The Legal and Law Issues in Network Security USA - Research Paper Example

? THE LEGAL ISSUE IN NETWORK SECURITY USA The paper discusses the legal issues which plague network security in the US. The major incidents related to network security, the progression of laws for safeguarding network security and the future of network security from a legal standpoint is detailed in the paper as well. Introduction Today’s world rises with the use of the computer for almost everything. With the introduction of internet, the world is able to keep in touch with one another. Either a common man or a company can do this without moving even an inch but share all the information with the help of the strong network. When the network gains importance, the issue with it will also be very important. People might find it hard when the information shared by them is stolen by others or the information is misused. These things are quite common as people might fail to notice initially. To keep themselves safe and make things go as expected, it is important to have security of different level. Having a personal computer is not the only need but one should know how to protect the information that they have in it. A blend of physical, computer, communication, and network security together construct the information security. Not one defense type can protect the company, therefore the perception of total information security grave to the success of the enterprise. Network security looks after the Local Area Network (LAN) from the external world. It can include elements such as intrusion detection systems traffic shaping and firewalls. Since internet is not only used by business people but even a common man is using it to pay the bills or to search for a job, they are intertwined with it for many daily aspects. This has made people to find such a measure where their information won’t be taken by others and misuse it. The network security is very important and people might need it for every level. There are many legal and ethical issues regarding the network security and people are trying to fix it by getting a proper security for their computer. It can be for personal computer, cyber computers or even for a business or computers of a company or enterprise. This makes one think about how things work and how to be on the safer side. The need for the network security is rising day by day as the criminal activity is found even in the computers. For any unguarded computer, people might just slip onto the network and retrieve all those information which is not protected. This makes one think about placing a password protection or have a right way of storing things to keep their information safe helps to be safe in the computer world. Sometimes people might ignore thinking their data to be of least importance. But these data can be of high value to those who try to access it and hence it is important to have a way to secure any form of data that is available and saved in the computer. The network security does not mean to lock the computer from accessing internet but it is about the information that is stored in the computer which has to be protected to use it by oneself. The below provided information will help one to know about the need and the issue that has risen regarding the network security.   Computer and Networks Computer network are distributed networks of computer that are either strongly or loosely connected which simply means that these computers share a lot of resources from a central computer or only those resources that can make the network work. Usually the security was limited to personal computers before as the problem of virus or other unwanted things were only to that computer used by a specific user. But today, the prospective has changed a lot ass the user can now find the security not only for a single computer but for the whole network. The security is not limited but is expanded to all those computers which come under a network. This is very important to know as it includes all the resources and data that are stored and transit. The work in the computer can be done with or without the use of the internet. Simple tasks can be performed and files can be saved by using the computer without any internet connection. The access to these files and to either modify or delete the file can also be done without any network. But to transfer the information from one place to another or to retrieve the data from books, other websites or to collect those data that is present in other computers, a computer needs internet connection. This makes it get into a network. With the internet connection, the issue of its security also arises. When it is about internet, people might always try to think about the positive aspects of computer and its uses but not the effect of it on them. Providing security to computer is not a big issue these days but when it is about network security, one must think about the need of it and the different ways one can provide the security to the network. Before thinking about the network security, the legal issue must be concentrated to know about the problems one might face without having a secured network. This makes people try to know almost everything about the network. Though there are many measures to avoid getting the information into wrong hands, people should know about these things before they try to implement these measures. For any network or a computer, the threats can be classified as Natural threats, Accidental threats and intentional threats. These things are common. Natural threats are the cause of the environmental effects like flood or earthquake which makes