Operating system is very important for an effective work of an organization. Operating system is “a collection of software programs whose role is to manage computer resources and provide an interface for client applications to interact with the different computer hardware” (Bassil, 2012). Thus, an operating system is responsible for software and hardware; and it is crucial for different operations within the company.
Nevertheless, operating system is often exposed to different threats, which come from Internet or various users who plan hacker attacks. In order to work properly, specialists must make sure that the operating system is secure. This way, it will be protected from harmful programs and intrusions; and the content will be safe and stable. Operating system is secure when it is ensured with availability, confidentiality, authenticity and integrity. Availability means the ability to use system resources in an authorized system entity. As a result of confidentiality, one can minimize unauthorized access to data. User’s identity is checked thanks to authenticity; and integrity checks whether the used data is the right one for work.
Assessment of Operating Systems Security Vulnerabilities
Ensuring these things allows the operating system to be protected from viruses, malware, hacker intrusions and other threats. There are many different techniques, which “guard” the computer and make it less vulnerable toward different threats. This way, computers are protected in case somebody wants to steal information from them, or to damage the entire system. Different programs perform various tasks in order to secure operation system. For example, one may install and update antivirus engines software regularly in order to provide one’s computer with the most modern protection. One can also create secure accounts; they will have certain required privileges. For example, there might be administrator or user management account, which has more options and access. Network traffic can also be scrutinized through a firewall, and an expert can also perform regular updates of OS patch.
Techniques Used to Protect Operating Systems
Thus, one can see that there are different measures, which allow protecting operating systems. Particularly, there are three measures, which are very effective while securing operating systems. These mechanisms include access control, software, and intrusion detection system.
Software simplifies many processes within an organization. For example, it simplifies data processing. It also controls hardware components and allows users to use application software (Sommerville, 2010). Software products are usually designed for all, and they are responsible for the functionality of the operating system.
The main disadvantage of software is the risk that it may not be tested well enough. Thus, software may contain a certain malware before the installation; and that may harm the operating system.
Nevertheless, there are also many advantages in it. For example, software maintains operating system working properly and guarantees better stability of its work. It also increases capabilities of the operating systems. Users can perform their tasks in a shorter period of time; thus, performance increases. The main advantage is obviously improved protection against many threats and vulnerabilities. For example, newer software is usually better tested and prepared to face the challenges and threats, which may affect computers. An example can be found with Windows 7. It is much safer than its predecessors, and it guarantees a higher security level. It is also quicker and, consequently, simplifies the overall processes for the users.
As for disadvantages, it was mentioned before about the lack of testing. It may be also seen with software, which is not licensed. Some people try to save money, and instead of buying licensed products, they buy unlicensed software. It may cost less, but no one can guarantee that it is secure. Sometimes such software may be the main cause for security vulnerabilities and problems when it comes to functioning well.
Another disadvantage is that upgraded or new software may be exposed to malicious code, etc. It may also be incompatible with the existing and functioning operating system. Thus, there may be some dangers such as losing data files or system failures. Hence, a person may not be well informed about new software, and this lack of information may lead to improper installation and usage, which may cause security problems too.
Nevertheless, software may be the only solution when a company or an organization is facing constant and repetitive problems with one’s existing operating system. These problems may be the proof that the existing operating system can no longer function the way it is, and that is why it has to be upgraded with new software. Security policy of an organization requires software to be changed regularly in order to prevent possible threats (Diprose, 2009). One has to make sure that new software will function properly with the operating system; otherwise, there is no point of upgrading it. Also, one has to check whether the required resources are included. Software is one of them; also, there should be backup disaster recovery disk and plan.
In order to measure software for security level, one has to see whether it is protected from malicious code, to check its activity and auditing controls. An expert also needs to know about testing, which was done on the software as well as the methods for authentication used. If the software is configured in a wrong way, it may cause many negative consequences for the operating system. For example, it may experience many failures; moreover, it may even stop working at all. System administrator should run software on a closed network using the stand-alone system. This way, he or she will be able to test software before spreading it on the entire working network. After successful testing, one may implement it on the entire network since it will be able to work properly.
System administrator can also change the setting in order to ensure that software is automatically updated. It will remedy threats to the entire network. In an organization, not only system administrator, but every worker has a direct connection to software. Thus, they have to know how to use it properly. They also need to know about the importance of security via software. For example, employees have to protect their privacy settings. Managers, in this case, play a very important role since they are the ones who plan and organize the work of system administrators and possible solutions to emergencies concerning software failures.
Access control is another important measure, which allows ensuring security. As it was mentioned before, system administrator can grant various users different types of access. For example, managers can get more access while workers may get less, etc. There are certain identifiable methods, which guarantee authenticity. Personal information and access to data should be carefully protected, because if somebody who is not authorized gets it, he or she may use it to harm the operating system. Thus, access should be granted to specific people only, and they should not reveal it to anybody else.
