Data and Information Security
$5.99
Kindly ADD to CART and Purchase an editable Word File at $5.99
Assignment: Data and Information Security
PART B; Information Security Trend and Standards
Question 1
The information system has been important and makes the business success through to the today’s world. Some companies are also built on information technology where if technology would not be existing they would not have existed that includes Google, Facebook, eBay amongst others. With technology carrying such weight amid the companies, the ethical challenges faced by the companies are also notable such that, they can affect the operations of businesses. The challenges that face the organization in the use and the analysis of the stored information includes the stealing of data and client’s information from the company’s database. This is an unethical issue that defines the comfort aspects and the defined space of organization and its variations. In many of the important aspects, one would be able to define the organization by the comparison that comes about the usage of technology and its analysis (Data storage: Storage services. 2014). As many people define it, one would try and discuss the comparative points which are important and those that would prevent the stealing of data information and the financial information as per se.
Information technology always specifies the components that are used in the storage and the manipulation of information through to the levels of minimum and operations within the server while having the education and research aspects to the larger extent. With the advanced points through the information technology, the knowledge of security, privacy issues, and the major impacts are always negative impacts through to the deals of IT. Some of the other issues include the following;
- Piracy
- Trade secrets
- Copyrights amongst others.
Question 2
The information aspects of the Information Security Planning are always a planned point in which defines the integrity, flexibility, standardization, integrity amongst others. The following terms are defined as follows;
Confidentiality– in terms of information security planning, it is essentially the protection of data from exposure to third parties which occurs majorly due to data breach.
Integrity- This entails the information security steps that ensure the protection of data with confidence by one party bugging on another.
Availability– This defines the presence of data such that it is the availing of the available data when needed.
Flexibility- This is the ability of the information system to be able to change in terms of changing terms of understanding.
Connectivity- this is the data connection that defines the connectivity that the data has in terms of its access and availability.
Scalability- is the system’s ability measures to increase or decrease the performance and of the cost incurred through response in changes and the system applications and processing demands.
Standardization- involves the processing, developing, and promotion of the possible mandated standards that are based on the technologies of compatibilities within the said industry.
Question 3
A cashless society is a society that is described only in the movies and the fictional and sensational movies. In the world today it sounds more like a technology that is futuristic but in the real sense, it’s on its way. There are so many very powerful forces that allow the movement of the cashless world which are inclusive of the powerful financial agencies and governments. In the real sense, no society has for sure gone cash-free yet hence the logistics and challenges issue the several social aspects that need to the addressed in the giving up on the cash. Below are the disadvantages of the cash-free society;
- It exposes most of the financial information for a possible information breach. This is one of the major disadvantages because it involves the loss of cash.
- Once the finances in your account are drained or there is an experienced issue in technical there is usually no alternative in the money source.
- Those that don’t have the accounts will still struggle the keeping up with the evolving technological world of cashless society and technology.
- Some people might not be able to control their spending when they are not exposed to physical cash.
These are the disadvantages of the cashless society and how they experience it.
PART C: Applications of information and Cybersecurity Concept
Question 1
In any business association, security ought to be needed. They ought to consistently guarantee that their figuring framework is secure consistently to guarantee that they don’t encounter breaks that may bring about disappointment or misfortunes. There are different business associations and organizations which have experienced distributed computing frailties. For instance, Heathcare.gov, SalesForce, Mybizhomepage, Amazon, and Adobe have been significant casualties of cloud security shortcoming and disappointments, and this has come about to them making significant misfortunes. For instance, Mybizhomepage needed to burn through $1 million to address the security break which had occurred. With this, different organizations who are examining distributed computing administrations ought to guarantee that they take measures that will assist them with getting their figuring framework, for example, through consistent checking.
Virtualization includes running different frameworks on a PC in a synchronous way. Perhaps the most regularly utilized security components incorporate firewall and location programming. It includes getting information from cases, for example, hacking and weaknesses. Virtualization can be utilized by cloud administrations suppliers to secure supporter information. This should be possible by utilizing certain product’s which would guarantee that the put-away information is protected from any type of uncertainty. Losing information can be exorbitant particularly to business associations and foundations like schools, henceforth, it is the obligation of the associations to guarantee that information is protected consistently (Data storage: Storage services. 2014).
For SaaS, the significant security chances related to it incorporate; phishing, information burglary, unapproved access due to loss of control, review, and consistency. These dangers have been critical since they have come about to the deficiency of information in numerous events. Tracking down the best instrument, for example, utilizing solid programming is vital in dispensing with the dangers. thusly, business associations should bend over backward to guarantee that their information is protected from danger. Business associations have been extraordinarily affected both decidedly and contrarily by digital violations. It very well may be significant in a business association such that organizations can have the option to impede those tricksters and have the option to secure their information. Then again, network protection can be very risky for business associations since it can prompt incredible misfortunes. For instance, in 2015, telecom goliath otherwise called Talk was hacked and this brought about them to pay a fine of $400,000 because they had not avoided potential risk and measures to secure their information and this caused them to lose even clients because the individual data’s of more than 200,000 individuals were uncovered.
Telecom stages have the most noteworthy number of clients and the majority of them store their own and surprisingly secret data in their telephones or PCs. This is because there are even manners by which individuals can keep their cash in their telephones or even utilize their telephones or PCs to get to their bank data. indifferent territories, for example, in detainment facilities, all the information is put away in a PC since it is a known simple way and it is accepted that assuming the data is there, it can never be lost.
