Threat Protection Measure Alternative Protection
Measure
Employee sabotage & theft Protection policies Monitoring of employee
devices
Unauthorised access Biometrics Two-step verification
Accidental loss/ disclosure of Encryption Access Permission Lists
data
Malware Heuristic Analysis Anti-virus software
A way of detecting viruses by
examining code for suspicious
features. It can help to identify
new/ unknown/ modified
versions of a virus
Hacking Biometrics / security controls Ensure all software and
hardware is up to date OR
Scan for open ports to identify
open or vulnerable ports that
could be used as a backdoor
for a hacker
Social-Engineering Keep software and hardware Anti-virus software OR anti-
A range of malicious activities updated; particularly software Spyware (detects and removes
which can be achieved through patches any form of spyware that has
human interactions been found within a network)
Lack of firewalls Install more software/ VPN Tunnel
hardware firewalls Can protect users from attacks
and helps them hide what
they’re doing online. A tunnel
would be encrypted between
the device and a VPN Server
which is uncrackable without a
cryptographic key.
External storage devices Ban all external storage Anti-malware/ anti-virus
devices such as USB software
File permissions/ privileges Access Control Lists Biometrics/ two-factor
authentication
Password Policy Ensure there is a set criteria Biometrics/ two-factor
for employees to use authentication (additional
layer of security)
Untrustworthy software Software firewalls Heuristic Analysis
A way of detecting viruses by
examining code for suspicious
features. It can help to identify
new/ unknown/ modified
versions of a virus
SQL Injection Parameterised Queries Input Validation
Uses malicious SQL code for (prepared statements)
backend database
manipulation to allow access A query in which placeholders
to information that was not will be used for parameters
originally intended to be and each parameter value is
supplied at execution time.
Measure
Employee sabotage & theft Protection policies Monitoring of employee
devices
Unauthorised access Biometrics Two-step verification
Accidental loss/ disclosure of Encryption Access Permission Lists
data
Malware Heuristic Analysis Anti-virus software
A way of detecting viruses by
examining code for suspicious
features. It can help to identify
new/ unknown/ modified
versions of a virus
Hacking Biometrics / security controls Ensure all software and
hardware is up to date OR
Scan for open ports to identify
open or vulnerable ports that
could be used as a backdoor
for a hacker
Social-Engineering Keep software and hardware Anti-virus software OR anti-
A range of malicious activities updated; particularly software Spyware (detects and removes
which can be achieved through patches any form of spyware that has
human interactions been found within a network)
Lack of firewalls Install more software/ VPN Tunnel
hardware firewalls Can protect users from attacks
and helps them hide what
they’re doing online. A tunnel
would be encrypted between
the device and a VPN Server
which is uncrackable without a
cryptographic key.
External storage devices Ban all external storage Anti-malware/ anti-virus
devices such as USB software
File permissions/ privileges Access Control Lists Biometrics/ two-factor
authentication
Password Policy Ensure there is a set criteria Biometrics/ two-factor
for employees to use authentication (additional
layer of security)
Untrustworthy software Software firewalls Heuristic Analysis
A way of detecting viruses by
examining code for suspicious
features. It can help to identify
new/ unknown/ modified
versions of a virus
SQL Injection Parameterised Queries Input Validation
Uses malicious SQL code for (prepared statements)
backend database
manipulation to allow access A query in which placeholders
to information that was not will be used for parameters
originally intended to be and each parameter value is
supplied at execution time.
