Oak Computer
Oak Computer
Computer Crime And Security
Introduction
Information technology poses numerous threats to businesses, institutions and individuals alike. Computer related threats may be either unintended or intended. People with criminal intentions normally conduct the latter. Technology has transformed seemingly timid individuals into high tech criminals. They have the potential to destroy the integrity or confidentiality of documents thus using the information for their own ill intentioned purposes. The essay shall examine internet crime and ways one can deal with it through IT security. (Honeynet, 2005)
How computer crime occurs
The world today is filled with malicious, careless or unscrupulous people. Some internet crimes are committed by members of the same organization while others may be committed by experts who may have specialized in online crime. (Honeynet, 2005)
The first category of criminals are disloyal staff members. These are individuals who have access to sensitive data and decide to dispense it to businesses competitors or to company enemies. In such companies, employees have minimal sense of responsibility. It is likely that when they dispense sensitive information to competitors, they get material benefits in return. Ultimately, companies loose their competitive advantage.
Computer crime may occur in the form of unauthorized access to information. Here, individuals can gain access to information by figuring out passwords. In this case, passwords that are very obvious or those one that are shorter than six letters or also those ones that have been used for too long are particularly susceptible.
Sometimes, the people who may bring about serious security threats are administrators themselves. Companies that face the highest risk are those ones that have one system both for normal production and for other specialized purposes. Also, such companies tend to give privileges to computer programmers who may abuse their positions. It is also likely that such companies do not have a two-sided system of clarification. (Mandia and Prosise, 2001)
One can assert that the worst threat emanates from external sources. For instance, some individuals may specialize in permeating firewalls. Besides that, there are some computer wizards who know ways of dodging firewalls. Such wizards may access information or they may send dangerous viruses, worms or other kinds of software that may become dangerously hazardous. There are computer wizards who dedicate a lot of time creating these viruses so that they can destroy innocent user's information. The victim is then forced to contact them and spend substantial amounts of cash to eliminate the virus. Others have the capability of altering information without knowledge from the user. Here, they master the architecture of the computer and then manipulate it. (Oaks, 2002)
At other times, it is likely that a malicious individual gets hold of back up storage data. Companies that are most susceptible to this kind of crime are those ones are those ones that do not lock up their back up media properly or those ones with loose rules about accessing company archives. (Viega and McGraw, 2004)
Methods of enhancing internet security
Prevention
This kind of approach refers to limiting the level of information available to personnel. In this case, businesses can ensure that their employees only gain access to information that they need to complete certain tasks. This means that even those who modify information should only do this within their own jurisdictions. Additionally, businesses should restrict information availability completely for documents that are extremely sensitive. (Roily, 2007)
All the latter categories ought to be determined by the process of data classification. One can define data classification as the process of labeling data on the basis of security vulnerability or sensitivity. Organizations ought to place their documents into the following categories
- Top secret
- Open
- Secret
- Confidential
The classification system is the first step in protecting one's documents because it lays out the major framework for security. The person who should do the classification is the owner of the information. Besides the latter, it is very necessary for businesses to document all the classifications systems within a security handbook. This is instrumental in the event that a security crisis occurs. (Fraser et al, 2005)
Policy changes
No method of information security can be successful without changing the policies and procedures within organizations. Organizations must struggle to create an environment where workers respect the issue of internet security. Here, it would be necessary to create a disciplined environment where work practices foster information security. Additionally, those people who are given confidential information must be capable of maintaining its integrity. This means that they must be trustworthy. Businesses must also explain to their staff about the most vital information and information that is not. This means that a large percentage of them need to keep off sensitive information. (Garfinkel, 2001)
Companies ought to train their employees about security threats. Here, the training sessions are supposed to inform the employees about how to use security tools, how to detect threats and how to deal with them. Here, employees need to know the experts they can contact in case of a perceived security threat. Besides that, they should also be informed about how to make back up systems. Training is especially important for new employees within the company.
Clarification of problems
Security threats differ from business to business. Some groups may be very vulnerable to internet crime while some may not. Consequently, guidelines should be laid out as to what constitutes a security threat and how vulnerable one is. The following should be outlined clearly
- Security targets
- Principles of information classification
- Responsible personnel
- Principles for reaching targets
In line with the latter, organizations should create a well laid out security plan. While curbing internet crime can be done in variety of ways, businesses should prioritize the most important security measures. Management and users need to be told about their responsibilities. (Grimes, 2004)
Implementing internet security
Security implementation can be done through a variety of methods. The first one is through authorization. Authorization ought to be done through two major steps; validation and identification.
