Security Essay, Research Paper
Overview
Security is the discipline of using effective protection measures to safeguard important assets from abuse. In other words, .security. is about protecting important things. Protection involves not just mechanisms (such as locks and doors), but also proper selection and use of mechanisms.
Properly applied, the various disciplines of information security really come down to risk management that is not fundamentally different from risk management in other situations such as finance and insurance.
In learning how to think constructively about managing risks, often the following common sense vocabulary is used:
Asset: something important that needs protection
Value: how important the asset is
Threat: a potential kind of abuse
Risk: likelihood of threat leading to actual abuse
Cost (1): reduction in value of abused asset
Cost (2): amount of resources required to use security measures to protect an asset
Benefit: the value of a security measure
It would be great if these terms . asset, value, threat, risk, cost, benefit . could be used scientifically, but when it comes to information systems, most of them are pretty squishy. Nevertheless, even a .best guess. is remarkably useful. If guesses about relative value and likelihood are consistently applied, then it is usually possible to decide on the priority of potential improvements in information security.
Cost becomes a matter of budget. Most people with authority over funds for security can, if properly informed, make good decisions about how to allocate the budget. In many instances, it is possible to analyze whether the incremental value of a high budget would be significant.
Understanding of information security technology is necessary to make informed judgements like these. Fortunately, the essential technological aspects are not rocket science.
Security Risks
There are several types of security issues: data security, computer security, system security, communication security, and network security. The term .information security. is often used to encompass all of them and to distinguish them from closely related and important issues . such as physical security, operational security, and personnel security . that do not rely primarily on computing technology.
Threats and Vulnerabilities
Computing is as risky as any other aspect of modern life, and in some sense more so because of the complexity of computing systems. Vulnerabilities exist at all levels: network, operating system, middleware and application because all software has bugs, administration is error-prone and users are unreliable.
It is virtually impossible to develop any significant system without some errors in it. We know how to build bridges so the imperfections are tolerable. That is, we can build bridges that do not crash (if proper engineering methodology is followed), but we cannot build systems and applications that do not crash.
In computing systems, flaws are often bugs . repeatable situations in which the system behaves in an unintended manner. Each bug can also be a security vulnerability, if the bug can be used in a way that allows a failure of security: either authorized users exceeding their privileges, or unauthorized users gaining access to systems. Furthermore, the complexities of modern computing systems make them difficult to manage.
Configuration and administrative errors also create security vulnerabilities. It can be difficult to determine whether the system is .properly. configured. For example, to .harden. Windows NT for usage on the Internet, Microsoft recommends over a hundred specific configuration changes that effectively turn off many features that led people to want to use NT. In addition, security experts have other recommendations in addition to those described by Microsoft.
Computing, like life, has many threats. But what are the risks. Given the wide rage of threats, the sheer number of vulnerabilities, and the ever-increasing number of attackers, the risk is nearly 100 per cent that some incident will occur if information security is not addressed in a systematic manner.
Attacks
There are many different avenues of attack. Inadequate data security can provide unauthorized users access to sensitive information. Inadequate computer security can result from the use of weak passwords and allow abuse of user accounts. Applications filled with .bugs. can allow unauthorized transactions. Inadequate system security can result from a mis-configured operating system and allow unintended network access. Eavesdropping and password reuse are examples of inadequate communication security which can result in impersonation of individuals. Inadequate network security can lead to unintended Internet access to private systems.
There are many examples of inadequate security. Who is hurt by these attacks. Internet access in this scenario affects the on-line consumer greatly, sometimes in a negative way. Companies store information about their customers on corporate servers and networks. Sensitive information such as credit card and social security numbers and other personal details are stored in file servers. Any individual with knowledge of networking protocols can capture data flowing ov
Наверняка у вас есть товары или услуги, продажа которых приносит вам максимальную прибыль. Для быстрого старта в сети вам необходимо создание посадочной страницы (одностраничного сайта), на которой будет размещена информация о маржинальных товарах/услугах интернет магазина. За 8 лет опыта разработки конверсионных страниц мы выработали оптимальную структуру, которая позволит привлекать через landing page больше продаж. На такую структуру «одевается» ваш контент — фирменный стиль, тексты, фотографии, уникальные торговые предложения, после чего страница выходит в свет. Разработка лендинга и запуск в сети — до 7 рабочих дней. Стоит отметить, что в разработку самой посадочной страницы входит и написание копирайтером продающих текстов для вашего бизнеса, чтобы каждый посетитель страницы захотел совершить покупку именно у вас. Результат: качественно разработаная продающая посадочная страница, которая готова приносить вам новых клиентов.