Technology of Information Security - Essay Example

TECHNOLOGY OF INFORMATION SECURITY Technology of Information Security Affiliation At the present, the majority of business organizations use a distributed computing environment to store their data and information. In this scenario, their data and information are stored in different locations. For instance, in many cases data and information are kept on a centralized server. On the other hand, some organizations prefer to store their data in the decentralized data storage system. In this scenario, each user is individually responsible for managing and updating his own data on his own computer.

However, the most commonly used scenarios at the present are a mixture of these two solutions, where some data are stored on a centralized server and accessed by client computers, as well as some data is stored only on local computers which is never shared with other client computers (Microsoft, 2003; Shelly, Cashman, & Vermaat, 2005). In addition, all of the above discussed situations come with a variety of security problems to consider. In fact, for the majority of business organizations, at the very least some of this data must be kept secure.

Moreover, in order to help present effective data security in the above discussed situations, there exist a wide variety of IT security technologies that can be used by the business organizations to keep their sensitive data and information secure during storage and network communication. Additionally, there is not a single IT security technology that has the capability to protect all data against all kinds of attack. However, there are many security technologies that can be combined to implement a wide-ranging security infrastructure that protects against a wide variety of security attacks (Microsoft, 2003; Shelly, Cashman, & Vermaat, 2005).

I have presented below three information security technologies:1. FirewallsIt is an admitted fact that the majority of business organizations are exposing their personal networks to Internet traffic; as a result, the deployment of firewalls has become a basic need. Basically, “a firewall stops illegal communication inside and outside of the network, facilitating the company to implement a security strategy on traffic running between its network and the Internet” (Turban, Leidner, McLean, & Wetherbe, 2005; Laudon & Laudon, 1999).

Additionally, firewalls can be either software or hardware. However, an effective firewall arrangement will be based on both (Beal, 2004). In this scenario, a firewall divides a network into different domains. A wide-ranging implementation of the firewall has the Internet as un-trusted domain; a semi trusted and a semi secure network, acknowledge the demilitarized zone (DMZ), as an additional domain; and an organization’s computers as a third domain (Silberschatz, Galvin, & Gagne, 2004, p. 673).2. EncryptionSecond information security technology that I have chosen is the encryption technology.

Encryption is the process of translating information and data into a hidden or secret code. In addition, it is a very effective method for ensuring data security. In this scenario, for the interpretation of encrypted data and files, the receiver should have access to a secret key or password that allows them to decrypt it. In addition, this unencrypted information and data is acknowledged as plain text on the other hand hidden or encrypted data is acknowledged as cipher text. Additionally, the encryption technology allows us to encrypt massive set of information and data.

For instance, in order to carry out business transactions over the Internet we need some sort of sensitive and high value information such as confidential communication, credit-card information, social security information, personal details, susceptible business details and bank-account information. In this scenario, a straightforward security technique is to merely keep secret information on removable storage media like peripheral hard drives or moveable pen drives (Webopedia, 2010; Tyson, 2010). 3. Intrusion Detection System (IDS)An intrusion detection system (IDS) is aimed at identifying applied or attempted intrusions into the network and carrying out appropriate operations for the intrusions.

Basically, the intrusion detection encompasses a wide variety of techniques that differ on several axes. Some of these axes include: discussed by (Silberschatz, Galvin, & Gagne, 2004)The time at which detection occurs: in real time (while it is taking place) or following the information only.The types of input inspected to identify intrusive action. In this scenario, these inputs can comprise a process system calls, user shell commands and network packet headers or contents. In addition, different types of intrusions can be detected only by correlating information from various such sources.

A wide variety of action capabilities. In this scenario, some of the basic steps comprise changing an administrator of the possible intrusion or in some way halting the potentially intrusive action, for example, discarding an action involved in the actual intrusive activity. In a complicated type of action, a system might clearly redirect an intruder’s action to a trap. In addition, a false resource exposed to the attacker with the aim of observing and gaining information about the attack; to the attacker, the resource appears real.

ReferencesBeal, V. A. (2004, November 5). The Differences and Features of Hardware & Software Firewalls. Retrieved June 21, 2012, from Webopedia.com: http://www.webopedia.com/didyouknow/hardware_software/2004/firewall_types.aspLaudon, K. C., & Laudon, J. P. (1999). Management Information Systems, Sixth Edition (6th ed.). New Jersey: Prentice Hall.Microsoft. (2003, March 28). Data Security Technologies. Retrieved June 20, 2012, from http://technet.microsoft.com/en-us/library/cc785896(v=ws.10).aspxShelly, Cashman, & Vermaat. (2005). Discovering Computers 2005.

Boston: Thomson Course Technology.Silberschatz, A., Galvin, P. B., & Gagne, G. (2004). Operating System Concepts (7th Edition). New York: Wiley.Turban, E., Leidner, D., McLean, E., & Wetherbe, J. (2005). Information Technology for Management: Transforming Organizations in the Digital Economy . New York: Wiley.Tyson, J. (2010). How Encryption Works. Retrieved June 20, 2012, from HowStuffWorks: http://computer.howstuffworks.com/encryption.htmWebopedia. (2010). Encryption. Retrieved June 20, 2012, from http://www.webopedia.com/TERM/E/encryption.html