Small Heading

An Information Technology Security guide for end-users. An overview of the best practices to mitigate cyber-attacks at the front-end of an enterprise environment, with special emphasis on the implications of firewalls.

1 Introduction

Welcome to your Information Technology Security guide for end-users: An overview of best practices to mitigate cyber-attacks at the front-end in an enterprise environment An Information Technology Security guide for end-users An overview of best practices to mitigate cyber-attacks at the front-end in an enterprise environment, with special emphasis on the implications of firewalls

This brief overview of the some of the threats to your organisation will recommend best-practices in the IT security industry to keep your organisation’s information assets safe from prying eyes. Or at least, to make it harder for ‘the bad guys’ to infiltrate your network. Companies and organisations, big and small, every year are subject to cyber attacks for various motives. On the one hand, some are perpetrated by persons who simply get a thrill out of the satisfaction of knowing they have hacked into your network. While on the other, organised, cyber criminals are motivated by commercial or political reasons.
The results of a successful cyber attack can be personal, financial and can even lead to death, that is why a well-written security policy is paramount to your organization’s survival in cyberspace.
The segment of your network most accessed by members of staff in your enterprise is most obviously those who operate daily at your end-devices: workstations, desktops computers and in recent time, smart phones and tablets. While many of the cyber attacks can take place at the network level, it is also important to maintain good practice at the end-user level too. Moreso, if your enterprise is providing e-banking, e-government, e-health or other safety-critical services to the public.
In 2015, according to The HM Government’s, 2015 Information Security Breaches survey, in the UK, 90% of large organisations reported that they had been attacked, while some 74 % of smaller organisations reported similar failings. It stands to reason, therefore, that failing to prepare for a cyber attack, is tantamount to an open invitation to, career and opportunist cyber hackers.

2. Human resource: your most valuable asset

The personnel who command your end-devices are perhaps your most vital resource in the fight against cyber crime. Even with all the relevant anti-virus software and encryption; security policies and risk assessments that may already have been put in place. According to the Cisco 2016 Annual Security Report, it could take between 100 and 200 days before an organisation even detects that its IT infrastructure has been compromised. Your information assets could already be in the hands of cyber criminals as we speak.
For these and other reasons, it is your staff who are the foot solders on the ground who need to keep a watchful eye on how they interact with the worldwide web as they carry on company business. Password security is not enough. Passwords can be compromised. Either by malicious software or social engineering. A well-worded, and promoted, IT security policy in the work place is a must to increase the chances of mitigating the ‘bad guys’ taking control of your network and bringing it to financial ruin, and its reputation marred.

3. Not all end-users are equal

In an organisation, all clerical staff may have physical access to computers on the network. E-business is the the modern way of conducting business, but not all staff should be granted the same amount of privileges and access to company information. Even in a very small organisation of less than 10 staff, this rule should be observed. Having said this, according to the size of the organisation, some roles such as the Information Security Officer, might be coupled with that of an administrator. Not ideal, but it happens, if the responsibility of internal IT security has simply evolved as the organisation grew.
The standard in the industry is for network resources to be managed by an Administrator whose responsibility is largely to monitor the network, and to provide the necessary permissions to other users on the network. Below him/her, are Privileged users who have access to certain parts of the network necessary for, say, his/hers department. Below, privileged users are general users. They maybe front-end staff who interact with the customers through the company’s interface responding to customer queries, for instance.
Other persons, who may need access to your parts of your network, may be Business Partners. These are contractors and organisations with whom you do business and may need to log on to the system to respond to company request for supplies or maintenance, or finalise payments. Finally, Other users, who may have an account on your network such as customers or clients. These accounts may have customer passwords, bank details, address and date of birth stored on the company data base.

Let us now take a brief look at some of the common threats to the network that end-users may encounter on a day-to-day basis.

4.Types of threats
Ransomware

To be clear, the threat of privacy invasion, loss of productivity, infringement of intellectual property and theft of financial and personnel data, are very real threats. According to Cisco (2016b) ransomware campaigns, namely, The Angler Exploit kit creates havoc for organisations by rendering the victims’ computer unusable by encrypting it, and demanding a ‘ransom’ to be paid in bitcoins to obtain the decryption key to have your computer unlocked.

