Thursday, August 29, 2019

Internet connections Essay

The security implications of sharing Internet connections between FTD employees and stuff must be strong in order to assure safety for both the clients and the employees. The main security issue such as data access must be implemented in such a way that the privilege given to the FTD employees which is controlled and manipulated. Controlling the web-browsing habit such as browsing illegal or unwanted web sites need also to be controlled, hence providing user access to email, web sites using password and encryptions is essential. Keeping off the malicious users from accessing valuable information and other external information that can be used against the FTD employees and the authorities needs to be taken under consideration. Sending emails and other attachments must be allowed according to hierarchy of access permissions. Unauthorized access to sensitive data must be prevented by implementing policies and procedures to prevent, detect, contain, and correct security violations. Such prevention needs to be focused on Physical Security, Data Communications Security and Operating systems security. Tools that can be used to enhance the security of computers connected to a network are called a firewall. When selecting firewalls, one must take into account such as easy installation and configuration, report of the attack by identifying time, location and type of attack, good maintenance and monitoring requirements, etc. The firewalls that should be used in the main site are Packet Filtering, Stateful Packet Inspection, Application-Level Proxy and Network Address Translation (NAT). To have a perfectly feasible operation and conduct the most proper ethical business functions is the first priority for most companies and businesses. The most critical issue related with IT is IT security where the objective is to take effective measures to decrease the threats exist today in IT related business such as e-commerce. â€Å"Security and risk management are tightly coupled with quality management and Security measures should be implemented based on risk analysis and in harmony with Quality structures, processes and checklists. † [5]. Today, most companies prefer electronic information over traditional ways of storing and manipulation of information. Data are stored in huge database and process using different front-end software’s form anywhere in the world. â€Å"Security is the protection of information, systems and services against disasters, mistakes and manipulation so that the likelihood and impact of security incidents is minimized. † [5]. IT security is made up of three main categories and they are Confidentiality, Integrity and Availability. Confidentiality is when company or an organization has sensitive information and does not want to disclose such information to anyone outside the company. Integrity is when companies want to update the system to adapt to future needs. As for availability, it is when a business implements a system it needs to make sure the system is up and running when needed. â€Å"A threat is a danger which could affect the security (confidentiality, integrity, availability) of assets, leading to a potential loss or damage. † [5]. Threats such as customer’s information can be disclosed which can affect the credibility of any company; companies information can be hacked by illegally, etc. â€Å"It is often impossible or very difficult to know if you are under attack and from whom and attackers sophistication has increased enormously in the last 5-10 years. † [5] Other threats such as virus development have increased at an alarming rate. However, the most common cause of security problems are as stated â€Å"Human Error 52%, Dishonest people 10%, Technical Sabotage 10%, Fire 15%, Water 10% and Terrorism 3% and many computer crimes Money theft 44%, Damage of software 16%, Theft of information 16%, Alteration of data 12%, Theft of services 10%, Trespass 2%. † [5]. There are many ways to improve the correct securities such as protecting data and information using different sophisticated firewall software, understanding threats and its impact in order to be protected form it, calculating risk and deciding how to eradicate such risk. There are two basic ways to improve security and they are Bottom Up and Top Down. Bottom Up approach is not that precise but in order to implement such approach it is advisable to properly understand company policies, network topology and companies operating procedure.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.