one lose their data. These situations are unavoidable and people might have to face it unwillingly. Accidental threat: this might happen when a person fails to save file or miss a procedure to follow. This makes one lose the data. This can be avoiding by working in a very responsible manner. Intentional threats: these threats are intentional and the loss of data happens without the knowledge of the owner. Sometimes it can be though external or internal threats. I. Internal threat: the main aspect of internal threat deals with the employees who are very much familiar with the computer and the network. So this makes them misuse the position and take out the information for to make use of it in their own way. This might cause huge loss to the company as they rely on these employees. It is important to have a control on the employees when such things happen as people might not be always trustworthy. This makes one try to know about the employees in detail and better to keep a track of their work. II. External threat: there are many external threats to the network. People will be waiting for their chance round the clock as they get good money from hacking others computer and retrieving information. Sometimes it is for business purpose as there is a huge competition in the market for every product. This makes people to track other company and get all the information about their ideas and data from their computer. Legal issues in Network Security Information technology soon has become boon and bane to the world as it has both development and misuse of resources in it. The major part of this world is connected to one another through computers and network. This has made people to use and misuse the facility available in it. Computers can be the subject, medium or the object of crime. According to SANS security essentials, the major part of computer security is internet based and people should make use of it to be safe. For the computer based crimes, it is hard to enforce any law on legal basis as the computer or the network cannot be restricted by boundaries of a country around it. Since any country can make use of any network, enforcing a law in one country won’t be applicable in other countries. To avoid such things, universal law has to be enforced to deal with the legal issues of the computer. There are many issues that US legal system face when dealing with the computer based crimes as they are bound in one or the other ways. This has made the criminals get a chance to misuse the available resource and be safe from legal issues. Developing a law and enforcing it takes huge time as the law has to be created, checked and should be agreed by people before it is brought into action. As known to every person, usually the technology lies ahead when compared to law. With the introduction of one law, a jurisdiction can avoid one problem but the raise of the next problem won’t take long. Sometimes the problem remains unnoticed until the effect is experienced by oneself. These things are quite common as people fail to make out the problem initially. For those who are facing the problem might fail to take it to the court as the lawyers might not have the knowledge of the computer and without complete knowledge about it, they might fail to process the case. Many people have lost their business for the same reason as they cannot find a proper legal solution. From past 3 decades, one can observe the increase in the computer crime and the law has been established from the Computer Security Act of 1987, till today and is still evolving to control this. The US government has established some of the law for those crimes which are creating havoc in the computer world. This has made people to make use of the law that is present and try to be safe in every possible manner. This law enforcement has taken years and now some of them are universal. The crime has to be controlled as they deal with the computer, a store room of information which is both personal information and public information. Taking the information might lead to secondary crimes too. The US legal solutions have made people try to know about different law enforced at different time and for different issues. The US department of Justice’s criminal division dedicated department for cyber-crime issues called the Computer Crime Intellectual Property Section (CCIPS) to deal with all these problems. The legal issue is seriously considered by the government and has taken possible steps from time to time and it is constantly reviewed and revised. The improvement in computer technology has provided more opportunity for the computer intrusion and misuse the available facility. This has lead to many legal issues but the government fails to set a right law for every issue as the technology changes every moment and onset of the new crime too. But getting a right legal solution for all the computer crimes is very important to bring these problems to control. From the simple issues to the complicated one, people face these problems in every level. The computer crime is based on many things like theft of a computer or taking out the information from a computer through network access. Though people try hard to avoid all these things, the legal aspects help to stop it in a proper manner. Preliminary boards and Projects for network security When it is about the legal issue, act and policies, the PCIPB or President's Critical Infrastructure Protection Board takes care of the complete approach.the addition of latest curriculum and administrative boards are setup buy them to enforce the new rules, regulations and laws. The board has set a few new