Distributed denial of service (DdoS)
The SSHPsychos DDoS network is also in the spotlight of current cyber activity in 2016. It operates by taking control of, up to thousands, even tens of thousands of information systems, like desktop computers distributed all over the the world-wide web. The reason for this distributive approach it to avoid detection by usual means. Its main aim is to create a botnet, using brute-force attack on Secure Shell (SSH) traffic. It has the power to launch a distributed denial of service (DDoS) attack that cannot be addressed on a device-by-device basis. In this case, the botnet was being created using brute-force attacks involving secure Shell (SSH) traffic to obtain passwords and infiltrate an IT system
Browser infections
Returning to the Cisco 2016 Annual Security Report that disclosed that, browser add-ons and browser infections constitute an acute, an immediate danger to a company’s security. An end-user clicking on a malicious browser extension or even visiting a webpage with a ‘compromised browser’ can help an attacker to access sensitive data, user credentials, customer data and knowledge of your company’s internal APIs and infrastructure’. Malicious browsers are particularly harmful in that they may not only steal sensitive data, but can release malware and adware on to your system. They do this by staff, unbeknownst to them, clicking on malicious links or ‘malvertising’ embedded in pop-ups and other advertisement graphics. According to Cisco (2016c)These links download viruses that, “can hijack users’ browser requests and then inject malicious web pages into search engine results pages.”
Social engineering
Some of the attacks may come in the form of an interaction with a hacker through social networks. By clicking on links supposedly from Facebook, for instance, but are really designed to load malware that captures passwords. What you post online about yourself, can also be used against you by someone high jacking your identity. They may then go on to impersonate you, open fake accounts and/or distribute malware through messages apparently coming from you.

5.How to recognise an infected computer, and what to do about it

As an end-user, and one of the vital links in the security policy network within an organisation, you are probably the first to realise that your devise is not working properly, or that unwanted ads are flooding your screen. For instance, your desktop may be taking a long time, or never at all to load certain applications. They may be long lagging moments. In severe cases, a pop up might appear saying that the program is corrupt. Another tell-tale sign, is that unwanted advertisements flood your screen, or the computer begins to operate in an unusual manner.

To ensure security hygiene, a few points must be emphasised: end-users should :

Report any unusual computer behaviour to your immediate supervisor or information security officer as appropriate.
Do not turn off or reboot the infected system.
Ensure that other members of staff are aware of the problem and that all computers on the network are checked for similar symptoms.
Provide a written statement of the time and date, and description of what you observed that triggered your report.
Seek guidance if you receive any unusual request from applications to click on a link.
User company network resources for company business.
Avoid surfing the web or visiting social media if your Intranet at work connects directly to Internet.

Having said this, it is also the company’s responsibility to ensure that only licensed software is purchased and installed on company network. It is also the collective responsibility that the software is used in accordance with the said licence. Having legally purchased software on your system, also makes it possible to receive updates and patches. Another incentive to use legal software is that, the company stands in breach of copyright legislation in your country and can lead to ligation, huge fines and unfavourable press.

6. Technologies for protecting privacy and intellectual property

An efficiently, implemented IT security policy puts in place several safeguards to ensure that breaches of the network are quickly detected and at best, kept to minimum. To do this, administrators of information systems deploy several technologies and controls to counteract illicit cyber activity, and to protect proprietary data. In this guide, we discuss several technologies, that are able to protect valuable company information as it traverses the internet including;
Encryption
Digital rights management(DRM)
Intellectual property rights
Digital signatures

Encryption

Encryption can be defined as a digital technique that transforms ordinary text, images and audio into a string of garbled characters that are not interpretable to another human being or information system without being in possession of the decryption key. It achieves this by using a mathematical algorithm to create an encrypted form of the information, which is called plaintext. The encrypted information is called ciphertext. In order for the encrypted text to be read, one must be in possession of the decryption key that reverses the process.

Digital Rights Management (DRM)

Digital Rights Management (DRM) is suite of technologies that enable the copyright holder or an institution to whom the rights belong, that permits or prohibits access to digital works such as audio and video, or e-publications. DRM is also used in tracking and reporting on the use and ownership of such digital products. DRM can also prohibit copying of such works.

Intellectual property rights
Intellectual property rights are a suite of privileges accorded to persons and organisations. Copyrights are the rights of the creator of a work of literature, a musical composition, a CD or DVD. Copyrights are also associated with dramatic works such as radio programs and cinematic creations. Other intellectual property rights include: Trademarks. A trade mark is a symbol or any identifying mark that associates the holder with a certain brand and reputation. Patents. Patents are a form of protection given to holders in connection with inventions. And finally, Design rights. Design rights protect the aesthetic qualities of a product.

