Information Security Challenges and Technologies - Coursework Example

INFORMATION SECURITY CHALLENGES AND TECHNOLOGIES Information Security Challenges and Technologies Affiliation In the past few years, information security has turned out to be a serious challenge for individuals and business organizations. Though, advancements of information technology have brought so many opportunities but they have also brought some serious security challenges. This paper is a first assignment that is given to me by Secretary Napolitano to provide her with a briefing regarding the challenges of securing information, identifies the next-generation techniques and tools for avoidance and the next generation techniques for detection, identification and analysis. This paper presents an overview of information security, information security challenges and latest techniques to deal with these challenges. Introduction At the present, the majority of business organizations rely on data and information to carry out their daily tasks. In fact, these data and information are extensively shared in almost all the business communication processes amongst associates, workers, clients, and other stakeholders. On the other hand, the technical potential of the web based technology such as the emergence of the Internet has offered an excellent opportunity to business organizations for collecting, sharing, and distributing data and information, with relative easiness. In spite of a number of security initiatives, customers and business organizations are still worried about security of data and information. In this scenario, these issues create the need for organizations to manage information security in a proper and effective manner. In order to ensure information security, organizations integrate a task to look after customers and governmental proprietary data and details by guaranteeing observance with the laws and regulations. Basically, the information security is the set of rules and regulations, tools, techniques and measures that organizations follow in order to ensure security of their organizational resources (Northern Illinois University, 2007; Sipior & Ward, 2008; Grimaila, 2004). This paper discusses challenges for information security and also discusses the solutions to deal with these challenges. Information Security Issues At the present, there have emerged a wide variety of security issues which make the information security a real challenge. In this scenario, one of the most important issues information hacking. In their daily lives people often face or see this kind of security issue. Additionally, people all around the world with negative intentions steal someone’s personal information with the intention of making illegal use of it. This personal information can comprise several sensitive and private things for instance computer passwords, email passwords, social security number, credit card number and a number of others. The basic purpose of information hacking or theft is to create problems for others. It could be intentional or unintentional. For instance, a hacker can hack a person’s billing information along with secret passwords and afterward can make illegal use of this information. This security is also very critical for the organizations since organizations can face a variety of information hacking issues. In the same way, computer viruses can also destroy the information or can compromise the security of information. These security issues can be very harmful for both individuals and organizations (Gragido & Pirc, 2011; Sipior & Ward, 2008; Northern Illinois University, 2007; Grimaila, 2004). Some of the useful techniques to deal with these security issues can be: Information fortification, support and revitalization: Organizational information security measures, comprising systems, computer units, and data along with documentation arrangement, recognized by this rule, should be implemented in such a way that practically lessens the danger of inside or outside violations to the safety, integrity and confidentiality of organizational information. In addition, the users of information are anticipated to protect such private information in conformity with permissible responsibilities and managerial guidelines and measures, comprising confidentiality and exposure contracts. They should comprise tactics prepared to re-establish such information to guarantee the persistence of the crucial operations for the organization (Gragido & Pirc, 2011; Sipior & Ward, 2008; Northern Illinois University, 2007; Grimaila, 2004). Information Integrity: Information security protectors should use appropriate confirmation and corroboration actions with the intention that the information, utilized in the search of assessment and decision making, might be expected to be correct (Gragido & Pirc, 2011; Sipior & Ward, 2008; Northern Illinois University, 2007; Grimaila, 2004). Information Secrecy and Leakage: The importance of information like an organizational resource augments through its extensive and correct utilization on the other hand its significance reduces through mishandling, misconception, otherwise needless limitations to access this information. In addition, the capacity to access or change information should be offered as required by the users of the company for official functions. Business users who are asking for access to information resources, or else gathering this type of information, should be entailed to confine the extent of those requirements otherwise assortments to merely the information needed intended for their legal practice. Moreover, the users of information security management should not reveal confidential information to illegal persons lacking a legal business motive intended for access to that particular information. State plus federal acts, laws and policies offer standards used for the sharing of diverse types of information related