policies which are listed as follows: National Infrastructure Simulation and Analysis Center (NISAC), the Secret Service Electronic Crimes Special Agent Program (SSECSAP), Department of Homeland Security (DHS), the Federal Computer Incident Response Center (FedCIRC) and Critical Infrastructure Awareness Office (CIAO) and National Infrastructure Protection Center (NIPC). Some of the other offices like Total Information Awareness Project (TIAP),the National Science Foundation (NSF), the National Communication System (NCS), the Department of Justice (DOJ), the Defense Advanced Research Projects Agency (DARPA), the National Institute of Standards and Technology (NIST) and the Office of Science and Technology Policy (OSTP) address the issue of cyber terrorism but have modified themselves to take care of the existing and the evolving threats. Idea Of Separate Jurisdiction According to Oberding Juliet’s “A Separate Jurisdiction for Cyberspace?”- in the US, the court must have authority over the person or the subject matter of lawsuit in order to take control over these computer crimes. But this holds well, when it is thought about city or in a county level but beyond the border, this might not hold good as the network finds to be having no boundary. The formation of Jurisdiction is possible only when all countries around the world agree to this but till this happens, the legal problems cannot be left unseen. To solve the main problems legally, Ronald B. Stander suggest through his article to make a computer law in such a way that it should include contracts, patents, tort, copyrights, trademark and computer crimes so that one can get legal decision when these things happen. Though there is separate law for each of them, they don’t have the facility to take care of computer crimes. Though the copyright law exists, it is to protect the expression of idea but not the idea itself. The US copyright law of 1876 was amended in 1980 to include computer software to the same category though this is not what programmers are looking for as the copyright is given for the idea of the program and not the algorithm in it and a law for this might need some more time to be enforced. Law for e-commerce to avoid identification theft The online transaction for buying and selling through the websites brought a new boom in the world of computer, the E-commerce. When this begins, people faced many challenges as there was no law to protect and uphold the business transactions, data processing and development, identification security and contracts over the internet. In 1996, the United Nation adapted a model law was enforced based on which many countries made their own law to their country. In the year 2000, the United States passed its own electronic law- US Electronic Signatures in Global and National Commerce Act (“E-SIGN”) along with Uniform Electronic Transaction Act of 1999 encompass the electronic transaction conducted over the web. The Cyber crime agreement: Setting the Department of State and Justice to work together as a single entity allowed information sharing. The Cybercrime agreement is the new system for accomplishing preparations. . According to the cyber crime law, the associated countries must consider hacking tools, hacking, child pornography as crime and those who do this has to be punished. The agreement also needs to consider legal criminal responsibility for disobedience of intellectual property. It requires the association of internet service providers of each country and they should make it compulsory to grant and record the authority to supervise the internet user for any activity online in real time. Along with this, the agreement requires cooperation with joint cooperation with the other countries which are associated with this law. The agreement was started on 2001 and the countries were asked to sign the agreement if they wish. Almost 33 countries along with the US have signed the agreement and are now trying to bring the agreement to the action. It is important to be agreed by the parliament before a country be bound to the terms and condition of the policy. The agreement will take its lead when it is approved by the three European nations which are under the council of Europe membership and two other nations. Though the agreement has been accepted by two COE members of Europe, the US will get the permission to place its name only if the other nations have agreed for the same. Approval for electronic signature: At an international level developments in the United States have predisposed the drafting of the UNCITRAL Model Law on Electronic Signatures (2001), which advise that countries to approve laws permit the enforceability of electronic signatures subject to a risk assessment with regard to dependability and trustworthiness. Similarly, the Organization for Economic Co-operation and Development (OECD) Information Security Guidelines (2002) intend at creating a society of security by successfully managing risk. The Federal information Security and Management Act of 2002 does not directly create liability for private sector information security professionals or their customers but they are important as they legally mandates the process by which information security requirements are developed and implemented. It also provides assistance regarding the information security and contributes the standard of care by authorization number of specific procedures and policies. Laws For Federal Computer Crimes: Following are some of the federal computer crime laws and status aid the US department of Justice. The list contains statute number and title. It also has a brief description of what the law encompasses 18 U.S.C. § 1029. Fraud and Related Activity in Connection with Access Devices - explain exclusion and punishment associated with unauthorized control and fake use of access passwords, tokens, and other devices. 