Information Technology IT Security Systems Essay

Length: 11 pages Sources: 7 Subject: Education - Computers Type: Essay Paper: #51446477 Related Topics: Security Principles, Computer Security, Firewalls, Port Security
Excerpt from Essay :

Computer Security Systems

The report provides new security tools and techniques that computer and IT (Information Technology) professionals, network security specialists, individuals, corporate and public organizations can employ to enhance security of their computer and information systems. In the fast paced IT environment, new threats appear daily that make many organizations to lose data and information that worth billions of dollars. In essence, the computer and IT security professionals are required to develop new computer and IT security tools and techniques to protect their information resources.

The present age of universal computer connectivity has offered both opportunities and threats for corporate organizations Typically, since corporate and public organizations rely on computer and network systems to achieve their business objectives, they also face inherent risks which include electronic fraud, eavesdropping, virus attack and hacking. In essence, some hackers use malicious software with an intention to gain access to corporate computer systems in order to modify, copy or delete a corporate document. Hackers can also use a worm to perform unwanted functions. Organizations also face a (DoS) denial of service attack to prevent legitimate users to get access to their computer services.(Stallings, 2011). By consequence, organizations may lose data that worth billions of dollar from these attacks if they do not implement effective corporate computer security systems.

Objective of this report is to develop the new security tools and techniques that can assist organizations in New Zealand to protect their computer and IT systems. Other organizations in another countries can also use the outcomes of the report to protect their computer assets and other information resources against attack from external intruders.

Computer Security Tools and Techniques

Several tools and techniques can be used to enhance security of computer systems. This paper identifies and discusses Cryptographic standards, Data encryption standard, Firewall, Intrusion detection System, Intrusion Prevent System, Antivirus Security Policy, and Wireless Security systems as effective security tools and techniques for computer systems.

Cryptographic Standards

Cryptographic standards are among the techniques that can be used to protect unauthorized access to corporate data. The cryptographic standards are the security tools and strategies that organizations can use to enhance the security of their computer resources using the encrypted data known as ciphertext. One of benefits of the cryptographic technique is that the data transferred from one location to other location will change to nonsense text thereby preventing unauthorized individuals to read the data. (Osterhage, 2011).Typically, only authorized person having the decryption key can read the text send over the network. Rapid development of internet technology has made many organizations to transfer data online from one locations to the others. For example, many multinational corporations have branches scattered all over the world and the employees of these organizations are required to transfer data from one location to the other. Moreover, websites of many organizations are integrated with application program where customers are required to submit sensitive data such as credit card, social security number and other sensitive data to conduct business transactions. In essence, external intruders can use different techniques such as sniffing, password cracking and eavesdropping to steal sensitive information over the network. Thus, cryptographic security standards are part of the computer security techniques to protect the data transferred over the network, which can only be read by authorized individuals.

Despite the benefits that can be derived from the cryptographic security standards, the security of data using the encryption technique depends on the secrecy of the encryption key. Many intelligence agencies use the cryptographic security standards to protect their data because they use a very strong encryption. In essence, it is critical to keep encryption algorithms very secrete. Although, cryptographic security techniques have been used for more than 100 years ago, however, the system is still being used till today...


Moreover, IT experts have significantly improved on the encryption technique to enhance their effectiveness for computer security systems.

Data encryption Standard

Data encryption standard is another technique that organizations can employ to protect computer system. Before 1990, the data encryption technique is used to provide security for the ATM (Automated Teller Machine) network system. However, with the development of the internet technology, many financial companies are using the data encryption standard to encrypt data transferred over the network. With the development of online commerce, it is revealed that the cryptographic security technique is very critical for securing organizational data. Despite the benefits of the data encryption standard, the shortcoming of this security technique is that the attackers can use sophisticated method to attack this security device in order to steal sensitive information, which has made the data encryption standard to become obsolete. Typically, it was found that the 56-bit key for the data encryption security system was no longer effective against special purpose cracking software or a powerful computer attack . The shortcoming identified in the data encryption standard leads to the development of the advanced encryption standard.

Advanced Encryption Standard

The AES (Advanced Encryption Standard) uses the 128, 192, and 256 keys for the encryption of 128-bit data blocks. In the present business environment, the AES has become effective tool for the computer security systems. Typically, many organizations use the AES for the security system of many modern computer systems. Despite the benefits of AES in enhancing security system of the computer systems, however, the algorithms of the public key signatures require high level of computation. However, SHA (secure hash algorithms) delivers short message which is effective for the cryptographic security functions.

Secure Hash Algorithms

Between 2004 and 2005, there was a wave of computer an information system attacks that cast doubt to virtually most of the exiting security systems. Typically, the wave of attacks caused a considerable concern to the cryptographic community. In essence, harsh function standard was created to perform different security functions. The Harsh Function is a new computer security standard commonly used because of its flexibility, fast in hardware, laptop, computer server and desktop. Typically, SHA-1, SHA-2 and SHA-3 have been developed and development of secured harsh model has provided a considerable security systems for computer and information resources because no attack has been recorded on the SHA-2 and SHA-3. (Stallings, 2011).


The wave of new computer and information systems such as LAN (Local Area Network) and WAN (Wide Area Network) among business and public organizations has led to the development of new security systems called Firewall. The LAN is a deployment of the network technology across a specific geographic region. However, WAN Is the deployment of network system across two more geographical regions. The LAN and WAN assist organizations to share files, communicate, transfer and receive document among computer users. However, network attackers have taken the advantages of these network systems to steal sensitive information . Several security devices have been developed to provide effective security to the network systems.

