Project:
Contemporary Security Issue as an Organizations Problem
The safety of a person, an organization or property depends on how much one has invested in protecting him or herself. Over the years, security has grown from being one person related to organizations. Security has evolved into a complex profession that requires proper training in order for one to execute security duties well. Due to the ever changing world of technology emergent security threats are on the rise every day (Noftsinger et al. 2007). Growing dependence on information technology by organization is inevitable in this era. It has found its’ from our offices to our daily lives. Most if not all organization have most of their information relayed through InfoTech devices. As the technology improves so do security related problems. One of the main security problems facing organization is information security. Information is important to any organization, institution or person. Classified information should be kept as classified and if not then there is a security problem.
John Peter (2006), states that once an organization data is connected to the internet it becomes targeted for cyber-attacks and other forms of bandits. The main objective of information security is to keep data confidential and available. It means that information is given to authorized personnel and is always available. Information security threats are varied, and we will view each in depth. The major threats are viruses, hacking spamming and denial of service (Noftsinger et al. 2007). A hack is complete when the computer system is accessed without the owners’ knowledge. Hacking is done by hackers whose main aim is to retrieve classified information or altering data. Most targeted information is financial information on organization or individuals. The hacker gets to know the operating systems of the target victim and know its loopholes. Some common loopholes are buffer overflow forms and client-side validation scripts. Preventing of either personal or organizational systems from hacking can be done through use of firewalls. Firewalls help by informing the organization of the intrusion (Kemp, 2012). Programs that prevent the computer system from normal working termed as viruses. Viruses are considered a security threat since they make render an organization system open to hackers. Viruses come in many forms as per trend micro five hundred viruses are created monthly. Viruses can be countered by deleting files from suspicious sources and installing an anti-virus in the system. Keeping the antivirus updated will help in countering new forms of viruses (Kemp, 2012). System administrators can control their workstations from a different location. The programs used to do this are called Trojan horse. As much as the programs are good they pose major information security problems if care is not taken. When hacked the Trojan programs are worse than viruses for they give control of the machine, access to information, gives passwords and is easy to install. To counter this proper care is to be taken on all download and audits done frequently to know of such intrusions (Kemp, 2012). The other problems facing information security is spoofing, sniffing and denial of service. Spoofing is simply the tricking of a user that they have the right address whereas the address belongs to a hacker. It places the organization in compromise of giving valuable information to the wrong people. Sniffing is mostly used in diagnosing a problem with data transfer. But in the wrong hands passwords and other reliable information can be taken. Sniffing can be avoided through encryption of the systems (Noftsinger et al. 2007).
Kenneth J (2009) in his book cyber security and global information assurance states that the government, employees and employers should give more attention to information security. There are four major factors that will help in the control of cyber crime and other information security related issues. Support from the managers, the law, training and awareness and malware information given. Most managers neglect investing in security seeing it burdensome. Advice is given that proper investment should be done in the organization security installation (Knapp, 2009). The law through the government should provide minimal security requirement for all organization depending on the organizations’ workforce and size. Proper penalties should also be set for those found to be infringing those laws. As much as there are law governing financial institution the same should be extended to all sectors of the economy. Note has been taken that some organizations are not aware of the magnitude of information security (Knapp, 2009). Awareness has not been created from initial stages to the point where someone is working on a computer. Funds should be set aside, so that awareness is created from elementary school. It will mean that the end user of the system will be fully informed on the contemporary issues they will be facing. Awareness campaigns should be formed to promote computer awareness
In conclusion, the security sector as a whole needs to be updated to the contemporary issues facing it. Rules and regulations governing all aspects of security need to be made so as to accommodate all victims of security related problems (Noftsinger et al. 2007). The government should help in implementing rules and regulation that will give proper punishment to the lawbreaker and assurance to victims. Funds should be set aside for a national awareness and curricular activities setup to inform the young ones. By doing this, the government will be generating an all informed nation on combating all forms of crime
References
Kemp, R. L. (2012, 09). Homeland security in america: Past, present, and future. Fire Engineering, 165, 91-94. Retrieved from http://search.proquest.com/docview/1080966424?accountid=1611
Knapp, K. J. (2009). Cyber-security and global information assurance: Threat analysis and response solutions. Hershey, PA: Information Science Reference.
Noftsinger, J. B., Newbold, K. F., & Wheeler, J. K. (2007). Understanding homeland security: Policy, perspectives, and paradoxes. New York: Palgrave Macmillan.