18 U.S.C. § 1030. Fraud and Related Activity in Connection with Computers - explain prohibitions and penalties for the unauthorized access and deceptive use of electronic systems. 18 U.S.C. § 1362. Communication Lines, Stations, or Systems -explain embargo of malicious or willful obliteration or intent to disrupt communications systems within the U.S. 18 U.S.C. § 2511. Interception and Disclosure of Wire, Oral, or Electronic Communications Prohibited – explain proscription of monitoring cordless phones, cellular voice channels, and snoop on electronic transmissions of data. 18 U.S.C. § 2701. Unlawful Access to Stored Communications -explain prohibitions and penalties associated with unauthorized and/or unpaid access to electronically stored information. 18 U.S.C. § 2702. Disclosure of Contents – explain prohibitions for electronic communication service providers, and remote computing service providers from deliberately divulging personal information, or communications of subscribers that they have electronic possession of. 18 U.S.C. § 2703. Requirements for Governmental Access – explain the necessity for remote computing service providers and electronic communication service providers to disclose to government entities information regarding subscribers or customers. The FERPA, TEACH and GLBA Act: The Family Education Right to Privacy Act (FERPA) forbids the educational agencies at the menace of losing federal funds, from having a policy of “permitting the release of specified education records”. It does not state whether or not the exclusion places confirmatory requirement on educational institutions to guard against unauthorized access to these records through the use of information security measures. But it might get included to FERPA for permitting the release of such information. The 2002, Technology, Education and Copyright Harmonization Act(TEACH Act) clearly requires the educational institutions to take technologically practicable measures to avert unauthorized sharing of copyrighted information beyond the students exclusively requiring the information for their studies and thus, may form newly enforceable legal duties on educational institutions with regards to information security. Gramm Leach Bliley (GLBA) applies to financial institutions which includes the educational institutions which concentrates on development and maintain a comprehensive written information security program. Hiring new employs to coordinate program. The identification of foreseeable internal and external risks and assesses those risks by designing and implementing safeguards to control them. The ECPA and CFAA Act: To bring in serious criminal penalties for any person who gains unauthorized access to electronic information, the Electronic Communication Privacy Act (ECPA) was set. As a result information security professionals must be concerned and rely on qualified and qualified legal professionals to make sure that the authorizations they receive from their customers are broad and specific enough to mitigate potential criminal liability under ECPA. This is also seen in case of Computer Fraud and Abuse Act (CFAA) that was set for any unauthorized computer but in a broad spectrum consider being a federal felony. Other Laws Used to act against Computer Crimes In addition to laws exclusively modified to deal with computer crimes, conventional laws can also be used to prosecute crimes connecting computers. For example the Economic Espionage Act (EEA) was approved in 1996 and was formed in order to put an end to trade secret embezzlement. EEA makes it a offense to deliberately commit an felony that reimbursement a foreign government or a foreign representative. The Act also contains provisions that make it a misdeed to knowingly steal trade secrets or endeavor to do so with the objective of benefiting someone other than the owner of the trade secrets. EEA defines pilfering of trade secrets as copying, downloading, altering, uploading, destroying, sketching, duplicating, drawing, photographing photocopying, transmitting, replicating, sending, delivering, communicating, mailing or conveying trade secrets without authorization. The Act, while not specifically targeted at computer crimes, however covers the use of computers. In addition to the federal government, many states have also passed computer crime laws. For example in 1999, Virginia passed the Virginia Internet Policy Act, composed of seven bills: Virginia Computer Crimes Act; Encryption Used in Criminal Activity; Virginia Computer Crimes Act, Penalties; Encryption Technology; Privacy Protection; and Child Pornography; Freedom of Information; and Indecent Liberties with Children. Controversy The argument over file-sharing and copyright has been flamed since the appearance of Napster in 1999, but more freshly, in 2007 the Recording Industry Association of America (RIAA) commenced an operation of suing public for downloading or uploading copyrighted material devoid of authorization. That operation has now ended, but as of June 2007, the RIAA had taken action aligned with 18 Stanford students. Because the RIAA's enforcement efforts concerning file-sharing have paying attention on these individuals, apprentice and the universities that supply their Internet connections have high stake in the dispute. In eBay Inc. v. Bidder's Edge, Inc., 100 F. Supp. 2d 1058 (ND Cal., May 24, 2000), eBay, the famous Internet