Digital Security And Privacy Information Technology Essay

Digital earnest And Privacy Information Technology studyIn this essay i will look at the basic fundamentals of earnest and retirement for subroutiners and stage businesses in the 21st century and what i think the shelter risks atomic number 18 for them and what the drive the earnest problems adopt on our privacy laws, does this controversal plan of attack to everybit of training or so commonwealth actually make organization much secure e.g pr hithertot system attacks. I will go indept into what i believe be the chief(prenominal) warrantor risks for users and businesses when browsing the internet or shopping and practice on post banking and also discuse briefly what it would be handle to remove no privacy. I will also discuses how when a user goes on a scoial networking site or hunt engine they might be at risk of sharing study unwillingly with the providers. And a nonher topic i will be discussing in this is how humans fail in thither bit for security and how to prevent this from happening.Digital security in the 21st century is now more than big than ever in front, there argon m some(prenominal) unlike types of security threats to the average psyche, business or even government. This is because everything we do on a daily basis spate have a security risk, whether it be from online shopping or checking your e-mail. If a users ready reckoner has been hacked or has some spyware or malware and they are apply it for online shopping, then the attacker may be able to gain approach to the users sensitive data which nooky then be used for postiche or theft or sold on to a third party for marketing data.Shopping in a store using your debit chasten board plunder also be a risk as debit handbills faeces be cloned by staff and pin numbers stolen using a device that looks the same as the notification machine moreover has been designed or modified to remember pin codes and clone users debit tease/credit card details. Laptops and Mobile phones being stolen arouse have personal reading on them, even losing your universal serial bus storage device or USB pen drive as they are know as for short which can contain all sorts of information because people, businesses and governments all use these devises to get or store data. And if the data is not encrypted then there is always the chance that someone can gain accession to it. shelterive cover is the main issue when it comes to a persons personal information whether it be from browsing the Internet to online banking there will always be people who want to steal information for an wide range of reasons (eg phishing and fraud) Another thing to be wary of is the topic of Liberty are security laws infringing on our basic human rights to privacy and our security by allowing corporations and even governments to spy on our Internet communication theory for what they call anti-piracy or National Security such as the PATRIOT Act in the coupled Sates of America, and this brings me to conclude, why should the rights of the many suffer because of the actions of a few.And this is being debated everyday of every week by civilized rights activists to our own government deciding what they can do and cannot do. Too much information available ab come forth anyone to anyone can be dangerous and this topic should be interpreted extremely seriously.One major impact on privacy is the development of social networking sites and search engine providers that sell the users information to third parties. The iterate Privacy is a fundamental human right. It underpins human dignity and other values such as freedom of association and freedom of speech. It has become one of the well-nigh important human rights of the modern age. by Marc Rotenberg, Protecting gentlemans gentleman Dignity in the Digital Age (UNESCO 2000) 1. And i think that we are caput into a society that does not care about the fundamental human rights we have and how we attained them.For the oretical describe anti-utopian, dystopian novels of the 20th century, depicted societies where privacy was non existant and an intrusive, oppressive regime denied this fundamental human right as a matter of course. In Yevgeny Zamyatins novel We 2the population lived in buildings constructed of glass, which allowed everyone and anyone to snoop on anyone whom they wished. Op function is unsufferable in a society where privacy is non-existant. George Orwells 1984 Big Brother and tele-screen are frighteningly similar to todays move towards a 21stcentury society where the Government and corporations have full access to every bit of any citizens digital life.The 19thcentury black champion of civil rights, Frederick Douglass protested that any rights and liberties won by any people were awarded after contesting the causality structures of society. He said in 1857 that Power concedes nothing without a demand, it never did and it never will. Find out just what any people will quietly subm it to, and you have found out the carry measure of injustice and wrong that will be imposed upon them. 3Frederick Douglass, speaking on the emancipation of the West Indies, 1857Men may not get all they pay for in this world, but they moldiness certainly pay for all they get. 3 also has meaning to that you can use a search engine for free and also a social networking site, but be careful of your information as they might sell it on to third parties.In the book The Art of Deception Controlling the Human Element of Security 4, the authors Kevin D. Mitnick William L. Simon nablame the Human individual as the weakest link, the individual is