Legal Aspects of Information Systems Security
Buy custom Legal Aspects of Information Systems Security essay
Computer security threats are not limited to companies at all. Computer systems via network are vulnerable to many threats. The effect of various threats varies significantly; some affect the confidentiality or integrity of data while others affects availability. Business operation is disrupted by these threats and is exposed to the risk of significant losses if attacked. It is important to understand the types of threat that are encountered in online business and how they manifest themselves. Calder, (2006) says to stay safe online requires a combination of behavior and tools that are appropriate and proportionate to the cyber threat and computer-related risk (p. 2). According to Rauvid (2005), information security is a complex issue which deals with the confidentiality, integrity and availability of valuable data, sitting within business critical systems, and subject to world class threats (p. 5). Some of the biggest security online business face includes; Trojans, data loss, organized crime networks, virus, cyber espionage, phising, internet threats among others.
Trojan which is also known as spyware often sits silently on company systems. They monitor users and their computer activities, and then steal sensitive data. They try to access information that no one would want to get out. That include collecting users personal information like; password, credit card number etc, then stored it in file, where it can easily be retrieved over the internet. Online business exposes one to this threat because people are mostly tempted to open online programs which seems to be legitimate but instead ends up compromising security and cause a lot of damage. “In some cases, simply visiting a website can result in the automatic installation of unwanted software. This technique, known as drive-by downloading can lead to automatic acquisition of a spyware program without permission or notification” (Botha, Bothma, & Geldenhuys, 2008). Trojan opens a communication port and report back to computer through the internet. This intrusion by Trojan has grown so rapidly and now represents a critical threat to online business.
Firms communicate to their customers or client via the internet. This is very essential for the business success but it’s fraught to security threats like data loss and its possible consequences. Data loss poses a major risk to individual as well as organization which mishandle entrusted data or information. Company should ensure that confidential and sensitive data is well protected. Photopoulos (2008) explains that in addition to customer, constituent, and employee information, sensitive data encompasses business and operational information whose disclosure would violate a legal agreement or deny organization a competitive advantage to its competitor (p. 4). There should be a proper strategy to bring down number of instances of data loss. Effective data security can be attained by combined effort from both the company and its employee. This evident as Photopoulos (2008) puts it that both organizations and individuals are acutely aware of the risk from the loss of sensitive information. Businesses heavily rely on data and information to make critical decision and therefore its security should be emphasized.
Online business also faces threat of organized crime. It is primarily about pursuit of profit and is understood by continuation of business by criminal means. Internet and the continuing growth of online business offer enormous new opportunities. Sophisticated cyber networks such as Russian Business Network are responsible for creating and distributing much of the malware responsible to business losses. Parker (2004) gives example an of organized crime attack to online business as an attempt at electronically rerouting a package or delivery, manipulating financial networks, or altering the value of commodity such as electricity, to profit from the change (p. 225). To grip organized crime it is advisable to have strategic thinking about cyber-security in planning and implementing security measures. This is particularly important if online business is to reach its full potential and companies avoid significant losses.
Computer viruses have increased substantially causing a big threat to online business. They spread from one computer to another when its host is taken to the target. “Historically many businesses introduced policies requiring that employees do not software that has not been virus checked on their employer’s equipment” (Brock & Azim-khan, 2008). These policies were enforced to protect spreading of virus. But as Brock and Azim-khan (2008) continue to explain these days majority of viruses are introduced through the internet, via e-mail, accessing a website or within a document (p. 120). The anatomy of Internet allows computer viruses to spread extremely fast and much effectively infect millions of computers. They spread by following means; removable disk, e-mail attachments, or from downloads off the internet. It is more likely to contract a virus from the web than from any other packaged software. Due to this reason online business is more prone to viruses which are major challenge to success. Computer viruses are dangerous to online business because of their ability to attack at many levels. Though virus protection cannot be hundred per cent effective there must proper measures minimize chances of attacks. This is due to the effects they have to online business; according to Brock and Azim-khan (2008) they are costly and waste business time.
Business secretes are very critical and business cannot afford to lose them especially to competitors. Competitors will use this information for their advantage. in online business cyber espionage is threat to survival of business. Attackers attempts to get information of individuals, competitors, government, and rivals for personal, political, or economic advantage. Mostly this is done via internet or cracking techniques and use of malicious software. The motive cyber spying to gain access for secret information is for an ethical and illegal strategic advantage. While companies must act in their interest, potential damages resulting from cyber espionage deserves equal attention.
Companies in online business have also been victim of phishing. Users are tricked into handing over control of their online accounts. This is done by spamming out authentic-looking emails that claim to come from well-known e-business institutions such as paypal, eBay etc. the method used by spammers have become sophisticated and its now increasingly being used as a tool for online fraud or theft. Companies which transact online should take an important step of using an integrated gateway security to protect IT infrastructure.
Internet threats have presented a state of dilemma to online business. The fact that internet itself is not a secure environment has been a challenge. This has made companies to find the means of protecting themselves from these threats. For example they use antivirus software to guard against virus threats. These antiviruses should be updated regularly in order to be effective. Also backing up data frequently and enlightening users of the system, ways of minimizing transmission of virus is encouraged. To deal with unauthorized, access most companies enforce authentication of user through use of password. Since password doesn’t guarantee sufficient protection, companies have taken another step to enforce sure security by using more sophisticated authentication technologies. These include voice and handprint recognition, coded ID cards or eve retinal scanning system. In addition of putting security measures online business also requires ethics. World Wide Web is not a haven for good business ethic because it is filled with unscrupulous characters that are eager to get rich. With a new revolution in business taking place, the following ethical issues; security, confidentiality, and privacy are important.
Most companies in online business implement security system as part of the infrastructure that implements their process. Customer need to be assured of the security of online system they are dealing with. According to Singh and Waddell (2003), all business operate in a climate of insecurity, be that financial or otherwise and are increasing pressure report in accordance with environmental sustainability and social responsibility (p. 253). The issue of security is very critical for online business and it should be give attention it deserves.
Confidentiality of information is vital for all companies. The big challenge of any online business is how to keep this ethics. When accessing information online employees may unknowingly disclose very crucial company information to competitor, rival or enemy. It is also tricky for online transactions to maintain confidentiality for both seller and the prospective buyer.
Privacy has also been an issue to online business. Consumers or customer feels that their privacy is threatened when required to fill personal information online. An effort must be made to keep law of dealing with problems such as spam and privacy, and also investigate how it can be amended and harmonized globally to provide sanction and backing to self regulatory and technical solutions.
In conclusion we can generally agree that business transactions have gone beyond simple information processing to redefined relationship between an organization and its clients, suppliers, partners and competitors. Technology has provided foundation to embrace aspect of producing, buying and selling product or services online. However there are potential security threats which must be analyzed in order to be successful in e-business.
Buy custom Legal Aspects of Information Systems Security essay