auction service, was tackle by numerous, scheduled, recursive hunt of its database carried out by Bidder's Edge, a now non-operational aggregator of auction sites, by means of software robots that go beyond eBay's limitations on robotic access. Negotiations among the parties aimed at given Bidder's Edge with supplementary authorized robotic access to eBay's database were unproductive, and Bidder's Edge continued to carry out investigation without eBay's permission, depriving eBay of control of its own organization. Ebay sued, looking for an command to stop Bidder's Edge from carrying out such investigation, on a intrude to chattels theory. The same foundation was applied in Register.com, Inc. v. Verio, Inc., 126 F.Supp.2d 238, 249 (S.D.N.Y. 2000) to enjoying an unauthorized use of Register.com's record by software robots in employment by Verio, Inc. ("Verio"). In the Register.com case, the court's discussion made clear that relief under a trespass to chattels theory was available where economic relief under the CFAA was not. Konop v. Hawaiian Airlines, Inc., 302 F. 3d 868 (9th Cir., 2002), tackle this problem. Konop involved a secure Web site formed and preserved by Robert Konop as a forum for content critical of his employer, Hawaiian Airlines, and his union. Right to use to the Web site was by password, which Konop's fellow union members acknowledged when they enroll for access to Konop's site. Registration involved entering into Konop's user agreement, which banned users from either permit the airline's management to analysis the Web site or revealing the Web site's content. An airline vice president, worried that some of the content of Konop's site was imprecise and likely offensive, gained access to the Web site and accessed its content roughly twenty times over a five month period, with the names of two additional pilots, both of whom permitted management to sign on to Konop's site in their names. Konop sued, charge among other things that the Airline's actions comprise a contravention of the Wiretap Act. DoubleClick's service placed public notice as posters of advertiser's webpage, in the users website who are looking for it. But to make sure that someone is actually looking for advertisement where they can get the information of interest, the DoubleClick collect information about customer interest by placing a file as a cookie which is saved on user's computer. This is possible when a user looks through the advert for the first time. The Double click company places their advert in every possible site and to make this they have many cooperative sites working for and with them. This makes them easy to place the advert in many sites at one time. When a customer clicks on it to know about the advertisement, the cookie will be saved in such customer’s computer which makes them know about the interested customer and get their information. These files are continuously updated whenever such user visits such sites. This makes one get to know the customer in a better way and make use of all the data available in their computer. These data were further used to generate a user profile connected with these cookies. They were later used to make the poster advertisement and use it every time the customer views these sites. The issue was how did the Double click people get to know about the interest of the customers and how did they get the information. Violation of the network security act makes one pay the penalty and also get punished. This is what according to Plaintiff's was also expecting. DoubleClick had violated mainly two known laws of network security. the Stored Communications Act, and the Wiretap Act. According to the Stored Communication Act, no user will be permitted to access the computer of other person without authentication of that person. The prior permission plays a very important role and people should know that checking the hard drive of a person without permission can be legally punished. Taking out the list of communication of a person to another person to share some of the things is also punishable if it is unauthorized, and this is what the Wiretap Act says. The judgment was to sue the Double-click company as it has violated the rule and has taken the information and placed a cookie in their computer without the knowledge of the owner. A well known and extraordinary case of port scanning was concerned with Scott Moulton, who possessed a current consulting agreement for the maintenance of the emergency 911 system in Cherokee County, Georgia. As a daily routine, the work of placing a router was allotted to him on December 1999 where he had to connect between the Canton, Georgia Police Department to the 911 centre. The task was allotted to make a connection between the two and to improve the security of the people. While doing his duty, Scott found that the scanning of the network showed the Cherokee county server for the internet was owned and preserved by other firm, the VC3. This scanning was noted by VC3 who mistook this and placed a complaint against Scott as they thought him to be port scanning. But Scott responded them through email saying that he noticed it while checking the security and has not done anything intentionally. He also emailed them saying that he was working for 911 and he was assigned the work of placing a router and this made him get these information. But Scott lost his work and was arrested for violating the law. As per the law and Computer Fraud and Abuse act of America, port scanning is considered as a crime. The case was later dismissed as it involves total lack of merit. The case was finally terminated with no charges assigned