Digital signatures
A Digital signature is an electronic digest of a message that is encrypted and appended to the original message. It is proof of authenticity that the person sending the message, is whom he said he is. The digital signature itself, has to be verified by a Certification Authority (CA) CAs are themselves authenticated by being part of what is known as public key infrastructure. Which is a chain of certification authorities that can vouch for the integrity of the identity of digital signature holders.
***

So far in this report we have looked at how the human resource is a company’s most valuable asset and that not all end-users enjoy equal access to all resources on a network. Additionally, we have briefly discussed some of the threats lurking on an untrusted network such as the Internet, and how to recognise an infected computer, and what to do about it. We have also looked at some of the technologies deployed in the protection of the privacy and the intellectual property of your information systems at the user-end and beyond your network.
The remaining content of this guide will be dedicated to the use and the role of firewalls in a networked environment, such as a trusted Intranet for example, and how firewall technologies assist in the effort to keep your network secure.

7. Firewalls

Introduction
Firewalls are considered the first line of defence against cyber intrusions on a local intranet. Other authors disagree, and say that firewalls should be the last line of defence. As a protected gateway after all other intrusion detection software and anti-virus software are put in place. Nevertheless, firewalls provide a secure connection point between a private trusted network and a public, untrusted network, such as the world wide web. There are hardware and software solutions, or a combination of both, that filter out would-be hackers, spammers, malware and spyware and other undesirable viruses lurking on the internet, that if allowed unto the network could create many adverse consequences. Firewalls work by scrutinizing packets entering and leaving the network, to decide after matching against a custom-designed policy, to allow or prohibit the session to proceed.
Modern, firewalls, are also used to control the level of access that hosts on your network have to the external digital world through maintaining a secure gateway. Basically, acting as a filter to determine which websites and services local workstations may connect to: for example, the Internet in general and social media in particular.
In this section, I draw on expert opinions from academics and organisations to present an evaluation of the effectiveness of firewalls and any apparent limitations to productivity they may have on a business’s information and telecommunication systems.

Why use firewalls?

One of the biggest challenges facing organisations today, is the theft of company data, and the invasion of privacy by cyber criminals. Cyber attacks in recent time are becoming more and more frequent, deploying increasingly sophisticated ways of compromising our systems. These cyber criminals take advantage of any vulnerabilities in our networks, or openings created through human error. No organisation, from a global corporation to a sole trading sitting in his living room on a computer, is exempt from being the target of hacker. At the same time, there are also attacks that originate from within the organisation itself. Disgruntled employees may abuse our systems with the intention of inflicting financial harm or engaged in espionage such as stealing company proprietary designs.

The Cabinet Office (2011), in it’s UK Cyber Security Strategy for 2011, defines Cyberspace as, “ …an interactive domain made up of digital networks that is used to store, modify and communicate information.” according to the author, this definition also includes the internet and other electronic information systems which lie at the heart of our domestic, commercial and national infrastructure.

The cost of a cyber attack on a business can be measured not only in terms of its monetary value, but also in terms of harm to its reputation. As well as the loss of client trust and the legal costs to remedy the situation. Moreover, cyber attacks can greatly affect a company’s productivity, and theft of it’s intellectual property could lead to bankruptcy. In the most severe case, damage done as a result of an attack, could have catastrophic consequences.Putting persons in harm’s way, if it involves ‘safety-critical systems’ such as the management of nuclear installations or utility infrastructure facilities.

Chadwick D. (2004a) cites, that conducting business over the internet is particularly risky because the worldwide web may be accessed by anyone from anywhere without having to be subject to any authentication procedures. He suggests protocols such as TCP and UDP are only concerned with authentication of the IP address of the hosts concerned. Other concerns he flags up in his paper, Network Firewall technologies is the availability of software, either freely available on-line, or developed by developers that can seek to snoop on our networks and try to steal our data. Programs and applications like, port Scanners and sniffer programs that take advantage of any open ports on our computers and workstations, or install programs that are able to intercept user names and passwords since such information may be transmitted unencrypted over the internet.

I will be presenting a more detailed analysis of the vulnerabilities of some firewall techniques below in Table 1.

What do they do?

