Information Asset Management And Personal Devices: Risks And Solutions Essay. (70 Characters)

Protecting Sensitive Information in Today's Digital World

The information asset is valuable information that could be of several different forms, such as a digital document, a paper document, encryption or password, a database or other types of digital files. All assets are stored within some carrier, such as a laptop, cloud, server, hard drive, backup tape or USB stick. For discovering every information asset, this is useful in using categories for several kinds of assets (Alibadi and Sadkhan 2018). Effective IT management helps in keeping information accurate, such that there is a clear idea about which asset is being used, along with for what purpose. It is crucial to keep all personal data secure such that identity theft could be prevented. Such information is a gateway to all credit scores, medical records, financial institutions, along with other crucial personal records.

Between the online marketplaces and platforms of social media, the internet also is becoming a dream of virtual thieves. The platforms of social media continue in asking for much more personal data for the users in gaining access to. Such information could be skimmed easily by the hacker and could be used later for accessing personal data fraudulently. Online marketplaces are a part also of daily life (VM and Anandh 2019). For facilitating quick transactions, the information of credit cards of the customers is saved by the online retailers. If access to any account could be gained by a hacker, information of bank account could fail into some wrong hands easily. Hence, protecting sensitive information is quite crucial from any data theft or breaches.

This assignment covers the overall range of personal situations regarding information along with its management. It consists of a home computer, home network, laptop, mobile devices, along with other storage media which are used for storing relevant information. It also includes personal information stored within the cloud. These devices provide convenient access to all personal data easily. However, using such devices increases all associated risks also. The properties which make such devices portable, along with enabling these in having on-the-fly connections to numerous hosts as well as networks, make these vulnerable to physical control losses and breaches of network security (Maggi et al. 2019). Using such devices could increase the overall risk of data exposure and data loss, along with increased exposure to the attacks on the home network. There is also potential in these devices in causing issues for the user. These devices could be infected with some malware unknowingly. And the attackers are becoming much more sophisticated along with tough to detect as small circuit boards are being used by the attackers within the mouse devices and keyboards for launching malicious code. The malicious code is activated when the conditions are met, or a specific key is pressed. Once the malware infects the device for corrupting or stealing data, this could spread to all other connected devices within the home network (Qiu et al. 2020). And such devices are quite an easy process for the attackers in quickly propagating the malware by passing this over to the devices connected to that network.

Risks Associated with Personal Devices

As malware could be installed within the storage devices inside the firewall on the network or device, that malware could not be detected until huge damage is done. An opportunity could be also provided by the storage devices to the malicious insider in stealing data easily as these devices are quite easy to hide along with their use is tough to track. There is also potential for the smart devices in surreptitiously infecting the home network or devices when applications containing viruses and malware are downloaded (Ahmad et al. 2019). The potential for irreparable data loss or exposure arises from the practices used to store crucial data within the smart devices. All features which make smart devices attractive, like Wi-Fi or Bluetooth, could pose the most risks. When Bluetooth is turned on, this is discoverable to the device along with to malicious attackers who seek in exploiting that connection. The hackers also target the home Wi-Fi networks as they look to steal the data. The attackers linger nearby along with useful tools for intercepting any unencrypted data. A potential risk also with both smart devices and storage devices is due to their portability as well as small size (Zaman et al. 2021). If such devices are left in the public place, and those devices contain proprietary and sensitive data, well-being along with reputation could be in some serious jeopardy. A few things should be followed along with implemented for reducing every risk associated with the use of portable devices.

