Secure Procedures for Certificate Delivery - Essay Example

Nevertheless, along with it has come the intriguing question of “how safe is it to share?” (Martinelli, 2006)

The advent of the Internet has provided some breakthroughs. Social networking and virtual worlds are gaining in popularity and are opening new avenues for businesses. VoIP and video conferences eliminate the limitations businesses encounter due to geographical boundaries largely. These provide opportunities for various business houses to advertise, share information with their collaborators, receive feedback on their products, equipping them with the cutting-edge technologies needed to grow. Thus, to be successful in this highly competitive global business environment, enterprises increasingly adopt flexible, distributed working practices.

The outcomes from virtual collaborations form the fundamental contributions to corporate information and knowledge assets. These assets are used for later analysis of data to assist in decision-making, designing action plans for the management. They also provide critical information regarding corporate strategies, operating principles, client information, personnel records, and so on. It is thus of much importance that these information assets be protected.

As better ways to collaborate keep coming up, the risks involved in it also increase manifold. Increased reports of cybercrimes are quite disturbing to the new-age collaborator fraternity. According to the Georgia Tech Information Security Center (GTISC) annual report, five major threats have emerged as major concerns. Malware, Botnets, cyber warfare, threats to VoIP and mobile devices, and the "evolving cybercrime economy".

Malware development proficiency is rapidly growing, perfectly suited to exploit the weaknesses of poorly configured sites, in particular social networking websites. Reports indicate an increase up to 10 times of malware object detection in 2008.

A Botnet infection may occur even through genuine Web sites. With subtle delivery techniques, users do not have to do much, except load a Web page, triggering a Botnet infection. Around 10 million bot computers are used to spread spam and malware over the net every day.

A major issue of concern is Cyberwarriors equipped with computer technology use their power to decline, curb or confuse their enemies’ military, economic and infrastructure assets.

VoIP traffic, like e-mails, is being targeted for various scams, frauds, and thefts. Mobile devices draw cybercriminals as they are easy targets and are used frequently for transacting business and providing access to sensitive data.

Cybercriminals have become increasingly specialized, controlled, and profit-driven costing businesses a fortune.

These concerning issues have forced agencies to spend a good amount to ensure information security. Researchers believe in a three-pronged approach to meet these threats. Technology, Regulation, and Education might be the answer to them. (Martinelli, 2006) 

Technical security measures fall into three primary categories: Network Security, Host-Application Security, and Subscriber Access Security. Message encryption, Firewalls, Prevention of Denial of Service (DoS) attacks, Spam prevention, Access Control, Server Security are examples of various technical policies in place to counter threats. DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF) to sign e-mails, along with user education, are technologies that can nearly eliminate phasing as a problem.

Placing government regulation is one of the avenues being implored. Something similar to auto insurance, which is mandatory for auto owners to buy government could also require the software users to procure and update necessary security applications.

Information security is everyone’s responsibility. Thus, users must be educated. Personal information such as social security numbers, bank accounts, and passwords must never be shared on social networking sites. Privacy options must be scrutinized. User discretion is needed on the very ground level and sensitive information must not be disclosed.

We stand at a very early stage watching information security evolve. A socio-political outlook on managing information security is likely to present new insanities to various concerns. The need of the hour is a reasoned approach to information security that will bring out what role organizations and governments play, and what responsibilities they have as "good internet citizens". (Martinelli, 2006)