “install and forget,” which means that systems after deployment are either not updated frequently or never updated.
Remedy: Systems should be updated timely with software updates. There should be a patch scheduling mechanism in place to serve as a guideline for scheduling plans.
I agree that weak password or black passwords can put the organization at risk. Choosing a complicated password can increase the number of possible combinations of password. I would add to that the system should block the account or require secondary authentication if an incorrect password is entered too many times in order to prevent hacking.
It still boggles my mind that many users still use weak passwords when most know of the cyber threats common in this day. For some organizations and users, there is an extremely large amount of valuable information that is only being protected by a password as easy as Dogs123. With that being said, one of the best ways to improve authentication controls is not only to establish a complex password requirement for users, but also inform users on how to remember complex passwords. If you were to view the link I listed below, taking the first letter from a phrase you can remember will make your password complex but also allow you to remember them. I started using this technique about 4 years ago when I was a freshman in college. It is a great way to keep and remember stronger passwords and really should be something taught throughout an organization.
Hi, Paul
Thanks for sharing, very interesting technique! I think this technique helps solve the problem with passwords being too simple, but I believe there is still possibility that people will forget about the phrase. Adding password hints might be a good idea.
Protecting operating systems (OS) is important due to nature of functions performed by OS system wide. The OS is responsible for managing all compute functions running on system sharing hardware system resources (CPU, Memory, Disk, I/O devices). The OS manages process multitasking, resource time-sharing, inter-process communication (IPC). The OS is responsible for protecting individual application running from interfering with each other, accessing each other trusted compute base (TCB) in terms of virtual memory space and disk blocks managed by different processes.
List common control issues associated with operating systems and remediation strategy/plan.
The Operating System controls are part of every OS to protect end to end compute base. Operating system by default offers process traffic isolation to separate and protect trusted compute base (TCB) of each application/process running on the same system. The controls start from Access controls, password requirement, logging activities to remote syslog facility, protecting against malicious software, and finally performing logic isolation of compute resources like in case of multi-tenant cloud computing.
The access controls is concerned with permitting authorized users to log in system (OS), logging all their activities, incorporating role based access control (RBAC), and possibly two factor authentication. Instituting strong password (number of characters, special characters, password history, lock out policy after failed attempt) is one of the important OS security controls.
Why is so important to protect operating systems?
An operating system is a program that manages all application and application programs on your computer. All major computer platforms both hardware and software require an operating system. Since these operating systems are the base of so many other applications we need to ensure their integrity, confidentiality and availability. Therefore, OS security can protect it from threats, viruses and malware. If we did not protect our OS the integrity of information on our machines would be compromised.
List common control issues associated with operating systems and remediation strategy/plan.
Common controls we find with OS systems are listed below:
– Weak Password – requiring users to create more complex and strong passwords to prevent hacking.
– Lack of protection from network traffic – install a firewall and antivirus to prevent threats and leaks of important information from your machine
– Employees having to much access – creating secure accounts with required privileges only
Q] Why is so important to protect operating systems?
A] Operating system is the backbone of computer. It handles Memory Management,Processor Management, Device Management, File Management, Security, Control over system performance, Job accounting, Error detecting aids, Coordination between other software and users. The security of OS has fundamental impacts to the overall security of a computer system, including the security of all applications running within the system. An attack that infects OS has potential to expose danger to the running application and further attack other applications.
Question: Why is so important to protect operating systems?
Security refers to providing a protection system to computer system resources such as CPU, memory, disk, software programs and most importantly data/information stored in the computer system.
In today’s business world, personal computers and other mobile devices are widely used in storing an organization’s information assets like employees’ personal information, payroll process, or order to cash process data. Without appropriate protection of operating systems, the Trojan Horse, Warms or other malware may allow attackers monitor the system flow and copy the sensitive information like bank accounts and passwords, which may cause huge damage for the organization’s information.
To mitigate the potential risks of data leak, operating systems need to be protect by antivirus software or other preventive controls.
It is too risky to store all the sensitive information in our operating system without appropriate security on the operating systems. If the OS allows unauthorized assess to the organization data, it can lead to system downtime, virus, trojan, or data stolen.
Question: List common control issues associated with operating systems and remediation strategy/plan.
Common control issues:
– Lack of accessible authority control
– Lack of antivirus protections
– Do not have backup plan
– Lack of updating the operating system
– Lack of detective control to recognize the malware
These common control issues may cause serious problems like data leak, loss of personal identify information, and damage other information assets of the organization. To mitigate the risks caused by common control issues associated with operating systems, here are some suggestions:
1. Enhance the accessible authority control by setting passwords of the operating system and different authority levels to access the system.
2. Use antivirus software to ensure the operating system do not have any Trojan Horse or Worm.
3. Setting a backup and disaster recovery plan to make sure the operating system can maintain running, and recover the information.
4. Updating the operating system to the newest version.
5. Using the protection function of antivirus software to detect the malware.
Q] List common control issues associated with operating systems and remediation strategy/plan.
A] OS has to provide a confidentiality, integrity and availability to the system. OS security may be approached in many ways, including adherence to the following:
– Unauthorized access to the system – OS can have different users accessing different parts of memory. The software should have access level denied. Changes to OS dependent files must be restricted. At least 2 factor authorization must be provided. And authorization to determine level of access. read write, edit, execute etc.
– Patch management – Hackers come up with new attacks everyday and OS vendors release security patches to remove the vulnerability. Performing regular OS patch updates to keep systems up to date is a must.
– Networking security issues – Any device trying to connect to the network must be authorized and authenticated by the OS.Scrutinize all incoming and outgoing network traffic through a firewall
– User policy – Restricting access to files, network and terminal access , password change and locking should be deployed though user policy.
– Open ports – Open port that generally restricted by firewall can cause serious harm.
– Encryption – The storage media like HDD on the OS must be encrypted. The channel via which systems communicate must be an encrypted channel.
– Install updated antivirus engines and software and scan systems regularly.
Nice post Priya. other common control issues associated with the operating systems may include make a habit of cleaning up the computer on a daily basis and every time that you finish browsing the internet, perform regular operating system patch updates, install updated antivirus engines and software, scrutinize all incoming and outgoing network traffic through a firewall and create secure accounts with required privileges only.
1 Why is it so important to protect operating systems?
The importance of protecting OS can be understood by understanding the impact on an OS that is not protected :
• Potentially allowing unauthorized access – could lead to a compromised system and information integrity due to unauthorized access
• Administrator authority is given to too many people and often of the level that is much higher than required to perform regular tasks needed for the job – this means that the administrators can knowingly or unknowingly harm the system.
• Systems are prone to attacks if not protected so a system that is not protected could be broken into easily which poses threat to the information on the system. The system could be subject to theft of data – be it personal or proprietary, which could have different outcomes depending on what data is stolen.
• An unprotected OS could lead to financial loss – small or big. A laptop or a desktop that crashes or is broken into could require money being spent in fixing the system, permanent data loss could occur and even intellectual property could be stolen. System down time could mean lower employee productivity and lost revenue in the form of chargeability.
Operating system, executed on the top of a bare machine of hardware that allocates the basic resources of the system and supervises the execution of all applications within the system. Because of the crucial role of the operating system in the operation of any computer systems, the security (or lack of security) of an operation system will have fundamental impacts to the overall security of a computer system, including the security of all applications running within the system. A compromise of the underneath operating system will certainly expose danger to any application running in the system. Lack of proper control and containment of execution of individual applications in an operating system may lead to attack or break-in from one application to other applications
Great point Ming, improper care of individual applications in the operating system leaves the system vulnerable to attacks. Risk measurements must be in place to safeguard against this so that the operating system will be intact and safe. Individuals must know what to do in case of any scenario that can unfold. There must be meetings discuss of potential attacks and how to handle in each. This knowledge will save the company in the future by having individuals be alert of any potential danger that may occur.
Why is it so important to protect operating systems?
The operating system is essentially the “middle man” between a computer’s software and its hardware. This means that it is the operating systems that allow the applications access to computer resources such as the CPU, hard drive, network, and many other information system components. With that being said, it allows millions of software applications to be used on a computer all while providing the user with a familiar graphical user interface to start the software. From a security standpoint, this means that the operating system needs to be protected with the two important areas being access to data and hardware. If an operating system is compromised, a “bad guy” can attempt to perform a denial of service which means that the organization’s hardware is strained past capacity, causing information technology to crash. Likewise, a “bad guy” can have access to data through the operating system to either manipulate or extract for sale. Due to this, it is extremely important to protect the operating system.
List common control issues associated with operating systems and remediation strategy/plan.
Two common control issues related to the operating systems is that of unauthorized access and patch management. Since the operating system can access both software and hardware, allowing an unauthorized user access to a system enables them to cause a significant amount of damage. This damage can either be to create an effect on the computer hardware or steal information. Due to this, it is important to have authentication steps logging into a computer as well as restrictions on the types of actions a user can perform once logged in. Likewise, patch management is another key control issue associated with operating systems. If an operating system has a bug or defect, it could potentially cause a disturbance in the information systems as well as be a potential vulnerability to malware. Therefore, it is important for a company to have controls which make sure patches to systems are identified and implemented in a timely manner.
1. Why is it so important to protect the operating system?
a. The operating system can be viewed as the foundation for the computer, because the hardware and operating system need to communicate in order to reach the computer’s full potential. The operating system organizes the software and hardware of a computer and also, “acts as a scheduler and traffic controller”. I read an analogy online of the operating system play the role of a good parent to make sure that the applications get the right resources (memory, etc) from the hardware.
If the operating system was attacked the issue could then flow over into the applications and the hardware. Data could be corrupted, and stolen, and the users may not be able to access the applications due to corruption.
Why is it so important to protect operating systems?
Operating systems are important since it is the tool we used every day to enter information and get information from the system. It is our way to communicate with the machine and to make it function. The operating system must be clear of viruses or malware so that information on it is protected. If a hacker was able to get access to the system then they could steal important information and even corrupt the system and make it inaccessible. Without a way to get back into a system could be a huge issue since important information lays within the system. Operating system thus must be protected from all these things so that we can function and have our information be secure. We hold important programs on the operating systems and losing that will be a huge blow. We must also be aware of our surroundings and make sure the operating system is back up just in case. A spill of some sort onto the machine could cause serious damage so that just comes to show us that anything can cause damage to the Operating system. We must make sure the Operating system is protected on all levels to prepare for anything that can happen.
2. List common control issues associated with operating systems and remediation strategy/plan
Common control issues that can affect an operating system are:
• High amount of access and share permissions granted
• Lack of malware and firewall protection
• Weak password policy
• Poor patch management
A way to remediate these issues is to:
• Check the group permissions and ensure that the right users and assigned to the right groups and no groups have rights that exceed their job responsibility.
• Ensure that proper antivirus software is installed and that a firewall is present.
• Set length, and complexity requirements for passwords. Also require password changes within a reasonable amount of time.
• Check for patch updates to the OS..
good post Daniel, other may include make a habit of cleaning up the computer on a daily basis, or weekly, and every time that you finish browsing the internet, protect regular OS patch updates.
List common control issues associated with operating systems and remediation strategy/plan.
Some of the common attacks are:
• Denial-of-service (DOS) Attacks – Attacks that prevent the use of the operating system by gaining access to the system and flooding the system until it overloads or send invalid data to the system which cause abnormal termination.
• Password-Based Attacks – Attacker gets into the system by over hearing your password or having your computer unlock so that they are able to just access the system without having to enter a password. Mostly it is done by eavesdropping or using tools to generate multiple attempts for password login. But once their into the system, they are able to access everything and can modify, delete, or transfer data.
• Malware – Attackers that are trigger once the user clicks something that opens the virus which will enter the system to corrupt it and cause damage for the user.
Plans that can prevent these attacks are regularly updating the system software and keeping virus protection up to date. Making sure the system is lock when you are not using it and never letting anyone know your password into the system. Be aware of what you clicking on and not opening something that looks suspicious and searching the email address if it was sent by email up to make sure that it is not a scam. There must be software in place that regularly scans the system for any intrusion and virus scanning software must be run daily to scan the system to make sure there is nothing suspicious.
Q 2 List common control issues associated with operating systems and remediation strategy/plan.
=> Some of the common control issues associated with perating systems and their remediation strategy are listed below:
• User access to shared files and network drives – this could mean giving maximum rights to a user which could lead to unauthorized access or higher level of access than intended. The remediation is to set up appropriate file permissions for each user or user group to ensure that the user only has the appropriate access permissions.
• Vulnerabilities – The IOT(Internet of Things) devices used increasingly these days are easy routes to spread malware. Computers that have such devices communicating with them are at a serious risk of being infected with Virus and malware. The remediation to this issue would be to use the right Antivirus and Firewall software coupled with regularly updated virus definitions and the latest OS patches.
• Data available on disk which could be stolen easily – The right way to tackle this issue would be use file encryption software and whole disk encryption software so that data on a system that falls in the wrong hands would still be difficult to tap into.
The Operating system is the link between the User and Computer. It provides, now graphical user interfaces to the underlying hardware, and allows the user to execute software away from the command line. Examples of operating systems are: Windows, Linux, and iOS. The operating system is used to allow the user to input commands, via and I/O device, which the hardware will perform and complete the commands.
It is important to protect the operating system because:
1. The OS is the level where controls and policies are configured
Intruder may access areas of the network that are considered “sensitive”
2. The OS accesses the hardware
Intruder can overwork the hardware and kill it
Intruder can access other devices on the network
3. The OS is complex
Intrude can hide on your network and watch what you do. It is difficult to figure out you have been hacked. Many times, you don’t even know until your computer breaks, tells you to pay someone to get information back, or it is broadcasted on the news.
