Computer security - Term Paper Example

? Computer Security of the of the Concerned August 31, Computer Security Introduction The Information Revolution and the accompanying developments in hardware and software research have changed forever the way businesses, economies, institutions and organizations interact and conduct business with each other. With the digitization of the world economies, the wealth of the world is no more confined to banks and security vaults, but has also come to reside in the servers and computers scattered across corporations and financial institutions, in the form of bits and bytes. It would not be wrong to say that much of the wealth of the world today exists today in a digitized form (Gollmann, 1999, p. 6). Once, one comes to terms with this astounding fact that then comes in the concept of computer security. Simply speaking the purpose of the computer security is to look to it that the data residing within the computers remains safe and sound. The arrangements for computer security within organizations look to it that no harm gets done to the computers owned by the organizations and the information saved in those computers remains inaccessible to the unwanted people and organizations (Gollmann, 1999, p. 9). Most of the computer security systems have been designed with the help of the logical technologies. The concept of computer security is mostly relevant in the situations where a computer or computers in an organization are connected to other computers and networks with the help of the accompanying networking technologies and services (Gollmann, 1999, p. 10). The primary and essential objective of the computer security is to protect the organizations from unwarranted data loss and the resultant financial and intellectual losses. The Debilitating Consequences of Data Loss The data saved in the digital hardware and computer networks within corporate and financial organizations could be considered to be the very backbone of these institutions. Any loss to the organizational data in the form of a data theft or a virus threat or say a natural disaster does always have the potential to bring an organization to its knees. Most of the times it is almost impossible to recover the lost data and any recovery if possible is not devoid of a serious threat to the viability of the concerned organization (Vacca, 2009, p. 40). As already said, the businesses in the 21st century are totally digitized and do tend to depend on their hardware and computer networks for survival and sustenance (Vacca, 2009, p. 469). In this very fact lies the very vulnerability of these businesses, which if not safeguarded with the help of proper security, could give way to irretrievable losses and damages. The consequences of a data loss to an organization owing to a lack of computer security or a breach of this security could be manifold. It is not exactly possible to financially quantify the losses owing to data loess, but it would not be wrong to say that such losses at an international scale do run into billions of dollars (Vacca, 2009, p. 136). Research has shown that many companies every year have to contend with data loss, which also includes some of the most reputed companies of the world (Vacca, 2009, p. 136). Many of such companies when struck with a data breach or data losses get immediately shut down and even those which manage to strive, a considerable number have to deal with dire consequences in the following years (Vacca, 2009). Realistically speaking it is not always possible to estimate the losses incurred by a company owing to data loss. In the age of brand considerations and intellectual property, if the impact to the perceptions and views of the customers and trading partners owing to data loss could be considered to be tangible assets, then the looses to a company owing to loss of sensitive data and information is no doubt invaluable and debilitating. Hence, the biggest loss that an institution, corporation or organization could face owing to data loss is the loss of the confidence of its customers, business partners, shareholders and the associated stakeholders (Vacca, 2009, p. 339). In the current times it is the information that runs the businesses and keeps them on move. So loss of data also means a loss of valuable information collected over a prolonged period of time, some of which may be valuable or extremely confidential and crucial to the survival of a business. Not to mention, sometimes a data loss may shut down a company and may leave the employees and customers ideal and frustrated, leading to massive looses in terms of loss of credibility and employee and customer moral (Vacca, 2009, p. 456). The above discussion proves beyond doubt that considering the dangerous consequences of data loss to an organization, computer security is a concept that is of paramount and central importance in the current times. What is Computer Security? Normally speaking the data and information stored in a computer is rarely vulnerable unless that computer is connected to a network. As the usage of internet for personal, professional and business usage is becoming pervasive, the concept of computer security is getting popular in the context of the computers connected to networks. To put it simply the alpha and omega of computer security could be summarized in three words that are confidentiality, integrity and availability (Gollmann, 1999, p. 3). Confidentiality means that the data saved in a computer should be accessible only to the authorized sources and people (Gollmann, 1999, p. 6). Integrity means that it should not be possible for an individual, group or an organization to wrought changes in the data and information stored on a computer, which may not get detected by the personnel authorized to access and use that computer (Gollmann, 1999, p. 5). Availability means that the people accessing and using a computer should be who they declare themselves to be (Gollmann, 1999, p. 7). Access control is the other big concern of the computer security professionals, Access control means that every authorized person should have access to only those aspects of information or applications saved on a computer as one is allowed to use and see (Gollmann, 1999, p. 9). However, it ought to be done in a way that does not hinder the varied authorized personnel from accessing the applications and data they are genuinely entitled to. In addition computer security includes within its ambit the concerns like non-repudiation, prevention of cyber crime, protection from computer viruses, spyware and malware, detection and neutralization of cyber attacks, identity protection, etc. Essentials of Computer Security Computer security personnel resort to a range of security measures and features to save and protect the data stored in a computer from unauthorized sources. Physical security of the computer hardware is the first and foremost tactics in any book of computer security. Physical security is also sometimes referred to as access control. Access control is a strategy resorted to by computer security professionals, which assures that only the authorized personnel get access to a computer system and that each authorized person should get access to only those applications and data as one is permitted to access (Whitman & Mattord, 2011, p. 397). Physical security or access control is assured by varied technologies like metal locks, biometric scanning and authentication, human and automated monitoring, hidden paths, digital signatures, etc (Whitman & Mattord, 2011, p. 398). Encryption is one of the most popular computer security measures. Encryption primarily involves the encoding of data and information in such a way that only the personnel or computers having the right key are able to decode that data (Russell & Gangemi, 2006, p. 137). The technique of computer encryption is based on the centuries old technique of cryptography used by the humans to save and transmit sensitive information. With the latest developments in computer programming and with computers getting faster and more efficient, encryption is the most widely used security measure in the modern times. Besides, computer security is also required to extend protection against internet vulnerabilities and web attacks (Russell & Gangemi, 2006, p. 112). Computer viruses are one of the most potent sources of threat to the digital data in the current times. To put it simply, a computer virus is essentially a malicious program, which has the ability to make multiple copies of it by using the friendly programs and applications saved on a computer. The computer security personnel use varied resources like specialized software, antivirus software and firewalls to protect data against web attacks and viruses. The discipline of computer security also takes care of varied other aspects of data security like data backup, data recovery in case some important data gets inaccessible owing to some physical or technical reasons and the safe and fool proof destruction of obsolete yet sensitive data. In fact, computer security is such a vast and multi faceted subject that it is difficult to touch all the aspects of this concept in a limited space. Conclusion In the coming times, as the information driven economies will tend to some most of their intellectual wealth and R&D in a digitized format, the science of computer security could well be expected to augment exceptionally in its scope and importance. It will not only give way to many scientific and technical developments and possibilities, but will touch upon varied moral, ethical, economic and social questions and issues. In the next 20 years, the corporations and organizations could well be expected to invest heavily in the establishment and maintenance of computer security technologies and policies. References Gollmann, Dieter. (1999). Computer Security. New York: John Wiley & Sons. Russell, Debby & Gangemi, GT. (2006). Computer Security Basics. New York: O’Reilly Media. Vacca, John R. (2009). Computer and Information Security Handbook. New York: Morgan Kaufmann. Whitman, Michael E & Mattord, Herbert J. (2011). Principles of Information Security. Westport, CT: Course Technology. Read More