Computer Security

Computer Security:

Computer security includes the policies, procedures, tools, and techniques designed to protect a company’s computer assets from accidental, intentional, or natural disasters, including accidental input or output errors, theft, breaking, physical damage, and illegal access or manipulation.

Computer security is a complex and pervasive problem that often stumps many organizations, which struggle to balance proper security against the cost and inconvenience of providing it. It cannot be achieved through automation or sophisticated equipment alone; it also requires the active participation of employees with common sense, good judgment, and high moral values, because security is ultimately the responsibility of the individual using the computer. Therefore, it is not surprising that organizations that promote creativity, innovation, trust, and high ethical standards appear to be more successful in enforcing computer security than organizations with stifling cultures.

Why are Computer Systems Vulnerable?

There are a number of reasons why computer systems are vulnerable to security breaches.

(1) International Breaches by Employees- Unfortunately, among the primary sources of security breaches are employees who are either callous or forgetful about security standards. In some cases, employees intentionally cause breaches, either for financial gain or for the fun of it. One of the best ways to reduce security breaches is to educate employees about security policies and to clearly communicate the penalties for violations.

(2) Increased System Complexity- Today, with the spread of end-user computing, the number of computer systems in the workplace has increased manifold. Moreover, information systems have gone from being support systems to being the lifelines of many businesses, so the number of mission-critical systems has also increased significantly. Technological advances in computers have made many systems extremely complex and difficult to manage. A networked systems become the norm, the task of securing computer systems is becoming more and more challenging. Finally, users working on such systems have technical sophistication that can be misdirected.

(3) Choices of System Components- In recent years, the number of hardware, software, and network options available to managers has increased manifold. As IS managers to attempt to integrate this wide variety of tools and techniques, providing system security is often a daunting task. Further, many systems run on different operating systems, and security considerations are often different for different systems. Network components and configurations have also been created, creating the opportunity to ‘mix and match’ or ‘plug and play’. It is even more difficult to provide security for a diverse set of systems.

(4) Network Vulnerabilities- Telecommunications, advances in networks and telecommunications have profoundly affected organizational productivity and decision-making. The way companies do business has been completely revolutionized by telecommunications. Unfortunately, networks are also among the most vulnerable links in the security chain for computer systems- in fact, in a recent survey of CIOs, more than 90% of the respondents indicated that network security was a strategic concern for their organizations.

“Networks” are essentially sieves to anyone with minor technical skills and the desire to retrieve other people’s information.

The Internet is a vital link that connects people and organizations all over the world. However, in recent years it has been plagued with security problems as the number of Internet users has increased, and the number of security breaches has also increased.

There are many reasons why networks are so prone to security violations. The arrival of cellular phones, radios, modems, and skypagers has created new points of vulnerability in the electronic exchange of information since many unauthorized parties can tune into a company’s voice or data transmissions. Second, in a distributed environment, there are innumerable opportunities for security breaches. “In contrast to the fortress-like architecture of the mainframe, security exposures in client-server computing almost defy identification”. Third, networks transmit large amounts of data and information around the world and it is difficult to continuously keep track of who is doing what, where, when, and how. Fourth, in many organizations network administrators are rewarded for providing easy access to the network, but not for tight security, and obviously, the two do not go hand-in-hand. Fifth, many network users are ignorant of network security measures and, intentionally or unintentionally can cause considerable damage. Users often view security policies and procedures are cumbersome and counterproductive, so they try to find shortcuts or even to completely bypass security controls.

(5) Sophisticated Hackers- They are given different- hackers, crackers, information warriors, cyberpunks, cyberterrorists, and phone freaks- but they are all people who violate computer security. A hacker is an individual who is knowledgeable enough to break into a computer system or facility, although he or she does not cause any harm to the system or the organization. A cracker, on the other hand, is a computer thief who breaks into a system with the intent of stealing passwords (set of characters that allow users to log onto a system or to access a program), mail messages, files, programs, and so on, for fun or profit. For example, in 1991, Pierre Marion, the former head of French intelligence, admitted that France had been spying on IBM, Corning, and Texas Instruments for almost a decade, causing IBM alone losses of billions of dollars. And why not? Marion asked. After all “in economics, we are competitors, not allies”.

Crackers can cause financial damage and injure the competitiveness of a firm. For example, in 1991, when a security breach occurred at the research facility of a major U.S. automobile manufacturer, the company lost $500 million worth of designs for future cars and suffered in the marketplace because its designs fell into the hands of competitors.

(6) Complacent Management- In spite of the many highly publicized cases of security violations, top management in many organizations is oblivious to security violations and their ability to bring a corporation to its knees. They are often reluctant to invest in security because they do not believe it has a direct impact on profits. But unless management takes a vigilant and proactive approach to computer security, security breaches are like time bombs waiting to explode.

The challenges of securing computer systems in an organization are summarized as:

  • Intentional Breach by Employees- A primary source of security breaches is the intentional or unintentional actions of employees.
  • Increased System Complexity- Open, integrated, mission-critical, and real-time systems are highly complex and difficult to monitor and manage.
  • Too Many Choices in System Components- The number of hardware, software, and network configurations has increased tremendously.
  • Increased Network Vulnerabilities- Networks have become increasingly complex and difficult to manage.
  • More Skilled Crackers- Crackers are better educated and more technically skilled, making it easier for them to break into computer systems.
  • Complacent Top Management- Top managers often feel that security violations happen at other companies, not at theirs.

Java while Loop
Java Nested Loops
Java Array
Multi-Dimensional Array in Java
Java String Methods
Java Wrapper Classes
ArrayList Java
Java for-each Loop
Java Polymorphism
Java Overloaded Methods
Java Method Overriding
Java (programming language)– Wikipedia

Comments (No)

Leave a Reply