to Scott. Goal of Network Security: Since every aspect is related to computer in one way or the other, it is important to provide some sort of security to the network we use. This makes one know the importance of having a secured network to be protected in a right manner. The main aim of the network security is to protect its confidentiality, integrity, availability and accountability. The computer fraud is a crime and for those who make such crimes is punished and penalized according to the law. The law has its own act and each crime is considered under that specific law. The network security is the responsibility of every individual and it is important to take care of one’s website. With some of the basic practices, one can try to be safe from all kind of hurdles. This includes self-training, system maintenance, physical security, delegate and restrict super user accounts, passwords, user training, restrict user access, vulnerability testing, patching systems, system / network monitoring, continuity and disaster planning, documentation, incident response. Though there are many laws, it is important for a common man to know them so that they can use the right one at a given time. The legal system is found to be a part of the society and it cannot do anything in case the owner of a site won’t take the advantage of it. Even when a person needs help, the legal system might fail to render as they have some limitation set for themselves. While it is about security related aspects, the legal system helps to uphold a secure computer infrastructure. It is important that the user of the computers understand the support rendered from the legal system in order to protect their computer. Developing a healthy computer ethics to avoid any sort of intrusions within a company is also equally important. Conclusion: The threat, in this fast changing world is seen in every field. But it is important to make sure to use the facility available to overcome such situation. With strict legal system, laws and legislation, people can get the justice they are looking for in a right way. Not all the time the threat is from outsiders, so it is important to monitor people in the office from time to time so that one can be safe from inside as well. For most of the problems, the legislation has a right solution and people need not have to worry about the old threats. However, new threats might take some time to solve as the technology is fast changing and the law lags behind. This makes the intruders get some time to play with the websites and create a new threat. The federal legislation for information technology has evolves over past 20 years and people are happy with the justice they are getting till date. The legislation is continuously amended and new laws are brought to make people secured from these threats. Making a law and enforcing it is not the only important aspect for legislation. But it is also important to know how much people know about these laws and how one can try to make other understand about it. Making a law in a secret manner and giving the right to know about it only to the lawyers might not be a proper choice. Even for those who want to put a case on the one who is creating a threat should also know about it as it helps them to take the lead. With the introduction of the first law the Computer Security Act of 1987 to avoid the threat of network security, the addition of other laws begun. The law made people to stay secure from many threats of copyrights, hacking and other aspects. The challenge faced by the government is more than one can expect and this needed good time to get solved. Even after the formation of law, people failed to get good result from it as the lawyers were far behind from the latest technology. It became hard to fight against the fraud in the court with those who have minimum or no knowledge of computer. This made people to stay quite even when they are facing huge loss due to such problems. The selection of lawyers has to be done in such a way that they should be aware of the current technology and the problems one face with it. The new laws that has been approved and what can help such people should also be understood by them to solve the problem easily. Knowing the law, applying it in proper manner and to get the right justice should be the aim these people. There are many places which are designed to provide assistance to such agencies where the solicitors are looking for the current information. This will help one to keep them updated and know what makes a proper choice. This will facilitate these agencies to choose the right law to appeal for a case and make use of it in providing justice. Since network are not restricted by boundaries, it is important to know that the law also is not applied universally. This means to say, no two country follow the same law and there are many changes from country to country. But when it is about the legal issue of network security, it makes it important to have some law on a universal basis as the network of one company of one country will be used by the computer of another country. This makes it hard to go for a legal fight as the user of other country might not have the same legal aspect in their country. Another issue is that, when a person creates a threat, they might not do it with their own computer. It can be done through a browsing centre or in a friend’s home. Even the network can be from a different place or can make use of the wifi for the same. This makes it hard for one to track the culprit. The crime like hacking might happen from one country for the computer of another country. This makes the law