Firewalls are enforce the security policies that are determined by the administrators. Through the various configurations, that administrators may set on the machine’s software– firewalls filter in-bound and out-bound network traffic according to predetermined rule-sets. These filtering procedures take place at the: application, transport, network and data-link levels of the Open Systems Interconnection ( ISO) network model. The ISO model is regarded as the standard in how information and telecommunication systems interact with each other. It is a conceptual idea that illustrates the different technologies and protocols that govern how the communication takes place at the various levels of the communication stack.

How do they do that?

Demilitarized Military Zone (DMZ)
One of the main methods used by firewalls to maintain safety of the network is to demarcate an area on the network known as a Demilitarized Military Zone (DMZ) to maintain the safety of the boundaries of your network. Ingham and Forrest, (no date) explain that a (DMZ) is a logical space on the network created by the Firewall to host email and web servers so that should they be compromised they can not propagate the offending virus or attack.

Packet filtering

Figure 2-Packet filter Open Learn works (2016)

Packet filtering is used by firewalls to control access in and out thought the network boundary. Packet filtering (figure 2) is concerned with the firewall reading the headers of the packet being transmitting and judging against the instructions detailed in the policy. According to Ingham and Forrester (n.d) relating to such as: “source address; destination address; options in the network header; transport-level protocol (i.e., TCP, UDP, ICMP, etc.)” to make the decision to allow or prohibit the transmission to proceed.

Packet filtering with state

Packet filtering with state on the other hand, according to the author of Network Security Bible, Cole E, (2015) , is based on the validation of whether the packets meet with the record of the parameters of the last state of connection between the two parties at the layer four of the ISO model in the firewall’s memory. “ The connection information is maintained in state tables that are normally controlled dynamically,” says Cole (2015a) adding, “Each connection is logged into tables, and after the connection is validated, packets are forwarded based on the rues set defined on that particular connection.” He goes on to give an example. Invalidating packets coming from ports higher than port 1023, as servers usually respond to calls from ports 0-1023 as standard.

Proxies or Proxy firewalls

The next firewall technology we will discuss is Proxies or Proxy firewalls which operate at the transport (Layer 4) and application (layer 7) layers of the ISO model. These are programs found within a firewall that are run at the layers 4 and 7 to represent the network rather than the network its self being exposed to a connection request from an external source. Proxies may be set up to deal with TCP and UDP requests only at the transport layer. Or a separate rule for protocols appearing at the application level, such as those found in Telnet, FTP, HTTP and SMTP. Proxies are an effective method of achieving a high level of privacy in communication between two networks because, according to Cole E, (2015b), a remote host cannot see the true identity of the network.

Content filtering.
We turn our attention to Content filtering. Chadwick W (2004b) describes Content filtering as a server that scrutinises application data as it enters the network. The content filtering server then examines each payload to open zip files to inspect their content to see whether it contains any viruses or malware. In addition, if the message comes with a digital signature, it compares this with a list of approved signatures in its tables, to decide whether to let the data through. The content server also looks for banned words and phrases such as sexual language and may even remove ActiveX applets according to the firm’s security policy.

Normalization

Going back to that paper, Network Firewalls by Ingham and Forrest, we take a look at Normalization. This is technique that deals with policing and intercepting abusive protocols. It is a method of correcting intentional attackers that seek to infiltrate a network through broadcasting overlapping IP fragments and/or out-of-order TCP byte fragments (Ingham and Forrest). Normalization compares the data stream with what it deems a normal data stream, and determines whether the stream is safe or injurious to the network.

Distributed Firewalls

Distributed firewalls according to Ingham and Forrest this type of firewall is achieved by the firewall policy that is installed at the perimeter of the network, being installed on individual hosts on the network. They in turn carry our further filtering operations on packets moving through them, identifying individual IT equipment by its ‘cryptographic certificate’. According to the authors cryptographic certificates provide a more secure authentication procedure in conjunction with ‘ Intrusion detection systems (IDS) than merely using the machine’s IP address.

Dual Homed Gateway

Chadwick D (2004c) in his paper discusses dual Homed Gateways as a hybrid of an application gateway deployed in concert with a packet filtering router. According to him, the combination of the two methods provides a double network interface which connects with the world wide web, an untrusted network, and the local network which is a trusted network. Security of the network is maintained because all IP traffic must pass through a proxy server and not directly to the host.

