Unauthorized Intrusion Into a Database: The Strategies for an Emergency

The companies, which specialize in the development of software solutions, have to attach great importance to business continuity planning because they are exposed to many internal and external threats, for example, the failure of hardware, virus attacks, power cuts, mistakes of the personnel and so forth. Each of these threats can lead to heavy losses such as leakage of confidential information, delays, destruction of data, etc.

Business Continuity Plan (BCP) is supposed to ensure that the company can prevent such incidents or recover after them if they do occur. It should be noted that BCP should be presented as detailed step-by-step guidelines, which specify the activities of each member of the personnel (Fulmer, 2004, p 4). These instructions have to be followed to a letter; they are not to be disputed by anyone.

In this paper, we need to describe prevention strategies and a response plan for such an emergency as an unauthorized intrusion into a database. In order to prevent such an incident, one should first identify the methods, used by perpetrators to gain access. This can be done by shoulder surfing, especially when an employee works in an internet cafe; another widespread technique is the so-called social engineering, which means that a worker is manipulated into divulging his password or log-in to the criminal (Allsopp, 2010). In some circumstances, former employees can also constitute a threat, especially if they hold a grudge against the company.

Naturally, the most widespread method is the use of various malware, which is designed to obtain any unauthorized access to the system. Thus, we can say that unauthorized intrusions can be explained not only by the hacker’s technical skills but also by the negligence or inattentiveness of the staff members. This is the thing one should consider while mapping out a prevention strategy.

First all, each of the workers should be explained that if they are not able to work in the office due to some reasons, they are not supposed to work in crowded areas in order to avoid shoulder surfing. Secondly, employees should be strictly forbidden to tell their password or log-in to any person, irrespective of his/her status within the company. This strategy will prevent from hackers from tricking the information out of employees.

Apart from that, nowadays many software companies do not allow the employees to use such social networks as The Facebook, MySpace or Friendster. On the one hand, these websites distract workers from their job duties; on the other, social networks constitute a great security risk. The thing is that many hackers spread malware through these social networks.

Another measure, which can be or great avail is the use of Intranet websites. These are the web-sites, which are accessible only to a limited number of people. It is advisable that these websites do not have such functions as auto-fill (Ashley & Vandenwauer, 1999). In other words, the web-browser must not be able to remember passwords or log-ins. As it has been noted before, sometimes employees or customers have to work in internet cafes, and they may unwillingly leave their passwords at these computers.

It should be borne in mind that in many cases, a hacker does not pursue any commercial purpose: he/she does not want to steal information in order to sell to someone else. He may just intend to damage the information. This is why many companies nowadays pay more attention to cloud computing. The key point of cloud computing is that the organization uses a remote server to store the information (Bloldjik & Menken, 2009). To some degree, it is like a back-up copy. Therefore, if an intruder destroys some of the company’s data, the company will be able to restore this information.

We must not forget about the possibility of physical intrusion, which can be even much more dangerous. In order to prevent a perpetrator from gaining access to confidential data, the company can use software protection dongles. These devices are connected to the computer via USB port. They act as keys which can either lock or unlock the computer. Finally, it is necessary to encrypt information, stored in the database. Certainly, this may slow down the performance of computers, but the intruder will be deprived of any opportunity to copy or read confidential information.

Provided that, an intrusion has been detected, the management should take the following steps:

  1. to block access to the database to all users;
  2. to change passwords to the database;
  3. to check the users, who have access to the database;
  4. to scan computers for viruses;
  5. to restore information;
  6. to ascertain how the intruder acquired access to the computers.

These activities should be conducted within ten hours. However, such speed is possible only in those firms, which have a separate security department in smaller businesses it may take more than a day.

It seems that the personnel are by far most important element of the Incident Command System. In any emergency situation, the outcomes depend on their ability to interact with one another, their skills and knowledge of recovery plan. One of the key tasks of the management is to explain to them what ought to be done in case of any disaster. The most important thing is to avoid panic because panic inevitably leads to lack of coordination and inability to act in cold blood. As a matter of fact, it only intensifies the effects of any incident. As it has been noted before, any emergency plan has to be very specific. Most likely, it can be presented as step-by-step guidelines.

In recent years, the government has adopted several legislative acts in effort to control the management of crisis or emergency. It seems that such policy is not always appropriate. For instance, in this paper, we have described a prevention and emergency plan for unauthorized intrusion. This is one of those cases, when there is no risk for community or environment. Such cyberspace attack imperils only the functioning of the company, but it does not put anyone else in danger. Nonetheless, in some circumstance, the federal guidelines can be of great avail, especially if we are speaking about fire protection measures, because a fire may put the well-being of the community at stake. Therefore, we can say that the appropriateness of federal guidelines largely depends on the type of emergency.

Overall, almost any enterprise is exposed to a great number of internal and external risks. The main duty of the management is to map out strategies which would help to reduce these risks. More importantly, they need to develop an emergency plan that would accurately describe the activities of each employee. Finally, this emergency plan must not disrupt the company’s activities, and if it does, such disruption should be minimal.

Reference List

Allsopp. W. (2010) Unauthorised Access: Physical Penetration Testing For IT Security Teams. John Wiley and Sons.

Ashley P. & Vandenwauver M. (1999) Practical intranet security: overview of the state of the art and available technologies. NY: Springer.

Bloldjik G. & Menken I. (2009). Cloud Computing – The Complete Cornerstone Guide to Cloud Computing Best Practices. London: Emereo Pty Ltd.

Fulmer. K. (2004). Business continuity planning: a step by step guide with planning forms on CD-ROM. NY: Rothstein Associates Inc.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *