Computer technology permeates most aspects of our lives. The ability to use computer technology and to evaluate electronic information has become a basic skill for most of people. In most places of business, a computer is standard. In the bank they use computers to look up for account information. They use computers in the auto repair shop to assess the cars. We can’t find books in the library by looking in a card catalog — we must use a computerized database. Doctors’ offices utilize computers to store patient information. The point is this — no matter what we’re doing, a computer will be a basic tool we will have to use and come with it is an important thing: The Computer security. Computer security means to protect information. It deals with the prevention and detection of unauthorized actions by users of a computer. Computer security has come to play an extremely vital role in today’s fast moving, but invariably technically fragile business environment. Consequently, secured communications are needed in order for both companies and customers to benefit from the advancements that the Internet is empowering us with.
The importance of this fact needs to be clearly highlighted so that adequate measures will be implemented, not only enhancing the company’s daily business procedures and transactions, but also to ensure that the much needed security measures are implemented with an acceptable level of security competency when there’re so many threats to the computer out there. The greatest threat to computer systems and their information comes from humans, through actions that are either malicious or ignorant. When the action is malicious, some motivation or goal is generally behind the attack. For instance, the goal could be to disrupt normal business operations, thereby denying data availability and production. This could happen between two rival companies or even as a hoax. Here is a real life example: April 13, 2000, 3:55 P.M. Pacific time: The Web site for the Motion Pictures Association of America (MPAA) is suffering intermittent outages, and the organization suspects computer vandals are to blame. A source inside the organization, who asked not to be identified, said that the MPAA is currently “experiencing problems with their public Web site, and they suspect a denial-of-service (DOS) attack.”
The attack was first rumored on http://www.hackernews.com/ , a Web site for news on computer hacking. Another example was related to one of my uncles, he is a director of a small company in my country, his company’s computers got an attack in 2007 and the result is they lost half of the information about their guests, plans, and even the reports about their economic. I heard that all of the attackers had been captured after that but it still made a bad effect to the company’s reputation. To achieve their goals, attackers use well-known techniques and methods to exploit vulnerabilities in security policies and systems.
The next section on security deals with the general threats associated with computer systems and discusses the motives or goals the attackers have, techniques and methods for gaining access, and the various vulnerabilities that could exist in systems and security policies. Not all threats, goals, vulnerabilities, and methods are discussed because they are so numerous and they differ for each situation, organization, and system. Instead of identifying each, the section on threats presents a guideline outlining how to identify various threats, methods, and vulnerabilities that exist in systems. Therefore, the purpose of computer security is essentially to prevent loss, through misuse of data. There are a number of potential pitfalls that may arise if network security is not implemented properly. In more recent years, security needs have intensified. Data communications and e-commerce are reshaping business practices and introducing new threats to corporate activity.
On a less dramatic note, reasons why organizations need to devise effective network security strategies include the following: * Security breaches can be very expensive in terms of business disruption and the financial losses that may result. * Increasing volumes of sensitive information are transferred across the internet or intranets connected to it. * Networks that make use of internet links are becoming more popular because they are cheaper than dedicated leased lines. This, however, involves different users sharing internet links to transport their data. * Directors of business organizations are increasingly required to provide effective information security. For an organization to achieve the level of security that is appropriate and at a cost that is acceptable, it must carry out a detailed risk assessment to determine the nature and extent of existing and potential threats. Countermeasures to the perceived threats must balance the degree of security to be achieved with their acceptability to system users and the value of the data systems to be protected.