Even with a top notch policy plan, there may be some control issues that arise and every organization should have a remediation plan to reduce the down-time associated with the failure. Here are a few I have experienced.
1. Accidental – This would be the failure of equipment or untrained users. An example would be an old operating system, firewall, or anything that doesn’t get security updates from the provider or an employee not protecting their passwords
2. Deliberate – This is a planned attack for gain. It may be to gather information, bring down an organization, or hold data hostage. Malware may be installed by a disgruntled employee who is seeking revenge.
The best way to combat accidental and deliberate control issues is to have an accurate Enterprise Architecture blueprint. This will list the device names and versions. When each vendor provides a patch, a beta test of the patch can be performed, and if it checks out, a script can be created to push down the patches (Patch Management).
Keep an active security software solution for: Operating System, E-mail, firewall, and internet. Manage each solution on a daily basis. This will reduce the areas of penetration and increase awareness of new threats posted by the security provider.
Set controls for your employees. Only allow employees access to areas of the network required for the job. Monitor employee usage and limit access to the internet. You can also provide employee training on technology security best-practices. This will limit the chances of an employee accidentally causing an issue.
Why is so important to protect operating systems?
Computers are frequently used to surf the internet and for work, and many important data is included in the computer. So hackers may attach the computer if the security of its operating system is low. So protecting the operating systems are really important. Reasons see below:
Browsing history: when we browse the internet, the computer records the history of websites we have visited. So if the files are not deleted, other people can easily access the operating system and steal important data.
Cookies: cookies are files that originate from websites that we have visited. Cookies will remember the name, shopping preferences, items of interest, and other information. Hackers often use cookies to find out sensitive information.
Documents: computer stores documents that we recently worked on. If the security of OS is low, hackers can easily access the computer and view and steal the files that include sensitive information and data.
Nice point, I agree with you, when we use our personal computer, we usually tend to store personal and sensitive on it, such as default password, payment method, for convenience and process money movement or other high-risk transactions. If the security of OS is low, the computer may be easily broke through, and those sensitive data may be stole for misuse.
List common control issues associated with operating systems and remediation strategy/plan.
People should:
1) make a habit of cleaning up the computer on a daily basis and every time that you finish browsing the internet.
2) perform regular operating system patch updates
3) install updated antivirus engines and software
4) scrutinize all incoming and outgoing network traffic through a firewall
5) create secure accounts with required privileges only.
I agree that patches and updates are critical to keeping the OS layer in good shape. Patches are released for a reason – because someone found a bug and it needs to be fixed. If that bug is related to security, then by not patching you’re basically saying that you know your risk of exploitation is high and you know there’s a way to fix it, but you aren’t going to do it. Patches should be thoroughly tested as soon as they’re released, and then implemented within 30 days in order to ensure the shortest amount of time a system is knowingly vulnerable.
Q:Why is so important to protect operating systems?
A:The operating system is the fundamental software that supports the basic functions of a computer. It serves as a basic control panel that manages the core of a computer. It is also the necessary tool for us to communicate with a computer which will further comprehend the data and information upon storage. Protecting the operating system means to secure the primary platform which essentially allows storage of our information. By creating a safe operating system, it will less likely to leak any of our valuable documents that might contain sensitive information that could be taken advantages if obtained by others. The security of the operating system is the key to protect our assets.
Hackers attack those computers that their security of its operating system is low. Hackers use a scanner to see an area’s computers, and target on those low security OS. Internally, employees may leave some sensitive data and information in the browser, emails, etc. that would also bring more threat to the company and personnel.
Q:List common control issues associated with operating systems and remediation strategy/plan.
A: Some common control issues associated with operating systems:
-Mandatory/Hidden installations of 3rd party softwares and plug-ins
-Malware while surfing on the internet
-Operating system becomes extremely slow
-Application compatibility
Remediation Strategies:
To prevent installations of many softwares and plug-ins, a firewall or an antivirus software is recommended, preferably a quality one with good reputation. This would also be a great tool to detect and eliminate malware since many websites we are viewing today have a great chance of having it. Excessive installations of softwares, storage files, cache and buffer files would slow down the operating system drastically. Therefore, it is also necessary to clean up the operating system every once in a while and defrag all drives. Since many applications are compatible with only certain operating system, the only possible solution is to find a similar program that would run through the operating system of your choice.
An OS takes care for all input and output in a computer system. It manages users, processes, memory management, printing, telecommunication, networking etc.
It sends data to a disk, the printer, the screen and other peripherals connected to the computer
And because every machine is build different, commands for in or output will have to be treated differently too. In almost all cases an Operating System is not one large big behemoth but consists of many small system programs governed by the core or kernel of the OS. Because of the compactness of these small supporting programs it is easier to rewrite parts or packages of the OS than to redesign an entire program.
In general programmers only have to make a “call” to the system to make things happen
This not only makes their live less miserable but the production time becomes shorter. As well as that programs can run on different types of machines with the same family of CPU’s without changing anything in the program. This is what makes a standard Operating System so important.
Great post Shizhong! I agree with your mention of general programmers and how their lives can be less miserable when it comes to protecting operating systems.
Agree with you, shizhong, An OS are responsible for all input and output in a system. This not only makes their live less miserable however, the time shortened. Also that programs can run on different types of machines with the same family of CPU’s with nothing changed in the program. This is what makes a standard OS so important.
Q: Why is so important to protect operating systems?
A: If you think of a computer system as a pyramid, the operating system is the base upon which everything else rests. It’s the foundation for everything to operate. It manages system memory, software, hardware, and important/sensitive information that is needed to keep everything running. The OS also allows you to “talk” to your computer and configure and design things within it at a more base level without actually having to know machine code. For these reasons it is crucial to protect the OS. If a hacker gains access to the OS, he gains access to everything. Critical data (financials, PII, passwords, etc.) could be accessed and used against the company or merely released, creating security issues for the company, the users whose data was released, and the publicity nightmare of being yet another company who couldn’t keep their user’s/customer’s personal information safe.
Q: List common control issues associated with operating systems and remediation strategy/plan.
A: Access control – users having access only to what they need access to and no more.
A strict access control policy should be implemented. For a Windows OS, Active Directory is a powerful tool that can be implemented to help keep access control in line. AD groups can be set up for different roles and responsibilities and provisioning to that group would be how access is granted. That prevents additional granular permissions from being granted accidentally. AD can also be linked to a company’s HR management solution to enable auto-deprovisioning if a user is termination. AD can also be used for password management.
A: Vulnerability Management – keeping the OS secure and hardened against hackers
Employing a vulnerability scanning tool can be very effective in detecting and then fixing critical vulnerabilities that could otherwise be exploited by hackers to gain access to the system.
The OS are essentially the brains of the computer that interfaces with all of the peripheral components. It also prioritizes certain processes and allocates available computing resources to certain applications. In addition it is how the file systems are accessed. Due to these reasons, it is critical to secure the operating system.
Great summary Paul. It is crucial to protect your operating systems. Without an operating system, interacting with peripherals or secondary, non-essential input and output devices on a computer would be much more complicated.
List common control issues associated with operating systems and remediation strategy/plan.
System hardening standards, build document and build process
Configuration – unused services/client firewall
OS version and Patching
Anti-virus/malware with latest .DAT
Password setting and/or other authentication methods
Remote access
Audit trail and monitoring
Disk encryption
Physical security
It is important to protect operating systems because the operating system is the first level of software which allows your computer to perform useful work. The operating system organizes hardware and software of the computer in order to ensure integrity, confidentially and availability. Operating systems are meant to protect against viruses and system threats. Without an operating system, interacting with peripherals or secondary, non-essential input and output devices on a computer would be much more complicated. This is because operating systems interpret the data that peripherals provide and present it to users in standardized formats.
OS is a software that designed to run on specific hardware. OS interfaces between the applications and hardware. An operating system has three main functions: (1) manage the computer’s resources, such as the central processing unit, memory, disk drives, and printers, (2) establish a user interface, and (3) execute and provide services for applications software.
if the OS is attacked, everything on the hardware not be accessible, and a damaged OS could potentially be used to damage the processors, the applications installed, other software installed, and the data/files stored on the system.
List common control issues associated with operating systems and remediation strategy/plan.
Common issues:
1. weak design and implementation can lead to a compromise of system by potentially allowing unauthorized access.
Lack of administration of accounts can lead to a compromise of system integrity by potentially allowing unauthorized gain access to sensitive areas.
2. change management risks,
lack of change management procedures would lead to a compromise of system integrity by allowing unauthorized gain access to sensitive resources.
Controls:
1.Creating multiple policies
2.Policies can be turned on or off
3. Policies are “inherent” and “cumulative”
4. Local Policy vs. Domain Policy (local ->Site->Domain -> OU->Child OU’s.
5. Policy Replication (AD and SYSVOL)
List common control issues associated with operating systems and remediation strategy/plan.
The Operating System controls are part of every OS to protect end to end compute base. Operating system by default offers process traffic isolation to separate and protect trusted compute base (TCB) of each application/process running on the same system. The controls start from Access controls, password requirement, logging activities to remote syslog facility, protecting against malicious software, and finally performing logic isolation of compute resources like in case of multi-tenant cloud computing.
The access controls is concerned with permitting authorized users to log in system (OS), logging all their activities, incorporating role based access control (RBAC), and possibly two factor authentication. Instituting strong password (number of characters, special characters, password history, lock out policy after failed attempt) is one of the important OS security controls.
List common control issues associated with operating systems and remediation strategy/plan.
Control issues:
Trojan Horse – program that secretly performs some maliciousness in addition to its visible actions.
Virus – fragment of code embedded in an otherwise legitimate program, designed to replicate itself ( by infecting other programs ), and ( eventually ) wreaking havoc
Worm – process that uses the fork/spawn process to make copies of itself in order to wreak havoc on a system. Worms consume system resources, often blocking out other, legitimate processes.
Denial of Service ( DOS ) – attacks do not attempt to actually access or damage systems, but merely to clog them up so badly that they cannot be used for any useful work
Remediation strategy/plan:
Having the system print usage statistics on logouts, and to require the typing of non-trappable key sequences such as Control-Alt-Delete in order to log in
Configuring firewalls to prevent unauthorized Internet users from accessing organizations’ network connected to the Internet, especially intranets
Using spyware detection tools to detect and safely remove spyware
Source: https://www.cs.uic.edu/~jbell/CourseNotes/OperatingSystems/15_Security.html
Agree with you huming, I notice that you mentioned trojan horse which I am really interested on it.
A Trojan horse containing malware may also be referred to as simply a Trojan or a Trojan horse virus. Unlike a true virus, however, malware in a Trojan horse does not replicate itself, nor can it propagate without the end user’s assistance. Because the user is often unaware that he has installed a Trojan horse, the computing device’s security depends upon its antimalware software recognizing the malicious code, isolating it and removing it.
Ian M. Johnson says
The operating system is the primary level of software that allows your computer to accomplish beneficial work. The operating system and its roles are key to making informed decisions about your computer. It manages the computer’s memory and processes, as well as all of its software and hardware. It also allows you to communicate with the computer without knowing how to speak the computer’s language. With that said, the operating system contains the software, hardware, applications, programs that contain valuable information. If you do not secure your OS, the hacker can obtain proprietary information, practically control your machine, and could essentially destroy your computer (stolen, edited or deleted).
https://www.cs.uic.edu/~jbell/CourseNotes/OperatingSystems/15_Security.html
Brou Marie Joelle Alexandra Adje says
Indeed Ian, the operating system is the key to making informed decisions about one’s computer. I’d say that it is similar to a resource manager and handles decision making and interruption. It manages the time for tasks to occur.
Priya Prasad Pataskar says
Absolutely correct Ian and Alexandra.
Operating systems deals with memory management. It decides which process will get memory at what time.Trojan or virus affects the systems once they are picked up by the operating system and placed in RAM to be executed.
A memory protection key mechanism divides physical memory up into blocks of a particular size (e.g., 4 kiB). Each block is associated with a number value i.e the protection key. Each process also has a protection key value associated with it. Both the values are matched before memory block is accessed.
Shizhong Yang says
I totally agree with you that the operating system is the primary level of software that allows your computer to accomplish beneficial work. Therefore, it is so important to protect operating systems.
Ian M. Johnson says
^^^^ Why is so important to protect operating systems?
Ian M. Johnson says
List common control issues associated with operating systems and remediation strategy/plan.
The OS must protect itself from security breaches, such as runaway processes ( denial of service ), memory-access violations, stack overflow violations, the launching of programs with excessive privileges, and many other like Breach of Confidentiality, Breach of Integrity, Breach of Availability, Theft of Service, and like I said above: Denial of Service, DOS.
Some of the ways they can do that include:
• Performing regular OS patch updates
o Issue: Lack of formal change management procedures could lead to a compromise of system integrity by allowing unauthorized access gain access to resources like Patch Management
• Installing updated antivirus engines and software
• Scrutinizing all incoming and outgoing network traffic through a firewall
• Creating secure accounts with required privileges only
o Issue: Lack of Administration of accounts can lead to a compromise of system integrity by potentially allowing unauthorized access gain access to sensitive areas
Unauthorized modification of data, which may have serious indirect consequences. For example a popular game or other program’s source code could be modified to open up security holes on users systems before being released to the public.
