• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month
  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. 7
  8. 8
  9. 9
  10. 10
  11. 11

ICT Security Report

Extracts from this document...


SECURITY INTRODUCTION In this day an age with many companies and well-known organisations functioning online as well as in many towns and cities. In order to attract and gain customers to accumulate business they must try and obtain their customer's confidence and trust. They try to do this by demonstrating that they take such dangers to data security incredibly seriously. Throughout this report I will identify and break down numerous threats and discuss methods by which these online associations can protect themselves from these data security threats. As of the 22nd August 2008 the number of breaches through this current stands at a total of 449. This is considered to be a rather small number compared to the number business, governmental, health, banking and educational entities that have databases. Though this has surpassed the total taken from 2007, which were 446. Although, the number has not increased by a huge amount we can still observe that identity theft continues to rise year by year. As an example, the transactional website I studied, Play.com hold a variety of information about myself such as my name and address and then my card details which I would use to pay for the items. For this to be held by the company you must believe that the site is incredibly safe and that you have great confidence with buying with this company. INTERNAL THREATS There are a number of internal threats that can target your business and break it down by stealing the identity of your customers. This includes dishonest employees, system crashes or natural disasters and human errors such as losing data in the post. Dishonest Employees Dishonest employees can be seen as people who eat in to the business' bottom line profits. It is believed that dishonest employees pilfer more of a business' profit than shoplifters. During 2005, alone it is understood that more than �1.5bn was stolen from British retailers alone. ...read more.


All of this websites lost a huge amount of hits ranging from Yahoo loosing 2,221,350 to ZDNet losing 19,600. It also cost the companies to loose a market share of up to 7.8%, all due to this hacker flooding their web servers. Operating System Problems Operating systems can also contain potential threats to security. Threats to information security arise from three different types of behaviour. Information security can often be violated due to the carelessness of the authorized users of the system. If users are careless with their password, for instance, no other security mechanisms can prevent unauthorized access to your account and data. Many security problems can also be caused by browsers, authorized users of the system exploring the system looking for carelessly protected data. Furthermore, penetration represents deliberate attacks upon the system. An individual trying to penetrate the system will study it for security vulnerabilities and deliberately plan attacks designed to exploit those weaknesses. In order to try and minimise risks from these problems it is firstly suggested that a secure reliable and up-to-date system backup is installed. This is because with a good system backup, you can recover from any system problems with minimal loss. Another measure that can be taken is for unattended terminals to by automatically logged out after a certain period of time. This would minimise the risk of someone logging on and obtaining confidential information. Public Computers Public computers such as those located in libraries, are normally caused unintentionally by curious and persistent users-and sometimes intentionally by knowledgeable and malicious hackers. These threats are made more possible by software that has been installed improperly, software code that has inherent flaws, or insecure procedures. There are a numerous variety of threats that these public computers can become venerable to: * Probes and Scans - This is when attempts are made to gain access or to discover information about remote computers. ...read more.


This would be a good security measure for an organisation to obtain because it would mean that all of these problems and threats get cut out of trying to implant themselves into the company's computers and servers. Thus, meaning that they are less likely to come under attack from hackers using various procedures an malicious attacks in order to try and gain access, as they are protected and have their data secure. Virus Protection This is software that protects computers and servers against the spread of viruses. Again, this would be another safety measure as it would again enable the organisation to become more secure and protected. This is because it would once more mean that they are again protected against spyware or any other malicious activity such as Trojans and harmful viruses that may infect the computer or server system and begin destroying valuable or confidential data. Secure Payment Systems This would include registering with such organisations such as Pay Pal. Websites like this enable and help businesses and customers to send and receive payments by using this site as a sort of 'middle man'. Meaning, that neither party has to worry about the financial burden and pressure of wondering whether the money has be sent or again received. Pay Pal is a registered SSL site and therefore shows it is a safe and secure transactional site. If the organisation was to register with this company it and add this as a safety measure it would mean that financial information such as billing addresses and bank account details would be safe and secure from both internal and external threats. LEGISLATION You should also mention the various laws passed to protect customer data e.g., The Data Protection Act and Computer Misuse Act. Include a description of each law and a conclusion as to its effectiveness. EVALUATION Finally you should include an overall conclusion into the effectiveness of the measures taken. For full marks you must have produced a clear and balanced assessment, weighing-up the threats on the one hand against the measures/legislation on the other and reaching an informed conclusion about the risks. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our AS and A Level Management & Manipulation of Information section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related AS and A Level Management & Manipulation of Information essays

  1. Analysis of market, environmental forces, competitors, marketing mix and consumer implementation.

    by.; As Nintendo launched at a low price, the prospects were good. Much will depended upon Nintendo's software houses to provide the console with appealing games at launch. Given the fact that the console utilises optical discs, manufacturing costs should be lower than that for cartridges resulting in lower retail prices for games.

  2. Standard Operating Procedures (Sop) recruitment policies and procedures.

    It can only be reviewed by or released to authorized personnel after approval from DOPM. VI. NOTICE OF RATINGS: After an eligibility list is officially established, each applicant is promptly notified of their examination results via a Notice of Rating.

  1. Everything about Digital Divide

    These are mainly focussing on the Global Digital Divide. One major example is the One Laptop per Child Association (OLPC). Its slogan is "Give a Laptop Change the World", which clearly shows that it is aiming to deploy laptops. Currently it is trying to deploy as many XO Laptops as possible.

  2. Designing a booking system for an Estate Agent.

    Anyone can carry out a booking depending on who picks up the phone first. 4. Is there a specific person who is responsible for client viewings? The best person for this would be our negotiator Matt Flay as he is responsible for showing the properties, negotiating offers and making appointments.

  1. The purpose of this document is to provide a design for an electronic payment ...

    to be paid The Shopping_Basket table below will record the images selected for purchasing. Shopping_Basket UserID INT - ID - UserID (of type group) The user that the image has been submitted too ImageID INT - ID - ImageID This is the ImageID of the image stored in ImageData The

  2. I was hired by Mr Davies to create a website for a newly built ...

    * Map Company map Crop and re-size to the right size. Insert into an html Have map on website * Contact Details Write all contact details Move and re-size to the right size insert into an html. Have all the contact details on the website * Photos Copy pictures.

  1. Background and investigation for designing a database for a DVD rental shop.

    Document analysis I have decided to examine the existing documents as these will help provide me knowledge of what fields are required within the forms in the proposed system. I also hope to find out what information is required to be help in the new system.

  2. Free essay

    Data Protection

    Unlike viruses, spyware does not usually self-replicate. * These programs can change your Web browser's home page or search page, or add additional components to your browser you don't need or want. They also make it very difficult for you to change your settings back to the way you had them.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work