Improving Web Security - Essay Example

The security of passwords was not of as much worth decades ago as it is today and this is not the sole responsibility of the institutions/bodies that offer email or banking services etc. One must consider taking multiple measures in order to increase the strength of passwords and tighten the security. It is necessary to have the understanding of how the passwords are compromised despite high security algorithms deployed by respective institutions. The easiest way of tracing the passwords of people is to introduce agent software i.e. a spyware into their computer systems to monitor, record and transmit the details of each and every activity people perform including password entries at different sites.

This happens through emails, chats and downloading form unauthentic websites like pornographic sites etc. A good internet security firewall installation can handle this situation quite effectively but the possibilities of breaches remain. One of the indications is that the computer system takes unusual time in processing usual transactions because of the added work that spywares perform. The other reasons of password compromise include the careless selection of passwords and their redundant usage at different forums to save the hassle of memorization.

Sometimes it happens that the communication between the user and the respective body like bank is intercepted by introduction of a lookalike page instead. The users most of the times remain unable to figure out the differences in haste and deliver the actual information to the false page. Redundant passwords cause more damage as the leakage of just one, opens multiple personal horizons of a person’s life before the hackers and cyber criminals. IMPROVING CONTRIBUTIONS OF PASSWORD PROTECTION FOR INFORMAITON SECURITY The baseline of information security lies in the basic structure of the information system itself.

The following steps, if taken for the better management of the system would be massive contributions to the improvement of password protection for information security. Information security is an iterative process. It is essential that this process must first be controlled; it should then be planned, implemented, evaluated and maintained. CONDUCTION OF RISK ANALYSIS The use of risk analysis identifies the security requirements of the IT Customers. IMPROVING MINIMUM SECIRUTY BASELINE The feasibility of the requirements assessed in the risk analysis should be compared with the current security assessment and implementation structure of the organization.

CONSTRUCTION OF SLA. SLA or Service level agreement between the customers dealing with an organization and the IT management of the company is required to be made. This agreement defines the measurable terms of the information security requirements. It also contains details of the specification of this achievement. OLAs Operational Level Agreements provide the detailed instructions of the implementation of the information security Requirements. These instructions are negotiated and defined. SLA AND OLA IMPLEMENTATION The successful implementation of the SLA and OLA are done.

The regular outcomes of the implementation at every transaction done are monitored. Repots about their outcomes are shared with the customer. The feedback from the customers leads to modification of the implemented information secur