• Strategic design of system, software, and hardware can help with security howver this can be expensive and take a long time to implement. Advancements with technology and the cloud have helped with this.
o Issue: Weak Design and Implementation can lead to a compromise of the system by potentially allowing unauthorized access.
slides and https://www.cs.uic.edu/~jbell/CourseNotes/OperatingSystems/15_Security.html
Tamer Tayea says
Hi Ian,
One point to add to what it is important to protect operating system , The importance comes from the way OS manages shared compute assets in memory and disk. OS protection provides logical isolation of multi-tenant compute environment, in which each application need not to interact with memory/disk/CPU cache allocated to other application.
Paul M. Dooley says
Tamer, interesting perspective and I agree it’s important to have the fundamental understanding. Shared resources are critical in the review.
Brou Marie Joelle Alexandra Adje says
Why is it so important to protect operating systems?
The operating system provides an interface to the underlying hardware and data and is a platform on which various applications execute their operations. Hence, the security of the operating system is a necessity for the overall system security. Today most commercially developed operating systems provide security through authentication of the users, maintenance of access control mechanisms, and provide trusted applications to modify or manage system resources.
In an organization, critical data can be accessed through the operating system. It would be catastrophic for a competitor to obtain confidential files. Protecting the operating system is one way to take precautions to protect information assets.
Yang Li Kang says
As we learned from answering the second question, Yes, operating systems do offer some level of security but they are not as secured. Additional layers of security in the form of third party applications such as antivirus and administrative policies should be implemented.
Ian M. Johnson says
Yang, what would be a good example of an admin policy here? Do you think instructions and education exercises to ensure, for example, proper user usage? I could see the helping security.. Could also serve the purpose of interpreting the requirements of the system and how employees or user could affect the system in negative ways if they do not follow code.
Seunghyun (Daniel) Min says
Ian,
One example of the administrative policies that I can think of is the authorization controls. For example, in the Windows operating system, you can create accounts and allocate gradual accesses to those accounts by which actions or authorities you want to give to each account.
Shizhong Yang says
Hi Alexandra Adje, I totally agree with you that protecting the operating system is one way to take precautions to protect information assets.
Sean Patrick Walsh says
Why is so important to protect operating systems?
The operating system is the software that allows a user to operate a computer system. It is the interface that allows a user to communicate with an entire system that they would not independently be able to communicate with and operate. An OS is what manages all the processes, software, and hardware installed in system, and if that were to fail there would be no way to operate the system. Since the OS encompasses so many different aspects of a system, and because it is the software that controls every process on a system, it is vulnerable to many different threats. The OS also is very vast in size logically which allows many different avenues of potential access in unauthorized ways. Protecting the operating system is important because without an operable system everything stored on it will not be accessible. Not only would everything not be accessible if the OS is damaged, but a damaged OS could potentially be used to damage the processors, the applications installed, other software installed, the hardware and interfaces installed, and the data/files installed on the system.
Liang Yao says
This follow up question is for ALL of you: In your opinion, which OS is easier to protect, a Mainframe computer or Distributed computer environment (e.g windows and Unix/Linux) and why?
Sean Patrick Walsh says
I think a mainframe computer would be easier to protect for several reasons. One, a mainframe computer is in a single location that is easier to restrict physical access to which helps prevent attacks from physical threat sources. Two, protecting a mainframe logically would be easier since there are less logical connections to the network as opposed to a distributed system with many connections to many different systems allowing multiple points of entry. Three, a big threat with a distributed system is human error, both intentional and unintentional, that can lead to threats exploiting vulnerabilities in the system. The mainframe doesn’t have direct user interaction like individual work stations do throughout a distributed network.
Deepali Kochhar says
Professor,
In my view, Mainframe is more secure due to following reasons:
1. Mainframes have centralized management and auditing features.
2. No monthly security patches are to be tested and rolled out.
3. Viruses, are almost unheard of on mainframe computers because their architecture makes it virtually impossible for unauthorized programs to execute functions that could bypass security.
4. Also, mainframe computer security tends to include additional access control functions, often due to their size and price, not commonly found on other types of computers. These include features such as verification of tape access, access control over printouts and the automated destruction of data when disk data sets are erased.
Paul Linkchorst says
Hi Professor Yao,
I would agree with Deepali and Sean. I think a mainframe computer operating system will much easier to protect mainly due to the fact that all one’s resources can be targeted to one computer system. In a distributed computer environment, there are multiple computers that make up one larger computing power. However, each computer within that network need to be monitored to make sure that malware wasn’t installed, if computers are vulnerable, or if computers are running ineffectively. With that being said, a mainframe has only one operating system that needs to be monitored and protected. One might be able to argue that with the cost savings of using a distributed computer environment can be utilized to protect the network security, however, I feel from a practical standpoint that a mainframe operating system is much easier to protect.
Fred Zajac says
Prof. Yao,
I do believe mainframes are more secure for the reasons above and…
They are usually in a secure environment. Data Center or Co-location, with extremely high amount of physical controls. This would prevent access, reduce natural disaster issues, and power outages.
Wen Ting Lu says
I think Mainframe computers are easier to protect for the following reasons:
1. Mainframe computers provide for complete protection of all data from unauthorized reading and writing
2.Mainframe computers are usually kept behind locked doors in a secure data center.
3.Mainframe computer security provides several additional access control functions not commonly found on other types of computers. These include verification of tape access by means of tape labels, access control over printouts before they’re printed, and automated obliteration of data when disk data sets are erased.
4.. Mainframe easily connects to all the other common types of computers and to the Internet.
5..The size of mainframe installations is large makes it possible to support separation of duties which is a key security technique.
Source:http://enterprisesystemsmedia.com/article/10-key-security-questions-to-help-determine-the-most-secure-platform/2#sr=g&m=o&cp=or&ct=-tmc&st=(opu%20qspwjefe)&ts=1475036118
Jianhui Chen says
Agree with you,The mainframe computer are regarded as the machines that won’t die. Many airlines, banks, and governments began processing sensitive transactions using giant mainframe computers—and their descendants are still in use. Now it turns out these living dinosaurs of computing also have a very modern vice: they over share on the Internet.
Paul M. Dooley says
I will have to agree with my colleagues that mainframe, by its very nature, is a more secure computing environment than a distributed computing environment. I would add more but I think the 8 responses before mine pretty well summed up the conclusions haha.
Tamer Tayea says
I think Unix/Linux is more secure than windows in general going back to early days of both operating systems. Windows was built for personal use, while Unix/Linux was built as multi-user operating system.. Two UNIX/Linux features set it apart from windows, managing accounts privileges and how Linux separates file and directory permissions in multi user environment.
Brou Marie Joelle Alexandra Adje says
Common control issues associated with operating systems are worms, port scamming , and denial of service (DOS).
Worms, consume system resources, often, blocking out other, legitimate processes. Worms that propagate over networks can be especially problematic, as they can tie up vast amounts of network resources and bring down large-scale systems.
Port Scanning is a search for vulnerabilities to attack. The basic idea is to systematically attempt to connect to every known network port on some remote machine, and to attempt to make contact. Once it is determined that a particular computer is listening to a particular port, then the next step is to determine what daemon is listening, and whether or not it is a version containing a known security flaw that can be exploited.
Denial of Service ( DOS )I are a type of attacks that do not attempt to actually access or damage systems, but merely to clog them up so badly that they cannot be used for any useful work.
In order to remediate to those, companies can implement security defenses ranging from security policies to Virus Protection, auditing and intrusion detection, and also use cryptography security tools, which will help with preserving the trust and confidentiality of the system. These tools including: encryption and authentication . Encryption refers to the idea of encoding a message so that only the desired recipient can decode and read it. Authentication involves verifying the identity of the person who transmitted a message.
Yang Li Kang says
Great examples. OS is a very important component of a computer as it pretty much controls it. Virus protection is especially important as who knows who is able to use and control our computer once our computer is infected.
Tamer Tayea says
One of critical operating system controls should be the ones addressing vulnerabilities and patch management particularly with zero-day type exploits. There need to be comprehensive security policy in addition to layered security architecture to mitigate potential impact of zero day attacks.
Magaly Perez says
Question 1: Why is so important to protect operating systems?
The operating system is the software preinstalled on your computer. Computers have no ability to function without the operating system software. Not only does the operating system allow your computer to function, but it allows the user (you) the ability to effectively communication to computer by translating your clicks to computer language (0,1).
Conversely, the operation system contains many components such as hardware, software, applications and your personal information. Without having proper security protection on your computer such as firewalls, anti-virus protection and authentication codes. You become vulnerable personally and virtually. If a hacker is able to access your operating systems, in essence you lose your machine whether it be your information, your physical control of your machine and the actual life of your system. It is very important to protect an operation system, without doing so you’re compromising your information as well as your computer as a whole.
Brou Marie Joelle Alexandra Adje says
Laly, as I mentioned to Said computers have the ability to function without and OS. Proof is that the early computers did not have an OS.
The only thing is that it is very hard to use computer without OS because everything need to be done manually. Users need to key in the programs by hand, which is a waste of time. I mean it would take hours to get the computer ready for simple operations like add or multiply.
It isn’t impossible but It is not something that you will enjoy using for sure.
Magaly Perez says
Alex,
Yes. But you have a lot of work to do. Without an operating system using and enforcing a standard, systematic approach to running the computer, you’re put in the position of writing code that must tell the computer exactly what to do. Think of every single option or possibility your word processing program has. You’d have to write code for every single one of those directly onto your hard drive. So, I’m definitely more into the idea of OS systems being pre installed and it’s technological advancement,
Wenlin Zhou says
Absolutely, OS software make our user life better and feel more convenient, The Operating System is the heart of your computer, without it your computer can run.
Mansi Paun says
True Magaly, apart from the counter points you stated, using a computer without an OS would make it almost impossible for a large number of users who might not have the specialized skills required to work on that system. The way OSs have built in usability in today’s age, even people who do not have basic education are able to easily work on a computer. OS has certainly made the world a smaller, closer space and even simplified some of the toughest tasks.
Seunghyun (Daniel) Min says
Magaly,
Rightly said, We need to enjoy using Operating Systems since they are existing for making our tasks in which related with any type of computer technology easier. In today’s nature of corporate America, technology takes a huge part of every business. And OSs are absolutely the key players to operate those technology systems.
Said Ouedraogo says
Brou,
Once again you are right, but it is counterproductive especially in the business world. The OSs were created to make the user life easier. And as I said it acts like the heart of the computer, it’s what allows the computer to be useful.
Liang Yao says
That’t exactly the reason why we need OS….
Liang Yao says
A lot good points, just one correction, OS is a software, facilitate the communication between applications and computer hardware components. Itself doesn’t include hardware part.
Fred Zajac says
The discussion made me do a little research and I found this link to the history of Operating systems. Many of us only know about the last 20 years, but the first OS was created in 1950. Most computers were too expensive until the 70’s, when the PC & MS DOS took off but even then, they were a luxury for most families and was only a command line access. It wasn’t until the 90’s when Microsoft built a GUI (Graphical User Interface) or Windows. Shortly after Windows 3.0 came out and the craze for PC’s took off, in 1992 the first windows virus, WinVir was discovered, prompting Microsoft to implement user right controls (Admin vs. user).
From there, we have evolved into multiple different Microsoft windows versions, Apple Versions, Google versions, and others. The report ends with “The Internet of Things” (IoT).
The IoT is crazy technology that controls anything. The example it give is appliances talking to each other. One article I read a few years ago talked about window blinds adjusting based on where the sun was located throughout the day. What about your bed telling the coffee maker, radio, television, window blinds, or what ever else you use in the morning that you just got up. Crazy huh…
https://www.cs.rutgers.edu/~pxk/416/notes/01-intro.html
Magaly Perez says
Question 2: List common control issues associated with operating systems and remediation strategy/plan.
Some common control issues associated with OS are as follows:
– File sharing
– Lack of malware protection
– Lack of firewall protection
– Weak or nonexistent drive encryption
– 3rd party software
– Weak authentication passwords
The strategy plan when combating these common control issues are sometimes right in front of you, your computer itself. Technology is constantly evolving and technically speaking, once you buy a piece of technology it becomes instantly old. Sometimes you can just update your computer with the newest OS which will most certainly help protect your computer or buy the latest version of your computer. However, that is not always the case.
Some suggestions could be:
-Screening your file sharing, by using secure sites
-Buying/ Installing the latest malware and firewall protection
– Using more complex passwords
– Only downloading software and applications provided by your OS
– Paying attention to your web traffic such as streaming sites, etc.
– Shutting your computer down habitually
Overall, there isn’t one-size-fits-all strategy approach but, understanding the common control issues associated with computers is a first step in the right direction. The majority of this issues have to deal with outdated software or hardware and human error; at the end of the day it’s up to the user themselves to protect their OS by being vigilant across all boards.
Seunghyun (Daniel) Min says
Q1: Why is so important to protect operating systems?
You can compare the OS (operating system) to the heart of a human body. That’s why the operating system is considered to be the most important software on a computer. It manages the computer’s memory and processes. It also allows the communication of hardware components of a computer to the software components of the computer system. Operating systems provide access to computer services which is possible only via working of both the hardware components and the software components. Hence not to mention protecting the operating system is crucial. The operating system is the key to access to all the software , so if the operating system is compromised or hacked, the computer itself is in danger.
Priya Prasad Pataskar says
Great explanation Daniel. In case of open source operating systems it becomes easy to to insert malicious code in OS using those applications. A study of more than 2.5 million apps last year found that 97% of malware targeted Android.
[http://www.makeuseof.com/tag/secure-mobile-operating-system/]
Seunghyun (Daniel) Min says
Priya,
Thank you for the information! Yes I’ve also heard of that Android is very vulnerable in terms of a virus protection. As an Android user, I always need to clean my phone once in a while because somehow another it gets viruses or malware all the time. And also I need to admit it that I sometimes let my phone connect to public wifi. Public wifi is the very open source to increase your possibility to get malware.