Access control allows protecting the organization’s data. Therefore, it hides and protects it from the outsider’s intrusions and attacks. It also prevents misuse of intellectual property. Access control seems like the most effective and simple thing to us in order to protect the company, but because of its obviousness, it is often underestimated and used improperly.
If one does not want unauthorized personnel to get to certain information, the easiest way is to simply restrict this person an access (Goodrich & Tamassia, 2011). Access control can be regulated by IP address or other based controls. There are also two main access control mechanisms. They are Mandatory Access Control (MAC) and Discretionary Access Control (DAC). They are responsible for determining the access different users have. DAC is most often used by Windows. It has a control list model. This model allows creating certain rules for different groups of users. According to the rules, users get different access to various resources including documents, folders, and files. Different access also allows different functions such as copying, editing or simply reading. The MAC is used not as often as the DAC; it is the most widespread in military databases, etc.
There are many advantages of using access control in one’s operating system. The main and the most obvious advantage is filtering users and their possibilities. With qualified access control, one can make sure that only certain people have access to certain files, etc. Another advantage is control over the object of the systems. Thus, systems administrator does no only filter users; he or she also checks the data, which is stored thanks to the access control.
On the other hand, there are some disadvantages to such a measure. One always has to keep in mind that access control requires working with people. For example, if a certain company has many employees, all of them should be guaranteed a certain level of access. Thus, it is up to specialists to ensure that this access is protected. Unfortunately, there are always employees who neglect their jobs, and they may also misunderstand the whole concept of access control. They may not realize its importance and enclose private information. Thus, management team has to train the workers and explain to them the importance of access control. Nevertheless, human factor is always present in this case, and managers have to take it into consideration.
Another problem is that human resources change constantly. Thus, specialists have to keep up with these changes. People change departments and jobs positions; they leave or join the company. Hence, they have to be provided with the necessary level of access. Obviously, different duties require different accesses. It is crucial to determine the right amount of access, and system administrator has to be fully aware of it. An operating system may become exposed to malicious code, because of many changes and various users.
MAC is also rather expensive, because it requires many trusted components and certain applications; DAC, on the other hand, is cheaper and easier to set up.
The third measure is intrusion detection system. Such a system is also responsible for protecting the privacy and maintaining security. One can see certain similarities in functions of access control and intrusion detection systems. Nevertheless, intrusion detection systems also work against attacks. For example, there may be hackers who are focused on getting certain data. Thus, they try to break an operating system or send a certain malicious code in order to get the data. In this case, intrusion detection system is the one that protects operating systems from such attacks. Intrusion detection systems have two different types. The simple one is called Intrusion Detection System or IDS for short. Its functions are simple. It constantly monitors the actions within the system. IDS also has some basic information about the environment in which the system operates. Thus, its monitoring allows seeing whether the system is being under attack. The system starts to act whenever it notices actions, which may be considered to be an attack. On the initial level, it may also just check what type of information is being transmitted. It analyzes and works with the data, which comes from the system in order to protect it (Nazer & Selvakumar, 2011).
Another type of intrusion systems is Host-based Intrusion Detection System (HIDS). This system is more complicated than the previous one, because it collects information from every single computer. It can also identify attacks on the system (Haugsness, 2008). It also monitors traffic.
This measure has certain disadvantages. System administrator and IT-team focused on security always have to be alert in order to use HIDS. It needs constant support from people who are operating this program. For example, if HIDS detects an attack, system administrator has to solve this issue immediately, because a program cannot solve it on its own.
Another disadvantage is the necessity to install intrusion detection system on every computer. That is rather expensive; nevertheless, when one speaks about safety on company’s scales, its security is worth the finances invested in it.
Host network itself may be exposed to suspicious traffic; and that may cause false alerts. HIDS also works in such a way that it produces a lot of data even for one intrusion. Thus, this data has to be analyzed in order to determine the source of the attack, etc.; and such work can be very time-consuming.
Still, there are many advantages of such a system. First of all, it links the entire network since it is installed on every computer. Thus, it ensures the protection of the entire network of the company. The program is constructed in such a way that the system administrator gets notifications about alerts whenever attack is taking place. Thus, he or she is able to deal with it immediately. HIDS is also designed in such a way that it is able to recognize different types of attack. For example, it is able to track down unauthorized file modifications, etc. Since it detects suspicious traffic, it may also prevent attacks in the first place.
Before installing intrusion detection systems, management team has to change security policies. This way, these policies will be used successfully in case of hackers’ attacks, etc. Experts have to be trained in order to use intrusion detection systems effectively.
