When business began using computers more than 50 years ago, security was accomplished by using physical controls over access to the computers. Alarmed doors and windows, guards, security badges to admit people to sensitive areas, and surveillance cameras were the tool used to secure computers (Schneider, 2011). Computer security meant dealing with the few people who had access to terminals or physical access to the computer room. Security was a pretty simple matter.
However, the population of computer users and the methods to access computing resources have increased tremendously since those early years of computing and nowadays million of people have access to computing power over networks that connect millions of computers to each other. New security tools and methods have evolved and are used today to protect computers and the electronic assets they store.
Further, the computer security industry is estimated to be in the billion-dollar range, and a recent ComputerWorld survey found that almost half of the organisations studied spend more than 5% of their IT budget on security (Brandel, 2006). And a recent Cutter Consortium survey found that ensuring privacy was a key prerequisite to gaining customer trust and building loyalty (Goodin, 2006).
This blog, therefore, focuses on information systems security and IT risk management.
Information System security refers to the set of defences an organisation puts in place to mitigate threats to its technology infrastructure and data resources. IT risk management is the process by which the firm attempts to identify and measure information systems security risks, and to devise the optimal mitigation strategy (Piccoli, 2008). Computer security is the protection of assets from unauthorized access, use, alteration, or destruction.
Computer security is generally considered to include three main elements: secrecy, integrity, and necessity (also known as denial of service) (Schneider, 2011). Secrecy refers to protecting against unauthorized data disclosure and ensuring the authenticity of the data source. Integrity refers to preventing unauthorized data modification. Necessity refers to preventing data delays or denials (removal).
Responding to Security Threats
The management of computer security is a continuous effort. The principal objective is to identify the difference threats and develop safeguards that match up with them and limit their incidents of success.
Internal Security Threats: requires the development and enforcement of security policies and auditing standards designed to ensure that such policies are understood and respected by those in the organisation.
Security Policies: it spells out what the organisation believes are he behaviors that individual employees and groups within the firm should follow in order to minimize security risks (Piccoli, 2008).
Moreover, most organisations follow a five-step process when creating a security policy. (Schneider, 2011). These steps include:
1- Determine which assets must be protected from which threats. For example, a company that stores customer credit card numbers might decide that those numbers are an asset that must protected.
2- Determine who should have access to various parts of the system or specific information assets. In many cases, some of those users who need access to some parts of the system (such as suppliers, customers, and strategic partners) are located outside the organisation.
3- Identify resources available or needed to protect the information assets while ensuring access by those who need it.
4- Using the information gathered in the first three steps, the organisation develops a written security policy.
5- Following the written policy, the organisation commits resources to building or buying software, hardware, and physical carriers that implement the security policy.
External Security Threats
Intrusion: A number of techniques and technologies to prevent intrusion have been developed over the years. One of the most used now is the use of passwords. Passwords ensure that resources are only made available to those who have the appropriate authentication level. Thus, a password can be used to block unauthorized external users as well as discriminate to whom resources should be available among the legitimate users.
Furthermore, a firewall could be used. This is a software tool designed to screen and manage traffic in and out of a computer network. Thus a firewall is used to secure the perimeter of the organization’s computing resources employing a number of technologies and techniques.
Another technique that has been developed to safeguard against the intrusion threats is encryption. Through the encryption process, content is scrambled in such a way that it is remembered unreadable to all recipients, except those who hold a key to decrypt it.
Malware: Safeguarding against malware requires that the firm’s IT professional install the appropriate detection software (e.g., antivirus, spyware sweepers). With a large number of new viruses being released, antivirus and other detection software is only as good as its most recent update.
Denial-of-Service Attack: preventing a denial-of-service attack is very difficult. This is because in a well-orchestrated denial-of-service attack, the requests for the service are not issued from the same few locations, making it easy to recognize and block. Instead, in what’s called a distributed denial-of-service attack, the attacker will hijack or spoof multiple machines and initiate the attack from these multiple locations.
Finally it is important to list some guidelines of managing security (Piccoli, 2008)
Have a Plan and Specify Responsibilities: the overall responsibility for security choices and trade-off should reside with a business owner or other appropriate senior person, not with IT. A crisis management plan should specify who need to be contacted in an emergency and what their roles should be.
Revisit Often: every new technology and software program your firm adopts ushers in a unique set of security and risk management challenges that should be proactively addressed –whether that means taking specific steps to manage it or consciously accepting the risk.
Develop a Mitigation Plan: the first reaction to an attack is often to shut everything down. This is a mistake since diagnosing where the attack is coming from, its security, and its reach is much easier if the system is maintained operational and the attacker is maintained unaware of the fact that you spotted the security breach.
The first order of business at this point should be to determine how the attack took place in order to eliminate its chance of occurring again. The next step requires an assessment of the damage, particularly as it pertains to the loss of sensitive data. It is a wise move to immediately communicate the problem to those affected. As much as you would like to keep the matter private, to avoid the negative publicity, people understand that security breaches may occur, but they will be much less forgiving if they discover an attempt to cover up the problem.
To conclude, the following is a video of ARINC (Advanced Information Management System) which offers services such as: commands and controls; communications; deployment/response; surveillance systems; identity management; vehicle identification; access control; credential management; intrusion detection.
References:
Piccoli, G. (2008). Information Systems for Managers: Text & Cases. John Wiley & Sons,Inc: United States.
Schneider, G. (2011) E-Business: Course technology. Cengage Learning. 9th edition. China Translation & Printing Services Limited.
No comments:
Post a Comment