Dynamic Firewalls

Dynamic firewalls are a type of filter named so, because these firewalls have the ability to read the packets coming through the system, and consequently, depending on the rule-set in the policy, is able to adjust the rules. The rules are implemented at the time of the session, and change according to which interface the traffic is interacting with. According to Juniper Networks (2014a) there are four classes of dynamic firewalls. Static filters are activated at ‘ a logical interface’ and come into their own once that interface has been triggered by network traffic. Parameterized filters are bespoke filters that are implemented to match a particular subscriber session these filters keep a record of the IP address and substitutes, what the authors call ‘variables’ such as destination addresses and or ports to create a filter to allow or prohibit the traffic.

Ascend- Data-filters, meanwhile, are a type of dynamic filter that responds to data emanating from the Remote Authentication Dial In User Service (RADIUS) server. A RADIUS server is basically an authenticating service that authenticates users dialling into the network by requesting a password and user name. Ascend-Data-filters create a filter based on the data stream coming from the RADIUS server to create a profile of the subscriber, and to create a rule that the router follows for all subsequent traffic from that user.

Fast update filters the last of the four classes of dynamic filters, are subscriber-specific rather than interface specific, according to Juniper Networks (2014b). As the name implies, these filters can react quickly to logical changes regarding hosts on the network. This implies changes made to the network,by adding and removing hosts or other significant modifications, like adding a new subnet.

Application level firewall

The next firewall technology we will discuss is that is deployed at the application level. Like the proxy method, the Application level firewall is a dedicated computer or workstation, known as a bastion host which receives messages from the packet filtering router. The bastion host , typically acts as another line of defence by vetting messages from the internet confirming whether any of the messages are emanating from a known sender, and that an appropriate application proxy exists on the network. Proxies such as those associated with FTP, HTTP, Telnet and SMPT are common services.

Signature -based firewalls

Signature based firewalls are another firewall method that is based on a proxy being transparent at the user-level. Also known as application scrubbing (Ingham and Forrest) Its main goal is to arrest hazardous streams

Do firewalls have any vulnerabilities?

Firewalls although have been used in network safety for the past 20 years, and are able to keep a network secure, they do have certain challenges as some of our chosen authors explain. They do suffer from vulnerabilities. We shall now discuss a few of these weakness. Burkitt, M. (1999) cite in his paper The failure of the traditional firewall, in a study by the American Society for Industrial Security revealed that the value of the loss incurred by intellectual property crime worldwide was in the region of US$ 24 billion.

Besides firewalls becoming bottle necks and consequently reducing productivity time scales, an additional apparent weakness of a firewall says the author, is that firewalls do not have a reporting system to alert administrators. . “ What is needed,” he says, “is an entirely new model of perimeter security that recognises the strengths of the firewall as an enforcement point, then empowers it to ‘actively’ communicate with the rest of the network, responding to new attacks and modifying security measures accordingly.”

Burkitt,M(1999b) suggests the manufacture of an ‘Active firewall’. That according to him, “ is a distributed firewall system that integrates alarms, scanners, detectors and central monitoring communications to effectively prevent security breeches both inside and outside the network.” I enlist some of the short comings of the technologies we have discussed above in Table 1 below.

Technology
Vulnerability
Packet filtering
-Difficulty to write correct filters
-Unable to identify specific users
-Cannot prevent spoof attacks
Packet filtering with state
-Prone to attacks against bugs in TCP/IP transmissions
Proxies
-Client software needs to be modified
Distributed Firewalls
– Firewall rules can be overridden by users
-Assumes all hosts within the boundary are trusty-worthy
Dynamic firewalls
– Cannot detect spook attacks
Application level firewalls
– Confidential information may be compromised while using FTP and SMPT protocols

Table 1
firewall vulnerabilities

Best practices

To conclude this brief Information Technology Security guide for end-users An overview of best practices to mitigate cyber-attacks at the front-end in an enterprise environment, with special emphasis on the implications of firewalls, I present some recommendations for the governance of firewall technologies as summarised from the readings of authors referenced in this report.
1.Any firewall must be complemented by, “intrusion protection, vulnerability scanning, virus and malicious code scanning etc to booster effectiveness of the security plan.
2.Avoid errors in the management of your firewall to avoid opening up security weaknesses and disrupting business flow.
3.Update firewall rules as necessary whenever there are changes to the network.
4.Ensure that your organisation complies with industry and government regulations
5.Assess all risks to the firewall policy regularly.
6.Avail yourself of any in-built automated management tools already embedded in the firewall software.
7.Ensure that staff are aware of your security policy and are enforeing it
8.Seek to make your network firewall policy as less complex as possible
9.Act fast to any network changes to determine how these changes will affect performance and security.
10 Keep an open mind towards the all scenarios that may harm your network to create a sense of predictability.