Magaly Perez says
Great analogy Daniel.
Like a body, using an operating system requires an understanding of how it works and how to use it.
Ian M. Johnson says
Laly – Analogies can help explain and remember things in the IT world. A professor helped me remember by saying: An operating system is like a manager because its role is to make sure that all of the programs on the computer are doing their job. So, Linux and Windows are just like different managers. They do the same thing, but have different styles of management.
Seunghyun (Daniel) Min says
Ian,
I really like your explanation. You are absolutely right that Windows and Linux for example, are different managers that have totally different managing styles. And personally, if he/she gets comfortable with either one, he/she tends to continue using the one he/she choose at the beginning because there are a lot of switching costs he/she needs to pay for a change.
Paul Linkchorst says
Hi Ian,
That is a really good analogy to have. To add a little bit to it, not only do managers have different styles, but because of these different styles they are assigned to management different departments. For Linux, this is used in many operating systems that house databases or small applications that you might see in an atm or car. For Windows you generally see this in your everyday personal computer or throughout an organization. So therefore, each OS does the same thing, but have different styles which make them fit in some processes better than others.
Wen Ting Lu says
Ian, I really like the analogy you brought up and It’s very easy to understand. You are right that operating system is software that supports the functions of a computer, just like managers who play major role in companies. People tend to choose the operating systems that they like, just like employees might switching jobs because they don’t like managers’s managing style.
Wenlin Zhou says
absolutely, critical data or central database system can be accessed through the operating system within an organization. It would be catastrophic for a competitor to obtain confidential files. therefore, protecting operation system is significant
Fangzhou Hou says
Good example and clear explanation in comparing the OS to the heart of human body. Indeed, an effective and safe operating system allows the OS users smoothly operating the applications on the PC or other mobile device. Additionally, users prefer to store information in the PC, protect the OS away from virus like Trojan Horse or Worm, and ensure the users’ information assets are safe.
Yulun Song says
An OS is what manages all the processes, software, and hardware installed in system, and if that were to fail there would be no way to operate the system. Since the OS encompasses so many different aspects of a system, and because it is the software that controls every process on a system, it is vulnerable to many different threats.
Ming Hu says
Nice point. An operating system is a set of program files and routines that controls a computer’s resources and provides access to a computer’s services. More specifically, an operating system allows a computer’s hardware components, including processors and drives, to communicate with its software components, such as applications and data instruction sets. In modern personal computers, workstations and other computing devices, operating systems are essential components, which computers cannot function without. So I think that’s why we compare OS to the heart.
Said Ouedraogo says
Why is so important to protect operating systems?
The Operating System is the heart of your computer, without it your computer can “live” (operate). It is like a translator between the user and the computer. That being said, it is crucial to protect your OS; otherwise you will find yourself in a bad situation. In fact, the OS controls your computer hardware and allows communication between your applications and hardware. Not being able to protect it will allow hackers to take over your whole system.
Brou Marie Joelle Alexandra Adje says
Said, it may seem impossible for a computer to not operate without an operating system, but that is not the case. computer can operate without an operating system, however the user will be put in the position of writing code that must tell the computer exactly what to do. For example if the user want to type up a document in a word processing program, they would have to create from scratch code that tells the computer to respond to each character pressed on your keyboard. Without an operating system, users will be stuck doing one, and only one, process at a time.
Operating system makes it easier to navigate the computer and use software, but i wouldn’t say that they are indispensable.
Said Ouedraogo says
Brou,
You are right, but most people don’t know how to do what you are saying. Giving a computer without an OS to someone who does not know how to code is like giving a bike without pedals. Theoretically, you can still ride it but it won’t be practical.
Ian M. Johnson says
Said – you’re right. Wouldn’t make sense/isn’t very valuable or useful without the OS.
Deepali Kochhar says
Great point Said. It is very important to protect the communication between application and hardware. One of the example can be remote access(VPN). It is most vulnerable if not protected by a strong password to ensure safety. Also they can use SSL for outlook during the remote access. Network access control(NAC) systems should be well configured.
In this way we can protect communication between application and hardware.
Said Ouedraogo says
List common control issues associated with operating systems and remediation strategy/plan.
Some common control issues associated with Operating Systems are “Password-Based Attacks”, “Denial-of-Service Attack”, and “Application-Layer Attack”.
A “Password-Based Attacks” is when an attacker gain access to your computer via your user name and password. Once he/she has access to your computer, he/she can modify server and network configurations, reroute, or delete your data. The best way to protect yourself against this type of attack is to use more complex passwords.
A “Denial-of-Service Attack” prevents normal use of your computer or network by valid users. On way to protect yourself from that is to update constantly your firewall protection.
An “Application-Layer Attack” targets application servers by deliberately causing a fault in a server’s operating system or applications. The attacker can read, add, delete, or modify your data or operating system. To mitigate this risk, protect your system with firewall and install security patches released by your OS.
Priya Prasad Pataskar says
Denial of Service is more of a network based attack. A distributed DOS can cause more harm. In DDos an attacker may make use of the vulnerabilities in your system to use your system to launch further attack by sending huge chunks of data from your system.
Along with great firewall, good and up to date antivirus, keeping track of email and spam mail will help prevent the attack.
Deepali Kochhar says
Rightly said Priya. We can also used personalized antivirus as using the windows antivirus is also not that much secure. Using personalized antivirus will add another layer of security to the system.
Another way to prevent DOS is applying reverse proxy, rather a collection of reverse proxies spread across multiple hosting location. By deploying many reverse proxies at different locations, the crush of incoming traffic is split into fractions, lessening the possibility of the network becoming overwhelmed.
Binu Anna Eapen says
Priya I guess both Denial of service and DDos have same effect. Both types of attacks want the same result, and it just depends on how many source machines are used in the attack as to whether it is called DoS or DDoS.
Joshua Tarlow says
Why is so important to protect operating systems?
An operating system is the most important software on a computer and provides the graphical interface that allows users to use the computer. It manages the processes, memory, in addition to all hardware and software. Most operating systems are preloaded in computers because they would be useless without one. It allows the average user to communicate with the computer with an intuitive visual interface instead of using a complex computer language.
Multiple programs use the computers memory and processor simultaneously and the OS manages each program and allocates the computers resources. If a OS is compromised, than all of the computers functions, including hardware and software are vulnerable.
Deepali Kochhar says
Rightly said Joshua. Computer functions along with the data-sets that resides on the Operating system become vulnerable to security breach if operating system is not properly protected. A properly protected OS ensures the availability, confidentiality and integrity of the data sets residing on it.
Joshua Tarlow says
Operating systems are vulnerable to external and internal risks. Internal control issues can be employees accessing sensitive information that they do not have a need to know. For example, a marketing employee accesses payroll data restricted to HR. Or an employee at a healthcare company accesses patients healthcare data, which would violate HIPAA. Often internal risks can increase external risks. Such as employees downloaded unauthorized software, or not regularly updating software with latest security patches. These lapses can leave information systems vulvernable to malware and other malicious software and hacks.
There are many strategies and controls for these types of risks. A log-on procedure helps protect against unauthorized access by requiring each user to use an individual ID and Password to access the network. Then an Access Token control can be use which contains information about the user including, ID, password, user group, and privileges specific to each user. All actions taken by the user on the network can be regulated by the access token. Such as preventing an employee from editing a database that they may not be authorized to, or accessing sensitive data which is outside of their purview. Logs are also important because it allows user behavior to be scrutinized, which is especially important after a security incident. Logs can also store other information about the system such as firewall activity to monitor unauthorized external attempts to access the network. One more important strategy is to encrypt data in the event that there is a security breach. If sensitive data is accessed by with malicious intent, it is more difficult to decrypt without the keys.
Priya Prasad Pataskar says
Joshua you brought up 2 great points,One, internal risks can increase external risks- this is absolutely true. A employee using unauthorized software has potential of ip breaches and malware entering the organization. Data retention policy must be followed rigorously. Classification of data for internal entities to clearly understand how to handle that data is important. Second, encryption of data is also a must. Especially in case of physical loss of laptop, flash drive, any storage media. Even if the hacker has physically got the device, if good encryption is in place he data will be secure. At Accenture, we had a software installed on laptops and phones, in case of theft of storage devices this software would delete data from the device whenever the thief would connect it to any network,
Liang Yao says
There are different data leakage prevention related controls a company can implement. More to discussion in information security session.
Sean Patrick Walsh says
List common control issues associated with operating systems and remediation strategy/plan.
Some common control issues and methods of remediation with Operating Systems are as follows:
– Unnecessary Services/Protocols Running – Run protocol scanners and shell commands such as “netstat” to find out all services running on a system. Then determine which are unnecessary vulnerabilities and disable them.
– Privileges Based Upon Groups – Privileges based upon user groups can easily grant authority/access to system areas to users inappropriately. Review each user group, its associated privileges, and user lists to determine if policy is followed correctly regarding access and authorization. Change the policy controls if necessary to ensure that users are grouped and granted privileges appropriately.
– Password Strength – Weak passwords, and password policies, make OS’s vulnerable to intrusion. Attempt to crack passwords with password cracking tools/methods to test for weakness. Review and implement a password policy that requires strong passwords with minimum lengths and character usage, sets password aging, and sets a maximum number of incorrect entries before lockout to prevent brute-force cracking.
– System Updates/Patches – Patches must be installed to prevent known vulnerabilities to continue to exist. Ensure a policy is set to test patches on a segregated network before implementation to prevent interruptions to production environment. Set a policy to install outside peak operation periods.
– System Security – An OS is an enticing target for malware and attacks because an attacker can enter other systems and apps once inside the OS. Add protective measures such as host/cloud based Anti-virus, install NIDS/NIPS/HIDS/HIPS, implement a firewall, and set policy for access for all users at a minimum privilege base setting.
Mansi Paun says
Very insightful answer, Sean. The point you made about unnecessary services/ protocols running is a very good one as it’s very easy that these go unnoticed. Other option is to use the system configuration utility to get an idea of what unfamiliar or suspicious programs are installed and then take the necessary action to safeguard the system. In addition to that, we can also look for open ports by running a netstat -an command for a windows OS as hackers can take advantage of open ports to attack a system.
Seunghyun (Daniel) Min says
Q2: List common control issues associated with operating systems and remediation strategy/plan.
There are some popular operating systems that are commonly used by users. Windows, Mac OS, Linux for example. Honestly, I’ve been a PC user for my entire life. Windows is one of the world most popular operating system used by individuals, companies, and educational institutions. Windows has many advantages including user-friendly interface, available software, backwards compatibility, support for new hardware, etc. As opposed to those great features of Windows, there is one common control issue that I want to emphasize associated with Windows.
– Poor security: Compared to other operating systems, Microsoft has a very poor security. It is more vulnerable to virus or malware attacks and easier to be hijacked. Windows itself has its own security settings that require configuration; however, like many other software requiring some type of configurations, it is also very time-consuming process. And not many users are knowledgeable about that.
Remediation Plans
– Poor security
–> Install external firewalls to improve the security
–> Take a time and effort to complete security configuration settings within Windows
–> Periodically check the system in terms of viruses or malware
–> Periodically updates the security patches
Brou Marie Joelle Alexandra Adje says
Security is definitely a big issue in operating system. Windows security is not that great at all. I remember reading an article mentioning that nearly one million malware threats that can affect Windows systems, are released every day. That’s crazy.
A good way to protect the operating system should be to configure it in a way that it would be used to monitor activity on the network easily and efficiently. This would allow it to reveal who is and isn’t making connections, and point out potential security events.
Sean Patrick Walsh says
Is it Windows security is not that great, or is it that the majority of businesses use the Microsoft OS which increases the percentage of attacks on that platform? I think a lot of the security vulnerabilities with Windows has to do with the fact that the majority of businesses use that product as their OS which means that the system is constantly facing attacks from many hackers everyday. I don’t necessarily think iOS, Unix, or Linux are better protected so much as they don’t face as many threats as Windows does on as frequent a basis. With that said, I imagine MS does its best to find vulnerabilities and patch them as quickly as possible because they don’t want to lose market share to competitors or open source platforms.
Magaly Perez says
Great insight Sean. After reading your post, I looked into the differences between Windows and Microsoft OS features.
I’ve came across some key differences as listed below:
-Full access vs. no access
-Licensing freedom vs. licensing restrictions
-Online peer support vs. paid help-desk support
-Full vs. partial hardware support
-Command line vs. no command line
-Centralized vs. noncentralized application installation, etc.
I have enclosed the website below. However, after reading about the differences. I still completely agree with your statement. At the end of the day, it’s whether a company has strong IT Governance in place.
Source:http://www.techrepublic.com/blog/10-things/10-fundamental-differences-between-linux-and-windows/
Ian M. Johnson says
Laly,
After you did this, I decided to compare Windows to Linux. Below are some interesting things I found out:
Windows has a fairly straightforward version structure, Linux is much more complex. It is common for people to customize Linux because it is open source so it is difficult to pick which Linux distro you want and easier to pick between Windows 7 and Windows 8 for example. Installing Linux is more complex and can involve live-booting while Windows installations can take longer but are a lot simpler, requiring a minimum of user input compared to many distros. Another key difference from Windows is the method of software installation. Rather than downloading a nice, neat .exe file, most Linux programs install from within your distro’s software repositories.
source: http://www.itpro.co.uk/operating-systems/24841/windows-vs-linux-whats-the-best-operating-system
Said Ouedraogo says
Sean,
You are absolutely right. I used to think that Windows was weak and that iOS is unbreakable, until I had a discussion with an IT expert. In fact, Windows is not at all weak or inferior than iOS. It just that more people use Windows which makes it a preferable target for hackers.