to the business critical areas (Gragido & Pirc, 2011; Sipior & Ward, 2008; Northern Illinois University, 2007; Grimaila, 2004). Information Utilization: The utilization of constrained information intended for recognition, verification, or any other intention should be abolished at any time probable. Past proceedings holding constrained information should be properly upheld as well as ruined in line with lawful along with dogmatic standards, moreover the principles described in these guidelines (Gragido & Pirc, 2011; Sipior & Ward, 2008; Northern Illinois University, 2007; Grimaila, 2004). Information Security Techniques and Technologies A number of researches have been conducted in order to determine the impact of information security and technologies which can resolve information security issues. The research shows that the majority of organizations now makes use of security techniques and technologies such as anti-virus software, firewalls, any sort of substantial security to protect their computer systems as well as information resources or some procedures of controlling the access to technology based IT systems. So the technologies for instance biometrics and virtual private networks by means of a fingerprint are expected to develop very quickly, as well as other technologies are yet emerging. Though, modern technologies are not proficient enough for extensive attacks, and broad solutions should comprise attack deterrence and preemption, attack discovery in addition to cleaning network traffic, and source of the attack and recognition. Moreover, we can implement the following technologies that can ensure information security (Hentea, 2011; Adamski, 2010): Passwords Technology Passwords are considered to be the most frequent methods of preventing access to an information security system. So to be successful in the application of their function, passwords must be given to a person as well as it must be reserved confidential. Additionally, a password should be separate from the client identification. Moreover, the password should be altered on a regular basis, as a minimum 40 days (Hentea, 2011; Adamski, 2010). Intrusion Detection Systems Intrusion detection systems (IDSs) have been around for a long time and have brought considerable influences in the field of information security and they are more effective than customary signature/pattern matching. This technology is very useful for controlling the flow of traffic towards a network (Gragido & Pirc, 2011). Firewall Technology A firewall is one of the numerous techniques of securing one or more information security management system from one more suspected system. Additionally, it is considered as entirely crucial for the web based clients who are executing their personal World Wide Web site. Usually, firewalls are organized to defend against illegitimate interactive log-ins attempts from the external system. Moreover, they facilitate us avert intruders from making their entry into an information security management system on the network. Additionally complicated firewalls stop communication traffic from the external to the internal system; however it allows users on the internal end to communicate freely with the external system (Hentea, 2011; Adamski, 2010; Nash, 2000). Antivirus Technology Antivirus software programs are believed to be the oldest security technology around. It is a very effective information security technology for the reason that it is both a consumer and commercially available product. In fact, it is very easy for people to update signature files, quarantining viruses, malware, and so on (Gragido & Pirc, 2011). Encryption Technology Encryption is the conversion of data into a structure that is illegible through anybody lacking a confidential decryption key. The basic purpose of encryption is to ascertain confidentiality by keeping the data and information secreted from anybody for whom it is not proposed, yet those who are able to witness the encrypted data and information. So encryption technology facilitates the information security and it is widely employed technique all over the world (Hentea, 2011; Adamski, 2010; Nash, 2000). Conclusion This paper has discussed some of the major information security issues. The basic purpose of this research was to identify the factors which make information security a challenge. Every day we see latest threats are emerging that make information security a challenge for both organizations and individuals. There are a number of security technologies and techniques that can be implemented to deal with these issues. This paper has discussed some of the important issues and solutions. References Adamski, A. (2010). Information Management: Legal and Security Issues. Retrieved February 14, 2013, from http://www.uncjin.org/Other/korebo/chapter5.pdf Gragido, W., & Pirc, J. (2011). Cybercrime and Espionage: An Analysis of Subversive Multivector Threats. Burlington: Elsevier, Inc. Grimaila, M. R. (2004). Maximizing Business Information Securitys Educational Value. IEEE Security and Privacy, Volume 2 Issue 1, pp. 56-60. Hentea, M. (2011). Information Security Management - Overview, Security Threats Impact, Emerging Security Technologies, Solutions, Sem Model Requirements, Conclusion. Retrieved February 13, 2013, from http://encyclopedia.jrank.org/articles/pages/6625/Information-Security-Management.html Nash, J. (2000). Networking Essentials, MCSE Study Guide. California: IDG Books Worldwide, Inc. Northern Illinois University. (2007, May 11). Northern Illinois University (NIU) Information Security Policy. Retrieved February 12, 2013, from http://www.niu.edu/CEET/audience/pdfs/niu_info_security.pdf Sipior, J. C., & Ward, B. T. (2008). A Framework for Information Security Management Based on Guiding Standards: A United States Perspective. Issues in Informing Science and Information Technology Volume 5, Issue1, pp. 51-60. Read More