In addition, if there is a workplace transfer by a user, certain actions are
taken such as assigning new access rights and revoking old access rights.
If a user quits the company, the user ID is rendered invalid.
To verify that access rights are operating as intended, it is necessary to
gather user logs and regularly audit the logs.
2
Types of technical security measures
The types of technical security measures are summarized below.
(1)Measures for computer viruses
The infection routes for computer viruses are through removable storage
(portable storage media) such as USB memory and networks.
The following are measures that can be taken to protect systems from the
threat of computer viruses.
Reference
OS (Operating System) updates
A type of bug known as a “security hole”
is sometimes discovered in OSes and
e-mail software. When a security hole is
discovered, the OS developer distributes an updating program on its website
in order to repair the security hole. The
updating program can be downloaded
and installed to repair the security hole,
and restore security to the OS. It is important to regularly update the OS.
Reference
Signature code
A “signature code” describes the characteristics of a virus, and is stored in
pattern files.
Reference
Basic measures following
virus infection
● Removable storage media that contains an infected program should basically be destroyed, as there is no
assurance that initializing the media
will completely remove the computer
virus.
● If a fixed disk within a system is discovered to be infected with a virus,
follow the instructions issued by the
security administrator for dealing with
the problem.
● Follow the instructions issued by the
security administrator when attempting to restore backup systems and
other systems, taking into account
that the infection could spread.
289
●Habitually running checks using antivirus software
“Antivirus software” is software with functions to check for infection by
computer viruses, and to remove computer viruses if there is an infection.
Also referred to as “vaccine software.”
When files or e-mail are downloaded from the Internet, there is a possibility that the files or e-mail could be infected with a computer virus. Therefore, it is necessary to use antivirus software to run a virus check on the
downloaded files or e-mail. In addition, infection can result from bringing
in devices such as USB memory from outside the organization. Therefore,
users should be conditioned to habitually run a virus check before using
such devices.
●Measures to prevent virus intrusion from networks
To prevent the intrusion of computer viruses from networks, it is necessary
to deploy antivirus software at appropriate points on the path of infection
over networks. Specifically, antivirus software should be deployed for firewalls that are the sole path connecting internal networks to the Internet,
and on public servers, company servers, and clients. These steps are taken
to minimize the scope of infection from a computer virus. It is also necessary to create a framework to automatically distribute antivirus software to
these resources so that every resource is updated to the most recent software version and pattern file (virus detection data).