Fangzhou Hou says
I agree with you Said. Generally, the PC users are more than IOS users especially in business. My previous company only use Windows operating system and PC related antivirus software. From the hackers’ perspective, if most companies are using Windows OS, they might focus on hacking Windows system, and that might be the reason why Windows OS seems less safe than the IOS.
Wen Ting Lu says
Hi, Said.
I agree that hackers might be favorable to windows operating system because a lot individuals and businesses use it today. It’s interesting that I was reading a report earlier, the statistics showing that Apple OS X ranked as most vulnerable operating system.
I think all operating system are vulnerable to hackers, however the risks can be reduced if people adopt some basic computer security measures. For example, installing anti-malware software and run application security updates promptly.
Liang Yao says
What cause the “blue scree of death”?
Said Ouedraogo says
Pr. Yao,
A blue screen of deah is when Window can not operate safely. In general, it is cause by an issue with the hardware (overheating of components or the hardware running beyond its specification limits).
Wen Ting Lu says
Professor Yao:
Blue screens are caused by hardware problems and issues with low-level software running in the Windows kernel. In addition, viruses and malware is one of the causes of blue screen.
Binu Anna Eapen says
BSOD is when the operating system reaches a state where it can’t function properly. It appears when Microsoft window encounter’s issue either with software or hardware related and it can’t recover from it.
It occurs when driver running in kernel mode faces an error from which it cannot recover.
It could be due to improper installations of softwares or installation of bad applications, or error caused while uninstalling a particular application.
It be also due to hardware failures like over heating, motherboard issues, faulty RAM.
Most of the times a simple restart fixes it(incase it is a software issue). Else a system restore or repair can help fix it. Worst case reimage may be required.
Wenlin Zhou says
Why is so important to protect operating systems?
One of the key aspects of modern computing systems is the ability to allow many users to share the
same facilities. These facilities may be memory, processors, databases, or software such as compilers or subroutines. When diverse users share common items, one is naturally concerned with protecting various objects from damage or from misappropriation by unauthorized users.
Protection ensures that the resources of the computer are used in a consistent way. It ensure that each object accessed correctly and only by those processes that are allowed to do so.
As computer systems have become more sophisticated and pervasive in their applications, the need to protect their integrity has also grown. We need to provide protection for several reasons. The most obvious is the need to prevent the mischievous, intentional violation of an access restriction by user. An unprotected resource cannot defend against use (or misuse) by an unauthorized or incompetent user. A protection-oriented system provides means to distinguish between authorized and unauthorized usage. The role of protection in a computer system is to provide a mechanism for the enforcement of the policies governing resource use. These policies can be established in a variety of ways. Some are fixed in the design of the system, while others are formulated by the management of a system. Still others are defined by the individual users to protect their own files and programs. A protection system must have the flexibility to enforce a variety of policies.
Resource:http://www.slideshare.net/sohaildanish/system-protection
Yang Li Kang says
Why is so important to protect operating systems?
An operating system is the most significant system software related to a computer. It contains programs that interface between the user, processor and applications software. It provides the primary means of managing the sharing and use of computer resources such as processor, memory and I/O devices. It does so by simplifying complex computer language into a GUI which allows users to easily operate a computer.
In essence, the operating system is important because it allows the user to use a computer.
Yang Li Kang says
List common control issues associated with operating systems and remediation strategy/plan.
1) Lack of malware protection and firewall – Installing antivirus and firewall
2) Poor password policy – Establishing a strong IT governance which educates employee to use strong passwords.
3) Missing patches/ system updates – DBA keeping up to date with patches and informing the organization of updates and patches that needs to be done.
4) File and share permission to everyone in the network – Establishing a strong IT governance which educates employee to review file sharing groups.
Sean Patrick Walsh says
What are your thoughts on administrative mitigation controls regarding malware protection? I think an administrative policy should be in place regarding malware as well. That policy, along with an employee training program, would help to create security awareness in employees regarding threats in email, web usage, flash drives, etc. The policy would not fully eliminate threats from employee actions, but it would certainly help mitigate their occurrence and frequency. Employees, through awareness training, could also become another layer of defense against malware as well.
Liang Yao says
Sean, indeed, one of the very important tasks for IT auditors is to verify technology policies are adherences. In this case, what do you think a firm should do in addition to develop a malware related IT policy? Let’s discuss during the class. Thx.
Yang Li Kang says
Definitely, there should be an administrative policy regarding malware such as using personal flash drives on company computers, visiting suspicious websites on company network. Employee training on security awareness will supplement administrative policies so it makes sense to the employee on why such policies exist in the first place.
Daniel Warner says
These are all great points guys,
A friend’s company (30 employees) had an issue that could have been mitigated with a policy like the ones you’ve described. An intern had found a thumb drive on the ground over the weekend, and when he came in to work on Monday had plugged it in to the USB port. The thumb drive was full of malware that had encrypted all of the company’s data and then asked for a ransom in order to decrypt the data. Eventually, the company engaged a cyber security firm and were able to decrypt the data without the need to pay the ransom. I remember him telling me afterwards that they were considering having some new employees/interns log in using a VDI and a very basic setup to avoid this in the future. Pretty crazy stuff.
Wenlin Zhou says
List common control issues associated with operating systems and remediation strategy/plan.
Blue Screen of Death (BSoD)
Many people think of blue as a calming color; however, when it comes up on your computer screen with a bunch of white text, it probably has the opposite effect. The blue screen of death (BSoD or STOP Error) may appear to be one of the scariest computer problems you’ll come across. However, all your computer may need is for you to reboot it. This STOP error appears on your screen for a variety of reasons: failing hardware, damaged software, corrupt DLL files, problems with drivers and more. The remedy for a blue screen of death depends on the original problem. The screen provides you with codes that can help you identify and fix your computer problems.
Missing DLL File
Dynamic-Link Library (DLL) files house information for your operating system on how to perform certain functions. Occasionally, your computer loses DLL files or something damages them. When your PC can’t read the particular DLL file, it doesn’t know how to respond in certain situations. You may have a missing or corrupt DLL file if you receive an error message every time you perform a certain function, such as saving. If your computer problems are stemming from missing and damaged DLL files, you can restore them by downloading them back onto your PC.
Applications That Won’t Install
If you’re having trouble with an application not installing, it may be because your computer doesn’t have enough hard drive space. If this is the case, you need to free up some space. This is one of the computer problems that’s, well, least problematic. You can free up some hard drive space by getting rid of files and folders you don’t need. These may be temporary files, duplicate files or data for software you’ve uninstalled.
Applications Run Slowly
There are several reasons software might be running at turtle speed. You may have computer problems that involve your operating system or an application, your operating system might be missing updates or your computer doesn’t have enough hard drive space. If you don’t have enough hard drive space, you can scan, clean and optimize your hard drive.
Abnormal Applications Behavior
Computer problems that involve applications acting strangely oftentimes leave you wondering what has happened. Your application has been working just fine, but now, seemingly without reason, it is doing something strange.
Resrouce:http://www.toptenreviews.com/software/articles/5-common-computer-problems-solutions/
Deepali Kochhar says
1. Why is so important to protect operating systems?
It is important to protect OS from below factors:
• Protecting the Security of an OS provides the ability to protect it from unauthorized access. It helps in managing the integrity of an OS system and provides the ability to restrict which programs can enter states to exercise hardware instructions.
• It is important to maintain Change Management procedures for an OS so as to keep the system secure from unauthorized access. For example, if an employee leaves the job, it is important to make the changes and remove the access rights.
• Monitoring of an OS is important to manage and analysis of the event log. It is also important to monitor the access to the sensitive directories.
• Availability of an OS is very important. It should be protected from factors such as downtime, system crashes etc.
• Protecting Resource protection: Any entity such as data-sets, programs on the z/OS system is considered a “resource”. These resources need to be protected
Deepali Kochhar says
2. List common control issues associated with operating systems and remediation strategy/plan.
The following control issues are associated with the operating systems:
• File and share permissions that give up everything to everyone
• Lack of malware protection
• Lack of personal firewall protection
• Weak or nonexistent drive encryption
• No minimum security standards
• Weak security policy settings
• Unaccounted for systems running unknown, and unmanaged, services such as IIS and SQL Server Express
• Weak or nonexistent passwords
Remediation strategy/plan for the above mentioned controls issues can be:
• User groups should be established with properly defined access rights for all the files by the root user or admin user.
• Antivirus and anti-spyware software should be properly enabled and installed so as to ensure malware protection against any kind of breach.
• Personal firewalls must be set so as to ensure malware infiltration, wireless intrusions are blocked.
• It is important to manage the drive encryption of that in case the machine is stolen, it is the only way to protect the data breach. Only relying on the OS encryption is not a good way to control security breach.
• It is important for employees to follow company policies while using official machine even at the home such as SSL for outlook web access, using password with a strong paraphrase to ensure the safety. Network access control(NAC) systems should be well configured. Ensure to enforce it wherever possible.
• Activities like Audit logging, password complexity, password protected screen-savers ensure safety
• Patch management should be securely tested at a lower environment before being applied to higher environment.
Binu Anna Eapen says
Why is so important to protect operating systems?
Operating system (OS) helps run programs on the computer and helps a computer system executes multiple application concurrently in a single hardware containing multiple processing unit. Protection is any mechanism for controlling the access of users or processes to resources. OS integrity is a very important for the protection of data and below features are recognized for it.
1. Interference is in resource utilization imposes a very big threat to operating system. Ensure that there is no interference by the user programs to the main program or default program. Each process has to run independently and yet concurrently without interfering with the other and should not write into the memory of the other program.
2. Ensure that each process has limited privilege and escalated privilege is provided on request alone.
3. Ensure that the user is assigned the correct level of authorization and is authentication to access the resources. Need to protect from deliberate and inadvertent modification
To maintain integrity of the system and the data, the operating system has to be regularly monitored and updated by updating the latest security patches. Not updating the patches regularly can compromise the OS by penetration by external agents.
Any changes made to the system configuration files i. e. the registry can impose a risk to the confidentiality, integrity and availability of the system.
Reason to protect OS:
1. To prevent data loss
2. To prevent corruption of data
3. To prevent compromise of data
4. To prevent theft of data
5. To prevent sabotage
Source: CISA review manual-26th edition
Mansi Paun says
Great insight, Binu and well explained. I’d like to point out that apart from the reasons you shared, it makes sense to protect the Operating systems to avoid financial losses as well. Any company’s primary and long term objectives are to make greater profit and lower costs and minimal losses which would eventually translate to higher earnings per share. In this case, any financial losses and increases cost, means a direct impact (however small or insignificant ) to the gross profit. The cost to fix a broken operating system or one which runs at lower efficiency than required by the business, could run into a significant dollar amount. The higher financial losses could also be in the form of reduced employee productivity due to system downtime.
Binu Anna Eapen says
I agree with you Mansi that their might be financial implications in Operating system going bad, in-terms of data loss. But I do not think there will be any cost involved in a corrupt OS. Normally companies have their own image which is built according to the requirements of the company. If the OS is corrupt, then one can easily reimage the machine and restore the data from back up without any additional costs. And most operating System vendors do support the product as long as the licenses are valid. Cost involved here would only be on buying additional licenses.
Mansi Paun says
You’re right Binu, that’s the case when we’re talking about the OS on a desktop or laptop thought not for the Server OS. Server OS, even if we donot incur license cost again, the downtime and the rebuild activity will add a sizeable cost over a large server estate. Imagine a remote server OS which isn’t protected and which keeps crashing. Everytime the server crashes, we’ll need to get an engineer possibly travel on site to fix the issue. This kind of server will most likely have localised impact to the users on site but it is still adding to lost productivity and added cost for an engineer’s onsite visit.
Annamarie Filippone says
Q1. Why is it so important to protect operating systems?
Operating systems are an important part of a working computer system. They interact with programs and applications, as well as input and output devices, and control the computer’s memory. Because it is what manages all software and hardware on the computer, it is crucial that it is protected, since this represents a potential single point of failure and access for attackers looking to obtain confidential information.
Sean Patrick Walsh says
I didn’t even consider an OS as a single point of failure, but you bringing it up in your response is important. A single point of failure makes protecting the integrity and availability of the OS that much more important, especially depending on the network resource the OS is used to interface with (i.e. an individual work station is not as important as an order application hosted on a Linux run server DB). I’m really glad you brought that point up to remind me and to highlight just how significant a failure of the OS could be for a system on the network.
Liang Yao says
That’s why it’s imperative to develop a disaster recovery plan. We will cover DR and how to audit DR plan soon.
Wenlin Zhou says
I agree with you, the disaster recovery plan is significant. Business vulnerabilities are ever increasing and every organization is compelled to make appropriate disaster recovery plans and use advanced technology to keep its network secure and stable. Network-reliant companies find it an absolute necessity to frame disaster recovery policies and procedures to respond to the varied circumstances and problems. In any organization that prepares itself for Disaster Recovery, the three main points to be considered are Prevention, Anticipation, and Mitigation.
Annamarie Filippone says
Q2. List common control issues associated with operating systems and remediations.
Some common risks associated with operating systems and their remediations include:
-Weak password policies. This can be strengthened by having certain requirements for passwords (character length, need of both upper and lowercase, etc.), as well as requiring it to be changed periodically.
-Improper account management. A solution for this is to create and assign different account levels based on job needs, and implement a regular recertification process to ensure continued justification of account assignment.
-Inadequate patch management. An organization should ensure that there is a policy dictating who is responsible for patch management, and how they should go about it.