An endpoint protector is also used for monitoring along with controlling the transfer of data from the endpoints to the storage device. It protects also against the loss of data. It protects from insider threats along with accidental leakage of data that happens due to removable storage devices. It provides a facility to block or open access to several devices, such as smartphones, USBs, Wi-Fi networks, and printers. It is used to prevent loss of data along with theft prevention. It provides several features such as device control, enforced encryption, content-aware protection and eDiscovery (Li and Attarmoghaddam 2018). The features of the device help in locking down, controlling, and monitoring peripheral ports as well as USBs. It can identify every USB connected device uniquely and provides alerts along with reports for activities of USB on every endpoint. It provides granular as well as precise control. It also allows to create the blacklists along with whitelists of devices and defines the policies per device or user. The storage devices, USB drives, or technologies of mobile connection like Wi-Fi enhance productivity along with providing convenience. However, these open doors to several security risks also. This control would help to protect sensitive data as well as intellectual property. USB blocking or lockdown software is used for restricting every unauthorised device from accessing sensitive data and endpoints. It also ensures that data wouldn’t be copied to any untrusted removable device (Diamantopoulou, Tsohou and Karyda 2019). It gives control of all moving valuable information to the peripheral ports or USBs.

Endpoint Protectors: What They Are and How They Work

There is visibility into all data being taken out, and it helps in preventing intentional or accidental loss of data. The device control provides granular control upon every device. It contains features like transferring limits or offline temporary passwords. Also, it contains the functionality of encryption that prevents confidential data’s unauthorised data (Ganiyu and Jimoh 2018). A control network is used for reviewing these devices at home. The control network is the nodes’ network which collectively monitors, control, sense, and enables control of the environment or devices for a specific purpose. The control networks enormously vary within the nodes of the network as well as in their complexities. Unlike the networks which people use for communicating with one another, these control networks are invisible. Communication between the nodes within the control network might be master-slave or peer-to-peer. The nodes with the control network include three processors, one for a specialised program that is associated with the node and the other two dedicated in moving the data in that network (Weichbroth and ?ysik 2020). Such modularity makes this cheaper along with quicker for making new processors for the control networks. The Control network is being made from off-the-shelf software as well as hardware components.

Reviewing of storage media is conducted for verifying if the application under review stores the appropriate data in proper directories, along with if this has enough space for preventing any unexpected termination as for insufficient space. It is performed by comparing the batch run times, sustained rates of streaming, reviewing peak storage, reviewing latency of storage for the devices, and reviewing for corruption of data. The home network is reviewed also for ensuring that the network is functional. For reviewing the home network, all physical connections are checked properly (Marshall, Page and Webb 2021). For ensuring that every physical connection is good, log in is attempted to the devices within the network with the use of a valid user account. Command prompt is used also for checking the configuration of the network. It spits out several lines of information. It also helps to check if the IP configuration is correctly set along with the DHCP server is properly working.

Another test performed is using the ping command from the command prompt for ensuring that devices within the network could contact each other. Many ping tests are performed for ensuring TCP/IP is running with the computer or laptop trying in pinging itself. Localhost command is also used that helps to indicate if or not that ping is successful. Reviewing such devices helps evaluate the devices with the intent of finding if they satisfy every specified requirement or not (Sathesh 2019). It includes the activities which ensure the verification of the device with all intended purposes. This review also includes the activities for ensuring the identification of defects, errors, or bugs within the devices.

Private along with sensitive information is contained in the portable devices. Information should be safeguarded for protecting the security as well as safety of the devices. The devices’ accuracy is affected by the preferences of the security evaluation (Fonseca-Herrera, Rojas and Florez 2021). This security evaluation of the home-based devices and network provides all devices’ dynamic security situations and determines every abnormal event within these devices. Several steps are recommended for protecting crucial information within these devices from any unauthorised access or theft of data. These home devices are shipped with the default passwords. Hence, the first thing that should be done is changing the passwords for these devices for ensuring that the hackers could not brute force their way into these devices (Lara et al. 2019). All unused features should be disabled also. These devices should be also regularly updated. The upgraded techs have some new features always, and provide much more advanced methods for securing these devices that mightn’t be available within the earlier models.

USB Blocking and Lockdown Software

Upgrading’s other benefit is that there are much more players within the market nowadays. Keeping an eye on the devices having positive reviews by the science along with tech businesses would have lesser security issues when compared to the older models. The software’s new version releases include new functionalities along with fixes to bugs as well as security patches. Such patches work in plugging known vulnerabilities within these devices, which allow for attacks in dropping malware and stealing valuable data (Ferreira, Teles and Vieira-Marques 2019). For ensuring that the software of such device is upgraded always, automatic software updates should be turned on always. For securing the home network, a Virtual Private Network (VPN) could be used. Such VPN keeps the IP addresses of the network from being discovered. It also prevents the attackers from knowing the location along with makes all internet activities untraceable.