relegated to a position below the security system in question. Page 3, titled in big black earn Securitys Weakest Link states the humanfactor is truly securitys weakest link.In the Computer Security Handbook, John Wiley Sons (2002) 5which some of the top security specialists in the world have contributed to. Donn B. Parker, a retired (1997) senio r management consultant at RedSiren Technologies in Menlo Park, Ca, who has specialised in information security for 35 of his 50 years in the estimator field and who Information Security Magazinehas identified as one of the five top Infosecurity Pioneers (1998) writes in 5.1.3 Functions of Information Security Computer Security Handbook that the complete opposite to the previous paragraph is true, that the current three function security model, (prevention, detection, and recovery) are completely insufficient and that an 11 function model is needed to eliminate or mitigate the security risks in question, which include avoidance, deterrence, detection, prevention, mitigation, transference, investigation, sanctions rewards, recovery, correction, finally education 5.It is easy to jump to conclusions and intuitively blame the people whom personate hackers or adversaries to computer security professionals, but history shows us that nothing should be taken for granted concerning secu rity. No system will be inherently perfect, and new technologies are continually being created and updated, and most will likely become more secure as time goes on. Human nature on the other hand is a constant and no man or woman should ever pick at humanity to a role below that of a firewall, for any reason. If a computer security system is vulnerable, patch the system or come up with innovative methods to secure it from outside access, improve on the imperfect and take comfort knowing that you have executed your job successfully, thus without sacrificing your morality.Types of attack once a malicious program has been installed on a person or business or governments bodys computer, it can cause harm in many different ways. And the most typical mechanisms for attacks by hackers is taking control of a users access and pretending to be that legitimate user. This can be very bad if a hacker gains access to any information as the user might not realise in time for it to be stopped bei ng used eg. bank account or credit card information being stolen. Stealing or copying secret or confidential data for incorporate espionage or other purposes. Destroying corporate data to do financial damage to a business or government body Causing network and system shortages to paralyze a companys operations eg. Denial of service attack (D.O.S) or Distributed denial of service attack (D.D.O.S).Risks to an OrganisationSecurity vulnerabilites culmination from within an organisation are on the increase in todays businesses and are increasingly the operational risks of any business in todays world, and in a time of recession this is not good because it brings the running cost of the business up and costs to the average person may go up also . so this can lead to a loss of reputation in the regard to customers or partnership in a company or even the share keep upers of the company. there may also be a risk to the business by interruption to the company and lead to the violation of legal and government reulation requirements to protect sensitive customer information E.G OFCOM if the attack works, some examples are Unauthorized access to any information where the access includes disclosure, modification and destruction of any data. Unauthorized users or hackers, i.e. a person who have not been given the rights by the owner/user to access the system.How do people fail in the line of security?Social Engineering Manipulation con-artists are being used to acquire confidential information by manipulating genuine users into telling them. It is a new type of insider attack that is on the up effort similar to an attack that is knowm as phishing in which a malicious or hackeris able toget privileged access with access to company sensitive information in turn which can lead to other users/customers into providing access to forbiddon information.These con-artists rely and work on the basis that people are kind hearted and not aware of the valuble information they know and are careless about protecting it because they think its irrelevant. These con-artists will search bins or skips or take advantage of peoples natural ability to choose passwords that are based on what is considered to bemeaningful to the user such as relatives, date of birth or pets name etc but can be easily guessed if the hacker learns persoanl information about them. the name they now give the method these con-artists employ is called Social engineering and will always a threat to any security system.More internal threats may be if there is aloss of data or data is change, and backups fail this will lead to business having a losses of revenu and this in turn may affect the clients and loss of money to a business.There may also be misuse and theft of Call Records and information and also tele-communication center in which, internal breaches my accure by users who sometimes bypass the usage record from billing someone or a subscribers and then bydeleting the call record informa tion from a database or by manipulating a program to forgive simple things to user subscribers.Identity theft Identity theft of a customers priceless information such as address, security passwords credit card information, and date of birth or in a businesss sense, ID cards, Access codes .Identity fraud is a term