Data and Computer security

Are methods that protect an organization’s computing and network facilities and their
contents from loss or destruction. Computer networks and computer centers are subject to
such hazards as accidents, natural disasters, sabotage, vandalism, unauthorized use,
industrial espionage, destruction and theft of resources. Therefore, various safe guards
and control procedures are necessary to protect the hardware, software, network and vital
data resources of a company. This is especially vital as more and more companies engage
in electronic commerce on the internet.

i) Network Security – Security of a network may be provided by specialized

system software packages known as system security monitors. These monitor
the use of computer systems and networks and protect then from unauthorized
use, fraud, and destruction. Such programs provide the security measures
needed to allow only authorized users to access the networks. For example,
identification codes and passwords are frequently used for this purpose.
Security monitors also control the use of hardware, software and data
resources of a computer system. For example, even authorized users may be
restricted to the use of certain devices, programs, and data files. Additionally,
security programs monitor the use of computer network and collect statistics
on any attempts at improper use. They then produce reports to assist in
maintaining the security of the network.
ii) Encryption – Encryption of data has become an important way to protect data
and other computer network resources especially on the internet, intranets and
extranets. Passwords, messages, files and other data can be transmitted in
scrambled form and unscrambled by computer systems for authorized users
only. Encryption involves using special mathematical algorithms, or keys, to
transform digital data into a scrambled code before they are transmitted and to
decode the data when they are received. The most widely used encryption
methods use a pair of public key and private keys unique to each individual.
For example, email could be scrambled and encoded using a unique public
key for the recipient that is known to the sender. After the email is
transmitted, only the recipients secret private key could unscramble the
message.
iii) Firewalls – A network fire wall is a “gatekeeper” computer system that
protects a company’s intranets and other computer networks from intrusion by
serving as a filter and safe transfer point for access to and from the internet
and other networks. It screens all network traffic for proper passwords or
other security codes and only allows authorized transmissions in and out of
the network. Firewalls have become an essential component of the
organizations connecting to the internet, because of its vulnerability and lack
of security. Firewalls can deter, but not completely prevent, unauthorized
access (hacking) into computer networks. In some cases a firewall may allow
access only from trusted locations on the internet to particular computers
inside the fire wall. Or it may allow only “safe” information to pass. For
example, a firewall may permit users to read email from remote locations but
not to run certain programs. In other cases, it is impossible to distinguish safe
use of a particular network service from unsafe use and so all requests must be
blocked. The firewall may then provide substitutes for some network services
(such as email or file transfer) that perform most of the same functions are not
as vulnerable to penetration.
iv) Physical protection controls – provide maximum security and protection for
an organization’s computer and network resources. For example, computer
centers and end user work areas are protected through such techniques as
identification badges, electronic door locks, burglar alarms, security police,
close-circuit TV and other detection systems. Computer centers may be
protected from disaster by such safe guards as fire detection and extinguishing
systems; fireproof storage vaults for protection of files; emergency power
systems; electronic magnetic shielding and temperature, humidity and dust
controls.
v) Biometric Controls – Are a fast-growing area of computer security. These are
security measures provided by computer devices that measure physical traits
that make each individual unique. This includes voice verification,
fingerprints, hand geometry, signature dynamics, keystroke analysis, retina
scanning, face recognition, and genetic pattern analysis. Biometric control
devices use special-purpose sensors to measure and digitize a biometric
profile of an individual’s fingerprints, voice or other physical trait. The
digitized signal is processed and compared to a previously processed profile
of the individual stored on magnetic disk. If the profiles match, the individual
is allowed entry into a computer facility or given access to information system
resources.
vi) Computer Failure Controls - A variety of controls can prevent computer
failure or minimize its effects. Computer systems fail for several reasons –
power failure, electronic circuitry malfunctions, telecommunications network
problems, hidden programming errors, computer viruses, computer operator
errors and electronic vandalism. The information systems department
typically takes steps to prevent equipment failure and to minimize its
detrimental effects. For example, computers are available with automatic and
remote maintenance capabilities. Programs of preventive maintenance of
hardware and management of software updates are commonplace. Adequate
electrical supply, air-conditioning, humidity control and fire protection
standards are a prerequisite. A back up computer system capability can be
arranged with disaster recovery organizations. Major hardware or software
changes are usually carefully scheduled and approved to avoid problems.
Finally, highly trained data center personnel and the use of performance and
security management software help keep a company’s computer systems and
networks working properly.