Most common computer security problems stem from security that is too strict or too lenient, but there are some speciﬁc issues you should be aware of as well.
Issue, Possible Causes and Solutions
BIOS passwords: If you set a password in the BIOS and the password is lost or entered incorrectly, you will not be able to boot the system. Recovering or bypassing a BIOS password might require you to remove or change jumpers on the battery, crack the BIOS password using a BIOS password cracker, or employ other methods such as a manufacturer’s back-door account. To avoid this, set BIOS passwords only when absolutely necessary, and keep a record of the passwords in a secure location.
Biometric security: Biometric security measures depend upon sophisticated and sensitive hardware and software. If the hardware scanners or readers fail or are calibrated incorrectly, users might not be able to access the system. If the database of biometric information is not reliable, you will have false hits during authentication and users might be shut out of the system or admitted inappropriately. Work with your system vendors to keep the system calibrated and maintained, and do occasional checks to make sure security is functioning appropriately.
User authentication: User authentication can fail if authentication systems are unavailable or corrupted. The most common cause is when a user forgets a password or credentials. Have systems in place to reset passwords for users when appropriate. You should investigate repeated patterns of user authentication failures, because they can be signs of an attempted security breach.
Malicious software: Once malicious software has penetrated your system, numerous security issues can arise. The best solution to these problems is to prevent infection in the ﬁrst place, but if your systems are infected, they must be isolated from the network and cleaned using various antivirus and security scanning tools. If your antivirus, antispyware, and pop-up blocker’s protections are conﬁgured to be too restrictive, it is possible that users might not be able to load and run legitimate software. However, it is best to keep security tight in this area and deal with exceptions on a case-by-case basis.
File system security: If permissions are set too tightly, users will not be able to access data. If they are too loose, there will be inappropriate access. Also, because permissions are cumulative, users may obtain permissions from a number of different groups of which they are a member. If a user cannot access a resource, you might need to check the permissions assigned to all the relevant groups.
Data access issues: Data access across the network depends upon share permissions which, like ﬁle system permissions, might be set too high or too low. Also, like ﬁle system permissions, the user’s effective permissions might derive from several group memberships that you might need to examine. A special issue for Windows is the interaction of share and ﬁle system permissions—since both sets are evaluated for network ﬁle access, the user will have only the most restrictive of the two permission sets. If you have used policies to restrict accounts from accessing systems locally or across the network, make sure the policies are not so strict that legitimate users cannot gain access.
Backup security: Set system policies so that legitimate users can restore data. If this policy is too restrictive, you might not have enough users available to do backup restorations in an emergency. Verify that all legitimate backup administrators have the necessary rights. Do not forget to verify that the appropriate users have physical access to the backup storage location, especially if the backup tapes are maintained by a third party who has responsibility for controlling access.