FREE ESSAY ON COMPUTER SECURITY ISSUES

COMPUTER SECURITY ISSUES

Computer Security Issues Facing Alsager Ltd.
In upgrading the Alsager Ltd IT facilities, despite numerous advantages that the new
systems brings one has to be made aware of the possible threats posing. 
Virus can effect the system. They are pieces of codes created by hacker to create a
nuisances and to another extreme corrupt valuable data. Examples of these can be animated
icons flying pass the computer screen and to another extreme can be programmes designed
to delete the hard drive. The Computer Virus can be caught through a number of ways. The
most highly publicised way, is through the Internet, other ways are through removable
storage media, such as floppy disks and zip drives. They can also be caught through
computer networks, where a third party from another machine in the network introduces the
virus (accidental or otherwise) which then spread throughout the network. The most
unlikely way of virus contaminating the system is through malicious employees creating
them on the system but this will be discussed later on. There are a number of precautions
that can be taken to help prevent this. By simply making employees not to use mobile
storage media unless they know where it has been, making them aware that pirated media ,
shareware/freeware programmes may be potentially dangerous. A talk and leaflet
distribution to employees could be useful. If the Alsager decides to connect to the
Internet, this would be another potential source for virus and such like. A firewall
could be placed on the system to help prevent infection. A more immediate way of
preventing virus is to subscribe to a antivirus programmes, although this will not give
you 100% percent protection it will help prevent the majority of known virus. An
important note to this point, is the importance of getting regular virus updates from the
software manufacturer .
With the introduction of the IT facilities, the amount of room information takes up is
drastically reduced from a whole filing cabinet to a small hard drive. Information can be
easily copied and since the advent of the Internet, information does not even have to be
on a psychical media to leave the building. This therefore makes it much more easier to
copy and take out valuable information. All the companies details, there accounts and
their customers account are prone to the risk. A single person can take out all the
information on a zip disk or even a floppy disk depending on the size of the file. This
poses the risk of company espionage and financial fraud, through the use of customers
credit card details. There are a number of ways to help deal with this problem. The
system should be a closed network. This means, that only people authorised to access the
information may only do so through a user name and password. In this system there should
be a heirachy of privileges, so only people who need to access the most sensitive
information may do so. Also by having a login system, people using the system can be
identified, helping solve and deter employee fraud. An important point to note is that
the employee responsible for managing IT should be aware of sleeper programmes that may
lye inside the system, and should be checked on a regular basis. Another step to take
care of this problem, is to use encryption, when storing data and with today's encryption
standards it would be near impossible to break the code. One must note that there would
be little point in using this technique if the keys and passwords were not properly
managed. Good quality encryption software is available. 
A very important security aspect, is in systems failure, data corruption and damage in
general, such as fire damage. To lose data that is the back bone of the day to day
running of the company could prove fatal. The only way to help properly deal with this
issue is back up the data. Since the costs of storage media and taken a dramatic tumble
in price, this would be a relatively inexpensive process, especially considering what it
would save the company if the worst were top happen. There should be log copies made
around about every 2 months or so , of critical data. This means that one should copy all
the data. So if a virus has been discovered one can back track to see where in time it
started. This will also help provide damage limitation by enabling one to step back to
the most reliable log copy, and then correcting the damage from there. Regular
incremental copies should also be made on a daily basis, which would mean coping new and
modified data only. 
Employee related security should also be taken into consideration, these being using
pirated software on the companies networks, which could lead to virus and copyright
related lawsuits effecting the company. Another aspect to be wary about is employee
fraud, technological minded employees be able a manipulate the system for there own
financial benefits. This could be dealt with by keeping track of who logs in where and
what time, that way if a crime is perpetrated the individual could be tracked down.
Employees should only be allowed access areas that they need and should be restricted to
anything else.