Portable computing is increasing in use as well as diversity. It is more likely now that the average individual has a device with them which is designed in making this convenient in accessing crucial personal documents along with bank accounts. While it is a wide area for analysis, there are a few certain areas which pose some security threats to such devices (Wu et al. 2020). These devices are susceptible to accident loss along with physical thefts. These devices are used by an average individual having limited security and technical knowledge. In addition, the corporate IT department is lacking by the home users for ensuring that every security practice is being implemented as well as followed. Hence, unless the usability scenarios along with default settings implement security, such devices could be left vulnerable. The standard specifies all requirements to establish, implement, maintain, along with improving the security system of the devices within the home network (Lee et al. 2019). These standards also involve requirements for the treatment as well as assessment of all risks of information security tailored to all needs. The internal along with external issues have been determined which are appropriate to the purpose along with that affect the abilities in achieving all intended outcomes of the security systems of those devices (Diamantopoulou, Tsohou and Karyda 2019). It has determined the applicability as well as boundaries of security systems of these devices for establishing the scope. This standard has helped in establishing, maintaining, improving, and implementing the security systems of these devices within the home network.

The processes are planned, implemented, along with controlled that are needed for meeting all security requirements of these devices. Plans are also implemented for achieving the objectives of information security for these devices. The security along with the effectiveness of these security systems, are also evaluated for these devices. A crucial threat is an individual looking to attempt in physically stealing the device for gaining access to the information. Hence, the threat is the adversary with unrestricted along with physical access to those devices (Munoz-Ausecha, Ruiz-Rosero and Ramirez-Gonzalez 2021). While several possible defences are thought of, they have the difficulty to decrease the convenience of the devices which are designed being convenient. A defence is automatic encryption of those devices’ overall persistent storage with the password needed at all times for using this device. A much more feasible process is having some way for using these devices for detecting who is using, such as using biometrics or RFID chip. As the technology evolves, maintaining privacy as well as security on these devices used in public is a constant consideration. A broad range of convenience along with possibilities are provided by these devices (Tariq et al. 2022). Such devices would continue in becoming more broadly used as well as more powerful as time goes on. Hence, the security of these devices would become a bigger issue. Every risk associated with such devices would continue increasing as these devices become a part of the daily lives more for all average individuals.

Preventing Data Loss and Theft

Conclusion

Security evaluation helps determine the compliance degree with the security model or security standard. This evaluation is conducted with the analysis of all detailed designs, observation of the devices’ functional behaviours, and penetration of the devices with the use of techniques that are available to the attackers. This security evaluation helps bolster the devices’ security. A detailed security evaluation helps to examine the devices along with finding weaknesses. This process prevents proprietary data from landing in the bad hands and also prevents losing data during the device’s breakdown. This security evaluation also helps in enlightening on better ways to safeguard sensitive information. Different devices along with applications within the home network are secured with the help of the security evaluation. Getting the security evaluation for the home network is a simple as well as a straightforward process.

This method is non-disruptive along with is conducted without altering all daily activities using those devices. This evaluation helps identify hidden vulnerabilities, potential gaps, and loopholes in the security architecture of those home-based devices and networks. The results detail all things from accessible as well as shared access credentials to updates of software versions required. This security evaluation also provides guidance to remediate all identified vulnerabilities, along with the opportunity for retesting in accessing the remediation efforts. The security evaluation helps test if all security measures are protecting confidential along with sensitive data properly from every potential point of attack from the hackers.

References

Ahmad, A., Malik, A.W., Alreshidi, A., Khan, W. and Sajjad, M., 2019. Adaptive security for self-protection of mobile computing devices. Mobile Networks and Applications, pp.1-20.

Alibadi, S.H. and Sadkhan, S.B., 2018, October. A Proposed Security Evaluation Method for Bluetooth E 0 Based on Fuzzy Logic. In 2018 International Conference on Advanced Science and Engineering (ICOASE) (pp. 324-329). IEEE.