Firewall technology is one of the effective network security systems that assists in protecting the LAN and WAN from external intruders. Typically, firewall assists in blocking the unauthorized access into the network system. In essence, the firewall systems are the hardware and software consisting of filtering router, host computer, IP packet, and application gateway to achieve a filtering and authentication objectives. The internet is very critical for proper configuration of firewall to enforce network security system.

Chadwick,(2012) reveals that many organizations have taken the advantages of rapid development of internet network to interconnect their network and computer systems using the LAN and WAN technologies. While internet offers several advantages to organizations, however, internet also offer inherent risks because of its insecurity. Typically, internet only requires weak or no authentication system making it to be inherently insecure. For example, NFS (Network File System) grant access to any user from any remote host. Moreover, internet allows passwords to be transmitted across the network making them vulnerable to be captured and replayed. Many internet software or low cost package have a design flaw because of insufficient testing and poor design. In essence, many people and businesses use these package due to their low and availability. However, readily available package such as UNIX Send Mail program has numerous vulnerability in it. Some unscrupulous individuals use sniffer program to monitor network in order to steal sensitive information such as username and passwords. Moreover, hackers use the Port Scanners to penetrate remote computers over the internet network to capture people's passwords and usernames. All these hacking strategies make the internet network systems to be opened to vulnerability.

The firewall is defined as secured internet gateway used to provide security for the organizational network systems. The use of firewall for the network security depends on an organization policy. One of such policies is to disallow the other network system apart from the corporate network systems. In essence, external users will not be allowed to get access to the corporate network and this is achieved using a strong authentication system. If an external user attempts to get access to the corporate network, the firewall will block the person from…

Sources Used in Documents:


Abdel-Aziz, A. (2009. Intrusion Detection & Response - Leveraging Next Generation Firewall Technology. SANS Institute.

Burr, W. Ferraiolo, H. & Waltermire, D. (2014). IEEE Computer Society. NIST and Computer Security.

Chadwick, D. (2012). Network Firewall Technologies. IS Institute, University of Salford.

Osterhage, W. (2011). Wireless Security. UK, Science Publishers.

Cite this Document:

"Information Technology IT Security Systems" (2014, October 20) Retrieved August 13, 2022, from

"Information Technology IT Security Systems" 20 October 2014. Web.13 August. 2022. <>

"Information Technology IT Security Systems", 20 October 2014, Accessed.13 August. 2022,

Related Documents
Information Technology Security Over the Last Several
Words: 1389 Length: 4 Pages Topic: Education - Computers Paper #: 82267543

Information Technology Security Over the last several years, the Internet has evolved to the point that it is a part of any organizations activities. As both governments and businesses are using this new technology, to store as well as retrieve significant amounts of information. However, this heavy reliance on various IT related protocols are having adverse effects on these organizations. As they are facing increasing amounts of threats from cyber

Homeland Security and Information Technology Security and
Words: 2061 Length: 8 Pages Topic: Terrorism Paper #: 58722985

Homeland Security and Information Technology Security and Technology Biometrics Cyberterrorism Geospatial Information System The 9/11 bombing of the World Trade Center raised the awareness of the American public relative to the need for increased national security. The agency that is in the forefront of providing this security is the Department of Homeland Security. This agency is responsible for a broad range of security issues and, as a result, is confronted with a wide range of

Nist SP 800 50 Building an Information Technology Security Awareness...
Words: 1013 Length: 4 Pages Topic: Teaching Paper #: 49412307

Sequential Label and Supply nist sp 800-50, "Building an Information Technology Security Awareness and Training Program" Sequential Label and Supply After a recent failure of the computer systems at Sequential Label and Supply, it has become clear that current security provisions are inadequate The IT security team is under-funded and understaffed There is a lack of respect for the IT team Problems are dealt with as they present themselves rather than are anticipated and prevented Agency IT

Information Technology Annotated Bibliography Annotated Bibliography...
Words: 883 Length: 2 Pages Topic: Education - Computers Paper #: 85790366

Information Technology Annotated Bibliography Annotated Bibliography Cloud Computing and Insider Threats Bhadauria, R., Chaki, R., Chaki, N., & Sanyal, S. (2011) A Survey on Security Issues in Cloud Computing. CoRR, abs/1109.5388, 1 -- 15. This article is very explanatory in nature. This article would serve best in the opening sections of a research paper, such as in the introduction or the historical review. This article has a formal and academic tone; the intention to

Security Planning for Information Technology IT
Words: 2196 Length: 8 Pages Topic: Education - Computers Paper #: 89597011

IT Security Plan The technological advances that have been witnessed in the past twenty to thirty years, has placed a tremendous emphasis on data and information. Computers have changed the world in many facets and the ability to communicate and perform work have been greatly assisted by the digital age. Along with these new found powers, there exists also new found threats. The ability to protect these investments and resources of

Security Computer Security, Policy, and
Words: 802 Length: 3 Pages Topic: Education - Computers Paper #: 44082696

who have access to the network do not maintain proper security procedures and remain well-informed regarding potential risks and updated procedures and policies (Cobb, 2011; Whitman & Mattord, 2011; ICR, 2008). Any security policy must, after being properly designed and established, be communicated clearly and comprehensively to all relevant personnel, which in today's organizations typically means anyone with access to a company computer and/or the company network, or who