Securing and Protecting Information

In: Computers and Technology

Submitted By ericb8272
Words 1090
Pages 5
Securing and Protecting Information

CMGT/400
May 27, 2013

Securing and Protecting Information
Introduction
The last few years have been marked by numerous malicious applications that have increasingly targeted online activities. As the number of online activities continues to grow strong, ease of Internet use and increasing use base has perfected the criminal targets. Therefore, attacks on numerous users can be achieved at a single click. The methods utilized in breaching Internet security vary. However, these methods have increasingly become complicated and sophisticated over time. With the increase in threat levels, stronger legislations are being increasingly issued to prevent further attacks. Most of these measures have been aimed at increasing the security of Internet information. Among these methods, the most prominent approach is security authentication and protection. This paper comprehensively evaluates the security authentication process. The paper also introduces security systems that help provide resistance against common attacks.
Security Authentication Process Authentication is the process that has increasingly been utilized in verification of the entity or person. Therefore, this is the process utilized in determining whether something or someone is what it is declared to be (LaRoche, 2008). Authentication hence acts as part of numerous online applications. Before accessing an email account, the authentication process is incorporated in identification of the foreign program. Therefore, the most common authentication application is done through incorporation of passwords. Before description of the authentication process, it is important to explain some of the important terms. In this concept, the term AAA is commonly employed to mean authentication, accounting, and authorizations. Let us now differentiate between these terms. *…...

Similar Documents

Information Technology and Protecting Children

...Information Technology and Protecting Children Because of the advancements in technology access to the Internet is widespread; schools and libraries around the nation are using the Internet as an educational tool. Because of the endless amount of unknown content online, Congress ensured children’s personal data is protected and that “obscene and violent material is screened out” (Abrahamson, 2002, p. 50) by passing Acts such as COPPA, The Children’s Online Privacy Protection Act, 1998 and CIPAThe Children’s Internet Protection Act, 2000. Protecting children’s personal data from collection without parent or guardian consent is the intent of COPPA. CIPA addresses worries regarding children’s access to obscene or damaging subject matter on the Internet in schools and community libraries. Children’s Online Privacy Protection Act “COPPA was enacted to restrict the manner and amount of personal data collected on children under 13 by web sites targeted at children” (Abrahamson, 2002, p. 50). COPPA provides rules for companies that gather or may gather marketing data that identify children. Personal data includes any information that would permit physical or online contact with that child. Singer (2012) Almost every child possesses a computer in his or her home or pocket making it harder for parents to monitor what information children are distributing online. Many sites and applications offer children the opportunity to upload pictures or videos of themselves, to graft......

Words: 798 - Pages: 4

Protecting Proprietary Information

...Protecting the proprietary information of Acme Corporation is of the highest importance. Losing information such as plans, or manufacturing procedures could cost Acme Corporation the exclusive contract to supply equipment to the military. Having assessed the needs and necessary steps to protect all proprietary information, the following is to be considered as our recommendation for securing all necessary information. First and foremost, securing the companies computer servers in one closely monitored and locked location is essential. It is our recommendation that Acme limit server room access to the IT security team. The team must work in pairs to hinder the abilities of someone downloading sensitive files to devices such as flash or thumb drives, or writing files to a compact electronic device such as a cellphone. The IT security team is to be escorted by an armed security person, while an armed guard will also be stationed at the entrance to the server room. It is also recommended to use video cameras inside the server room to monitor the room when it is not being occupied. In order to be employed as a member of the IT security team, an applicant must be able to obtain and maintain a security clearance through the federal government. Outside of the server room, all sensitive files should use 56-bit encryption to protect them from being read by any outside entities. All portable devices used for business purposes by employees with access to secure files should also be......

Words: 557 - Pages: 3

Securing the Boat

...Securing Your Boat to a Dock After successfully parking your boat alongside a dock or in a slip, now it’s time to make sure the boat stays in place, using dock lines – also called mooring lines –  to tie the boat to the dock.In the truest of the nautical vernacular, one isn’t tying up to the slip or dock, one is ensuring the vessel is “made fast” to the structure. To stick with our simple-is-good philosophy, we’re addressing boating on a body of water that has no wind, waves, or fluctuations in water depth. The Equipment You’ll need four to six long dock lines (stout lines with a permanent eye spliced on one end) to secure the boat to the dock, and at least two fenders (heavy-duty cushions hung over the side of a boat to absorb the force of contact between a boat and a dock) to prevent the craft from touching the pier.Line Art As your boat eased near the dock, your crew probably placed a couple of fenders over the hull side, and hastily tied the boat to the nearest dock cleats or pilings – so far, so good.We often see boats tied up with only two lines – one at the bow and another at the stern – with each line running at about a 90-degree angle from the boat to the dock. These two lines will secure the boat to the dock, but the boat may still drift slightly frontwards or backwards (fore and aft), potentially allowing the craft to bump into other boats, especially at a crowded pier.The correct method of making your vessel fast to the dock or slip is quick and easy, usually......

Words: 993 - Pages: 4

Securing and Protecting Information

...Securing and Protecting Information Securing and Protecting Information CMGT/400 May 27, 2013 Securing and Protecting Information Introduction The last few years have been marked by numerous malicious applications that have increasingly targeted online activities. As the number of online activities continues to grow strong, ease of Internet use and increasing use base has perfected the criminal targets. Therefore, attacks on numerous users can be achieved at a single click. The methods utilized in breaching Internet security vary. However, these methods have increasingly become complicated and sophisticated over time. With the increase in threat levels, stronger legislations are being increasingly issued to prevent further attacks. Most of these measures have been aimed at increasing the security of Internet information. Among these methods, the most prominent approach is security authentication and protection. This paper comprehensively evaluates the security authentication process. The paper also introduces security systems that help provide resistance against common attacks. Security Authentication Process Authentication is the process that has increasingly been utilized in verification of the entity or person. Therefore, this is the process utilized in determining whether something or someone is what it is declared to be (LaRoche, 2008). Authentication hence acts as part of numerous online applications. Before accessing an email account, the authentication......

Words: 1094 - Pages: 5

Disaster Securing and Protecting Information

...Disaster Securing and Protecting Information Sherry Stender CMGT 400 December 10, 2012 Dr. Derek Sedlack Disaster Securing and Protecting Information Authentication, verifying a user’s identity, is an important way to establish trust in business processes. Authentication is the process of verifying a user’s claim of identity and is most commonly implemented through a username and password combination when logging into a business’ system or application. While the password and username combination is the most common, there are various other methods of authentication such as: voice recognition, a token device, or swiping a smart card. Authentication is based on the principle that a proper form of identification is not produced by the user that the system will not correlate an authentication factor with a specific subject. Many factors can contribute to a system’s security, but the authentication is a key element to the success of a secure information system. Authentication is vital for maintaining the integrity, confidentiality, and availability of a business’ IT infrastructure. The application of access controls includes 4 processes: * Identification- obtaining the identity of the user that is seeking access to a physical or logical area * Authentication- confirming the user’s identity that is requesting access to a physical or logical area * Authorization- determining which specific actions can be performed by the authenticated user in a specific logical......

Words: 1433 - Pages: 6

Securing and Protecting Information

...Securing and Protecting Information Instructor: April 24, 2014 Security Authentication Process It is necessary to secure your authentication method to safeguard your system against varied forms of security threats, like password-cracking tools, brute-force or wordbook attacks, abuse of system access rights, impersonation of attested users, and reply attacks. Additionally, if you share resources on your network with alternative organizations, you need to make sure that your authentication policies are interchangeable with the organization in which you are exchanging your information with. Authentication is the method in which a person must prove that they are who they say they are. Public networks as well as private networks (including the Internet), use authentication to utilized or authorize logins and passwords. Data is required and ran through the password database to ensure that the user is authentic. Before anyone is allowed to access an organization’s intranet, they must first register or be registered by someone that has the appropriate credentials to perform these tasks. For this reason, net business and plenty of alternative transactions need additional authentication methods. “The utilization of digital certificates issued and verified by a Certificate Authority (CA) as a part of a public key infrastructure is taken into account probably to become the quality thanks to perform authentication on the web” (D'Arcy, Hovav, & Galletta, 2009). Process......

Words: 1469 - Pages: 6

Securing a Network

...Securing a Network Kaplan University Securing a network for a company is a very important job because without security anything can come in or be taken from the company. With securing a company I would have a firewall in place of course. A firewall is a software and sometimes hardware that screen out hackers, viruses etc. coming in from the internet (Microsoft Office, 2013). After making sure the firewall is up and running at all times I would began hardening the system. When hardening the system I will take out every unnecessary piece of item that I can without interfering with the task that needs to be done by this system. By taking these unnecessary pieces away I will be creating an easier task for myself and the firewall because, it will increase the security. I will then audit the firewall to make sure everything works properly. Once everything is checked on and I have finished making sure it is running smooth I will have an ongoing maintenance. This ongoing maintenance will detect anything suspicious and any intrusions. A method of encrypting alphabetic: P mxlfop sy lbffdtgkee pexugbpipc. Using Vigenere Cipher I was able to come up with this Cipher. I used http://rumkin.com/tools/cipher/vigenere-autokey.php# an online cipher to help with this Cipher, using the alphabet key A and the passphrase Patsy. I believe this a very secure cipher due to the fact that there can be up to 26 different cipher alphabets. When securing the network that I have chosen I need......

Words: 1001 - Pages: 5

Securing Information Systems

...Securing information systems Kirill Borovskoy Date: Tuesday 18. November Homework 2 • Explain why information systems are vulnerable to destruction, error, and abuse. Main reason why the information systems are so vulnerable is because they are designed to be easily accessible and they do not exist in physical form per se. Digital date is stored on servers, and if anything was to happen to so called storage, the whole system goes bust. And last but not least: any system can be a subject to a hacker attack. • Describe the business value of security and control When you lose data – you lose money, simple as that. Any information you have is relevant to your business, and when this information gets into wrong hands, the same hands will be chopping pieces of your profit in no time. • Describe the components of an organizational framework for security and control First step in developing security system would be that of assessing the risk. Establishing weak points and determining the strengths of the system is of an utmost importance. Second – a security policy needs to be developed. And finally, there always has to be a contingency plan, involving all the levels of informational infrastructure. • Describe the tools and technologies used for safeguarding information resources. Firewalls and Antiviruses prevent unauthorized access to private network from happening. The very basic tool of defending the......

Words: 717 - Pages: 3

Securing Information

...Securing and Juan Protecting Information CMGT / 400 February 9, 2015 Anthony Seymour Securing and Protecting Information When do you have to pay attention to the security requirements of your information system? From the very earliest stages of planning for the development of the system to its final disposal is the advice of the National Institute of Standards and Technology (NIST).  By considering security early in the information system development life cycle (SDLC), you may be able to avoid higher costs later on and develop a more secure system from the start.  The System Development Life Cycle (SDLC) The system development life cycle starts with the initiation of the system planning process, and continues through system acquisition and development, implementation, operations and maintenance, and ends with disposition of the system. Specific decisions about security must be made in each of these phases to assure that the system is secure.   The organization develops its initial definition of the problem that could be solved through automation.   Also during this early phase, the organization starts to define the security requirements for the planned system. Management approval of decisions reached is important at this stage.  During this initiation phase, the organization establishes the security categorization and conducts a preliminary risk assessment for the planned information system.  Categorization of the information system using......

Words: 1328 - Pages: 6

Cmgt/400 Securing and Protecting Information

...or retinal scan. Something from the individual that is specific to only them. A company can use a digital certificate, tickets, or tokens to authenticate their users. A two-factor sign-on or multi-factor will use more than one of the above authentication processes. When the company decides the structure they want, they need to assess how many sign-ons they want, based on the importance of authenticating. For example: a simple user account would general have an Identification and single authentication. A sign-on to a server that houses sensitive information will most likely require at least a two-factor sign on. A company should determine the authentication method based on the needs and type of information that access grants permission ("Exploring Authentication Methods: How To Develop Secure Systems", 2014). Data Back-up and Storage User access is a big part of securing data, however there are other factors involved in securing data within the authentication process. Once a user has access the systems needs data integrity as well as storage capacity to make sure the data is secure and available to the user when they need it. Disasters do happen, not always, but it is important for a company to have a plan in place with specific protocols for Disaster recovery in case of catastrophic technological even or natural disaster. A disaster recovery plan (DRP), defines in case of a disaster, what specific resources, processes, organizations, and people are involved. It......

Words: 2199 - Pages: 9

Securing and Protecting Information

...Securing and Protecting Information Jane Doe CGMT/400 March 9, 2015 John Doe Securing and Protecting Information As the most important asset within the organization it is necessary to provide measures that can effectively protect data from loss and unauthorized intrusions. Information security involves authenticating users with a high level of protocol and promoting accountability within the information infrastructure. This approach may involve use of the organization assets, identification, authentication, authorization and the use of third party security systems or devices to protect data from unauthorized access. Security Authentication Process The security authentication process is the first step in information security and assurance. This process involves “binding a specific ID to a specific computer connection” (University of Phoenix, 2011) in order to authenticate access to the information system. During this process the user provides a user ID and password to the computer system or remote server to verify his or her identity. Authentication is accomplished when the system or server matches the user ID to a specific password and grants the user remote access to system resources. Identification The identification process is an access control element designed to match a user to a specific process. The identification process is performed the first time a user ID is issued to a specific user. User IDs have unique values and......

