Computer Security is the protection of digital information and IT assets from all kinds of malicious threats and attacks. There are different types of computer security which used to protect the organization IT infrastructure.
It is also known as cyber security which is the protection of computer systems from cyber theft or damage to the hardware, software and electronic data.
Table of Contents
Types of Computer Security
In this post, we will focus on the different types of computer security such as application security, network security, internet security, data security, information security and end user security.
1. Application security
Application security is the types of cyber security which developing application by adding security features within applications to prevent from cyber threats. The threat can be SQL injection, denial of service (DoS) attacks, data breaches or other cyber-attacks.
Here are the most common categories of application threats related to software or application, which are given bellows:
A. Input validation
Input validation or data validation, is the process of correct testing of any input that is provide by a user or application. It is difficult to detect a malicious user who is trying to attack software and applications.
So, it should check and validate all input data which will entered into a system.
Here is a list of some of vulnerabilities that could be solved just by validating input.
Authorization is a security mechanism which used to determine user privileges or access levels of system resources such as computer programs, files, services, data and application features.
C. Session management
Session management is a mechanism used by the web container to securing multiple requests to a service from the same user or entity. There are two types of session management: one is cookie-based and another one is URL rewriting.
A web administrator uses session management to track the frequency of visits to an application and movement within the site.
Here is a list of some session related vulnerabilities such as:
Here, an attacker can modify or alter the “value” information of a specific item, thus lowering its cost.
The parameter manipulation related threats like query manipulating query string, form field, cookieor HTTP header.
2. Information security
Information security (IS) is the types of computer security which refers to the process and methodology to protect the confidentiality, integrity and availability of computer system from unauthorized access, use, modification and destruction.
It(IS) focuses on the CIA triad model, which is to ensure confidentiality, integrity, and availability of data, without affecting organization productivity.
3. Network Security
Network security is other types of IT security which process of preventing and protecting against unauthorized intrusion into computer networks.
It is a set of rules and configurations which designed to protect the confidentiality, integrity and accessibility of computer networks system and information using both software and hardware technologies.
Network security methods
There are many methods to improve network security system and here we have described the most common network security components.
Human error is a major weak point which is easily exploited by cyber criminals. End users are becoming the largest security risk in any organizations.
However, end user has no fault of their own, and mostly due to a lack of awareness and business ICT policy, they can unintentional open the virtual gates to cyber attackers.
So, that’s why comprehensive security policies, procedures and protocols have to be understood in depth by users who accessing the sensitive information.
It is better to providing security awareness training program to them and should cover the following topics:
Cyber security threats
Phishing and Social Engineering attack
Password creation and usages
5. Internet Security
Internet security is defined as a process to create rules and actions to protect computers or computer networks that are connected to the Internet. It is a branch of computer security that deals specifically with internet-based threats such as:
A computer virus is a software program that can spread from one computer system to another computer without the user’s knowledge and performs malicious actions. It has capability to corrupt or damage data, destroy files, format hard drives or make disks unreadable.
A Denial-of-Service or DoS attack is an attack that shut down a system and making it inaccessible to the users. It occurs when an attacker prevents legitimate users from accessing specific computer systems, devices or other resources.
In addition, DoS attack typically flooding a targeted system with requests until normal traffic is unable to be processed, resulting in denial-of-service to users.
Malware is short for “malicious software” that typically consists of software program or code. It is developed by cyber attackers which are designed to extensive damage to data and systems.
The malware is delivered in the form of a link or file over email and it requires the user to click on the URL link or open the file to execute the malware.
This type of attack includes computer viruses, worms, Trojan horses and spyware.