James works for a bank, and he spends most of his attending to bank clients and travelling. He always carries with him a laptop that contains confidential bank information. The Operating System of the laptop was last updated in May 2011. Some of the programs James uses are MS word 2007, MS Access and MS Excel. James’ computer is, however, not well secured. It does not have a firewall or an antivirus. In addition, the data in the laptop are not encrypted. Severally, James uses his laptop in a cyber café, and while travelling, he sometimes leaves it in his car un-attended. This paper will present an analysis of possible security threats that may affect James’s laptop. Possible measures to prevent any attack will also be presented.
There are several sources of computer threats. According to Fleegar (2007), the sources these threats could either be internal or external. The threats circumvent computers security without prior authorization by rightful user. Internal security risks mainly arise from viruses and physical compromise of storage system (Gasser, 2008) e.g. damaged hard disk. External security risks are mainly from a third person e.g. hacker or a thief. There are mainly three aspects of information that can be compromised. These are Confidentiality, integrity and Availability. These aspects have been discussed below with respect to aim of security, possible attacks and their sources and counter attack measures that should be employed. Confidentiality
Aim of security: To prevent un-authorized disclosure of information from a computer (Ding, 2011) Possible attacks: Reading, copying and editing information
Possible sources of attacks: cyber café hackers, criminals e.g. robbers, polymorphic viruses (Gollmann, 2008) Counter attacks: Documents should have a password, a firewall should be used to bar hackers, user account should have a password or a screen lock and data should be encrypted....