|
_COMPUTER SECURITY ISSUES _
By: Anonymous
Computer Security Issues Facing Alsager Ltd. In upgrading the Alsager Ltd IT
facilities, despite numerous advantages that the new systems brings one has to
be made aware of the possible threats posing. Virus can effect the system.
They are pieces of codes created by hacker to create a nuisances and to
another extreme corrupt valuable data. Examples of these can be animated icons
flying pass the computer screen and to another extreme can be programmes
designed to delete the hard drive. The Computer Virus can be caught through a
number of ways. The most highly publicised way, is through the Internet, other
ways are through removable storage media, such as floppy disks and zip drives.
They can also be caught through computer networks, where a third party from
another machine in the network introduces the virus (accidental or otherwise)
which then spread throughout the network. The most unlikely way of virus
contaminating the system is through malicious employees creating them on the
system but this will be discussed later on. There are a number of precautions
that can be taken to help prevent this. By simply making employees not to use
mobile storage media unless they know where it has been, making them aware
that pirated media , shareware/freeware programmes may be potentially
dangerous. A talk and leaflet distribution to employees could be useful. If
the Alsager decides to connect to the Internet, this would be another
potential source for virus and such like. A firewall could be placed on the
system to help prevent infection. A more immediate way of preventing virus is
to subscribe to a antivirus programmes, although this will not give you 100%
percent protection it will help prevent the majority of known virus. An
important note to this point, is the importance of getting regular virus
updates from the software manufacturer . With the introduction of the IT
facilities, the amount of room information takes up is drastically reduced
from a whole filing cabinet to a small hard drive. Information can be easily
copied and since the advent of the Internet, information does not even have to
be on a psychical media to leave the building. This therefore makes it much
more easier to copy and take out valuable information. All the companies
details, there accounts and their customers account are prone to the risk. A
single person can take out all the information on a zip disk or even a floppy
disk depending on the size of the file. This poses the risk of company
espionage and financial fraud, through the use of customers credit card
details. There are a number of ways to help deal with this problem. The system
should be a closed network. This means, that only people authorised to access
the information may only do so through a user name and password. In this
system there should be a heirachy of privileges, so only people who need to
access the most sensitive information may do so. Also by having a login
system, people using the system can be identified, helping solve and deter
employee fraud. An important point to note is that the employee responsible
for managing IT should be aware of sleeper programmes that may lye inside the
system, and should be checked on a regular basis. Another step to take care of
this problem, is to use encryption, when storing data and with today�s
encryption standards it would be near impossible to break the code. One must
note that there would be little point in using this technique if the keys and
passwords were not properly managed. Good quality encryption software is
available. A very important security aspect, is in systems failure, data
corruption and damage in general, such as fire damage. To lose data that is
the back bone of the day to day running of the company could prove fatal. The
only way to help properly deal with this issue is back up the data. Since the
costs of storage media and taken a dramatic tumble in price, this would be a
relatively inexpensive process, especially considering what it would save the
company if the worst were top happen. There should be log copies made around
about every 2 months or so , of critical data. This means that one should copy
all the data. So if a virus has been discovered one can back track to see
where in time it started. This will also help provide damage limitation by
enabling one to step back to the most reliable log copy, and then correcting
the damage from there. Regular incremental copies should also be made on a
daily basis, which would mean coping new and modified data only. Employee
related security should also be taken into consideration, these being using
pirated software on the companies networks, which could lead to virus and
copyright related lawsuits effecting the company. Another aspect to be wary
about is employee fraud, technological minded employees be able a manipulate
the system for there own financial benefits. This could be dealt with by
keeping track of who logs in where and what time, that way if a crime is
perpetrated the individual could be tracked down. Employees should only be
allowed access areas that they need and should be restricted to anything else.
Word Count: 882
|