It is consequently evident that the association didn’t just make misfortune monetarily yet it additionally lost its clients since individuals would need to utilize a site where their security is ensured and the hacking of the PC arrangement of the organization came about to numerous clients to lose their trust in the association (Messier, R. 2014). It isn’t just the large associations that in danger of encountering network protection yet, also, the independent ventures insofar as there is the utilization of the web. For instance, SME Boomerang Video was hacked and they needed to pay a fine of $60,000 because they had made their frameworks powerless against hacks. It doesn’t rely upon which kind of business is completed interestingly, every business association ought to have a method of securing their workers to try not to lose data through cybercrimes.
Question 2
The security evaluation of the IT report is that there are some of the evaluations that should be made to create an environment that should be pleasing to both the communicators. It is very essential to note that the security that the people enjoy serves an important purpose in the trust and the confidence of always doing the things you want online. The security evaluations that are important and efficient in the serving of the clients and their privacy include the strengthening of the HTTPS since this is an important protection that should be focused on majorly. It creates an important function within which many enjoy the service. But with the vital security and the hacker’s continuous development of the programs, there should be also shrewdness on the part of the victim creating a safe environment by even the application for the SSL.
It is very important to note that the Man in the Middle is always and will continue to be a threat to this technological era. This is important to note that the very edge and by the report, it is very vital to focus on the safety that comes within the fight against the hacker. The very aspects of survival are important and serve an important part that is creatively serving. The best thing that can be of sure is that the implications serve an important purpose in which they create an appropriate sense.
The insinuations and implications are that the network hack is rampant in the world and hackers are always on the move to develop more recent software and better ones. It is very important to note that today’s society can only champion the fight against hackers by implementing and keeping up to date the device’s software and updates to avoid the chances that an intruder might take and use (Messier, R. 2014).
The very basis of surviving the threat and avoiding the practices that might be a leeway for the intruder includes the very essence of the surviving and creating the stronger firewalls and reinforcements that would be very vital for the software continuity surviving and up to date. It is therefore important to note that the ways to prevent the attacks from the Man in the Middle majorly in public places would be to avoid the public connections which might expose your data to the intruder impersonating a public domain.
Question 3
I agree with the point. This is important as it introduces the students to know how ethically wrong it is to improve the specs and the understanding of the course. In trying to define the points and the controlled aspects, one would be able to define and understand the crucial concept where technology and its constituents and knowing how vulnerable they could be.
Question 4
With the technological advancements and the daily increase of technological knowledge day in day out, it is important to note that it has come with hazards and technicalities that have tried to break it down. In the new formalities that serve important aspects and updates, it is important to note that the security aspects have been challenged each day (Marinescu, D. C. 2018). With new and continuous challenges that faced technology, there have been different ways that have continued to curb the insecurities and also the continuous aspects that technicians and professors have continued to discover. This has been a continuous cat and rat game that has created insecurity within the internet hence ushering the “Man in the Middle.” The Man in the Middle is an eavesdropper who listens to the conversation between two individuals who are conversing or a legitimate host of the communication between the client and the server or between two people.
The image above shows the real communication that a person has to the internet and also how many portholes are available for the hacker/ The Man in the Middle to intrude the communication. This is very essential and appropriate in the sense that it shows and represent the real-life situation that is always important and appropriate in serving the people between. In public places, it is very important to note that hackers are majorly involved in communication, for instance, the connectivity of the public network (Data storage: Storage services, 2014).
It is important to note that public places are very prone to the Man in the Middle cases and can be easily hacked. The important fact is that communication spoofing is what is majorly involved in the hacking of the communication between two individuals. In the research report, it is very essential to note the things that mainly affect the daily and essential aspects of the technological systems.
In this case, there are some of the methods that are majorly used by the Third Party that is the hacker, in trying to access and compromise the communications between two individuals. The ways that are used by hackers are very essential and can be very harmful to either a person or can even infect the devices (Computers, Laptops, or even Mobile Phones). These are the difficult aspects that majorly affect the ignorant generation that focuses on communication and not what it entails and how their probable communication encryption can be interfered with. There are different types of Hackers/Man in the Middle Attacks they include:
The Rogue Access Points. With wireless communication including WIFI, the devices that are equipped with it can essentially be connected automatically hence would try and mainly find the strongest signal emitters. With this technology, a hacker can essentially create an access point that is emitting the strongest signal just to have a device connected to it so that they might compromise the security of the device.
DNS Spoofing. This is another dangerous method that the hackers can access the devices of legitimate communicators. It involves the use of the Computer/device caches which are very critical in creating an access point for dangerous attacks (Messier, R. 2014). The DNS being able to change the domain name to an IP address. This henceforth creates a risky situation where the victim sends the sensitive cache information to the hacker with the anticipation and trust that they are sending the information to the right person.
References
Data storage: Storage services. (2014). Zen of Cloud, 178-227. https://doi.org/10.1201/b17313-8
Marinescu, D. C. (2018). Cloud data storage. Cloud Computing, 195-233. https://doi.org/10.1016/b978-0-12-812810-7.00008-x
Messier, R. (2014). Storage in the cloud. Collaboration with Cloud Computing, 57-75. https://doi.org/10.1016/b978-0-12-417040-7.00004-6
