Thus, system administrators will find it harder to use the audit trail to quickly determine the cause of a problem. One major disadvantage of this system is that it may conduct an audit regularly even when there is no security breach. The audit trail will be able to provide conclusive information on the details of the security breach and its effect on the operating system. Thus, audit trails will prevent further harm or security breach to the computer operating system when a security breach occurs when the security access control has failed to deny unauthorized access. This system is also used together with the principle of least privilege. The audit trail can then be used during investigations after the loss of data from the operating system. Thus, the audit is able to provide information on how effective the breach was or if it failed (Kizza, 2009). In case of a security breach, audit trails will be able to determine how the breach occurred and its extent. This is a major advantage as causes or threats of security breaches can easily be identified. For instance, an employee can mistakenly delete a company database that they have complete access to.Īn audit trail is a measure of protecting operating systems whereby system activity is constantly tracked. Some employees can also make mistakes in handling their computers, leading to the destruction of information stored within the operating system databases. In some cases, employees that are unhappy about the workplace will use the organization’s information for their own personal gain, or for revenge. These attacks will easily steal the necessary information from employees and use it to access the computer system. Employees have become the target of social engineering attacks arising from outsiders. This happens despite the high level controls that have been put in place to control user access (Bosworth, Kabay, & Whyne, 2009). Thus, their actions determine the safety and protection of the resources within a computer operating system. The employees of an organization have access to all or most of the organization’s valuable information. This information can easily be accessed by unauthorized personnel. Employees have the security credentials necessary to access the operating system. One of the disadvantages of this method is that many security breaches arise primarily through employees of an organization. This makes it easier to secure the operating system once the cause of the breach is established. Only parts of the system will be affected by the security breach. If a security breach occurs, then the attacker will only have access to that part of the operating system, thereby preventing access to the entire system (McNab, 2008). Thus, each part within the system has specific levels with which they can be accessed by an individual. This method is advantageous because it involves establishing various levels within a computer or a network operating system. It is known as the system’s access control feature. The principle of least privilege is one of the most popular techniques in securing operating systems. Various security measures are also utilized at the same time to improve the security of the operating system. This is done so that when threats do occur, it will be as a result of improper use of security features or failure to use the measures properly. Operating systems are designed in a way that it is easy to establish, operate, and service any of the above security measures. The three measures that can be used for an operating system’s security are: principle of least privilege, full disclosure, and audit trails. They are known as access control policies that are effective in improving an operating system’s security (Kizza, 2009). These mechanisms are involved in ensuring that various security policies are followed. There are various mechanisms that have been established for computers to be used in the control of access to various resources within computer operating systems. It becomes important that computer systems apply various security strategies to ensure the safety of their operating systems and users of these computers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |