Privacy is an important social issue involved in information society. Privacy deals with the collection and use or misuse of data. Data is constantly being collected and stored on each of us. This data is often distributed, sold or used without our knowledge. The health care provider and retail shops have, for instance, forms of data on its clients and customers. The fundamental question is “who owns this data and information? ” We know for sure that we would not like to share our medical records with others, definitely not with insurance company or our employers. The employer can use information technology to monitor the employees.
The time spent by an employee on computer can be recorded along with his activities. The employer can use this data to estimate the number of breaks an employee takes. The employer can easily monitor electronic communication in the form of email. At the same time, an employee can reveal company data to monitor employee’s emails. Privacy of hardware and software of consumers is another important issue. If hardware companies give a unique identification to each major component, the software company can use this number to uniquely identify each electronic documents created.
This could be useful in checking the piracy of users is compromised. Ethernet card is the only hardware component that has unique identification, which is used in communication. Introduction Internet security is an issue which should be dealt on a high priority basis major and small business organizations are involved in e-business. Computer knowledge for understanding hardware and cyber security is utmost important for individuals as business transactions involve a high risk potential source.
The report here outlines key areas where computer disaster management plan can play an important role and the sectors involved. Software threats are key issues which are dealt with extensive solutions. PROTECTING COMPUTER EQUIPMENT AND FILES Internet involving illegal system access and use of computer services are also a concern. The systems left unattended over weekends without proper security have been used for commercial use. Computer magazines regularly report cases where employees have used the facilities for their personal benefit sometimes at the cost of their employers.
Hackers make use of their computer knowledge to gain access to others computers. Sometimes, files, passwords, programs, or processing power are stolen. An intruder may alter the data or destroy the data making it unusable and useless. A hacker writes a small password snifter that is hidden from the computer owner. A password snifter can steal passwords and gain access to data and files. There are Antisniff Programs that can detect and block a password snifter. LIMITING LOGICAL ACCESS TO INTERNET SYSTEMS Personal efforts can reduce the risk of unauthorized access.
One must protect ones computing facility in the same manner in which he protects valuables. He must follow safety and security policies of his organization. At corporate level, efforts to safeguard data and files include installation of specialized hardware and software. Data and information are encrypted to prevent unauthorized use. Use of biometric is also becoming popular to authorize employees. The fingerprint identification has been extended to identify authorized users. Iris and retina scans which use to be part of science fiction movies has now become part of sophisticated identification methods.
The latest is use of magnetic card that is checked by a magnetic card reader to allow entry. Depending on the nature of the computer crime that an organization anticipates, it may adopt controls. The controls are expensive to implement and the organization must evaluate the cost against the benefit. To summarize, here is a list of control guidelines: a) Install strong user authentication and encryption capabilities on your firewall. b) Upgrade the software with the help of patches, which are developed by vendors whenever a security gap is found in the software.
c) Guest logins are always misused. Any book on Microsoft products advises against creating a guest login. Group accounts such as head-sales should also be avoided. Such accounts become public very quickly and no body can be held responsible. d) Remote-logins also create serious threat to security. This fact is so well accepted that Linux does not permit super-user remote-login. There was a time when system accepted login and then prompted for password. While one typed password, a star will substitute each character.
A person from a distance could easily learn the login and number of characters in the password. Systems have now changed and login-password is accepted together. e) It is a good idea to have dedicated servers for applications that communicate with outside world. Encourage people to have separate passwords for lntranet and Internet if possible. f) In certain cases, the law requires that audit trail must be on. A document once created cannot be changed without leaving an audit trail. Most of the ERP packages, for instance, leave audit trail. In case of a crime, the audit trail can be of immense help.