Introduction to Cybersecurity

 

Benefits and Drawbacks of Single Sign-On

One of the main benefits of single sign-on is the convenience it provides for users. Individuals must only authenticate themselves once in order to gain access to the resources which they are authorized to view. In other situations, meanwhile, users may have to authenticate themselves a number of times in a relatively short period, which may reduce productivity to a degree. As a consequence of the simpler authentication that users perform with single sign-on, organizations are enabled to have stronger authentication processes in place, given that such processes would occur fewer times. Stronger passwords can be used, and multiple combined types of authentication will likely be more accepted by users. However, the implementation of single sign-on does come with some risks. As authentication is only required once, any threat actors which successfully gain access to the computer or network may be able to cause far more harm than they would otherwise. If any vulnerabilities or other issues are present in the authentication process, major issues could arise. Consequently, measures should be taken to ensure that the risks of SSO are mitigated as much as is reasonable. The ways in which users are authenticated should be strong and reliable, such as the use of dynamic passwords, and several methods of authentication should be used simultaneously. Workstations can also be set to revoke access after a period of inactivity, preventing others from using unattended systems. Though single sign-on can be appealing, the appropriate steps should be taken to ensure that it can be utilized securely.

 

Examining Public Key Infrastructure

PKI, or public key infrastructure, has a few benefits that make it worthwhile for government systems. PKI, essentially, allows for a public key to be linked to a particular entity through the use of digital certificates. This helps to ensure that communications between parties can be encrypted in an effective manner, which is critical for many governmental operations. However, businesses face some unique challenges in regards to the implementation of PKI. The costs of implementing the hardware, software, and other resources needed for PKI to function properly, alongside their management, may be a significant obstacle for many organizations. Businesses may instead choose to outsource the management of PKI to another organization, though this comes with its own monetary costs. Businesses often have less of a reason to pursue public key infrastructure than the government, as well. Though businesses may wish to protect their information, there will likely be less of an impact if their sensitive data is released to those outside the organization, compared to the kind of data used by the government. I believe that, despite the difficulties some organizations may have in its implementation, currently existing alternatives are insufficient. FIDO, for example, does not seem to be in a position to be an effective replacement for PKI. While it does have some advantages, such as simplifying the authentication process for users and reducing the likelihood that phishing attacks will succeed, it also has some weaknesses. If a device is stolen, for example, there is a strong possibility that attackers will be able to gain access to the organization’s resources. Rather than being a replacement, FIDO may be able to support PKI if the two are used in conjunction. As such, the use of PKI will likely remain as it is, until the point where a more viable alternative is created.

 

Mitigating the Risks of Malicious Software

The risks associated with malicious software can be mitigated in a great number of ways. Antivirus software, if updated and used regularly, can be used to identify and remove malicious applications from systems. Firewalls can also be beneficial in many cases, though these will not be as helpful if the user is involved in downloading and running the software themselves, and intrusion detection systems can determine if malicious activity is occurring. In addition, structuring the network in such a way that chokepoints are created, and thoroughly scanning traffic in these chokepoints, will likely limit the potential harm malicious software can cause.  Further, routinely confirming that all operating systems and software are up to date can reduce the vulnerabilities available for malicious applications to exploit. Though each of these techniques, among many others, are certainly beneficial, perhaps the most effective action that can be taken is ensuring that users are informed about malicious software. If users are aware of the potential harm of malicious software, and understand what is needed to prevent it, the chance that malicious applications will gain access to the organization’s systems in the first place can be significantly reduced. This may be particularly helpful in preventing harm from Trojans, which may otherwise trick users into running them.