Information and Systems Security Essay Example | Topics and Well Written Essays - 750 words

Information and Systems Security - Essay Example But with this ease of information access comes the issue of security. With the increase of information flow, there has been an increase in the number of attacks on information by hackers. Attacks such as Denial of Service (DoS) Attacks, Spoofs, Sniffing, etc. have increased with the increase in the availability of hacking tools which are free of cost. Valuable information is lost in the process. For example, if a customer buys a product of a particular organization through their web-site and a hacker presents himself as the organization and receives the money from the customer, valuable information such as the ID of the customer, his credit card numbers, his passwords are all stolen by the hacker. Therefore such information has to be transferred securely over the Internet. Encryption is the most common way of securing valuable information while transmitting over the Internet (Rahman, 2003). Networks are secured in a different manner. They are secured using tools called "Firewalls". W henever transactions or information between a customer and an organization are being carried out, a particular pattern is followed. Firewalls recognize and allow only these transactions or processes to be carried out and block out all the unrecognized patterns. By implementing Firewalls, most of the attacks from the hackers can be kept out. Securing a network just does not happen. There are many issues to be considered when making policies for network security. The three main issues back in the earlier days were Confidentiality, Integrity and Availability. Due to the advances in the technologies, these issues have been mostly resolved. But in the present day Networks, other issues have appeared. These issues will eventually result in the breaching of confidentiality, integrity and availability thereby defeating the cause of coming up with Network Security policies. Security Factors Confidentiality: Confidentiality is ensuring that sensitive information does not fall into the hands of those who are not authorized to have it (Dhillon, 2001). Confidentiality is also known as secrecy or privacy. Integrity: Integrity means that the information is protected against unauthorized changes that are not detectable to authorized users (Kinkus, nd). Authenticity: Authentication means that the parties involved in communication first prove their identity before communication can begin (Tipton & Krause, 2007). Threats Risk to Data Data is the most crucial asset of a company. Remote Data Backups Inc, a leader in data security mentions the following possible reasons for threats to data (RemoteDataBackups.com, 2007): Hard Drive Failures: Hard drives are mechanical magnetic storage devices that are extremely susceptible to failure. Head crashes, circuit board shorts, electrostatic shocks, power surges, etc. can all lead to immediate crash of the hard drives. Viruses: Dangerous viruses can easily wipe out tones of data in matter of seconds. They are designed to affect nearly all parts of an IT system such as Operating Systems, Applications, Networks and Databases. System Changes: Making any inadvertent changes to an IT system may render the system useless. Power Failure: Power surges, sags and failures can damage hard drives

HSBC E-Business Challenges and Mitigation Essay

HSBC E-Business Challenges and Mitigation - Essay Example As the paper highlights that the basic derivation of such nature is spread in the form of various Malwares and intentional programs which result in harmful activities for a particular business or internet community at large. The various security concerns are dependent on the technologies in use like Ajax and other majority of technologies used. The composite feature of the security concerns are as follows: This paper outlines that the largest threat is content exploitation and the various implications of duplicating a wrong site to the transacting parties. It is quite often seen in practice wherein the content is misrepresented with wrong and misleading information about the subject. Often the content which is uploaded and saved by users are not properly referenced like Wikipedia and are nor taken as valid sources for fetching content in many universities. The various objectives which are desired to be achieved would be quite misleading in such cases and make sure that all the various thoughts are achieved to its maximum limit. The security still remains the primary issue for any online activity and when it comes to online transaction the threats increase multifold. Transfer of funds and various online trading activities would meet with severe access control for fetching a secured manner for access and security control. The online operations are still facing the worst dangers from secu rity and fraud and continue the traditional process of fetching the business. The better security mechanisms would enable to enrich businesses and would contribute largely to the faith of online transactions are would enable to reach customers base for better catering of products and services.