-Limited monitoring. It is not enough for an organization to simply have event logs, an organization must also establish who is responsible for analyzing those logs, as well as how often they should do so.
Abhay V Kshirsagar says
Annamarie,
Great post! I was wondering if you have a password policy asking users to have upper * lower case characters, etc. As the passwords become more complex for the users, don’t you think it will increase the number of calls to the help desk for “I forgot my password” requests?
This was one of the challenges for the password policy remedy that I came across.
Wenlin Zhou says
Absolutely, I agree with you Kshirsagar. The more complex password policy will increase the number of people forgetting their password. This is also a challenge for the help desk service, how to solve it problem. If the password provide some information reminder, it will reduce the frequency of customers to forget their password.
Yang Li Kang says
I don’t think forgetting your password is that big an issue. I believe most application or software that required login information have the “Forgot your id/password” procedure. People should be able to retrieve their password on their own without contacting the help desk.
Abhay V Kshirsagar says
Hi Yang,
From my experience, user account passwords have to be requested from the help-desk. And I think the group that performs user access management duties has to create/reset/delete user profiles.
Binu Anna Eapen says
I worked in a tech support team and we had maximum no. of tickets for password reset. I agree it can be inconvenient but it is for the security of the data and it is worth the price.
Wen Ting Lu says
Abhay, you are right. Some organizations’ account passwords have to be requested from help-desk, while others people are able to retrieve their password on their own. It really depends on where you working for. However, I agree with Wenlin that create password hints/reminders will reduce the frequency of people have to retrieve their passwords. Nevertheless, even it might cause “extra work” for the help-desk due to complex passwords but it is better than to have simple passwords that are vulnerable to the hackers and lead to data leakage. I think people forget their passwords all the time, even when the passwords are simple..
Ian M. Johnson says
Abhay – For my company, yes. It is one of my biggest compalints about my job. I have so many passwords for signing on to many different things. It is very difficult to remember and keep track of. I asked the question to my boss about why and he said the amount of money risked is greater than the cost savings amount that would be saved with less help desk calls.
Binu Anna Eapen says
List common control issues associated with operating systems and remediation strategy/plan.
Some common control issues and their remediation strategies:
No proper definition of roles and responsibilities: The user has to be given the right level of access i.e. administrator or user and be assigned to the correct user group. Users need not be given access to make changes to the registry and restricted privilege to be given for installation of softwares. Make sure Administrator password should not expire.
Disabling unnecessary services: It is difficult to define unnecessary service. Every service has a potential for trouble. The worst vulnerability is 0-day. Apart from the services defined by the OS manufacturer or resource available, trial and error method can help us identify the services that can be disabled and yet not affect the performance of the daily operations.
Open ports: Open ports allow access for others into our system. If any of the ports are not necessary they have to be blocked.
Unpatched and legacy system: Proper security patches have to be updated regularly. If there are problems with the patches a new update has to be ready to fix this issue. There is an interval between when the patch is released and when it is updated. is most vulnerable and this period should be properly established. Make sure that the patches are tested before they are release and can be released phase wise.. Also ensure that the Operating system is still supported by the manufacturer, if not make sure to upgrade it when necessary.
Unencrypted channel: The communication to and between systems has to be encrypted especially while using external networks. The company can make sure that it has a VPN that is required to access the company network.
Unencrypted HDD: Normally without HDD encryption the data on the system can be easily copied. Encryption like bitlocker encryption encrypts the system which requires a 64 bit key to be able to copy content from the HDD.
Clear text Credentials: Credentials should be hashed with salt which will make it harder for bruteforce attack. Strong password policy should be in place. Make sure that the company has policies that require the customers to change password regularly.
Insecure protocols: Some protocols like communication protocol (SLIP) are insecure and should not be used. Another example use https instead of http which is more secure.
Sean Patrick Walsh says
I forgot to address the concept of a legacy OS in a network in my response, so thank you for bringing it up. Many businesses run legacy systems because upgrading is not feasible for one reason or another, or not justifiable for the cost(s) associated. I know when I was in the military, there was a contract with Microsoft to continue to patch the Windows version we used, which was very old, solely to keep it operationally safe for use as much as possible until the cost to upgrade military was justifiable enough to get the funding to do so. The patches Microsoft created were not available to the public, so public users had to upgrade if they did not want to be vulnerable any longer with a legacy OS. Another method to respond to legacy OS systems is to segregate them on the network in a DMZ to prevent the rest of the network from being accessed by outside threats if the legacy system was accessed by an unauthorized entity.
Abhay V Kshirsagar says
Sean,
I think you raise a good point about how it is very important for organizations to have relationships with their key operating system and application vendors to facilitate release and distribution of product security patches on time.
Liang Yao says
Sean – how about this recent news from CBS:
“US military uses 8-inch floppy disks to coordinate nuclear force operations”
Your thoughts?
Abhay V Kshirsagar says
Binu,
I agree with your point of open ports. It essential to close those ports since unused services are usually left with default configurations that are using default passwords and can be exploited to distribute unwanted content.
Magaly Perez says
What a great detailed post. I really enjoyed hearing about the Unpatched and legacy system. Many companies forgets that old technologies pose risks as well, and those risks aren’t going away. As legacy systems continue to get more out-of-date, the world around them continues to evolve with that being said, the risks are increasing.
Daniel Warner says
Great post Binu,
You mentioned hashing passwords with salt, which is something I’d heard about but honestly had no idea what it was. This caused me to research hashing a password with salt, and its use in defense against a brute force attack. Thanks!
Daniel Warner says
2. List common control issues associated with operating systems and remediation strategy/plan
Common control issues that can affect an operating system are:
• High amount of access and share permissions granted
• Lack of malware and firewall protection
• Weak password policy
• Poor patch management
A way to remediate these issues is to:
• Check the group permissions and ensure that the right users are assigned to the right groups and no groups have rights that exceed their job responsibility.
• Ensure that proper antivirus software is installed and that a firewall is present.
• Set length, and complexity requirements for passwords. Also, require password changes within a reasonable amount of time.
• Check for patch updates to the OS.
Ming Hu says
Nice point, the lack of encryption is definitely a huge risk associated with operation systems, unencypted data or unencrypted channel for information communication means failing to protect your data and putting the brakes on business. Productivity, communication, and innovation decline because of the threat of letting business critical data fall into the waiting arms of hackers and competition.
Yu Ming Keung says
1. Why is so important to protect operating systems?
In a business perspective, computer system is the basic operating asset of a company where it stores the most essential and sensitive data. An operating system is the platform of a computer, which supports a computer’s basic functions, such as scheduling tasks, executing applications, and controlling peripherals. Most large firms developed its own operating software that runs on different operating systems. Without an OS such as Windows, Linux, MacOS, a company cannot continue to operate, a computer cannot function properly.
The main reason to protect operating systems is to prevent data lose, data breach, malicious software installed in the system, unwanted use of data. According to our books, If the OS is not controlled properly, it’s like locking the door but leaving the windows open. People can exploit security weaknesses at those other layers in many ways and disrupt the integrity, reliability, and security of the application systems. That is why security controls should be inplace to prevent failure of operating system.
Source: IT Auditing: Using Controls to Protect Information Assets
Paul Linkchorst says
Hi Yu Ming,
After reading your post I thought to myself, what would it be like if operating systems were only used by one company and there were no common operating systems like Windows or Mac OS? Think of it this way, if the operating systems were specific to each business, then growing up we would not develop the computer skills that can be transferable from business to business. Therefore, each company would have to spend a significant amount of money training new hires to their specific operating systems. I think have only a handful of different operating systems and GUI’s benefits organizations since users can develop these skills on their own time and bring those skills into the workplace.
Fangzhou Hou says
I completely agree with you Paul. Indeed, developed a new operating software and new operating system can significantly enhance the safety of OS and better protect the company’s information assets. However, it requires huge amount of investment in developing and employee training. This method seems more reasonable for huge corporations which have demand in top level of information assets protecting. For the most common public companies, developing a new system may be not a reasonable choice.
Ming Hu says
Nice point, any breach of confidentiality, integrity and availability of operating systems may cause system outage, data loss. For an organization, insecure operating system may put the organization at high risks, financial loss, data leakage, reputation damage, which are very disastrous.
Ming Hu says
List common control issues associated with operating systems and remediation strategy/plan.
Control issues:
Trojan Horse – program that secretly performs some maliciousness in addition to its visible actions.
Virus – fragment of code embedded in an otherwise legitimate program, designed to replicate itself ( by infecting other programs ), and ( eventually ) wreaking havoc
Worm – process that uses the fork/spawn process to make copies of itself in order to wreak havoc on a system. Worms consume system resources, often blocking out other, legitimate processes.
Denial of Service ( DOS ) – attacks do not attempt to actually access or damage systems, but merely to clog them up so badly that they cannot be used for any useful work
Remediation strategy/plan:
Having the system print usage statistics on logouts, and to require the typing of non-trappable key sequences such as Control-Alt-Delete in order to log in
Configuring firewalls to prevent unauthorized Internet users from accessing organizations’ network connected to the Internet, especially intranets
Using spyware detection tools to detect and safely remove spyware
Jianhui Chen says
Good post, after reading your post, I realize that how important operation systems are. An operating system (OS) is system software that manages computer hardware and software resources and provides common services for computer programs.
Yu Ming Keung says
2. List common Control issues associated with operating systems and remediation strategy/plan.
Common control issues:
1. Weak password setting
– Having certain requirements of password setting
– Constant change of password
2. Lack of malware protection
– Firewall
– Anti-virus software
– Hire hackers to hack to system to see how well the system can be protected
3. Authorized assess are given to employees inappropriately
– Clearly identify roles and responsibilities for employees
4. Infrequency in patch management and update
– Policies set up for patch updates
– Test the patch before release
Abhay V Kshirsagar says
Yu Ming,
I agree with your patch management point. Just to add on that, I think timing is important too. Especially, for the security updates, they should be done in a timely manner and must be made in a controlled and predictable way. If the patch application process is organized and controlled, the system may drift from the compliance with assigned patch.
Liang Yao says
can patch remediate the risk caused by “zero day” attack?
Yu Ming Keung says
Hi,
Patches can slightly strengthen the resistance to malware such as zero day attack. However, I don’t think patch can affectively remediate risks caused by zero day attack because patch management and update takes longer time to write so the system can be compromised before the vulnerability is fixed. Zero-day threats are always one step ahead before or after the patch is updated,
To stop zero-day threats
1. Use firewall wisely
2. Use only essential authorized applications
Wen Ting Lu says
I agree with you! The reason why “Zero-day attack” has its name is because it is exploited and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability. Therefore, patch cannot effectively remediate the risk caused by “zero day” attack
Jianhui Chen says
Good post, Yu Ming, today’s threats have substantially changed, creating a reality wherein Windows XP vulnerabilities can put an entire company and its data at risk. To protect against vulnerabilities for which software patches will no longer be made available, using a vulnerability protection solution such as Trend Micro™ OfficeScan™ Intrusion Defense Firewall is advisable. Vulnerability shielding works on the premise that exploits take a specific or definable network path to and from an application in order to use a vulnerability. It is, therefore, possible to manipulate the network layer through rules to control the communications being made to the targeted software.
Abhay V Kshirsagar says
Why is so important to protect operating systems?
Importance of operating systems:
The operating system is more important than the hardware. The OS not only manages a computer’s tasks but also optimizes the performance. When several tasks are running at the same time and trying to access the CPU, memory and storage, OS then organizes the requirements and allocates proper resources to tasks.
It is basically a tool for us to communicate with the computer through the user interface without knowing computer’s language.
Why to protect:
OS needs protection to ensure that each program component that is active on a system is using resources only in ways defined in stated policies. These policies are either developed by the management of the system or are fixed in the design of the system.
The OS is also allowing users to access organization data. With that in mind, a compromised OS can give permission to a hacker who can then damage different application, steal/corrupt/delete important data, etc.
Yang Li Kang says
I wouldn’t say that the operating system is more important than the hardware. A computer can still operate without an OS through computer language but a computer cannot operate without its hardware. It is as you said, an OS makes operating a computer much easier for people who do not have knowledge in computer language.
Abhay V Kshirsagar says
Yang,
I meant in the context of an user, a hardware will be useless if there is no medium to communicate with the machine. And that’s where the importance of OS and the UI comes into the picture.
Thanks!
Fangzhou Hou says
Good point Yang Li. You are right, without the operating system, the hardware can keep working. However, the OS makes the device easier to use for common PC users, besides, many attacks like malware or phishing attacks are using the weakness of operating system. Without appropriate protection of the OS, PC users’ personal identify information and other sensitive data like online banking account and the passwords may be monitored by attacker through Trojan Horse, which higher the risks in damaging the users’ assets.
Binu Anna Eapen says
I like your point about risking the organization’s data. Not only does exposing the OS to vulnerabilities effect the user’s data but also keeps the data of the organization (confidential/ client related/ business) in the hotspot.
Vu Do says
Agreed Abhay, the operating systems provide access to those who are authorize. If that is compromised then it will be a huge risk since all the important information is stored within the OS. There must be safeguards in place that assign which users can access what system within the OS also. If everyone within the company has assign to all the databases then they can steal information or make changes that can be severe for the company. So making sure in the OS who has authorize access to what is very important and will mitigate potential risk.
Abhay V Kshirsagar says
List common control issues associated with operating systems and remediation strategy/plan.
The security controls depend on the configuration of the system and the sensitivity of data that is processed in the system.
The control issues are:
> Improper user access permissions
Remedy: Creating different user groups to define user privileges for files by the administrator.
> Unblocked ports: Port scanning can expose open ports and computer’s network services information can be obtained by an attacker to decide which port to use for an attack.
