Information Security Threats And Countermeasures Information Technology Essay

Information Security Threats And Countermeasures Information Technology evidenceA common body of fellowship for entropy security is form when information from around the globe is grouped together for the purpose of organism used as a guideline on how to secure information. on that point atomic scrap 18, however no universally accepted common body of knowledge for information security, though ongoing efforts ar made to establish hotshot limitation that occurs in current developments of such a body of knowledge, is that it frequently focuses primarily on professionals in industry and leaves no room or probability for low-level users (such as end users) who require a scaled-down magnetic variation of this knowledge. The aim of the common body of knowledge that is developed as dispel of the basis for the Information Security Retrieval and Awareness model proposed in this paper is twofold to focus specifically on users with little or no formal background on how to properly s ecure information they work with, yet also not to exclude professionals.Computer systems are vulnerable to many threats that peck inflict unhomogeneous types of damage resulting in significant losings. This damage can range from errors harming informationbase integrity to fires destroying entire information processing system centers. Losses can stem, for example, from the actions of supposedly trusted employees defrauding a system, from outside hackers, or from careless data entry clerks. Precision in estimating computer security-related losses is not possible because many losses are never disc everyplaceed, and others are swept under the carpet to avoid unfavorable publicity. The effects of various threats varies considerably some affect the confidentiality or integrity of data art object others affect the availability of a system.According to threats are categorized jibe to the type of information system asset that is affected, the categories are package, hardware, data, pe rsonnel, administration, network, physical. There are roughly 15 leading information system threats, among those threats are data processing errors, network breakdowns, software breakdowns, and viruses. Viruses are one of the most familiar threats to computer systems. One can define a computer virus as a total recursive function which applies to every broadcast and obtains its infected form such that can infect other chopinesAmong all in all lot of viruses that exist there are a number of viruses cattish Codes/programs and backdoors. Malicious edicts and programs refer tovirus (that reproduces by attaching to another program), worm (an mugwump program that reproduces by copying itself from one system to another, usually over a network)and fifth column programs (an independent program that appears to perform a profitable function but that hides another unauthorized program inside it). septic on a machine and permits an attacker to misrepresent the compromised machines netw ork. Malicious code can cause significant security breaches such as endanger the availability of information once it infects programs/files and corrupts them thus making them in entrance feeible. A trojan program installed success ripey in your PC, can permit an intruder to approaching or modify any information available in the PC and worst still the software configuration of a computer can be changed to permit subsequent intrusions.Hard dish antenna boot sphere of influence The virus infects the DOS boot sector of the hard drive.Extending The virus extends the sizing of the infected program fileBoot sector The virus infects the variance table of the hard book or even the floppy disk boot sector.Disk corruption The virus corrupts all of part of the disk. lodge linkage Directly or indirectly corrupts the file linkage.Resident The virus installs itself in memory.Runtime slow down The virus affects system run-time operations.Types of countermeasuresIS security threats ado pt increased significantly in recent years. We identified the gaps between animal trainer perceptions of IS security threats and the security countermeasures adopted by firms by collecting falsifiable data from 109 Taiwanese enterprises. Industry type and organizational use of IT were seen as the two factors that affected the motivation of firms to adopt security countermeasures, but their murder did not necessarily affect the threat perceptions of the managers. Analyses of responses suggested that the scope of the countermeasures adopted were not commensurate with the severity of the perceived threats. Among the threats, networks were rated as contributing the most wicked threat and yet had the lowest level of protection this was followed by threats repayable to personnel and administrative issues. We therefore addressed threat mitigation strategies, specifically in terms of the differences between industriesThere are a number of countermeasures that can be done to prevent thr eats from interfering with the functionality of information systems.Software User entrance logs, system recovery, multi-user system, automatic debug and test, access control to program arising, verification of system modified, convert channels and Trojan code. hardware Remote mirroring, surveillance system use, entrance limitation, Uninterruptable power supplies and periodical disk checking.Data Information backup, data access controls, user access rights, oblige path, event logging, information handling procedures, management of removal media, and disposal of media. engagement Antivirus software, encryption, user authentication, instruction detection systems, firewalls, alternative circuits, digital signatures, limitation of connector time.Unsecured Windows file sharings. Anyone with File and Print sharing enabled and using piece of land level access are exposed to this threat, a common source of security problem under Windows operating systems. The demerit in an unlatch ed windows shares can be exploited by intruders in an automated steering to place tools on large numbers of Windows based computers attached to the Internet. An unbolted windows shares together with DOS tools can become a great opportunity for intruders to launch DOS attacks. It was discovered recently that there is a flaw in the way that Windows handles the passwords for file sharing. An attacker still can access a password protected shared driving without knowing the full password just the first character of it. A special program can be easily written to exploit the problem and in fact are already circulating around the Net, to be do by by intruders everywhere.ConclusionThe emerging trends in network security threats are leading more and more towards the need for pro-active Intrusion Prevention Systems, and supercharge away from the traditional Intrusion Detection Systems with alert only capabilities. The intent of a security program is to choose and implement cost effectual countermeasures that mitigate the vulnerabilities that will most likely lead to loss.