Identification can be done through simple or more complex methods. Some companies opt to use password systems. Here, specific individuals are given passwords that act as keys to information. Companies that manage to use this system successfully are those ones that have one password for each individual. When everyone can use a password, then it makes it a lot easier for internet crime to occur. Good passwords must be distinct, must be changed frequently and must not be repeated if they had ever been used in the past. Lastly, passwords must be changed when individuals leave job positions or change departments. (Dekker, 2006)
These days, security systems have improved tremendously. The latter method of passwords merely depends on something that a user possesses. However, more effective security measures depend on things that one has and things that one knows. For example, an organization could ask for a password along with a magnetic card in order to enhance security. The magnetic card contains some confidential information which can be identified by the computer system. Additionally, businesses can use chip cards. The chip normally has memory. (Van and Forno, 2001)
A more effective system is one that combines, something one has, with something one owns and something that is such as biometric systems. Here, individuals are only allowed to access certain categories of information after their physical features have been verified. One of the examples includes finger print and retina patterns.
Internet security can also be enhanced through backing up information. This is because some viruses have the ability to destroy ones' documents completely. In order to counter such actions, then it is necessary for businesses or individuals back up their data through another system of storage such as a removable device. The device can then be placed in a locked cabinet or a place that is completely secured.
Companies should be careful about their back up systems because one can focus on the primary source of information and then ignore the other source of information. This means that in case the primary information is destroyed, one would be forced to contend with obsolete information. Organisations must be keen about editing and changing their back up information from time to time. This will go a long way in promoting the reliability of the back up systems (Anderson, 2003)
Alternatively, companies can decide to set up firewalls for their data. This is a system that prevents access to information between two networks. Firewalls can be divided into two. Some of them focus on restricting access while others dwell on allowing selective access. A packet filter firewall allows packets of information to enter a protected server or they may have the ability to block those respective packets. The other type of firewall called the application gateway is one that acts as a go between two servers by addressing packets to user application. (Zwicky et al, 2000)
Conclusion
The proliferation of Information Technology into all aspects of life has made users extremely vulnerable. Computer crimes may occur through a number of methods and seriously compromise the user's functions. It is therefore necessary to implement a wide range of security measures that can prevent internet crime. Some of these measures include preventive measures, changing security policies, creating data back ups, using firewalls, using biometrics, using effective passwords and lastly utilizing tangible methods of identification such as magnetic cards.
Reference:
Anderson, P. (2003): Cyber crime has become an epidemic; ERRI Journal, 12, 3, 45
Dekker, M. (2006): Security of the Internet; Encyclopedia of Telecommunications vol. 15, pp. 231-255
Fraser, D. et al (2005): Computer crime research resources; CyberSpace Law Center Report, 23rd April, No. 7
Grimes, R. (2004): Virus Protection for Windows; O'Reilly & Associates
Garfinkel, S. (2001): The Death of Privacy in the 21st C; O'Reilly & Associates
Honeynet (2005): Revealing the Security Tactics, Tools and Motives of the internet Community; McGraw Hill
Mandia, K. and Prosise, C. (2001): Investigating Computer Crime; McGraw-Hill
Oaks, S. (2002): Java Security; McMillan Publishers
Roily, T. (2007): Hacker Accused of Credit-card Fraud, May 23, Associated Press
Van, R. and Forno, R. (2001): Incident Response; O'Reilly & Associates
Viega, J. and McGraw, G. (2004): How to Avoid Security Problems; Addison-Wesley
Zwicky, E. et al (2000): Building Internet Firewalls, O'Reilly & Associates
About the Author
Author is associated with SuperiorPapers.Us which is a global Research Papers and Term Papers Writing Company. If you would like help in Research Papers and Term Paper Help you can visit www.SuperiorPapers.Us
 |
 Amish Wood Computer Credenza Desk Hutch Home Cherry Oak  US $3,700.00
|
 Solid Oak Executive Office Desk Filing Drawer Computer US $2,965.00
|
 Amish Corner Computer Desk Hutch Home Office Solid Wood Oak Maple Rustic New US $2,899.00
|
 Amish Executive Computer Desk Hutch Home Office Solid Wood Oak Maple Rustic New US $2,800.00
|
 Amish Wood Computer Student Desks Hutch Home Oak Maple US $2,790.00
|
How to Build a Custom Computer Desk : How to Choose a Location for your Custom Oak Computer Desk