Контрольная работа: Information Systems Security

Introduction

Information technology has changed the business world. As James V. McGee, Laurence Prusak and Philip J. Pyburn (1993, p. 3) point out the way organizations perform their operations, design their products, and market their products have all changed dramatically since the serious introduction of information technology in the mid-1950s.

There are no doubts that the Internet has strongly located in all field of activity of a society in a role of the irreplaceable tool for work with the basic value – the information. Especially in business the Internet is interesting as the tool for communication and information transfer. The Internet gives to firms variety of possibilities: creation of favorable image of a firm or production; increase of availability of the information on firm or production for hundreds millions users of a network the Internet, including geographically removed; cutting-down of costs on advertizing and etc.

According to Kenneth C. Laudon and Jane P. Laudon (2006, p. 9), the Internet and related technologies make it possible to conduct business across firm boundaries almost as efficiently and effectively as it is to conduct within the firm. In other words the companies are not limited by traditional ways to conduct a business. Nowadays the firms maintain close relationships with suppliers, customers and business partners at great physical distances.

At the present time it is very difficult to overestimate the value of the Internet in ability of the companies, the organizations or the enterprises. Every day this service occupies more and more an important place. The Internet becomes the basic business tool, really making profit.

Возможно вы искали - Контрольная работа: Spain

The Internet main task remained the same, as at the time of its origin – accumulation, storage, distribution and an exchange of the diverse information.

Nowadays, there are a lots of managers of the enterprises consider application of information technology as possibility to increase the efficiency of the basic business. It is reflection of a certain stage of development of the company: the importance of a competition grows, the companies search for additional means of increase of profitability of business. For this reason information technology is some kind of a mode of development and advancement for peak efficiency of activity of the company.

An increased reliance on the Internet is an issue which frequently generates a great deal of heated debate, with supporters maintaining that internet is crucial for the modern business and safe enough, whilst opponents feel that it is internet lead to risk in terms of threats to information systems security. I find myself in the later group. This question is more vital today as ever before, as in the recent years a plenty of different threats and risk using the internet have increased; therefore, it is worth discussing. In this assignment will be considering threats of using the internet and how companies can protect their information systems.


1. Reliance on the Internet

In recent years there is a rapid development of systems of the telecommunications, one of which key elements is the global computer network the Internet and its main service WWW (World Wide Web). Use the Internet as one of elements of system of marketing can make considerable impact on positive image of firm and on awareness of the consumer about the goods and services. For years of the existence the Internet began to carry out set of various functions. The main function is communication facility possessing the major advantages among which efficiency, reliability, ability to accumulate the information, possibility to supervise communications process, to influence its quality, etc. Another function of the internet is that internet is an integral part of many business processes. It became a place and simultaneously means of interaction of subjects of market relations – commodity producers, sellers and buyers. The most indicative examples of it are electronic commerce (e-Commerce) and the Internet-banking (Internet banking). Speaking about electronic commerce, mean retail trade through the Internet more often. The Internet-banking is a complex of the bank services given in a mode online: informing of the client on a condition of its accounts, remote steering of accounts; payment of utilities, purchase or sale of non-cash currency; crediting, operations with securities, steering of the personal finance, etc.

Похожий материал - Топик: Chita

The Internet has already turned to the original market on which the whole industries work, creating the goods consumed by it and services.

Thus, the Internet became the working tool without which it is already impossible to imagine daily activity of set of people. It and global reference system, and an access mode to technologies, and transport for data transmission, and, at last, an operative and accessible communication medium.

One of the main advantages of Internet technologies is full access to information resources of the company from any point of a global or corporate network. Another aspect that should be mention is that simplicity of use which allows combining the evident form of representation with the simple gear of interrelation of documents. Moreover information systems allow to facilitate steering of the information and to improve communication possibilities.

2. The main risks and threats to information systems security

Risks of the Internet are connected exclusively from it not by controllability. Being an enormous source of the information, the Internet doesn't divide it on good and bad, or useful and useless.

Очень интересно - Реферат: Історія розвитку української мови

On the one hand, the Internet provides mass character of its use, and with another – generates a number of problems with serious consequences.

First, the Internet is the port in an external world, it became the basic source of distribution of a harmful mobile code (viruses, Trojan programs).

