Chapter 10 : Security Audits and PKI Encryption Protocols

 

"SECURITY AUDITS AND PKI AND ENCRYPTION

PROTOCOLS"

OBJECTIVES:

ü  Explain how to conduct security audits.

ü  Discuss cryptography concepts, hashing and encryption algorithms.

ü  Discuss what a PKI (public key infrastructure) is used for. 

SECURITY AUDITS

An organization's overall security posture, including its cybersecurity posture, can be tested and evaluated in a variety of ways. A security audit provides a high-level summary of these methods. To get the appropriate outcomes and accomplish your company goals, you could use multiple security auditing techniques. 

Why Are Security Audits Important?

To secure your company from data breaches and other cybersecurity threats, conducting a security audit is a crucial first step. Security audits will help protect critical data, identify security loopholes, create new security policies and track the effectiveness of security strategies. Regular audits can help ensure employees stick to security practices and can catch new vulnerabilities. 

 Steps involved in a security audit:

1. Define the scope of an audit

List all assets to be audited, including computer equipment, internal documentation and processed data.

            2. Conduct the audit and identify threats.

List potential threats related to each Threats can include the loss of data, equipment or records    through natural disasters, malware or unauthorized users. All and all, the most common threats, that you probably should consider.

3. Evaluate security and risks.

Assess the risk of each of the identified threats happening, and how well the organization can defend against them. Such risk assessment will help you put a price tag on each threat and prioritize correctly when it comes to implementing new security controls.

4. Determine the needed controls.

Identify what security measures must be implemented or improved to minimize risks.

CRYPTOGRAPHY

        

Cryptography is a technique of securing information and communications through use of codes so that only those person for whom the information is intended can understand it and process it. Thus preventing unauthorized access to information. The prefix “crypt” means “hidden” and suffix graphy means “writing”. In Cryptography the techniques which are use to protect information are obtained from mathematical concepts and a set of rule based calculations known as algorithms to convert messages in ways that make it hard to decode it. 

PKI (PUBLIC KEY INFRASTRUCTURE)

Public Key Infrastructure (PKI) is a system of processes, technologies, and policies that allows you to encrypt and sign data. You can issue digital certificates that authenticate the identity of users, devices, or services. These certificates create a secure connection for both public web pages and private systems—such as your virtual private network (VPN), internal Wi-Fi, wiki pages, and other services that support MFA.

COMPONENTS OF PKI:

1. Digital Certificates

        PKI functions because of digital certificates. A digital certificate is like a drivers license—it’s a form of electronic identification for websites and organizations. Secure connections between two communicating machines are made available through PKI because the identities of the two parties can be verified by way of certificates. 

           2. Certificate Authority

        A Certificate Authority (CA) is used to authenticate the digital identities of the users, which can range from individuals to computer systems to servers. Certificate Authorities prevent falsified entities and manage the life cycle of any given number of digital certificates within the system.

        3. Registration Authority

    Registration Authority (RA), which is authorized by the Certificate Authority to provide digital certificates to users on a case-by-case basis. All of the certificates that are requested, received, and revoked by both the Certificate Authority and the Registration Authority are stored in an encrypted certificate database.