When the Internet was developed it was for inter-operability, not for impenetrability. Business managers and professionals alike are responsible for the security, quality, and performance of business information systems Thus hardware, software, networks, and data resources must be protected by a variety of security measures. Cyberlaw only began to emerge in 1996 since then debate continues regarding the applicability of legal principles derived from issues that had nothing to do with cyberspace. There are laws intended to regulate activities over the Internet or via electronic communication devices These laws encompasses a wide variety of legal and political issues and includes intellectual property, privacy, freedom of expression, and jurisdiction The intersection of technology and the law is controversial. Some feel the Internet should not be regulated. That encryption and cryptography make traditional form of regulation difficult. The fact is that Internet treats censorship as damage and simply routes around it.

The estimated cost of Viruses, Trojans, Worms as outlined as the cost of the top five virus families

· Nearly 115 million computers in 200 countries

were infected in 2004

· Up to 11 million computers are believed to

be permanently infected

· In 2004, total economic damage from virus

proliferation was $166 to $202 billion

· Average damage per computer is between

$277 and $366

Software programs such as Adware and Spyware purportedly serves a useful purpose, and often does that by allowing advertisers to display pop-up and banner ads without the consent of the computer users. They use the Internet connection in the background, without the user’s permission or knowledge and also capture information about the user and send it over the Internet. Other problems with Spyware are that they can steal private information and also add advertising links to web pages and redirect affiliate payments. They can change a user’s home page and search settings to make a modem randomly call premium-rate phone numbers, O’Brien/Marakas, (2010, pp.459-481). They can leave security holes that let Trojans in to degrade system performance. These are all detrimental effects of IT often caused by individuals or organizations not accepting ethical responsibility for their actions. Base on these findings the following steps are necessary to safeguard companies, business professional and consumer computers. Companies and consumers can protect themselves by using software programs that protects against viruses, spyware, Trojan horses, worms, bots, and root kits. IT Security Audits must be performed by internal or external auditors. Have it reviewed and evaluated for security measures and management policies. The goal is to ensure that proper and adequate measures and policies are in place

Internetworked Security Defenses

Using software programs with encryption allows for data to be transmitted in scrambled form. It is unscrambled by computer systems for authorized users only. The most widely used method uses a pair of public and private keys unique to each individual.

1. Anti-Virus Software

Firewalls

· A gatekeeper system that protects a company’s intranets and other computer networks from intrusion

· Provides a filter and safe transfer point for access to/from the Internet and other networks

· Important for individuals who connect to the Internet with DSL or cable modems

· Can deter hacking, but cannot prevent it

Internet and Intranet Firewalls for Companies and Business Professionals

1. External firewall keeps out unauthorized internet users

2. Internal firewall keeps prevent users from accessing sensitive human resources or financial data.

3. Passwords and browser security features control access to specific intranet resources

4. Intranet server feature provide authentication and encryption where applicable.

5. Network interface software is carefully crafted to avoid creating security holes to back-end resources.

2. Email Monitoring

· Use of content monitoring software that scans for troublesome words that might compromise corporate security

· Virus Defenses

· Centralize the updating and distribution of antivirus software

· Use a security suite that integrates virus protection with firewalls, Web security, and content blocking features

3. Other Security Measures

Security Codes

· Using multilevel password system and encrypted passwords

· Using Smart cards with microprocessors

· Backup Files and creating duplicate files of data or programs

Security Monitors

· Monitor the use of computers and networks

· Protects them from unauthorized use, fraud, and destruction

Biometrics

· Computer devices measure physical traits that make each

individual unique, Voice recognition, fingerprints, retina scan

Computer Failure Controls

· Prevents computer failures or minimizes its effects

· Preventive maintenance

· Arrange backups with a disaster recovery organization

In the event of a system failure, fault-tolerant systems have redundant processors, peripherals, and software that provide - Fail-over capability and shifts to back up components. Fail-save capability allows the system to continue to operate at the same level. A disaster recovery plan contains formalized procedures to follow in the event of a disaster which employees will participate and what their duties will be and also what hardware, software, and facilities will be used.

References

James A. O’Brien, George M. Marakas, 2010 Introduction to Information Systems

Huawei

http://www.huawei.com/software/service.do

Raytheon

http://www.raytheon.com/capabilities/products/cybersecurity/

ManageEngine

http://www.manageengine.ca/?utm_source=google&utm_medium=cpc&utm_campaign=manageengine&gclid=CLCM4LCF26UCFQp75Qodaywdkg

Wednesday, December 15, 2010

Managing internet security

ManageEngine

No comments:

Post a Comment