to be in such a way that both these countries can accept and follow it. Though there are few common laws, most of them are oriented to a specific country. This has made the crime happen in a rapid manner as one country might fail to punish the criminal of the other country. Apart from the legal aspects and the legislation, it is important for a person to have the knowledge of these crimes. This helps them to beware of it. When they are able to know things, it will also be easy to know about the computer they use. This is because without the right knowledge of how things work when they are in threat, they might not be able to track it for a long time. Once they get to know, it might be too long. So, initial self security methods might help one to be safe with these threats. The computer safety must be taken into consideration and one must be careful with the authentication, access, password and other aspects. Giving out the password or the authentication to anyone might not be a good practice as the threat might not be external always. People might cheat the company by being a part of it and this might bring new problems. Checking for the culprit within the company might be hard, so it is better to have an eye on the employees and also make sure that the information is not going out of the company. The need for a responsible individual in every field has become mandatory as each one is concerned with its own threat. Misuse of the identification can happen even through the computers. This does not make one, steel an identity card or other papers but can just gather the information through cookies. Many issues have taken place with this issue. The information can be through the e-commerce which has led the hackers to get the customers information easily. This is not good as this information can be misrepresented to make some money easily. Taking out the identity of a person might help the criminal to create a bank account or apply for a credit card. They might also get loan in the name of that person. These things might make life miserable of the actual identity as they might end up paying money for something they don’t even know. These things can be avoided if one tries to keep a track on the computer and check simple things. Sometimes noting the log off time from the email id might also help to know whether it has been used from the time of the log off till the next login. Taking care of these things will help not only the company but also the government of the country where this country lies. Usually there are many companies outside USA but working for USA. They might not work in a proper manner when these things happen. This affects the revenue of that country. The national legislation might help within the boundary and this will be left to the company to deal with such situation when they are beyond the boundary. This makes one know every legal aspect of every country which can help them with the network security. Having the best network security is very important and the need to act instantly incase such situation occur might help one in many ways. The company should beware of the ex-employees and what they can do once they are taken out of the job. The authentication they have should be immediately and properly terminated so that they won’t cause any problem later. The company should also know about the current employees and how they might change in case the ex-employee wants them to help him. These things might spoil the profit of a company and taking care of it along with the legal procedures will help one to be safe with the computer and network security. The computer crimes can be controlled when every individual plans for it and try to make their computer free of this hurdle. This will in turn makes others do the same as government cannot be blamed for everything. This makes one try to make things safe and make sure to use the legal aspects wherever possible. This should also be kept in mind that some of them are new and one should know about the current laws too so that they can face the situation in a proper manner. References The Gordon Schools (2011) Networks and Communications, Available at http://www.gordonschools.aberdeenshire.sch.uk/Departments/Computing/StandardGrade/NetworksWeb/19SocialEthicalLegal.htm, [Retrieved 9 Apr, 2013] Ohm, Paul., Sicker, Douglas., Grunwald, Dirk. (2006) Legal Issues Surrounding Monitoring During Network Research, Available at http://spot.colorado.edu/~sicker/publications/issues.pdf, [Retrieved 10 Apr, 2013] Turpeinen, Marko (1995). Legal and Ethical Issues Related to Cryptography and Information Security Available at www.cs.hut.fi/~mtu/netsec/marko.ps [Retrieved 9 Apr, 2013] Montcalm, Erik (2003). How to Avoid Ethical and Legal Issues In Wireless Network Discovery, Available at http://www.sans.org/reading_room/whitepapers/wireless/avoid-ethical-legal-issues-wireless-network-discovery_176. [Retrieved 11 Apr, 2013] Burstein, Aaron (2009). Legal and Ethical Issues Facing Computer & Network Security Researchers, Available at [Retrieved 10 Apr, 2013] Burstein, Aaron (2006). Legal Issues in Network Security Research, Available at [Retrieved 12 Apr, 2013] Easttom, Chuck (2011). Computer Security Fundamentals, New York: Pearson IT Cisco (2001), Technology that Affect Network Security, Available at http://www.cisco.com/web/learning/netacad/demos/FNSDemo1_1/ch1/1_1_2/index.html [Retrieved 8 Apr, 2013] UNT Systems (2012) Network Security Guide, Available at http://security.unt.edu/resources/networksecurity[Retrieved 10 Apr, 2013] Grama, Joanna (2010). Legal Issues in Information Security, New York: Jones & Bartlett Publishers Read More