that is used to signify to any type of crime in which any person or business wrongfully gets hold of and uses another persons personal data in anyway way that may involves fraud or deception, typically for capital gains eg. giving the business an upper-hand from a competitor.Information used in examine of biometrics for example of soem (face token glance overner, palm print scanner, hand scanner ,handwriting of a person, fingerprints,voice recognition software, sword lily/retina scaners ) are each unique to every person and cannot be given to another human for their use, but can be faked, well some of them. However, personal data, especially a credit card account or debit card number, and other valuable personal information can be taken advantage of and maybe used by the wrong person for fraudulent purposes and sold to third parties at the cost to the average users.The not so innocentBrowsing the sack and using e-mails can seem a normal exercise in layman terms but may seem nave to the advanced users whom understand the security risks. For the average user however, all their activities can upset business. Some viruses that can do this are ( Worms/trojons/malware/spyware or Choke viruses) that are design and aimed at Instant Messaging systems that people use such as a social networking site and windows live messenger (MSN), the users may use these softwares or websites to talk to their friends online or send information from and each pose their own unique security threats. Anti-virus softwares and other tools may not detect malicious code opening through the font-system 6 or Instant Messaging system, so infected files can infect the desktop an d then into the network or a business.If a companys usb stick or security cards or notebooks are lost or stolen, important information may be at risk such as id names and Unique Identifier numbers.Outside threats to an organisationExternal threats are mixed threats that combine many different ways such as worms, viruss, spam and distributed denial of service (DDOS). Every day, hundreds of new ways are discovered to attack software and security breaches by intruders, hackers and security professionals. There are more than 30k hacking-based Web sites on the internet now so it no longer needs a computer savy person to hack a site, just someone with time and patience.How to keep your computer safe with Virus foresee Measures.Regular Updating of a users Anti-Virus and Anti Spyware Software This is to protect the user against viruses and malware/spyware and this is why antivirus software should be installed. any user email attachment files should be scanned This is because computer virus es are most likely to be in an email attachment. just because emails come from your best friends does not mean it is still not important to scan there emails which may contain attachments before opening them as they may contain anything. tombstone points for handling email attachments Be careful when opening email attachments from unknown recipients. Do not be fooled by the appearance of attachment files always check the extension to make sure its not a .exe, .com or any other executable extension for a word document or come across file. Do not send a plain text that can be included in the body of an email message as an attachment file eg. Encrypt your messages. Learn about how email attachments are handled by different email programs. Every file that is should be scanned with a users anti-virus and anti-spyware scanner before opening, because the user will never fully know whats inside. A lot of files such as image files, .MP3,.MP4 and .avi videos are downloaded from the Internet, but some are notwhat we expect and contain malicious programs embedded in them or in the code of these files to hurt or dammage our computers, and a way to avoid this is to be sure to scan downloaded files before using them or opening them. An example is the font system vulnerability of Windows XP. 6 result full advantage of the security functions/ settings supplied with any coat software Regulary updates of Security Patches Should be installed All upstart viruses attempt to exploit bug in a software or security holes that a coder mite not have known about when creating the software to gain access to the operating systems and application software that a current user might be using. If there is any weakness in your computer it can be and most likely will be infected with viruses or have corporate malware on them and the only way to combat this is by previewing emails or accessing the Internet when all security updates have been applied and clearing your Internet cookies after ev ery session.causes of Virus Infection must not be overlooked. If you have encountered symptoms that you think are a virus you should do a scan, a users computer may have been infected with any sort of virus . so it is very important to keep abreast out for this as it can be a major security flaw and scan your computer for viruses regularly to avoid disapointment.If a users computer system or an application freezes, or the system does not start.Files may be deltes or just become hidden. Unknown icons apear.some programs may make attempts to access the Internet without any notification to the user, this is why a firewall is needed.Emails are sent without the users consent. skitter intuitively to make sure there is no virus or spyware on a users PC.All a users data should backup data regulary in case of of system failureData corrupted by a system or hardware failure cannot always be restored by using software. Make the habit of getting use to backing up.Conclusion