With the ability of newer cell phones to allow wireless laptops to tether themselves to the cell phone and share their Internet connectivity. How can corporate networks protect themselves knowing that this circumvents security protocols?
Hello, Percy Jacob Rwandarugali
First, the company should set up internal network and external network.Set up a policy that allows mobile phones to connect to the external network, but not to the internal network.(or disable this feature)
Cell phone access to the Intranet should be restricted.(prevent malicious software and network viruses from entering through this channel)
Auditors shall periodically review the web logs.Make sure there is no abnormal activity.(employees use mobile phones to connect to the Shared company network)
Only personal opinions
What is a procedure for auditing if the organization use cloud service? How is the audit conducted and what are the important controls that auditors should focus on?
Hi Neung,
It is a great question since the popularity of cloud computing has increased recent years, and it brings many security concerns along with advantages. Therefore, auditing is a crucial part of deploying cloud computing. As an auditor we firstly need to understand on which service model organization is working and accordingly we need to decide our scope of audit and plan accordingly. Auditors should assess adequacy and effectiveness of controls of cloud computing service provider and compliance with applicable regulations. The areas should be focused are risk assessment plans, monitoring activities, identity and access management, system operations, and change management.
Advantages:
– Accessibility : Files in cloud can be accessed anywhere with internet connection
– Cost saving : No need physical storage and reduce annual operating costs
Disadvantages:
– Data security : Since internet has many vulnerabilities, company should consider data in cloud especially sensitive information because if you share with other organizations, it increases risk of data breach when attackers exploit cloud system.
From a risk-based audit approach which of the service models in cloud computing ( SaaS, PaaS and IaaS) will you consider to be the most suitable for a medium scale organization.
In my opinion, PaaS will be most suitable for a medium scale organization from a risk-based audit approach, as having the control of application and data, the risk will be minimized. On the other hand, the organization won’t need to be worried about other smaller stuff which makes it more cost effective.
I would say it depends on the business itself, but for a medium sized organization I would suggest either SaaS or PaaS. SaaS is convenient and cost effective, but on the other hand PaaS allows for a possibility of more control when it comes to configuration settings for the hosting environment, along with being able to deploy the company’s own applications.
Apart from the use of firewall, what are some of the other devices/technologies that can be used by network admins to counter the threat of DDOS attacks?
Hi Akshay,
I searched more information to find the answer and I found some technologies which can mitigate the threat of DDOS attacks. There are many tools that can protect and detect DDOS suc as Incapsula, Cloudflare, Arbor DDoS, and Bee Think. These tools can automatically monitor and solve the issue of DDOS. https://www.colocationamerica.com/blog/ddos-prevention-tools
Hi Peiran,
Hackers can gain profit from the DDOS attacks because they can get money from using DDOS attacks to make system unavailable. There are black markets for hackers which they can can earn thousands of dollars.
How do you mitigate the threat of whaling? for example, if your CEO is being targeted and the work network they’re on is secure but their home network is insecure how do you stop the attacker from potentially causing a breach?
Attacker cannot steal information through DDoS attack. The only goal is to overload the network. The motivation behind this attack might be blackmailing. For example, attacker can request money from website owner to stop DDoS attack. Also, there might be many other motivations including political, terrorist, and market competition.
What controls would you recommend an organization implement to mitigate the damage caused by a DDoS attack that is targeting an organization’s badnwidth?
Hi Imran,
Here are some remedies for DDoS attack. First mitigation method might be scaling up the network bandwidth. If it is affordable, scaling up network might be solution so that bandwidth be able meet a large volume of traffic. Second one might be outsourcing. There are many companies working on scaling infrastructure to respond to DDoS attacks. Third one is updating hardware or deploying proper hardware that can handle attack. Although these are some technical mitigation best practices, prevention from DDoS attack is a business issue. Organizations should establish resilient security architecture and plan to mitigate the impact of this attack.
You can identify or determine whether your windows or macOS computer is under a Distributed Denial of Service attack by doing these simple steps:
a. Watch for connection errors – if you discover you can’t access websites, see errors like “Site cannot be reached” and your system can’t access other internet services despite being connected, it’s possible the computer is affected by a DDoS attack.
b. Slow Network Performance – if it’s taking an unusual amount of time to open a network files, your network could be under attack.
c. An increase in spam messages – A DDoS attacks could come in form a flood of emails from various sources.
d. Run Netstat
For Windows: Type cmd into windows search bar and click command prompt. Type netstat – an and press enter.
For macOS: Open the Applications folder, Double-click the utilities folder, Double-click Terminal, Type netstat- an and press Return.
If you see a large (hundreds or thousands ) number of connections to the same port on your IP address, your computer is likely under DDoS attack.
With the ability of newer cell phones to allow wireless laptops to tether themselves to the cell phone and share their Internet connectivity. How can corporate networks protect themselves knowing that this circumvents security protocols?
