First IT Security in Information Systems - Case Study Example

?[Your full full December 09, First IT Security Objective vs. Users IT security is effectual both for individuals, as well as for companies. Users of computers and internet face a number of security issues everyday some of which include hacking of passwords and accounts, data loss, private information retrieval, and data modification. All of these problems are directly associated with IT security issues. Users of information technology products need maximum security in order to deal with these challenges in an appropriate manner. Some of the main network security issues that are yet to be resolved properly include intrusion of worms and viruses, secure storage of cryptographic key, information theft, stealing user data, stealing services, unauthorized use of computing resources and network bandwidth, and insertion of disordered data into the computer systems. In this report, we will discuss some of the main security measures/steps that can be taken to overcome IT security related issues. The report will also include a discussion about the ways to maintain IT security over a long time for users. Network Security Internet security is imperative in today’s world of digital technology because it provides a number of considerable benefits to individuals and businesses. Some of those benefits include assistance in dealing with fake emails and harmful web links, assistance in protection of data, assistance in making communication process safe, and assistance in dealing with malware, spyware, viruses, Trogens, and worms. Moreover, network safety measures also help users in surviving from phishing and other internet-based frauds. We all know that protection of files and important information stored in computers is essential for every individual. Therefore, it is imperative to apply such security measures which can ensure data protection to a large extent. “Network security comprises the measures a company takes to protect its computer system” (Kaminsky 1). According to Stallings, viruses and worms are the most harmful and commonly occurring threats to the security of computer networks and they have the ability to spread into every computer system (27). In IT related business, there is a constant need to apply such security measures that can protect computer networks from all types of threats including worms, viruses, and the attempts of hackers. IT professionals need to introduce such mechanisms using which one can efficiently identify the potential threats to the networks in order to apply the relevant and the most appropriate safety measure. Although the advancements in the field of information technology have been beneficial for internet related businesses individuals, they have also brought in a number of security threats. Such threats not only affect the progress of the businesses but also reduce businesses’ efficiency levels, as people have to spend a huge amount of time to recover their important information and data if lost. To reduce such threats, business need to hire such information technology experts who can ensure protection using multilayered security strategies. As Lynn states, “in today's threat landscape, the most secure network infrastructures implement not a single network security technology, but a multilayered comprehensive security strategy” (1). Let us now discuss some of the main steps an information technology professional may take to ensure complete protection for users from internet security threats. Antivirus and Antispyware The first thing that an IT professional needs should suggest to IT related businesses and users is the installation of a suitable antivirus application. Antivirus applications are the most widely used measures to ensure computer safety not only because they provide optimum security to data present inside the computer systems but also because they hold current databases of worms and viruses using which they can identify the presence of any armful application in the computer system. Antivirus applications work in three steps. First, they scan the computer system to know whether there are any unknown or harmful applications in the system or not. In the second stage, they match those applications with the names and identities of viruses/worms stored in the database. In the third step, they track the location of those applications and remove them from the computer system. When a user makes use of internet for any particular reason, viruses can transfer from the network to his/her computer system. As Ryan states, “A virus is nothing but a malicious computer program written to muck up the workings of your computer by corrupting your hard disc and data files” (1). Viruses and worms are able to crack into any computer system either to destroy important files or to make it useless for the user of the computer system. The programming of antivirus applications is done in such a way that they continuously look for the presence of viruses and malware, which attempt to dwell in the computer system. Another key feature of using antivirus applications is that they not only trace out viruses and worms but also perform their role perfectly in tracing and destroying Trojans. However, one negative aspect regarding these applications is that they are not considered reliable in catching malware because of which IT experts feel the need of developing such applications that can deal with malware in a much better way than antivirus applications. Such applications are known as antispyware applications. As Sundaram states, “Antispyware picks up on malware hidden deep within freeware, usually masquerading as something else” (1). They are able to detect the presence of malware that usually come with the installation of freeware in the computer system. The download of freeware increases the possibility of malware attacks on a computer system. Antispyware applications search for malware, as well as for spyware in the system and take appropriate actions to minimize their adverse effects. Firewalls The second step that IT professionals should do to enhance security of the computer systems include the use of firewalls. The reason is that Firewalls prevent unauthorized accesses to the computer systems, as they are able to judge all kinds of illegal accesses and prevent them from doing any activity on the computers. IT professionals can customize the settings for the firewall from low to high considering the nature of threats to the computer system. As Ryan states, “firewall will prevent unauthorized access to your computer from any external source, and the settings can be varied from low security to high” (1). They avert the access of unauthorized people and viruses, as well as generate a log file that consists of all details related to the connections that may be trying to get a way in to those computer systems. Hence, we can say that a firewall is an effective security mechanism because it provides the safety required by IT businesses by preventing unauthorized activities. Selecting the Most Secure Browser After setting firewalls and installing an antivirus application, one must select a suitable browser to access the internet. The reason is that there exist some weaknesses in the security of almost every internet browser, such as, Mozilla firefox and internet