Skip to main content

Technologies and Tools for Security and Control

Access Control

The headlines telling of hackers' exploits in the past year should be enough to convince every company of the need to install firewalls, access controls, and other security measures. With the installation of cable modems or DSL lines, home users must follow the same guidelines. These new connections, which leave your personal computer "always on," are just as vulnerable to attacks as corporate systems.

In corporate systems, it's important to ensure authentication methods are in place so that unauthorized users can't gain access to the system and its data. Because most simple password systems are too weak and make the system too vulnerable, security experts are devising new methods to control access.

Biometric authentication is becoming more popular as a method of protecting systems and data as the technology is refined. While you may have seen the fingerprint or facial recognition techniques only on sci-fi movies, rest assured it may be the next wave of security that's installed in your organization.

If you allow employees to keep certain data on their machines that are not backed up to the mainframe computer, you need to ensure that safeguards are installed on the individual PCs. Make sure you have controls in place for accessing individual data, backing it up, and properly protecting it against corruption. Do you even have a policy about whether employees can store data on their individual terminals?

Firewalls, Intrusion Detection Systems, and Antivirus Software

The four types of firewalls described in the text are:

· Packet filtering: data packet header information is examined in isolation

· Network address translation (NAT): conceals IP addresses and makes it more difficult to penetrate systems

· Application proxy filter: sort of like a fence through which a substitute message passes.

· Stateful inspection: the actual message comes through the firewall but must be identified by the user as passable.

Intrusion Detection Systems

Firewalls can deter, but not completely prevent, network penetration from outsiders and should be viewed as one element in an overall security plan. In addition to firewalls, digital firms relying on networks use intrusion detection systems to help them protect their systems.

In March 2002, Wright Patterson Air Force Base, Ohio, reported over 250,000 unauthorized attempted entries into its computer systems by hackers in a 24-hour period. The intrusion detection systems it had in place allowed authorities to track the hacker attempts and thwart damage to its critical data and systems.

Antivirus Software

While most computer users, especially home users, know they are supposed to have antivirus software installed, they may be negligent in keeping it up-to-date. Because new viruses are unleashed almost every week, antivirus software needs constant updating — at least once a week. Many brand-name software programs have an automatic update feature that users should take advantage of.

Securing Wireless Networks

It's becoming more important for wi-fi users to protect their data and electronic transmissions as wireless networks and their access points proliferate around the country. Security is easily penetrated because of the very nature of the spectrum transmission used in wi-fi. Unless users take stringent precautions to protect their computers, it's relatively easy for hackers to obtain access to files. Stronger encryption and authentications systems for wi-fi than the original Wired Equivalent Privacy (WEP) is being installed in newer computer models. But individual users still carry the responsibility to make sure passwords are changed from the original and encryption systems are used to help protect data.

Encryption and Public Key Infrastructure

Most people are reluctant to buy and sell on the Internet because they're afraid of theft, fraud, and interception of transactions. To help ease the mind and make transactions secure, many companies are using very sophisticated methods of protecting data as they travel across the various transmission mediums.

Watch any World War II movie and you'll see episodes of the good guys intercepting coded messages from the enemy. The messages were scrambled and almost impossible to interpret. But the good guys always won out in the end and unscrambled the message in time to save the world. Now we use sophisticated software programs to encrypt or scramble transmissions before they are sent. The sender and recipient have special software programs they can use to encode and decode the transaction on each end.

Encryption software programs incorporate authentication and message integrity in its program to ensure senders and receivers are protected against many of the computer crimes committed on networks and the Internet.

Usually you can't tell if a transmission is authentic when you receive it over the Internet or network. Digital signature software can create a method of verifying that the message, document, or file has not been altered between the time it left the sender and you received it. The Electronic Signatures in Global and National Commerce Act authorized the use of digital signatures and promises to enhance electronic commerce and make it easier to do business digitally. You must be careful though as digital signatures can be forged or altered the same as an old-fashioned hand-written signature can be forged.

Another way of providing authenticity to network transmissions is by using a digital certificate. Just as your personal signature is connected to you, a digital certificate provides a way of proving you are. GlobalSign.com has lots of information about its digital certificate product and other useful information about this technology. You can get a demo certificate, find someone's certificate, or get more information about how to use your own certificate.

Two methods companies are using to make online transactions more secure are Secure Socket Layers and Secure Hypertext Transport Protocol. The next time you're on an e-commerce or e-business Web site, look in the address text box of your browser and notice if the address begins with https:. If so, the site incorporates one of these two security measures. Public key infrastructure (PKI) is another method for providing secure authentication of online identity and makes users more comfortable transacting business over networks.

Ensuring Software Reliability

Even though your system may appear to be working normally, you should still verify that it is working according to the specifications. Walkthroughs are an excellent way to review system specifications and make sure they are correct. Walkthroughs are usually conducted before programming begins, although they can be done periodically throughout all phases of system development.

Once a system has been coded, it is much harder and more expensive to debug it. We're beginning to sound like a broken record but it's important that you understand and remember that the more work you do before the programming phase begins, the less trouble you'll have later. You can't just start pounding the keyboard and hope everything turns out okay.

As organizations move more toward electronic business and e-commerce, they need to spend more time in the testing phase and do it in realistic terms. As your digital firm is building a new site, or even revamping an old one, you can't afford to underestimate the amount of traffic the site will generate, or overestimate it's stability. Toys-R-Us, Inc., learned that lesson the hard way in December 1999. Their site wasn't tested enough, under realistic conditions, and proved to be a complete failure. It cost the company not just millions of dollars but millions of dissatisfied customers who never came back for a second try.


NOOPUR GARG

BBA/4536/07

Comments

Frank said…
As a site owner I use GlobalSign SSL Certificates to protect my business domain and to let my customers know I can be trusted. The site is also fantastic for information on the range of certificates they offer and more general based knowledge. But if you are securing your website through the use of SSL authorised certification; SSL247.com offers it's certificates of at least 10% below the rrp of the main certification authorities.

Popular posts from this blog

Advantages and Disadvantages of EIS Advantages of EIS Easy for upper-level executives to use, extensive computer experience is not required in operations Provides timely delivery of company summary information Information that is provided is better understood Filters data for management Improves to tracking information Offers efficiency to decision makers Disadvantages of EIS System dependent Limited functionality, by design Information overload for some managers Benefits hard to quantify High implementation costs System may become slow, large, and hard to manage Need good internal processes for data management May lead to less reliable and less secure data

Inter-Organizational Value Chain

The value chain of   a company is part of over all value chain. The over all competitive advantage of an organization is not just dependent on the quality and efficiency of the company and quality of products but also upon the that of its suppliers and wholesalers and retailers it may use. The analysis of overall supply chain is called the value system. Different parts of the value chain 1.  Supplier     2.  Firm       3.   Channel 4 .   Buyer

Big-M Method and Two-Phase Method

Big-M Method The Big-M method of handling instances with artificial  variables is the “commonsense approach”. Essentially, the notion is to make the artificial variables, through their coefficients in the objective function, so costly or unprofitable that any feasible solution to the real problem would be preferred, unless the original instance possessed no feasible solutions at all. But this means that we need to assign, in the objective function, coefficients to the artificial variables that are either very small (maximization problem) or very large (minimization problem); whatever this value,let us call it Big M . In fact, this notion is an old trick in optimization in general; we  simply associate a penalty value with variables that we do not want to be part of an ultimate solution(unless such an outcome is unavoidable). Indeed, the penalty is so costly that unless any of the  respective variables' inclusion is warranted algorithmically, such variables will ...