Secondly, the Internet began to be applied actively as means of the latent penetration into corporate local computer networks.

Thirdly, now the Internet can be considered as one of the basic ports of escape of the confidential information. For example, information resources of the companies are exposed to serious threats because of use by employees of these companies of free mail boxes. Employees of the various companies besides internal corporate mailing addresses actively use the free mail boxes given by various providers (hotmail.com, mail.yahoo.com, gmail.com and etc.). Having access to the Internet from the workplace and knowing that the port isn't supervised, any user can free send any confidential information for organization limits. But even understanding it, not all companies forbid the employees to use free post services. Ports of information leakage from the point of view of prevention of insider incident are various enough: usb-flash, an instant exchange of messages (ICQ, MSN, etc.), photoaccessories and others.

There are a variety of threats such as computer viruses, worms, spyware and Trojan horses.

Вам будет интересно - Доклад: Buchhaltung

Gordon B. Davis and Gordon Bitter Davis (1999, p. 239) point out that a computer virus is a computer program designed to destroy other programs, corrupt stored data, or interfere with the operation of computer system. Computer viruses were and remain one of the most widespread reasons of loss of the information. Despite huge efforts of anti-virus firms competing among themselves, the losses brought by computer viruses, don't fall and reach astronomical sizes in hundred millions dollars annually. These estimations are obviously underestimated, as it becomes known only about a part of similar incidents.

Another kind of threat is Trojan horse. According to Kim Berquist and Anrew Berquist (1996, p. 150) the Trojan horses is an apparently useful program containing hidden code which allows the unauthorized collection, falsification, or destruction of data. The wide circulation of Trojan programs has given to the hacker rather effective tool for reception of the confidential information and destructive activity in relation to users of network Internet.

Programs-spies (Spyware): the software, allowing to assemble data on separately taken user or the organization without their permission. Spyware is applied to a number of the different purposes. The core are marketing probes and target advertizing. In this case the information on a configuration of the computer of the user, the software used by him, visited sites, the statistican of inquiries to search cars and statistics of words entered from the keyboard allows to define a kind of activity and a focus of interest of users very precisely. However the assembled information can be used not only for the advertizing purposes – for example, recieved information about the computer can essentially simplify hacker attack and breaking of the computer of the user. And if the program periodically updates itself through the Internet it does the computer very vulnerable

The deliberate threats-threats connected with malice aforethought of deliberate physical collapse, subsequently system failure. Internal and external attacks concern deliberate threats. The modern history knows weight of examples of deliberate internal threats of the information are tricks of the competing organizations which introduce or hire agents for the subsequent disorganization of the competitor, revenge of employees which are dissatisfied with a salary or the status in firm and other. It is possible to carry threats of hacker attacks to external deliberate threats. If the information system is connected with a global network the Internet for prevention of hacker attacks it is necessary to use firewall which can be built in the equipment. Hacker attack is an electronic equivalent of breaking of a premise. Hackers constantly crack both separate computers, and large networks. Having got access to system, they steal the confidential data or install harmful programs. They also use the cracked computers for spam sending. The outstanding examples of hacker attacks are attacks Jonathan James. He cracked the serious organizations such as Defense Threat Reduction Agency which is part NASA. After that he has got access to names of users and passwords, and also possibility to look through the confidential information. According to NASA, cost of the stolen software is estimated in 1,7 million dollars. Another example, in the summer of 1995, the Russian hacker by name of Vladimir Levin has cracked electronic protection of Citybank and has stolen 400 000 USA dollars.

There are plenty of natural threats, such as fires, flooding, hurricanes, blows of lightnings. The most frequent among these threats are fires.

Похожий материал - Курсовая работа: Беларускія, польскія і рускія фразеалагізмы з мэтэаралагічным кампанентам

3. Security policy

The lack of security may lead to various consequences and problems, such as l oss revenue, lowered market value, legal liability, lowered employee productivity and higher operational costs

Information security is understood as security of the information and an infrastructure supporting it from any casual or ill-intentioned influences which result drawing of a damage of the information, to its owners or a supporting infrastructure can be.

Information security problems are reduced to damage minimization, and also to forecasting and prevention of such influences.

К-во Просмотров: 18
Бесплатно скачать Контрольная работа: Information Systems Security