Firewall Vendors

Below is a list of some firewall vendors that you might consider to help you to install or upgrade you firewall requirements. Information posted on their websites should also prove very informative to anyone seeking to explore network security in general, and firewall technologies in particular.

Checkpoint Software Technologies – https://www.checkpoint.com/
Cisco Systems – http://www.cisco.com/
Fortinet – https://www.fortinet.com/
Juniper networks – http://www.juniper.net/us/en/
McAfee – http://www.mcafee.com/uk/index.html
Sonicwall – https://www.sonicwall.com/
Watchguard – http://www.watchguard.com/

References

Cabinet Office (2011) The UK Cyber security strategy protecting and promoting the UK in a digital world. Available at: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/60961/uk-cyber-security-strategy-final.pdf (Accessed: 26 June 2016).

Chadwick, D.W. (2004a) Network Firewall technologies. (Available at:) http://www.itsec.gov.cn/webportal/download/2004_network_fw_tech.pdf(Accessed: 24 July 2016).

Ingham, K. and Forrest, S. (no date) Network firewalls. Available at: https://www.cs.unm.edu/~forrest/publications/firewalls-05.pdf (Accessed: 24 July 2016).

Cole, E. (2011) Network security bible Available at: https://www.amazon.com/Network-Security-Bible-Eric-Cole-ebook/dp/B004V4FFQ0#nav-subnav (Accessed: 31 July 2016).

TechLibrary (2014) Understanding Dynamic Firewall Filters Available at: http://www.juniper.net/documentation/en_US/junos15.1/topics/concept/subscriber-management-dynamic-firewall-filter-overview.html (Accessed: 8 August 2016).

Burkitt, M. (1999) The failure of the traditional firewall. Available at: http://www.computerweekly.com/feature/The-failure-of-the-traditional-firewall(Accessed: 9 August 2016).

Open Learn works (2016) Packet filtering Avaialble athttp://www.open.edu/openlearnworks/mod/page/view.php?id=49248 (Accessed August 28, 2016)

references

CESG (2012) 10 steps to cyber security: Executive companion. Available at: https://www.cyberessentials.org/system/resources/W1siZiIsIjIwMTQvMDYvMDQvMTdfNDdfMTdfNjMwXzEwX3N0ZXBzX3RvX2N5YmVyX3NlY3VyaXR5LnBkZiJdXQ/10-steps-to-cyber-security.pdf (Accessed: 26 June 2016).

Sophos Threatsaurus: The A-Z of computer and data security threats (2013) Available at: https://ugc.futurelearn.com/uploads/related_file/file/6921/83ab50301b94a1043043b9fb9b6ef4f8-Week_3_Sophos_Threatsaurus_AZ.pdf (Accessed: 26 June 2016).

Elekwachi, O. (2002) Global information assurance certification paper. Available at: https://www.giac.org/paper/gsec/1685/end-user-computer-security-responsibilitiesknow-rules-game/103059 (Accessed: 26 June 2016).

Cisco 2016 annual security report (2016) Available at: http://www.cisco.com/c/dam/m/en_uk/offers/assets/pdfs/asr-layout.pdf(Accessed: 26 June 2016).

Masrom, M. (2008) Computer Security and Computer Ethics Awareness: A Component of Management Information System. Available at: http://ieeexplore.ieee.org.libezproxy.open.ac.uk/stamp/stamp.jsp?tp=&arnumber=4632042 (Accessed: 26 June 2016).

Mikhaylov, D., Zhukov, I., Starikovskiy, A., Kharkov, S., Tolstaya, A. and Zuykov, A. (2013) , Review of malicious mobile applications, phone bugs and other cyber threats to mobile devices, (ieee ic-bnmt2013), pp. 302–305. doi: 10.1109/icbnmt.2013.6823962.

T325-Technologies for digiatal media, block 2, Jones, A. Poulton, A. and Reed, D. (2009), Open University, Milton Keyenes

A practical guide to IT security ideal for the small business (2016) Available at: https://ico.org.uk/media/for-organisations/documents/1575/it_security_practical_guide.pdf (Accessed: 9 July 2016).