The measures mentioned above are relatively easy to implement. A company that is concerned with its safety should use licensed software, work with specialists who are able to maintain security and provide employees with the necessary access control. Specialists should also install intrusion detection systems on every device in order to protect the company’s data. These measures are not perfect, and they cannot guarantee absolute protection. Nevertheless, they complicate intrusion process greatly; and they also secure computers, so they are less vulnerable to different dangers. These processes are possible to implement, and the company can easily calculate their costs. Thus, it is possible to use these measures effectively since they require the least resources, time, and money, but they provide companies with the necessary safety, which is very important for an organization.
The Ranking of the Proposed Measures from Best to Worst
One can rank these measures according to Zeltser security metrics. In this case, software will be on the lowest level when it comes to security. Buying licensed and tested software is already a representation that it is going to work well. Since it is difficult to use software when it comes to hacker attacks, system administrator has to make sure that software was installed properly and that there are no system failures, etc. Nevertheless, when it experiences failure, it is extremely difficult for the system to recover. It will also take a long time to fix the system and install anti-virus software in case the system in not functioning properly. Still, the organization’s network is not going to “die” of using other software. Another fact, which should be always taken into consideration, is the necessity to purchase the software from trusted vendor. In this case, the operating system will most likely have no or very small amount of problems. Thus, the main concern is whether the software is from trusted vendor; and whether it is implemented in a timely manner.
In this case, intrusion detection system is in the middle between software and access control. The main advantage of it is the immediate alert whenever something risky happens. Thus, system administrator knows immediately whether there is a problem. He or she is also able to determine the source of it as well as stop it on the initial stage. The intrusion detection systems enable system administrator to protect the operating system and save the network from possible damage. Thus, it is ranked the second or medium, because of its effectiveness. It is also very complicated measure, which makes the attacking process more difficult.
In this case, access control is ranked the highest. According to Zeltser security metrics, which evaluate the time it takes to bring the system back to normal as well as the time when one spots the threats, access control allows slow solution to security issues. System administrator can see the problems, but he or she will face difficulties while fixing them. The main problem is in the source of unauthorized access, because a system administrator may have difficulties finding it. When it comes to unauthorized access, human factor is crucial. If there is a person who does not want to follow security standards, he or she may be the main cause for security problems since an individual may share the information, which should not be shared. An outsider who gets access may control the entire system and damage the entire network of the company. An outsider would be able to change the root-level access. Thus, he or she will be able to change the entire system in such a way that authorized personnel will not be able to use it anymore. Accordingly, that may cause the change in the entire system to such an extent that the company may lose all of its data, or it may be used by competitors for improper reasons. That is the reason why access control is the most important thing when it comes to providing security, and its level is the lowest, because it can affect the system the most.
Thus, one can see that these measures are different both in their functions and effects on the overall operating system. Nevertheless, all of them are important for the operating system’s functioning. Still, system administrator needs to take certain ideas into consideration. He or she may install software as well as intrusion detection systems perfectly; still, intrusion detection system does not work by itself. Intrusion prevention as well as firewalls to monitor and detect suspicious traffic are also important. The system administrator has an advantage in this case since he or she is able to react quickly when it comes to threats. System administrator is at the position where he or she may prepare ahead of such attacks and control the network despite different malicious actions. The same is with software system. Access control, on the other hand, is a much more difficult measure because it is more complicated to deal with different users and their data.
Thus, protecting data of every user and his or her access options is extremely important. Hence, one would recommend securing access control to the highest level. It is not only IT-level, but also psychological because people with different accesses should realize their importance.
In summary, it is the necessity for the operating system to be secure all the time. Operating system holds all of the important data, which may be crucial for company’s competitive advantage and survival on the market as well as many other reasons. In order for the operating system to work properly and be secure, its hardware and software should be working well too. Workers within a company should also be aware of the security system in order to follow it and meet required criteria. Software, intrusion detection systems, and access control, in this case, play valuable roles since they are the main determinants when it comes to securing operating systems. All of these measures should be evaluated carefully, and before using or installing each of them, professionals who work in that area should create a certain plan about their implementation.
Software, access control and intrusion detection systems require trained workers who are familiar with these measures. Software has to be tested and checked previously on the closed network. Access control has to be given to workers depending on their position and necessities for task performance. Intrusion detection systems are able to collect, detect and analyze information about alerting and suspicious traffic, which helps to prevent and recognizing possible attacks. Such security measures allow working in open networks and maintain stable and effective security. In the era when companies no longer work with closed networks, these security measures allow changing the ways in which companies operate. Indeed, these measures are not perfect, and there are still a lot of vulnerabilities when it comes to them dealing with threats and problems. Hence, a professional has to always be on guard and improve oneself focusing on providing the highest level of security as possible. Furthermore, other employees should also realize the importance of such a security, because it determines the company’s development and functioning.
Earn 10% from every order!
Earn money today! Refer our service to your friends