• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month
  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. 7
  8. 8
  9. 9
  10. 10
  11. 11

ICT Security Report

Extracts from this document...


SECURITY INTRODUCTION In this day an age with many companies and well-known organisations functioning online as well as in many towns and cities. In order to attract and gain customers to accumulate business they must try and obtain their customer's confidence and trust. They try to do this by demonstrating that they take such dangers to data security incredibly seriously. Throughout this report I will identify and break down numerous threats and discuss methods by which these online associations can protect themselves from these data security threats. As of the 22nd August 2008 the number of breaches through this current stands at a total of 449. This is considered to be a rather small number compared to the number business, governmental, health, banking and educational entities that have databases. Though this has surpassed the total taken from 2007, which were 446. Although, the number has not increased by a huge amount we can still observe that identity theft continues to rise year by year. As an example, the transactional website I studied, Play.com hold a variety of information about myself such as my name and address and then my card details which I would use to pay for the items. For this to be held by the company you must believe that the site is incredibly safe and that you have great confidence with buying with this company. INTERNAL THREATS There are a number of internal threats that can target your business and break it down by stealing the identity of your customers. This includes dishonest employees, system crashes or natural disasters and human errors such as losing data in the post. Dishonest Employees Dishonest employees can be seen as people who eat in to the business' bottom line profits. It is believed that dishonest employees pilfer more of a business' profit than shoplifters. During 2005, alone it is understood that more than �1.5bn was stolen from British retailers alone. ...read more.


All of this websites lost a huge amount of hits ranging from Yahoo loosing 2,221,350 to ZDNet losing 19,600. It also cost the companies to loose a market share of up to 7.8%, all due to this hacker flooding their web servers. Operating System Problems Operating systems can also contain potential threats to security. Threats to information security arise from three different types of behaviour. Information security can often be violated due to the carelessness of the authorized users of the system. If users are careless with their password, for instance, no other security mechanisms can prevent unauthorized access to your account and data. Many security problems can also be caused by browsers, authorized users of the system exploring the system looking for carelessly protected data. Furthermore, penetration represents deliberate attacks upon the system. An individual trying to penetrate the system will study it for security vulnerabilities and deliberately plan attacks designed to exploit those weaknesses. In order to try and minimise risks from these problems it is firstly suggested that a secure reliable and up-to-date system backup is installed. This is because with a good system backup, you can recover from any system problems with minimal loss. Another measure that can be taken is for unattended terminals to by automatically logged out after a certain period of time. This would minimise the risk of someone logging on and obtaining confidential information. Public Computers Public computers such as those located in libraries, are normally caused unintentionally by curious and persistent users-and sometimes intentionally by knowledgeable and malicious hackers. These threats are made more possible by software that has been installed improperly, software code that has inherent flaws, or insecure procedures. There are a numerous variety of threats that these public computers can become venerable to: * Probes and Scans - This is when attempts are made to gain access or to discover information about remote computers. ...read more.


This would be a good security measure for an organisation to obtain because it would mean that all of these problems and threats get cut out of trying to implant themselves into the company's computers and servers. Thus, meaning that they are less likely to come under attack from hackers using various procedures an malicious attacks in order to try and gain access, as they are protected and have their data secure. Virus Protection This is software that protects computers and servers against the spread of viruses. Again, this would be another safety measure as it would again enable the organisation to become more secure and protected. This is because it would once more mean that they are again protected against spyware or any other malicious activity such as Trojans and harmful viruses that may infect the computer or server system and begin destroying valuable or confidential data. Secure Payment Systems This would include registering with such organisations such as Pay Pal. Websites like this enable and help businesses and customers to send and receive payments by using this site as a sort of 'middle man'. Meaning, that neither party has to worry about the financial burden and pressure of wondering whether the money has be sent or again received. Pay Pal is a registered SSL site and therefore shows it is a safe and secure transactional site. If the organisation was to register with this company it and add this as a safety measure it would mean that financial information such as billing addresses and bank account details would be safe and secure from both internal and external threats. LEGISLATION You should also mention the various laws passed to protect customer data e.g., The Data Protection Act and Computer Misuse Act. Include a description of each law and a conclusion as to its effectiveness. EVALUATION Finally you should include an overall conclusion into the effectiveness of the measures taken. For full marks you must have produced a clear and balanced assessment, weighing-up the threats on the one hand against the measures/legislation on the other and reaching an informed conclusion about the risks. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our AS and A Level Management & Manipulation of Information section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related AS and A Level Management & Manipulation of Information essays

  1. Marked by a teacher

    Hardware and Network issues in e-commerce

    5 star(s)

    that user changes and as hackers need to know the IP address of a user to hack into their line, their 'hacking' becomes limited. Broadband's 'always on' feature however, uses static IP addressing in that the IP address of the user is always the same, hence the hacker can attack

  2. Marked by a teacher

    The Internet is an important part of our everyday lives however it is not ...

    4 star(s)

    In order to ensure that I reap the benefits from everything that the Internet has to offer I need to be critical of everything I read. I cannot just assume that because I am reading something on the Internet that it is true.

  1. Analysis of market, environmental forces, competitors, marketing mix and consumer implementation.

    by.; As Nintendo launched at a low price, the prospects were good. Much will depended upon Nintendo's software houses to provide the console with appealing games at launch. Given the fact that the console utilises optical discs, manufacturing costs should be lower than that for cartridges resulting in lower retail prices for games.

  2. Standard Operating Procedures (Sop) recruitment policies and procedures.

    It can only be reviewed by or released to authorized personnel after approval from DOPM. VI. NOTICE OF RATINGS: After an eligibility list is officially established, each applicant is promptly notified of their examination results via a Notice of Rating.

  1. Everything about Digital Divide

    These are mainly focussing on the Global Digital Divide. One major example is the One Laptop per Child Association (OLPC). Its slogan is "Give a Laptop Change the World", which clearly shows that it is aiming to deploy laptops. Currently it is trying to deploy as many XO Laptops as possible.

  2. Home Office LTD company. Database

    In addition, there is a button that takes the user to "current month review" sheet, this is another shortcut for when the managing director analyses the data and needs to switch between monthly and yearly review sheets. Screenshot (above) shows the final yearly review sheet, with only one example of January.

  1. Designing a booking system for an Estate Agent.

    Another investigational technique that I would use is Observation. O will use observation to be able to analyse further how the current system works in action. This is an effective technique to find out how they are exactly using the system and to make a clear judgement whether the system is ideal to use.

  2. Background and investigation for designing a database for a DVD rental shop.

    This form has an attractive colour scheme and this will be used as the theme for the proposed system. Each form will consist of these colours. Each field is clearly labelled and arranged systematically, this is a quality that the computerized form will need to convey.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work