Note: Sample below may appear distorted but all corresponding word document files contain proper formattingExcerpt from Research Paper:
Protecting People and Information: Threats and Safeguards
In this contemporary era, we are living in a world that rotates around "Information Economy." This means that the wheels of the world no longer run predominantly on agricultural products or merchandise. The secret of surviving in the present days is the creation and propagation of information (Hill & Pemberton, 1995).
Information is vital for the continuous functioning of every venture. Today, information has been converted into a purchasable, profit-making and vandalized product. It has been notified in a report too that "corporate data is gold in this information age, and organizations have to understand how to protect it just as they would protect precious metals." This brings one to the absolute conclusion that the protection of information is exceedingly important as it is an asset just like the workforce, equipments or resources are for an organization (Hill & Pemberton, 1995). The necessity of security has existed from the time when the first computer was introduced. However, the new times have seen a shift in the paradigm. Terminal server mainframe systems modified to client/server systems and the latter changed to Internet. Securing data was not a particular issue during the era when mainframe systems were used widely. On the contrary, innumerable new security problems emerged with the development of client/server technology. The significance of access to networks, systems and files for countless tasks grew with the passage of time especially in the companies. New technologies such as data encryption, granular access control and single sign-on were developed in order to secure the data and make it non-public. This was done so that sensitive information could not be accessed by any unknown individual. On the other hand, circumvention and misuse of these newly introduced technologies and security products also began as expected. It was the phase when operating systems like Windows NT and UNIX turned out to be the most reliable of the management information systems (Andress, 2003, p. 1).
The repute, branding and broad-spectrum corporate image of a company can be overwhelmingly affected due to security infringements. This is important as rebuilding intangible assets is far difficult than reconstructing physical assets (Andress, 2003, p. 4). However, it must be well understood that securing information is not the only solution. It is an unending and all-encompassing process which needs constant reviews and revisions. It is a zenith in which all the three important components of a corporate environment i.e. people, process and technology interact. This must be remembered that security products are not to be depended on entirely. They are just a single puzzle piece. It is required that strategies and measures be introduced with proper analysis and preparation. All these things must be implemented along with security products to build an effective security infrastructure (Andress, 2003, p. 5).
It is important to know about the types of attacks against which the systems need to be protected. Such knowledge can be helpful in building an appropriate and efficient security infrastructure. There are three types of attacks that are needed to be worried about: Denial of Service (DoS), Intrusion and Information Theft (Andress, 2003, p. 6).
DoS attacks are generally the ones which are deliberate and malicious to harm a particular network or system (Andress, 2003, p. 7). However, some DoS attacks can be accidental in case when configuration errors occur or network is used inappropriately (Andress, 2003, p. 8). Intentional DoS attacks can prevent the user(s) from using computing services like mail, Web or database servers. It can also deprive an organization from using its anticipated resources. A DoS attack can be easily created by programs such as Trinoo and Tribe Flood which are available to all Internet users. These programs allow a person to target a specific company or organization who might want to take revenge due to some personal grudge etc. DoS attacks also include system rebooting or the lockage of an account after multiple unsuccessful login tries. Both these attempts of DoS attacks make it unable for the real user to access his/her account (Andress, 2003, p. 7). The most widespread kind of DoS attacks is the Buffer Overflows; the best example of which is the "Ping of Death" attack. SYN Attack and Teardrop Attack are the other common examples of DoS attack (Andress, 2003, p. 8).
When an attacker is able to gain access to any other system and use its resources, such attacks are called Intrusion Attacks. Such attacks…[continue]
"Protecting People And Information Threats And Safeguards" (2011, November 12) Retrieved October 27, 2016, from http://www.paperdue.com/essay/protecting-people-and-information-threats-116186
"Protecting People And Information Threats And Safeguards" 12 November 2011. Web.27 October. 2016. <http://www.paperdue.com/essay/protecting-people-and-information-threats-116186>
"Protecting People And Information Threats And Safeguards", 12 November 2011, Accessed.27 October. 2016, http://www.paperdue.com/essay/protecting-people-and-information-threats-116186
The first time that they attempted to build this system they did not follow the life cycle plan and the system ended up failing. Developing a new claims payment system that will talk to and be user friendly with the customer service management system would help to speed up efficiency and enhance quality of all departments within the organization. This streamlining would help the company as a whole to
Security A broad definition of information security is given in ISO/IEC 17799 (2000) standard as: "The preservation of confidentiality (ensuring that information is accessible only to those authorized to have access), integrity (safeguarding the accuracy and completeness of information and processing methods), and availability (ensuring that authorized users have access to information and associated assets when required" (ISO/IEC 17799, 2000, p. viii). Prior to the computer and internet security emerged as we
The need for continually creating and updating the security techniques and technologies involved in an enterprise system is the ethical responsibility of the IT professional. In order to successfully protect the information and intellectual property assets of a firm, an IT professional also needs to make a personal commitment to stay as current as possible on existing and future technologies (Pemberton, 1998). This commitment needs to be supported by the
Information Technology -- Annotated Bibliography Information Technology Baker, N. (2011). The Borderless Enterprise. Internal Auditor, August, 28 -- 33. This article endeavors to explain the various trends in digital media. The author contends the use of digital technology is evidence of a deeper trend and shift in global culture. The article is as philosophical as it is technical. This article could be considered a technical article or a philosophy of technology article. Durkee, D.
" (Tolone, Ahn, Pai, et al. 2005 P. 37). Table 1 provides the summary of the evaluation of various criteria mentioned in the paper. The table uses comparative terminology such as High, Medium and Low and, descriptive terminology such as Active, Passive, and Simple, and the standard Yes (Y) and No (N). The research provides the solutions based in the problems identified with the access controls evaluated. Table I: Evaluation of Access
Cyber security, due primarily to globalization has become a profound issue. With the advent of the internet, new threats to privacy and security have arisen. For one, threats have caused data breaches and loss of service for many internet providers. Recently, American banks have become targets of cyber attacks from unknown sources. In many instances, it is difficult to detect the whereabouts of a cyber attack. The anonymity of an
Pharmacy Information Security Information Security in Pharmacies Information security is vital in many firms especially pharmacies and other sensitive fields. Security officers are, therefore, necessary to ensure both physical and logical safety. The Information Security Officer/Manager (ISO) will have different duties such as managing the information security functions in according to the firm's established guidelines and provisions/policies, providing reports to the firm's management at reasonable intervals, establishing and ensuring implementation of information