The research provides an overview of the threats and vulnerabilities to information security and introduces the important terms and conditions. Further more, the research sum up the definitions and controls of the trusted computer system evaluation criteria and discuss the policy of information security while focusing on information control and dissemination.
Introduction
Information security basically refers to the methods and processes which are mainly designed for the safety of electronic, print or any other confidential information. It is designed to prevent the private and confidential information from unauthorized access, disclosure, misuse, destruction, disruption or modification. The terms computer security, information assurance and information security are used interchangeably. All these fields are linked with each other and share the basic targets of protecting the confidential information. These days several vulnerabilities are faced by IT companies and security organizations in Washington DC. They are mainly linked with the erosion of long duration of competitiveness and rational property loss. There are enormous risks associated with these types of security industries and business men. For this purpose, our company has introduced effective solutions to guarantee the security of information system (Pagani, 2005).
Discussion
Vulnerabilities to Information System
All small private businesses have confidential information about their customers, employees, researches, products and financial status. This confidential information is now collected, processed and saved on computers and by the help of efficient networks they are transmitted to other computers. Following problems that may be faced by those business companies which do not make efforts to secure their data and information:
Intrusion Attacks
In intrusion attack the unauthorized intruders or hackers gain unauthorized access to confidential stored data to either steal or destroy it like defacing any web site (Pagani, 2005).
Confidentiality
Confidentially refers to the term which is used to prevent the exposure of data to unauthorized systems. For instant, in the credit card transaction the credit card number is required to be transmitted from the consumer to the merchant and again from the merchant to the network (transaction processing network). If the data is input by the consumer; its authenticity verified.
Integrity
This term integrity means that it is not possible to modify the data undetectably. It seems to be difficult to secure integrity in information system (Pagani, 2005).
Availability
It is the main requirement of the information system, to serve its availability. This means that the information that is stored and processed in the computing systems must be controlled by security controls.