Remedy: Identify the processes that are keeping the ports open, check of the processes/services requiring the ports to be opened are required or not If not, configure the application to stop the service.
>Weak Password Policies: Weaker passwords or blank passwords can put the organization at risk.
Remedy: A password policy with a seven-character limit can be cracked by password decryption software in a matter of minutes. I think a good password policy should at least have a 20 plus character password (ideally a passphrase; easy to remember). It is important to also teach employees of the concept of passphrases.
>Patch Management: The common practice of “install and forget,” which means that systems after deployment are either not updated frequently or never updated.
Remedy: Systems should be updated timely with software updates. There should be a patch scheduling mechanism in place to serve as a guideline for scheduling plans.
Yu Ming Keung says
Nice post Abhay,
I agree that weak password or black passwords can put the organization at risk. Choosing a complicated password can increase the number of possible combinations of password. I would add to that the system should block the account or require secondary authentication if an incorrect password is entered too many times in order to prevent hacking.
Paul Linkchorst says
Hi Abhay and Yu Ming,
It still boggles my mind that many users still use weak passwords when most know of the cyber threats common in this day. For some organizations and users, there is an extremely large amount of valuable information that is only being protected by a password as easy as Dogs123. With that being said, one of the best ways to improve authentication controls is not only to establish a complex password requirement for users, but also inform users on how to remember complex passwords. If you were to view the link I listed below, taking the first letter from a phrase you can remember will make your password complex but also allow you to remember them. I started using this technique about 4 years ago when I was a freshman in college. It is a great way to keep and remember stronger passwords and really should be something taught throughout an organization.
Link: http://www.ecu.edu/cs-itcs/ithelpdesk/images/password.gif
Wen Ting Lu says
Hi, Paul
Thanks for sharing, very interesting technique! I think this technique helps solve the problem with passwords being too simple, but I believe there is still possibility that people will forget about the phrase. Adding password hints might be a good idea.
Tamer Tayea says
Why is so important to protect operating systems?
Protecting operating systems (OS) is important due to nature of functions performed by OS system wide. The OS is responsible for managing all compute functions running on system sharing hardware system resources (CPU, Memory, Disk, I/O devices). The OS manages process multitasking, resource time-sharing, inter-process communication (IPC). The OS is responsible for protecting individual application running from interfering with each other, accessing each other trusted compute base (TCB) in terms of virtual memory space and disk blocks managed by different processes.
List common control issues associated with operating systems and remediation strategy/plan.
The Operating System controls are part of every OS to protect end to end compute base. Operating system by default offers process traffic isolation to separate and protect trusted compute base (TCB) of each application/process running on the same system. The controls start from Access controls, password requirement, logging activities to remote syslog facility, protecting against malicious software, and finally performing logic isolation of compute resources like in case of multi-tenant cloud computing.
The access controls is concerned with permitting authorized users to log in system (OS), logging all their activities, incorporating role based access control (RBAC), and possibly two factor authentication. Instituting strong password (number of characters, special characters, password history, lock out policy after failed attempt) is one of the important OS security controls.
Liang Yao says
And don’t forget the resilience piece…very important. In addition, how about physical access to the computers, whether servers or desktops?
Jaspreet K. Badesha says
Why is so important to protect operating systems?
An operating system is a program that manages all application and application programs on your computer. All major computer platforms both hardware and software require an operating system. Since these operating systems are the base of so many other applications we need to ensure their integrity, confidentiality and availability. Therefore, OS security can protect it from threats, viruses and malware. If we did not protect our OS the integrity of information on our machines would be compromised.
https://www.techopedia.com/definition/24774/operating-system-security-os-security
Jaspreet K. Badesha says
List common control issues associated with operating systems and remediation strategy/plan.
Common controls we find with OS systems are listed below:
– Weak Password – requiring users to create more complex and strong passwords to prevent hacking.
– Lack of protection from network traffic – install a firewall and antivirus to prevent threats and leaks of important information from your machine
– Employees having to much access – creating secure accounts with required privileges only
Priya Prasad Pataskar says
Q] Why is so important to protect operating systems?
A] Operating system is the backbone of computer. It handles Memory Management,Processor Management, Device Management, File Management, Security, Control over system performance, Job accounting, Error detecting aids, Coordination between other software and users. The security of OS has fundamental impacts to the overall security of a computer system, including the security of all applications running within the system. An attack that infects OS has potential to expose danger to the running application and further attack other applications.
Fangzhou Hou says
Question: Why is so important to protect operating systems?
Security refers to providing a protection system to computer system resources such as CPU, memory, disk, software programs and most importantly data/information stored in the computer system.
In today’s business world, personal computers and other mobile devices are widely used in storing an organization’s information assets like employees’ personal information, payroll process, or order to cash process data. Without appropriate protection of operating systems, the Trojan Horse, Warms or other malware may allow attackers monitor the system flow and copy the sensitive information like bank accounts and passwords, which may cause huge damage for the organization’s information.
To mitigate the potential risks of data leak, operating systems need to be protect by antivirus software or other preventive controls.
Source: https://www.tutorialspoint.com/operating_system/os_security.htm
Yu Ming Keung says
Good point Fangzhou,
It is too risky to store all the sensitive information in our operating system without appropriate security on the operating systems. If the OS allows unauthorized assess to the organization data, it can lead to system downtime, virus, trojan, or data stolen.
Victoria A. Johnson says
Fangzhou, very nice post. You make a good point about personal computers and not having the appropriate protection of operating systems.
Fangzhou Hou says
Question: List common control issues associated with operating systems and remediation strategy/plan.
Common control issues:
– Lack of accessible authority control
– Lack of antivirus protections
– Do not have backup plan
– Lack of updating the operating system
– Lack of detective control to recognize the malware
These common control issues may cause serious problems like data leak, loss of personal identify information, and damage other information assets of the organization. To mitigate the risks caused by common control issues associated with operating systems, here are some suggestions:
1. Enhance the accessible authority control by setting passwords of the operating system and different authority levels to access the system.
2. Use antivirus software to ensure the operating system do not have any Trojan Horse or Worm.
3. Setting a backup and disaster recovery plan to make sure the operating system can maintain running, and recover the information.
4. Updating the operating system to the newest version.
5. Using the protection function of antivirus software to detect the malware.
Priya Prasad Pataskar says
Q] List common control issues associated with operating systems and remediation strategy/plan.
A] OS has to provide a confidentiality, integrity and availability to the system. OS security may be approached in many ways, including adherence to the following:
– Unauthorized access to the system – OS can have different users accessing different parts of memory. The software should have access level denied. Changes to OS dependent files must be restricted. At least 2 factor authorization must be provided. And authorization to determine level of access. read write, edit, execute etc.
– Patch management – Hackers come up with new attacks everyday and OS vendors release security patches to remove the vulnerability. Performing regular OS patch updates to keep systems up to date is a must.
– Networking security issues – Any device trying to connect to the network must be authorized and authenticated by the OS.Scrutinize all incoming and outgoing network traffic through a firewall
– User policy – Restricting access to files, network and terminal access , password change and locking should be deployed though user policy.
– Open ports – Open port that generally restricted by firewall can cause serious harm.
– Encryption – The storage media like HDD on the OS must be encrypted. The channel via which systems communicate must be an encrypted channel.
– Install updated antivirus engines and software and scan systems regularly.
Yulun Song says
Nice post Priya. other common control issues associated with the operating systems may include make a habit of cleaning up the computer on a daily basis and every time that you finish browsing the internet, perform regular operating system patch updates, install updated antivirus engines and software, scrutinize all incoming and outgoing network traffic through a firewall and create secure accounts with required privileges only.
Mansi Paun says
1 Why is it so important to protect operating systems?
The importance of protecting OS can be understood by understanding the impact on an OS that is not protected :
• Potentially allowing unauthorized access – could lead to a compromised system and information integrity due to unauthorized access
• Administrator authority is given to too many people and often of the level that is much higher than required to perform regular tasks needed for the job – this means that the administrators can knowingly or unknowingly harm the system.
• Systems are prone to attacks if not protected so a system that is not protected could be broken into easily which poses threat to the information on the system. The system could be subject to theft of data – be it personal or proprietary, which could have different outcomes depending on what data is stolen.
• An unprotected OS could lead to financial loss – small or big. A laptop or a desktop that crashes or is broken into could require money being spent in fixing the system, permanent data loss could occur and even intellectual property could be stolen. System down time could mean lower employee productivity and lost revenue in the form of chargeability.
Ming Hu says
Why is so important to protect operating systems?
Operating system, executed on the top of a bare machine of hardware that allocates the basic resources of the system and supervises the execution of all applications within the system. Because of the crucial role of the operating system in the operation of any computer systems, the security (or lack of security) of an operation system will have fundamental impacts to the overall security of a computer system, including the security of all applications running within the system. A compromise of the underneath operating system will certainly expose danger to any application running in the system. Lack of proper control and containment of execution of individual applications in an operating system may lead to attack or break-in from one application to other applications
Source: https://www.giac.org/paper/gsec/2776/operating-system-security-secure-operating-systems/104723
Vu Do says
Great point Ming, improper care of individual applications in the operating system leaves the system vulnerable to attacks. Risk measurements must be in place to safeguard against this so that the operating system will be intact and safe. Individuals must know what to do in case of any scenario that can unfold. There must be meetings discuss of potential attacks and how to handle in each. This knowledge will save the company in the future by having individuals be alert of any potential danger that may occur.
Paul Linkchorst says
Why is it so important to protect operating systems?
The operating system is essentially the “middle man” between a computer’s software and its hardware. This means that it is the operating systems that allow the applications access to computer resources such as the CPU, hard drive, network, and many other information system components. With that being said, it allows millions of software applications to be used on a computer all while providing the user with a familiar graphical user interface to start the software. From a security standpoint, this means that the operating system needs to be protected with the two important areas being access to data and hardware. If an operating system is compromised, a “bad guy” can attempt to perform a denial of service which means that the organization’s hardware is strained past capacity, causing information technology to crash. Likewise, a “bad guy” can have access to data through the operating system to either manipulate or extract for sale. Due to this, it is extremely important to protect the operating system.
Victoria A. Johnson says
Paul, nice post. Your post proves that staying informed and updated is important and will save you money in the long run.
Paul Linkchorst says
List common control issues associated with operating systems and remediation strategy/plan.
Two common control issues related to the operating systems is that of unauthorized access and patch management. Since the operating system can access both software and hardware, allowing an unauthorized user access to a system enables them to cause a significant amount of damage. This damage can either be to create an effect on the computer hardware or steal information. Due to this, it is important to have authentication steps logging into a computer as well as restrictions on the types of actions a user can perform once logged in. Likewise, patch management is another key control issue associated with operating systems. If an operating system has a bug or defect, it could potentially cause a disturbance in the information systems as well as be a potential vulnerability to malware. Therefore, it is important for a company to have controls which make sure patches to systems are identified and implemented in a timely manner.
Daniel Warner says
1. Why is it so important to protect the operating system?
a. The operating system can be viewed as the foundation for the computer, because the hardware and operating system need to communicate in order to reach the computer’s full potential. The operating system organizes the software and hardware of a computer and also, “acts as a scheduler and traffic controller”. I read an analogy online of the operating system play the role of a good parent to make sure that the applications get the right resources (memory, etc) from the hardware.
If the operating system was attacked the issue could then flow over into the applications and the hardware. Data could be corrupted, and stolen, and the users may not be able to access the applications due to corruption.
Vu Do says
Why is it so important to protect operating systems?
Operating systems are important since it is the tool we used every day to enter information and get information from the system. It is our way to communicate with the machine and to make it function. The operating system must be clear of viruses or malware so that information on it is protected. If a hacker was able to get access to the system then they could steal important information and even corrupt the system and make it inaccessible. Without a way to get back into a system could be a huge issue since important information lays within the system. Operating system thus must be protected from all these things so that we can function and have our information be secure. We hold important programs on the operating systems and losing that will be a huge blow. We must also be aware of our surroundings and make sure the operating system is back up just in case. A spill of some sort onto the machine could cause serious damage so that just comes to show us that anything can cause damage to the Operating system. We must make sure the Operating system is protected on all levels to prepare for anything that can happen.
Daniel Warner says
2. List common control issues associated with operating systems and remediation strategy/plan
Common control issues that can affect an operating system are:
• High amount of access and share permissions granted
• Lack of malware and firewall protection
• Weak password policy
• Poor patch management
A way to remediate these issues is to:
• Check the group permissions and ensure that the right users and assigned to the right groups and no groups have rights that exceed their job responsibility.
• Ensure that proper antivirus software is installed and that a firewall is present.
• Set length, and complexity requirements for passwords. Also require password changes within a reasonable amount of time.
• Check for patch updates to the OS..
Yulun Song says
good post Daniel, other may include make a habit of cleaning up the computer on a daily basis, or weekly, and every time that you finish browsing the internet, protect regular OS patch updates.
Vu Do says
List common control issues associated with operating systems and remediation strategy/plan.
Some of the common attacks are:
• Denial-of-service (DOS) Attacks – Attacks that prevent the use of the operating system by gaining access to the system and flooding the system until it overloads or send invalid data to the system which cause abnormal termination.
• Password-Based Attacks – Attacker gets into the system by over hearing your password or having your computer unlock so that they are able to just access the system without having to enter a password. Mostly it is done by eavesdropping or using tools to generate multiple attempts for password login. But once their into the system, they are able to access everything and can modify, delete, or transfer data.
• Malware – Attackers that are trigger once the user clicks something that opens the virus which will enter the system to corrupt it and cause damage for the user.