explorer. Although both of these browsers are being widely used all over the world, but there exist some security issues in them which make them somewhat unsafe and unreliable for IT businesses. Therefore, IT professionals should recommend some suitable browser to users to log on to the network. Some security concerns involve flaws in the java scripting, whereas others involve design flaws which make it easy for hackers to break into the computer systems. For example, if we talk about the weaknesses in Mozilla firefox, we can say that the backend programming has some lapses which give way to hackers to carryout Denial of Service attacks on the internet users who use Mozilla firefox. Although we cannot say that explorers are bundled with flaws or that they cannot provide internet security to IT businesses, but there exist some minor weaknesses in almost every explorer that hackers having high amount of computer science knowledge can use to produce harmful attacks. IT professionals should suggest the use of Chrome as the browser because it is rated as the most secure and bugs free web browser of the present world. Authentication The next step that IT professionals need to do is authentication because authentication of the people logging onto the network is imperative for network security. Using this feature, users trying to log in to the network are provided with biometrics and passwords that they can use to prove their identity, as well as to make a secure use of the internet. Some of the main tasks regarding authentication of the network security involve email verification and confirmation of message authentication code. Authentication is done not only to make the network safe and secure for other users but also to stop unauthorized attempts to the network. However, with the developments in the field of information technology, authentication of the users trying top access the network is becoming more complex issue because hackers sometimes attempt to use the network anonymously making proper configuration difficult for the IT professionals. As the result, the network becomes fail to identify the identity of the user attempting to access the network. WIFI-Protected Access Access types refer to the mechanisms that can be used to access information from the network. Users of the internet are able to access information from the network using any networking device, such as, iPads, laptops, and personal computers. WIFI-Protected access is considered one of the most secure types of network access because of the safety that it can provide to the internet users. Using authentication, WIFI-Protected access provides complete safety of the information that a person may send on the network for sharing or for any other purpose. Authorization Authorization basically refers to the idea of access control. It works in he same way as authentication as it checks the identity of the users who may try to access the network. The difference is that this technique makes use of file permissions, which are the lists of identities of those people who are allowed by the network administrator to use the network. There is always a network administrator for every network who administers the activities on the network and makes it secure for the authorized users. The list of identities is also prepared by the administrator in which every user is given a separate password and user name to access the network. This safety measure is usually taken in large organizations where there the risk of network attack is considerably large. However, some rare cases do occur in which the file permissions fail to recognize the unauthorized attempts due to which attacks occur on the networks. Conclusion Summing it up, internet and computer security is one of the most significant issues for the individuals and IT businesses that make use of internet in their business activities. there are some critical issues related to internet security that need to be resolved properly to make internet use safe and secure for IT businesses. Some of those issues include intrusion of worms and viruses, information theft, and stealing of important data. In IT related business, there is a constant need to get rid of these issues using such security measures that can shield computer networks from all types of threats including viruses, worms, and the attempts of hackers. 1. Is security 100% sure in IT business? Security was never 100 percent guaranteed in IT businesses. If someone guarantees it, it means that he/she has less knowledge of continuously occurring cases of internet-based frauds. Although a number of security measures have been taken by the IT professionals to make IT businesses safe and secure, but still a large number of threats revolve around the businesses because of increased dependence of businesses on internet. With the advancement in the field of information technology, hackers are also finding new ways to attack personal computers, as well as large servers. Knowledge has no boundaries for anyone. Every person can excel in any field of life through knowledge. Hackers usually have a good amount of knowledge of using internet-related technologies to crack into personal computers. Using their knowledge and considering the security measures of IT professionals, they continue their efforts regarding finding the ways to access information through networks. IT professionals need to continue their efforts in making internet-based businesses safe for people. 2. How much is the Swiss government spending on it securities comparing to other countries in the EU? Swiss government has always been more concerned about IT security related issues than any other European Union country. At present, the government is spending a large amount of its budget on ensuring internet security for IT businesses. This is the reason why the graph of IT businesses in Switzerland is going high with every passing year. People feel safe in doing online businesses and e-retailing although 100 percent security cannot be guaranteed even with increased spending of Swiss government on internet security issues. 3. What levels of security do you have? For personal use or business use or government use For personal use, I have implemented some effective security measures to ensure complete security of my personal and professional data. For example, I have installed Bitdefender Antivirus Plus to ensure safety of my computer from worms and viruses. I also keep on updating my software applications including my antivirus applications to make them compatible with the latest databases of worms and viruses. Secondly, I use both hardware and software firewalls to protect my computer from all types of external threats. Moreover, I make use of WIFI-Protected Access, which allows only authorized users to access information from the network. Works Cited Kaminsky, Andrew. “What is Network Security?.” Wisegeek.com, n.d. Web. 10 Dec. 2012. Lynn, Samara. “Network Security Against Today’s Threats.” Crn.com, 09 Jan. 2009 Web. 10 Dec. 2012. 2011 Ryan, Joseph. “Best Internet Security.” Ezinearticles.com, 10 Feb. 2011. Web. 10 Dec. 2012. Stallings, William. Cryptography and Network Security: Principles and Practice. 5rd ed. New York: Prentice Hall. Sundaram, Karishma. “Understanding Internet Security.” Brighthub.com, 29 Apr. 2010. Web. 10 Dec. 2012. Read More