Diamantopoulou, V., Tsohou, A. and Karyda, M., 2019, August. General Data Protection Regulation and ISO/IEC 27001: 2013: Synergies of activities towards organisations’ compliance. In International Conference on Trust and Privacy in Digital Business (pp. 94-109). Springer, Cham.

Diamantopoulou, V., Tsohou, A. and Karyda, M., 2019. From ISO/IEC 27002: 2013 information security controls to personal data protection controls: guidelines for GDPR compliance. In Computer Security (pp. 238-257). Springer, Cham.

Ferreira, A., Teles, S. and Vieira-Marques, P., 2019. Sotraace for smart security in ambient assisted living. Journal of Ambient Intelligence and Smart Environments, 11(4), pp.323-334.

Fonseca-Herrera, O.A., Rojas, A.E. and Florez, H., 2021. A model of an information security management system based on NTC-ISO/IEC 27001 standard. IAENG Int. J. Comput. Sci, 48(2), pp.213-222.

Ganiyu, S.O. and Jimoh, R.G., 2018. Characterising risk factors and countermeasures for risk evaluation of bring your own device strategy. International Journal of Information Security Science, 7(1), pp.49-59.

Lara, P.D.M., Maldonado-Ruiz, D.A., Díaz, S.D.A., López, L.I.B. and Caraguay, Á.L.V., 2019. Trends on computer security: Cryptography, user authentication, denial of service and intrusion detection. arXiv preprint arXiv:1903.08052.

Lee, G., Epiphaniou, G., Al-Khateeb, H. and Maple, C., 2019. Security and privacy of things: Regulatory challenges and gaps for the secure integration of cyber-physical systems. In Third International Congress on Information and Communication Technology (pp. 1-12). Springer, Singapore.

Li, K.F. and Attarmoghaddam, N., 2018, May. Challenges and methodologies of hardware security. In 2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA) (pp. 928-933). IEEE.

Maggi, F., Balduzzi, M., Andersson, J., Lin, P., Hilt, S., Urano, A. and Vosseler, R., 2019, June. A security evaluation of industrial radio remote controllers. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 133-153). Springer, Cham.

Marshall, B., Page, D. and Webb, J., 2021. Miracle: Micro-architectural leakage evaluation. Cryptology ePrint Archive.

Munoz-Ausecha, C., Ruiz-Rosero, J. and Ramirez-Gonzalez, G., 2021. RFID applications and security review. Computation, 9(6), p.69.

Qiu, S., Wang, D., Xu, G. and Kumari, S., 2020. Practical and provably secure three-factor authentication protocol based on extended chaotic-maps for mobile lightweight devices. IEEE Transactions on Dependable and Secure Computing.

Sathesh, A., 2019. Optimised multi-objective routing for wireless communication with load balancing. Journal of trends in Computer Science and Smart technology (TCSST), 1(02), pp.106-120.

Tariq, M.I., Tayyaba, S., De-la-Hoz-Franco, E., Ashraf, M.W., Rad, D.V., Butt, SA and Santarcangelo, V., 2022. Evaluation and Prioritisation of Information Security Controls of ISO/IEC 27002: 2013 for SMEs Through Fuzzy TOPSIS. In Advances in Intelligent Data Analysis and Applications (pp. 271-289). Springer, Singapore.

VM, J. and Anandh, J., 2019. A Contemporary Methodology to Unify Structured Data in Portable Devices.

Weichbroth, P. and ?ysik, ?., 2020. Mobile Security: Threats and Best Practices. Mobile Information Systems, 2020.

Wu, Y., Li, Z., Van Nostrand, N. and Liu, J., 2020, November. Security and privacy in the age of cordless power world. In Proceedings of the 18th Conference on Embedded Networked Sensor Systems (pp. 717-718).

Zaman, K.S., Reaz, M.B.I., Ali, S.H.M., Bakar, AAA and Chowdhury, M.E.H., 2021. Custom hardware architectures for deep learning on portable devices: a review. IEEE Transactions on Neural Networks and Learning Systems.