Viewing Installed Programs
In order for an intruder to gain access to unauthorized data without having authentication credentials, they would need to install a key logger device via a USB port in order to capture the information. For Windows PCs, you can go to “Add or Remove Programs” and it will show you the applications that are currently on the system including the dates in which they were installed. Seeing a strange program in this part of the Operating System would be a red flag for authorities. Key logger devices should stand out since many network providers do not use them for their productive attributes, but instead view them as a threat agent. When it is appropriate, removing the installed program should remove hackers from having unauthorized access to confidential records.
Checking Logfiles
After the authorities discover that there may be a program on the company networks that is causing a loss of integrity of data, they should check the logfiles to see the dates and times that applications were launched to get an indication of what they were used for, also port scanning can give authorities a method of describing how the program has communicated from port to port. The log files should indicate what program is being used and for what purpose.
Use Prevention Software
There are many programs that companies can purchase that were created to detect and prevent keyloggers from gaining unauthorized access to an organization’s networks. It would be a good cybersecurity practice to evaluate any existing software on the networks, if the company has not invested in this technology it would be a good idea to bring up at board meetings in order to get authorization and funding for the process of installing such a preventive device. In addition, checking to make sure that anti-virus software and firewall settings are at their appropriate levels would also be a good idea to add extra layers of security for company networks wherever possible.
Should Companies Ban USB Devices?
I do not think that banning all use of USB devices would be an effective countermeasure to key loggers. Restricting the use of USB devices would provide less resources for workers who typically save their documents and presentations on these devices and take them to other departments within an organization. I think restricting the use of USBs would lead to a lesser quality of availability of data. However, I understand how people would think that it could serve as a solid countermeasure. Hackers are very persistent in their search for vulnerabilities. They could repackage the virus as a part of a phishing scam or one of the staff members could use an email account or other method to directly install the malicious code on the devices. In order to promote information security and preserve staff’s access to USB devices, the strongest possible countermeasure is to use software and ensure that the programs are updated in order to prevent others from gaining unauthorized access at all points of system architecture.
Should Staff Change their Passwords
Requiring staff to change their passwords every 120 days is an effective countermeasure against the prospective installation of key logging devices and other threat agents. Changing passwords is a security component that should be a part of all information security or cybersecurity policies for any organization. If the number of days were to change (to either 7, 30, or 60 days) this would lead to lesser security and a more difficult user interface. Staff may find it more challenging to remember their passwords, or view them as unnecessary changes that are happening too frequently, which could lead to complaints to upper management. Any time duration that is lower than 60 days may be viewed as occurring too often.