Chadwick, D.W. (2004a) Network Firewall technologies. Available at: http://www.itsec.gov.cn/webportal/download/2004_network_fw_tech.pdf(Accessed: 24 July 2016).

Ingram, K. and Forrest, S. (no date) Network firewalls. Available at: https://www.cs.unm.edu/~forrest/publications/firewalls-05.pdf (Accessed: 24 July 2016).

Cole, E. (2011) Network security bible Available at: https://www.amazon.com/Network-Security-Bible-Eric-Cole-ebook/dp/B004V4FFQ0#nav-subnav (Accessed: 31 July 2016).

Burkitt, M. (1999) The failure of the traditional firewall. Available at: http://www.computerweekly.com/feature/The-failure-of-the-traditional-firewall(Accessed: 9 August 2016).

A proposal of an IT Security policy for the Government of Dominica.

My project idea, is be based on the Open University, level 3 modules: T325- Technologies for digital media, block 2, and M364-Fundamentals of interaction design. T325, block 2 in particular, deals with how the integrity of data during communication, and at the user interface. While M364 is aimed at all aspects of interaction design, particularly in deciding user requirements, and evaluation.

In the research into my project idea, I have found a clear need for an Information Technology (IT) policy for Dominica. According to the The Caribbean Council, in 2014, “ St Vincent and The Bahamas saw their government's websites taken over by those claiming to support militant groups fighting in the Middle East.” Adding, “The events followed earlier reports of attacks on Jamaican government sites in 2014, in a number of OECS nations in 2012, and on sensitive government servers in Trinidad and the Dominican Republic, as well as on a number of significant Caribbean companies.” Caribbean Council (2014)

David Jessop (2015), the author of the article, is of the opinion that Caribbean countries are not prepared for cyber attacks, “...parts of the private sector declining to take the matter seriously until subject to an attack.” he said. Jessop further adds, that governments stand to suffer huge losses in the event of a cyber attack by criminals. He said that an Organisation of America State's 2015 Report on Cyber security and critical infrastructure in the Americas’, “makes clear that the threat is moving on and attacks on critical infrastructure increasingly represent a serious new vulnerability for the region. “By this what is meant, “ he explains, “ is that government’s databases and email communications, national commercial banking and financial systems, the control of the energy supply and other utilities, and communications at a national and dedicated level, are now subject to attack from cybercriminals seeking financial gain or by those undertaking hostile political acts.”

Meanwhile, Ambassador Albert R. Ramdin, writing the introductory message of the 2015 Report, says that its members have signed up to the “Strengthening Cyber Security in the Americas” (2012) and the Inter-American Committee against Terrorism (CICTE). Adding that the OAS has adopted the “Declaration on the Protection of Critical Infrastructure from Emerging Threats” (2015).

My work will be based on an investigation into Dominica's compliance with these treaties to mitigate the effects of a cyber-attack. Because the Caribbean in general, and Dominica in particular wish to migrate towards e-government, there is a need for all those stakeholders to be aware of best-practices associated with IT security in the industry. Although Dominica will be used as a centre-piece in this report, it is equally relevant to any under-developed country or small organisation that has not put in place guidelines, standards and procedures, and communicated this clearly to administrators and other end-users within that context.

In this report, I will address the importance of security awarenesses throughout the network chain: from connectivity to the internet, through to the end user. In addition, I look at issues surrounding safe storage of critical data, as well as the ethical, and safe disposal or recycling of machines and other paraphernalia at the end of their working lives.

References

Open University(2009),Technologies for Digital Media, Milton Keynes, United Kingdom

Open University, (2011), Fundamentals of Interaction Design, Milton Keynes, United Kingdom.

Caribbean Council (2014) New Threats To Caribbean Cyber Security. [Online](Available) at http://www.caribbean-council.org/new-threats-caribbean-cyber-security/ (Accessed on February 7, 2016)

Jessop D. New Threats To Caribbean Cyber Security. [Online](Available) (2015) http://jamaica-gleaner.com/article/business/20150816/david-jessop-new-threats-caribbean-cyber-security (Accessed February , 2016)

Organisation of American States (2015) Report on Cyber security and critical infrastructure in the Americas [Online]Available at: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/critical-infrastructures-west-hemisphere.pdf (Accessed February 29 2016)