Hello, Percy Jacob Rwandarugali
First, the company should set up internal network and external network.Set up a policy that allows mobile phones to connect to the external network, but not to the internal network.(or disable this feature)
Cell phone access to the Intranet should be restricted.(prevent malicious software and network viruses from entering through this channel)
Auditors shall periodically review the web logs.Make sure there is no abnormal activity.(employees use mobile phones to connect to the Shared company network)
Only personal opinions
What is a procedure for auditing if the organization use cloud service? How is the audit conducted and what are the important controls that auditors should focus on?
Hi Neung,
It is a great question since the popularity of cloud computing has increased recent years, and it brings many security concerns along with advantages. Therefore, auditing is a crucial part of deploying cloud computing. As an auditor we firstly need to understand on which service model organization is working and accordingly we need to decide our scope of audit and plan accordingly. Auditors should assess adequacy and effectiveness of controls of cloud computing service provider and compliance with applicable regulations. The areas should be focused are risk assessment plans, monitoring activities, identity and access management, system operations, and change management.
What are the advantages and disadvantages of migrating core business functions to cloud?
Advantages:
– Accessibility : Files in cloud can be accessed anywhere with internet connection
– Cost saving : No need physical storage and reduce annual operating costs
Disadvantages:
– Data security : Since internet has many vulnerabilities, company should consider data in cloud especially sensitive information because if you share with other organizations, it increases risk of data breach when attackers exploit cloud system.
From a risk-based audit approach which of the service models in cloud computing ( SaaS, PaaS and IaaS) will you consider to be the most suitable for a medium scale organization.
In my opinion, PaaS will be most suitable for a medium scale organization from a risk-based audit approach, as having the control of application and data, the risk will be minimized. On the other hand, the organization won’t need to be worried about other smaller stuff which makes it more cost effective.
I would say it depends on the business itself, but for a medium sized organization I would suggest either SaaS or PaaS. SaaS is convenient and cost effective, but on the other hand PaaS allows for a possibility of more control when it comes to configuration settings for the hosting environment, along with being able to deploy the company’s own applications.
Apart from the use of firewall, what are some of the other devices/technologies that can be used by network admins to counter the threat of DDOS attacks?
Hi Akshay,
I searched more information to find the answer and I found some technologies which can mitigate the threat of DDOS attacks. There are many tools that can protect and detect DDOS suc as Incapsula, Cloudflare, Arbor DDoS, and Bee Think. These tools can automatically monitor and solve the issue of DDOS.
https://www.colocationamerica.com/blog/ddos-prevention-tools
How can the hackers profit from the ddos attacks? Or they are just hired to do the attack or attacking for fun?
Hi Peiran,
Hackers can gain profit from the DDOS attacks because they can get money from using DDOS attacks to make system unavailable. There are black markets for hackers which they can can earn thousands of dollars.
How do you mitigate the threat of whaling? for example, if your CEO is being targeted and the work network they’re on is secure but their home network is insecure how do you stop the attacker from potentially causing a breach?
How would you help a client determine if they should keep their business functions in house or move them to the cloud?
What is usually the motive of the attacker behind the DDoS attack?
Hi Natalie,
Attacker cannot steal information through DDoS attack. The only goal is to overload the network. The motivation behind this attack might be blackmailing. For example, attacker can request money from website owner to stop DDoS attack. Also, there might be many other motivations including political, terrorist, and market competition.
What controls would you recommend an organization implement to mitigate the damage caused by a DDoS attack that is targeting an organization’s badnwidth?
Hi Imran,
Here are some remedies for DDoS attack. First mitigation method might be scaling up the network bandwidth. If it is affordable, scaling up network might be solution so that bandwidth be able meet a large volume of traffic. Second one might be outsourcing. There are many companies working on scaling infrastructure to respond to DDoS attacks. Third one is updating hardware or deploying proper hardware that can handle attack. Although these are some technical mitigation best practices, prevention from DDoS attack is a business issue. Organizations should establish resilient security architecture and plan to mitigate the impact of this attack.
Can I use my digital certificate to replace my signature?
What are the main ways to identify zombie computers in a DDOS attack?
Hi Han,
You can identify or determine whether your windows or macOS computer is under a Distributed Denial of Service attack by doing these simple steps:
a. Watch for connection errors – if you discover you can’t access websites, see errors like “Site cannot be reached” and your system can’t access other internet services despite being connected, it’s possible the computer is affected by a DDoS attack.
b. Slow Network Performance – if it’s taking an unusual amount of time to open a network files, your network could be under attack.
c. An increase in spam messages – A DDoS attacks could come in form a flood of emails from various sources.
d. Run Netstat
For Windows: Type cmd into windows search bar and click command prompt. Type netstat – an and press enter.
For macOS: Open the Applications folder, Double-click the utilities folder, Double-click Terminal, Type netstat- an and press Return.
If you see a large (hundreds or thousands ) number of connections to the same port on your IP address, your computer is likely under DDoS attack.