Words: 1903 - Pages: 8

Securing and Protecting Information

...Securing and Protecting Information Connectivity and accessibility is a top priority, most electronics in our daily lives are connected to the internet, therefore it is extremely important to maintain devices connected to the internet secure from risks and threats. Remote access enables users outside a network access and provides privileges based on the security settings. Users are able to access resources through an internet service provider or ISP which is connecting remotely to the resources online. Secure connectivity is able to be done due to an authentication process, this process establishes a user’s identification to enable access and grant permissions. There are several ways to establish a network connection based on the software, hardware, and network type and security requirements. Security authentication Wireless devices are able to connect remotely involving two elements: a temporary network connection and a series of protocols that set the privileges and commands. The temporary network connection, occurred through a wired connection or wireless access, or any other method of connecting to a network. The primary issue is authenticating the identity of the user and establishing proper privileges for that user. This is accomplished using a combination of protocols and the operating system on the host machine. The three steps in the establishment of proper privileges are authentication, authorization, and accounting, also known as AAA. Authentication is......

Words: 1275 - Pages: 6

Securing Sql Server

...Best practices for Disaster Recovery. Research Assignment 9 Robert Montini (18738519) Mr. Troianos Research Assignment 9 Robert Montini (18738519) Mr. Troianos Best practices for securing SQL Server. Best Practices for Disaster Recovery. Bad things happen, but to a corporation, entity or country, a bad thing happening to its server is worse than bad. It’s a Disaster. The loss of crucial information, records and vital statistics can bring the death to whatever the data base is associated to. That is why Disaster Recovery is one of the most prioritized tasks a data base team may face. Given that the creating a data base is in itself the major goal, protecting that data base should a disaster befall it is as important. There are numerous ways to do this. This paper deals with the best practices of how to accomplish this. The first thing should be to make a backup plan. This should: 1. A computer where the backup will be stored 2. What programs that will be used to back up the database 3, The computers to be backed up 4. A schedule of when to backup new data to the data base 5. The offsite location where the data base recovery data will be stored The second practice is to document all the changes that are made to the database. These include service packs, hot fixes and QFEs that have been applied. This is crucial for getting a data base restored to its original state should a disaster occur. These steps should be implemented to help prevent or minimize......

Words: 1274 - Pages: 6

Securing and Protecting Information

...CMGT 400 Week 3 Securing and Protecting Information Security Authentication Process It is necessary to secure your authentication method to safeguard your system against varied forms of security threats, like brute-force or wordbook attacks, impersonation of users, and reply attacks. Additionally, if you share resources on your network with alternative organizations, you need to make sure that your authentication policies are interchangeable with the organization in which you are exchanging your information with. Authentication is the method in which a person must prove that they are who they say they are. Public and private networks, utilize authorized logins and passwords. Data is ran through the password database to ensure that the user is someone that has the credentials to access the network. In order to allow access a company’s intranet, they must register or be registered with the appropriate credentials to access this network. For this reason, net business and plenty of alternative transactions need additional authentication methods. “The utilization of digital certificates issued and verified by a Certificate Authority (CA) as a part of a public key infrastructure is taken into account probably to become the quality thanks to perform authentication on the web” (D'Arcy, Hovav, & Galletta, 2009). Process includes: Create a strong password policy Establish an account lock out policy Assign logon hours Create a ticket expiration policy Establish network......

Words: 1442 - Pages: 6

Cmgt400 Week 3 Securing and Protecting Information

...Securing and Protecting Information CMGT400 Securing and Protecting Information The internet is a worldwide phenomenon, reaching across the globe and connecting virtually every person together. The internet is essentially comprised of one thing, information. It is information entered into code that produces the websites, emails, and advertisements people see displayed every day. As a result, there are numerous products available which provide connectivity and internet service. Businesses, companies, and banks use the internet to conduct business with customers and other associates. The internet allows companies to potentially recruit customers from around the world, who they normally would not have any interaction with otherwise. With this added advantage of being able to reach across the world, also comes the add threat of becoming a target of malicious hackers. The hackers attention becomes drawn to these companies and their systems and clients' information becomes at risk. The cloud is an offsite storage technology which was originally only available to businesses, but is now easily available to the public. Companies and users are able to store their files on servers instead of local machines, often paying a fee to do so. It is often a useful way to reduce overhead and maintenance costs while paying a company to secure your data and back it up in a virtual environment. Companies that provide this service utilize advanced security software and......

Words: 1513 - Pages: 7

Daniel Cudmore | All Shoes | Абу Халид Дагестани