SECURITY ASSESSMENT AND RECOMMENDATIONS

Security Assessment and Recommendations



Security Assessment and Recommendations

Introduction

Computer security is a paradoxical term. The vast network of networks known as the Internet is complex, and it is open. Bishop (2002) mentions as many have observed, without those two characteristics in place, there is no Internet. But with both present, there can be no perfect security, especially since there are many people on the Internet who have an interest in exploiting its weaknesses for simple amusement, for criminal purposes, or even for waging war. This paper discusses hardware and software security weakness in a concise and comprehensive way.

Hardware: Security Weaknesses

A phenomenal amount of information now resides on computers. Individual computers as well as computers that communicate with each other in geographically-restricted local networks as well as globally, via the Internet, contain billions of pages of text, graphics, and other sources of information. Without safeguards, this information is vulnerable to misuse or theft (Bishop, 2002).

Computer security can takes two forms. Software security provides barriers and other cyber-tools that protect programs, files, and the information flow to and from a computer. Hardware security protects the machine and peripheral hardware from theft and from electronic intrusion and damage.

Physical on-site security can be as easy as confining mission-critical computers to a locked room, and restricting access to only those who are authorized. This also holds for servers, which are computers that function as a central routing point for information to and from the networked computers and the Internet. Many personal computer users pay to have this service provided by an Internet service provider (ISP). However, having an out-side provider can generate security threats and can be disruptive if the ISP ceases operation. Nowadays, many corporations opt to establish an in-house ISP. In this way the security of the corporate server is under direct control.

Computers also have an internal form of a lock and key. A security password that is needed to gain access to all of a computer's functions can be stored on a chip known as the BIOS chip. Unfortunately, a dedicated thief can easily circumvent this hardware security feature, by removing the hard drive and putting it into another computer with a different BIOS chip (Dyson, 1998).

With the exploding popularity of the Internet, hardware security has been extended to this electronic realm. Computers that are connected to the Internet are vulnerable to remote access, sabotage, and eavesdropping unless security measures are in place to buffer the computer from the outside electronic world.

Many corporations whose computers are linked to one another, employ a local version of the Internet. An Intranet or Local Area Network allows the exchange of information between the linked computers (Dyson, 1998), while at the same time enabling the erection of hardware and software (i.e., firewalls) that screen information flowing to and from the Internet. Remote users of the internal network, such as telecommuting employees, can be protected through what is known as a virtual private network (VPN). A VPN establishes a protected communications link across a public network ...