Every registered user of Paul Gray\'s online share trading company is advised to

Question

Every registered user of Paul Gray's online share trading company is advised to read the safety and privacy page of the portal. As a secure portal, it has Secure Socket Layer (SSL) as a security measure. Gray has asked you to help him with this aspect of security as well. On the basis of your understanding, respond to the following: In addition to SSL, which other security measure may be deployed to ensure the privacy of users in an online environment? Provide at least two security measures and explain why they would be beneficial. What benefit does each provide to the user? How can the user be sure it is working properly? As many of Gray's clients would also like to know about tax saving measures when they trade, Gray has hired Steve Davis as a tax consultant. Davis works from home and travels to his clients all over the country. Occasionally, he visits client sites, and takes his laptop with him on all such trips. Gray has asked for recommendations for Davis on the following as well: Which top two security measures should he take to ensure that his data and the connection to Gray's network are best protected against attack? Describe the security provided by each measure and explain why it is important. Defend your choice of measures in the discussions that follow. Are these two measures sufficient to call the laptop secure? Why or why not? If not, what aspect of security is still missing?

Explanation / Answer

In addition to SSL we can implement two Measures:

1.SSH Keys Measure:

SSH keys are a pair of cryptographic keys that can be used to authenticate to an SSH server as an alternative to password-based logins.A private and public key pair are created prior to authentication. The private key is kept secret and secure by the user, while the public key can be shared with anyone.

The Beneficial will be that :

To configure the SSH key authentication, you need to place the user's public key on the server in a special directory. When the user connects to the server, the server will ask for proof that the client has the associated private key. The SSH client will use the private key to respond in a way that proves ownership of the private key. The server will then let the client connect without a password.

With SSH, any kind of authentication, including password authentication, is completely encrypted. However, when password-based logins are allowed, malicious users can repeatedly attempt to access the server. With modern computing power, it is possible to gain entry to a server by automating these attempts and trying combination after combination until the right password is found.

Setting up SSH key authentication allows you to disable password-based authentication. SSH keys generally have many more bits of data than a password, meaning that there are significantly more possible combinations that an attacker would have to run through. Many SSH key algorithms are considered uncrack able by modern computing hardware simply because they would require too much time to run through possible matches.

It will benefit the User by this authentication allows user to disable password-based authentication and this SSH Key algorithms are uncrakable by the attackers.

2.VPNs and Private Networking Measure:

Private networks are networks that are only available to certain servers or users.

For instance, in Digital Ocean, private networking is available in some regions as a data center wide network.

A VPN, or virtual private network, is a way to create secure connections between remote computers and present the connection as if it were a local private network. This provides a way to configure your services as if they were on a private network and connect remote servers over secure connections.

The Beneficial will be that :

Utilizing private instead of public networking for internal communication is almost always preferable given the choice between the two. However, since other users within the data center are able to access the same network, you still must implement additional measures to secure communication between your servers.

Using a VPN is, effectively, a way to map out a private network that only your servers can see. Communication will be fully private and secure. Other applications can be configured to pass their traffic over the virtual interface that the VPN software exposes. This way, only services that are meant to be consumable by clients on the public internet need to be exposed on the public network.

It will benefit the User by using a VPN effectively a way to map out a private network that only your servers can see, communication will be fully private and secure for the users.

why it is important:

This two measures are sufficient to protect yours private and important data from outsiders hacking, if you implementing SSH secure measure then hackers will not be able to break the private password and password are completely encrypted.

And by following Second VPN measure your network will be private and will be available to certain server and users and it will allow you to make a secure connection to remote server.

Yes this two measures are sufficient to call the Laptop is secured, but still you can go for Firewalls aspects to secure your laptop, if you feel that your laptop is not completely protected.

A firewall is a piece of software (or hardware) that controls what services are exposed to the network. This means blocking or restricting access to every port except for those that should be publicly available.

Related Questions

Navigate

• Browse (All)
• Browse E
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.