Plans that can prevent these attacks are regularly updating the system software and keeping virus protection up to date. Making sure the system is lock when you are not using it and never letting anyone know your password into the system. Be aware of what you clicking on and not opening something that looks suspicious and searching the email address if it was sent by email up to make sure that it is not a scam. There must be software in place that regularly scans the system for any intrusion and virus scanning software must be run daily to scan the system to make sure there is nothing suspicious.
Mansi Paun says
Q 2 List common control issues associated with operating systems and remediation strategy/plan.
=> Some of the common control issues associated with perating systems and their remediation strategy are listed below:
• User access to shared files and network drives – this could mean giving maximum rights to a user which could lead to unauthorized access or higher level of access than intended. The remediation is to set up appropriate file permissions for each user or user group to ensure that the user only has the appropriate access permissions.
• Vulnerabilities – The IOT(Internet of Things) devices used increasingly these days are easy routes to spread malware. Computers that have such devices communicating with them are at a serious risk of being infected with Virus and malware. The remediation to this issue would be to use the right Antivirus and Firewall software coupled with regularly updated virus definitions and the latest OS patches.
• Data available on disk which could be stolen easily – The right way to tackle this issue would be use file encryption software and whole disk encryption software so that data on a system that falls in the wrong hands would still be difficult to tap into.
Fred Zajac says
The Operating system is the link between the User and Computer. It provides, now graphical user interfaces to the underlying hardware, and allows the user to execute software away from the command line. Examples of operating systems are: Windows, Linux, and iOS. The operating system is used to allow the user to input commands, via and I/O device, which the hardware will perform and complete the commands.
It is important to protect the operating system because:
1. The OS is the level where controls and policies are configured
Intruder may access areas of the network that are considered “sensitive”
2. The OS accesses the hardware
Intruder can overwork the hardware and kill it
Intruder can access other devices on the network
3. The OS is complex
Intrude can hide on your network and watch what you do. It is difficult to figure out you have been hacked. Many times, you don’t even know until your computer breaks, tells you to pay someone to get information back, or it is broadcasted on the news.
Fred Zajac says
Even with a top notch policy plan, there may be some control issues that arise and every organization should have a remediation plan to reduce the down-time associated with the failure. Here are a few I have experienced.
1. Accidental – This would be the failure of equipment or untrained users. An example would be an old operating system, firewall, or anything that doesn’t get security updates from the provider or an employee not protecting their passwords
2. Deliberate – This is a planned attack for gain. It may be to gather information, bring down an organization, or hold data hostage. Malware may be installed by a disgruntled employee who is seeking revenge.
The best way to combat accidental and deliberate control issues is to have an accurate Enterprise Architecture blueprint. This will list the device names and versions. When each vendor provides a patch, a beta test of the patch can be performed, and if it checks out, a script can be created to push down the patches (Patch Management).
Keep an active security software solution for: Operating System, E-mail, firewall, and internet. Manage each solution on a daily basis. This will reduce the areas of penetration and increase awareness of new threats posted by the security provider.
Set controls for your employees. Only allow employees access to areas of the network required for the job. Monitor employee usage and limit access to the internet. You can also provide employee training on technology security best-practices. This will limit the chances of an employee accidentally causing an issue.
Yulun Song says
Why is so important to protect operating systems?
Computers are frequently used to surf the internet and for work, and many important data is included in the computer. So hackers may attach the computer if the security of its operating system is low. So protecting the operating systems are really important. Reasons see below:
Browsing history: when we browse the internet, the computer records the history of websites we have visited. So if the files are not deleted, other people can easily access the operating system and steal important data.
Cookies: cookies are files that originate from websites that we have visited. Cookies will remember the name, shopping preferences, items of interest, and other information. Hackers often use cookies to find out sensitive information.
Documents: computer stores documents that we recently worked on. If the security of OS is low, hackers can easily access the computer and view and steal the files that include sensitive information and data.
http://www.spamlaws.com/importance-of-computer-clean-up.html
Ming Hu says
Nice point, I agree with you, when we use our personal computer, we usually tend to store personal and sensitive on it, such as default password, payment method, for convenience and process money movement or other high-risk transactions. If the security of OS is low, the computer may be easily broke through, and those sensitive data may be stole for misuse.
Yulun Song says
List common control issues associated with operating systems and remediation strategy/plan.
People should:
1) make a habit of cleaning up the computer on a daily basis and every time that you finish browsing the internet.
2) perform regular operating system patch updates
3) install updated antivirus engines and software
4) scrutinize all incoming and outgoing network traffic through a firewall
5) create secure accounts with required privileges only.
Yulun Song says
https://www.techopedia.com/definition/24774/operating-system-security-os-security
Ariana Levinson says
I agree that patches and updates are critical to keeping the OS layer in good shape. Patches are released for a reason – because someone found a bug and it needs to be fixed. If that bug is related to security, then by not patching you’re basically saying that you know your risk of exploitation is high and you know there’s a way to fix it, but you aren’t going to do it. Patches should be thoroughly tested as soon as they’re released, and then implemented within 30 days in order to ensure the shortest amount of time a system is knowingly vulnerable.
Wen Ting Lu says
Q:Why is so important to protect operating systems?
A:The operating system is the fundamental software that supports the basic functions of a computer. It serves as a basic control panel that manages the core of a computer. It is also the necessary tool for us to communicate with a computer which will further comprehend the data and information upon storage. Protecting the operating system means to secure the primary platform which essentially allows storage of our information. By creating a safe operating system, it will less likely to leak any of our valuable documents that might contain sensitive information that could be taken advantages if obtained by others. The security of the operating system is the key to protect our assets.
Yulun Song says
Hackers attack those computers that their security of its operating system is low. Hackers use a scanner to see an area’s computers, and target on those low security OS. Internally, employees may leave some sensitive data and information in the browser, emails, etc. that would also bring more threat to the company and personnel.
Wen Ting Lu says
Q:List common control issues associated with operating systems and remediation strategy/plan.
A: Some common control issues associated with operating systems:
-Mandatory/Hidden installations of 3rd party softwares and plug-ins
-Malware while surfing on the internet
-Operating system becomes extremely slow
-Application compatibility
Remediation Strategies:
To prevent installations of many softwares and plug-ins, a firewall or an antivirus software is recommended, preferably a quality one with good reputation. This would also be a great tool to detect and eliminate malware since many websites we are viewing today have a great chance of having it. Excessive installations of softwares, storage files, cache and buffer files would slow down the operating system drastically. Therefore, it is also necessary to clean up the operating system every once in a while and defrag all drives. Since many applications are compatible with only certain operating system, the only possible solution is to find a similar program that would run through the operating system of your choice.
Shizhong Yang says
Why is so important to protect operating systems?
An OS takes care for all input and output in a computer system. It manages users, processes, memory management, printing, telecommunication, networking etc.
It sends data to a disk, the printer, the screen and other peripherals connected to the computer
And because every machine is build different, commands for in or output will have to be treated differently too. In almost all cases an Operating System is not one large big behemoth but consists of many small system programs governed by the core or kernel of the OS. Because of the compactness of these small supporting programs it is easier to rewrite parts or packages of the OS than to redesign an entire program.
In general programmers only have to make a “call” to the system to make things happen
This not only makes their live less miserable but the production time becomes shorter. As well as that programs can run on different types of machines with the same family of CPU’s without changing anything in the program. This is what makes a standard Operating System so important.
Victoria A. Johnson says
Great post Shizhong! I agree with your mention of general programmers and how their lives can be less miserable when it comes to protecting operating systems.
Jianhui Chen says
Agree with you, shizhong, An OS are responsible for all input and output in a system. This not only makes their live less miserable however, the time shortened. Also that programs can run on different types of machines with the same family of CPU’s with nothing changed in the program. This is what makes a standard OS so important.
Ariana Levinson says
Q: Why is so important to protect operating systems?
A: If you think of a computer system as a pyramid, the operating system is the base upon which everything else rests. It’s the foundation for everything to operate. It manages system memory, software, hardware, and important/sensitive information that is needed to keep everything running. The OS also allows you to “talk” to your computer and configure and design things within it at a more base level without actually having to know machine code. For these reasons it is crucial to protect the OS. If a hacker gains access to the OS, he gains access to everything. Critical data (financials, PII, passwords, etc.) could be accessed and used against the company or merely released, creating security issues for the company, the users whose data was released, and the publicity nightmare of being yet another company who couldn’t keep their user’s/customer’s personal information safe.
Q: List common control issues associated with operating systems and remediation strategy/plan.
A: Access control – users having access only to what they need access to and no more.
A strict access control policy should be implemented. For a Windows OS, Active Directory is a powerful tool that can be implemented to help keep access control in line. AD groups can be set up for different roles and responsibilities and provisioning to that group would be how access is granted. That prevents additional granular permissions from being granted accidentally. AD can also be linked to a company’s HR management solution to enable auto-deprovisioning if a user is termination. AD can also be used for password management.
A: Vulnerability Management – keeping the OS secure and hardened against hackers
Employing a vulnerability scanning tool can be very effective in detecting and then fixing critical vulnerabilities that could otherwise be exploited by hackers to gain access to the system.
Paul M. Dooley says
Why is so important to protect operating systems?
The OS are essentially the brains of the computer that interfaces with all of the peripheral components. It also prioritizes certain processes and allocates available computing resources to certain applications. In addition it is how the file systems are accessed. Due to these reasons, it is critical to secure the operating system.
Victoria A. Johnson says
Great summary Paul. It is crucial to protect your operating systems. Without an operating system, interacting with peripherals or secondary, non-essential input and output devices on a computer would be much more complicated.
Paul M. Dooley says
List common control issues associated with operating systems and remediation strategy/plan.
System hardening standards, build document and build process
Configuration – unused services/client firewall
OS version and Patching
Anti-virus/malware with latest .DAT
Password setting and/or other authentication methods
Remote access
Audit trail and monitoring
Disk encryption
Physical security
Source: Class Presentation
Victoria A. Johnson says
Why is so important to protect operating systems?
It is important to protect operating systems because the operating system is the first level of software which allows your computer to perform useful work. The operating system organizes hardware and software of the computer in order to ensure integrity, confidentially and availability. Operating systems are meant to protect against viruses and system threats. Without an operating system, interacting with peripherals or secondary, non-essential input and output devices on a computer would be much more complicated. This is because operating systems interpret the data that peripherals provide and present it to users in standardized formats.
Jianhui Chen says
Why is so important to protect operating systems?
OS is a software that designed to run on specific hardware. OS interfaces between the applications and hardware. An operating system has three main functions: (1) manage the computer’s resources, such as the central processing unit, memory, disk drives, and printers, (2) establish a user interface, and (3) execute and provide services for applications software.
if the OS is attacked, everything on the hardware not be accessible, and a damaged OS could potentially be used to damage the processors, the applications installed, other software installed, and the data/files stored on the system.
Jianhui Chen says
List common control issues associated with operating systems and remediation strategy/plan.
Common issues:
1. weak design and implementation can lead to a compromise of system by potentially allowing unauthorized access.
Lack of administration of accounts can lead to a compromise of system integrity by potentially allowing unauthorized gain access to sensitive areas.
2. change management risks,
lack of change management procedures would lead to a compromise of system integrity by allowing unauthorized gain access to sensitive resources.
Controls:
1.Creating multiple policies
2.Policies can be turned on or off
3. Policies are “inherent” and “cumulative”
4. Local Policy vs. Domain Policy (local ->Site->Domain -> OU->Child OU’s.
5. Policy Replication (AD and SYSVOL)
Tamer Tayea says
List common control issues associated with operating systems and remediation strategy/plan.
The Operating System controls are part of every OS to protect end to end compute base. Operating system by default offers process traffic isolation to separate and protect trusted compute base (TCB) of each application/process running on the same system. The controls start from Access controls, password requirement, logging activities to remote syslog facility, protecting against malicious software, and finally performing logic isolation of compute resources like in case of multi-tenant cloud computing.
The access controls is concerned with permitting authorized users to log in system (OS), logging all their activities, incorporating role based access control (RBAC), and possibly two factor authentication. Instituting strong password (number of characters, special characters, password history, lock out policy after failed attempt) is one of the important OS security controls.
Ming Hu says
List common control issues associated with operating systems and remediation strategy/plan.
Control issues:
Trojan Horse – program that secretly performs some maliciousness in addition to its visible actions.
Virus – fragment of code embedded in an otherwise legitimate program, designed to replicate itself ( by infecting other programs ), and ( eventually ) wreaking havoc
Worm – process that uses the fork/spawn process to make copies of itself in order to wreak havoc on a system. Worms consume system resources, often blocking out other, legitimate processes.
Denial of Service ( DOS ) – attacks do not attempt to actually access or damage systems, but merely to clog them up so badly that they cannot be used for any useful work
Remediation strategy/plan:
Having the system print usage statistics on logouts, and to require the typing of non-trappable key sequences such as Control-Alt-Delete in order to log in
Configuring firewalls to prevent unauthorized Internet users from accessing organizations’ network connected to the Internet, especially intranets
Using spyware detection tools to detect and safely remove spyware
Source: https://www.cs.uic.edu/~jbell/CourseNotes/OperatingSystems/15_Security.html
Jianhui Chen says
Agree with you huming, I notice that you mentioned trojan horse which I am really interested on it.
A Trojan horse containing malware may also be referred to as simply a Trojan or a Trojan horse virus. Unlike a true virus, however, malware in a Trojan horse does not replicate itself, nor can it propagate without the end user’s assistance. Because the user is often unaware that he has installed a Trojan horse, the computing device’s security depends upon its antimalware software recognizing the malicious code, isolating it and removing it.