The more you understand about the various threats and risks to computer security, the more defenses you can mount against these attacks. Threats to computer security include hacker exploits, as well as Mother Nature, device failures, and users performing normal business activities.
Hardware Failures and Other Physical Threats
Computer security is not just about protection against hacking. Computer systems and networks face many other threats on an ongoing basis. Computer equipment is complex and sometimes fragile. Hardware failures are the most common cause of unexpected downtime.
Most equipment is expected to operate well beyond its expected lifetime in normal environments. Some forms of technology, however, are more prone to failure than others.
One of the most commonly discussed causes of unexpected downtime is hard disk failure. A hard drive is one of the few common computer components that has moving parts.
While optical drives, tape drives, mice, and keyboards have moving parts, these devices seem to outlast hard drives by a significant margin. Hard drive failure can occur unexpectedly or with reasonable warning. The warning is usually a grinding, whining, or clicking noise coming from the drive as it begins to fail.
These noises are clear signs that the end of the device’s usable life is near and it should be replaced immediately.
- The best defense and protection against hard drive failure, as well as hardware failure in general, is to be prepared. Being prepared includes consistent timely backups, preferably using a redundant array of independent disks (RAID); performing general cleaning and maintenance.
- Another method to avoid downtime and a loss of availability is to replace equipment before it fails. Most devices have a mean time to failure (MTTF) or mean time between failures (MTBF) that can determine the statistical likelihood of a failure.
- It is a good practice to replace the device before that period expires. While you will be replacing some devices long before an actual failure, this technique keeps the statistics on your side. Though planned downtime is costly, it is less costly than unplanned downtime.
- Solid-state drives (SDDs) eliminate many of the problems associated with hard disk drives but at a greater initial cost for the hardware.
- Another physical threat is heat. Too much heat damages computer equipment. Systems that experience severe temperature cycles, such as very hot to very cold, can have incidents of chip creep or warping and cracking of materials.
Chip creep is caused by the expansion and contraction of metal because of temperature changes. Severe temperature cycling can even break soldered connections. The traditional debate about turning computers off at night or over weekends or leaving the equipment in a running state speaks to the effects of these temperature changes. A running computer is at its optimum functioning temperature.
Static electricity discharge (SED) from dry conditions can destroy most circuits. Frayed wires caused by rubbing against sharp metal edges or rough surfaces, such as a concrete block wall, can cause a short circuit. Moisture, due to high humidity in the air or liquid spills, is always bad for electrical devices.
Excessive vibration can be damaging to computer equipment. Vibrations—caused by nearby heavy construction or regular passing of trains, subways, and airplanes, or even forklifts and large equipment on a shop or manufacturing floor—can cause damage over time.
Any obvious physical damage as a result of dropping the device, knocking it over, dropping heavy objects on the device, and so on can result in broken equipment. You can eliminate or significantly reduce most physical risks and threats with reasonable precautions and common sense in proper handing, care, and storage of electronic equipment.
One such risk is intentional electromagnetic interference (IEMI), in which an intentional discharge is made that damages or destroys electronic equipment from cell phones and video surveillance to computers and servers. IEMI discharges have been recorded up to two miles away and pose no risk of damage to living creatures.
Although IEMI and related technologies have been used by the military for years, IEMI is just now becoming a threat to computer security.
One final physical threat is theft. Physical facility protections should ensure that an IT infrastructure is not threatened by unauthorized outsiders (or insiders) walking away with storage devices or other critical components. A hacker who has stolen a device can spend as long as it takes to attempt to gain access to it.
Mother Nature is powerful and unpredictable. All sorts of serious weather events can damage or destroy IT infrastructures.
Knowing the types of severe weather common in your area will suggest the correct precautions, such as special insurance, structural reinforcements, lightning protection, surge protectors, bilge pumps, and so on. No matter what the potential disaster, the best protection for data is a reliable regular backup stored in a secured, off-site facility.
Accidents happen. Whenever humans are involved, things will go wrong. Murphy’s Law states, “Anything that can go wrong will.” Preparing for accidents can significantly lessen the impact if one occurs or aid in avoidance.
An IT infrastructure is a large, complex, but fragile thing and it is completely at the mercy of human beings. Accidental damage in the wrong location or at the wrong time can have devastating results.
Accidents include spilling liquids on equipment, tripping over cables, pulling out the wrong power cord or cable, tripping the building’s circuit breaker, setting off the water sprinklers, knocking over a computer, turning off a system prematurely, installing the wrong driver, and so on.
Suggested Read: Top 12 Most Common Cyber Security Mistakes
The best precautions and protections against accidents are backups, configuration documentation, and training. With some commonsense adjustments to worker activity, paying closer attention to activities they perform, and watching out for precarious circumstances, you can avoid many “common” accidents.
Training employees what to do in the event of an accident or emergency significantly increases the chances of successful recovery.