Essay on Computer Security Policy And Assurance Of Policy Implementation

Essay on Computer Security Policy And Assurance Of Policy Implementation

Length: 866 words (2.5 double-spaced pages)

Rating: Better Essays

Open Document

Essay Preview


Computer Security
Computer security is an important issue and threats to the computer must be countered through various access controls and safety measures. Authorized accesses, avoidance of malicious software, prevention of applications from hackers are the steps that make a system secure. The fundamentals of computer security include an understanding of security policy stating laws, practices and regulations to manage and protect sensitive information. Enforcing a devised security policy and assurance of policy implementation are other important aspects of computer security. Computer security has various characterizations. First comes the information technology (IT) security based on three key points: Confidentiality, Integrity, and Availability. Confidentiality refers to maintain the secrecy of any information. Integrity deals with the management of unauthorized alteration of information and availability refer the anticipation of unauthorized maintenance of information. These form a part of larger security threats that are discussed in detail later in the paper. Computer security is an important issue that needs tackling at all levels and the threats to PCs increases by each passing day (Paulauskas, and Garsva, 84).
The paper aims to study the security threats to personal computers. The security threats, policies, and appropriate security mechanisms are discussed to understand the threat. The paper discusses the background of security threats and then details some of the procedures and security mechanisms for personal computers.
Security Threats
There are four kinds of security threats, Interception, Interruption, Modification, and Fabrication.
Interception
Interception is an unauthorized access to data. Interception occurs w...


... middle of paper ...


...xt stage after successful authentication is Authorization. Authorization ensures that right people access only those sections of the computer system that they are allowed to access. For example, an administrator might be authorized to install new programs on a computer while a user can only view, access or play those programs but cannot modify. Another example is access to records in a database system (Paulauskas and Garsva, 87).
Auditing
Auditing is an important activity in computer security as it keeps a trace of what all sections and data a user or a client accessed. Auditing is not a protection mechanism against security threats, but it is extremely useful for the purpose of analysis and investigation in the event of a security breach. Audit logs also provide a basis for modifications and enhancements to security policies and identification of attackers (Bishop).

Need Writing Help?

Get feedback on grammar, clarity, concision and logic instantly.

Check your paper »

Mobile And Cloud Security : Mobile Security Essay

- Mobile security, also called wireless security, refers to the protection of laptops, tablets, and smartphones, other computing devices as well as the networks they connect to from vulnerabilities and threats which are related to wireless computing. Mobile security is a broad term that entails several issues such as protecting a mobile device from malware threat, reducing risks and also securing the mobile device and its data in the incidences of theft, accidental loss of the device or unauthorized access....   [tags: Security, Computer security, Information security]

Better Essays
1126 words (3.2 pages)

Security Programs And The Security Program Essay

- The implementation phases seen in figure instead represented a flow of activities in the security program. The security program cycle involves in establishing information security requirements, taming the employee to know their responsibility by the requirements, built the authority structures to ensure Program compliance, and monitor and reporting of growth. This cycle helps in implementing the security program[3]. 4.1 Intentional Goals for Security Program Implementation The goals for security program implementation are as follows Goal 1: Approve, Develop, and Promote of security Collaboration with many organizations will lead to approve, develop and promote the security policies of i...   [tags: Security, Information security, Computer security]

Better Essays
2015 words (5.8 pages)

Essay about Common Criterial For Information Technology Security Evaluation

- Introduction Common criterial for information technology security evaluation, which is called Common Criteria (CC) is an international standard for computer information security which explicitly specify the security needs of computer users. These standards govern different factors related to computer security like the process of information security specification, implementation and evaluation. These criterion act as a guide for all information security experts therefore they should turn to it when they have to make a decision about setting up an IT security system (Denning, 1999), it could be the hardware or the software parts....   [tags: Information security, Computer security, Security]

Better Essays
1446 words (4.1 pages)

It Security Policy Framework Is A Set Of Voluntary Standards, Guidelines, And Practices

- IT Security Policy Framework The NIST Cybersecurity Framework is a set of voluntary standards, guidelines, and practices. Small and medium size businesses benefit the most from using the NIST (SP 800-53) security framework. Much like larger size businesses, small and medium businesses normally house sensitive personal data, and proprietary and financial information. This means they are increasingly becoming targets for cyber criminals who recognize that smaller businesses may be easier to penetrate as they may lack the institutional knowledge and resources that larger companies have to protect their information....   [tags: Security, Computer security, Risk management]

Better Essays
1190 words (3.4 pages)

Certification And Accreditation For It Systems Essay

- Certification & Accreditation for IT Systems Today, the world is a huge web of interconnecting devices, which communicate with each other by sharing information. These system need to be protected from unauthorized access. Hacking, which was once done mostly by people with high level of computer experience can now be carried out by piecing together software codes or using free available hacking tools to break into a computer system. The treat of being hacked has lead organizations throughout the world to invest millions of dollars in protecting their network from being breached....   [tags: Computer security, Security, Computer]

Better Essays
1152 words (3.3 pages)

Security Controls Based On Auditing Frameworks Within The Seven Domains Essay

- Introduction: This document will outline the policies and practices to be used and implemented in compliance with DoD specifications and standards for the contract of services to be provided to them. This report will consist of creating security controls based on auditing frameworks within the seven domains. Also to develop information assurance (IA) plan, a list of the requirements for each of the seven domains. Department of Defense (DoD) Standards and Requirements This project must meet the requirements of DoD security policies and standards for delivery of the technology services....   [tags: Security, Risk, Risk management, Access control]

Better Essays
1924 words (5.5 pages)

Operating System Security Essay

- Fifteen years ago, operating system security was often nothing more than an afterthought to what were once considered “flashy” graphical user interfaces and the ability for a machine to multi-task. Over time, computers evolved from thirty ton, 1,800 square foot calculators to pocket-sized devices capable of surfing the web at lightening fast speeds (Mueller, 2010). As the design of computer technology has changed dramatically since its invention, so has the way humans interact with it. From what was once limited to simple word processing and command-line based applications, computers are now driving the global economy, autonomously operating remote transportation technologies, and securely o...   [tags: Technological Advances, Encryption]

Better Essays
1433 words (4.1 pages)

The C & A Process Essay

- Final Exam Essay 3 The C&A process should be relatively easy to understand, be consistent in its application, and be applied continuously in its implementation. First, certification is the comprehensive assessment of the technical and nontechnical security features and other safeguards of a system that are associated with its use to establish the extent to which an information system meets a set of minimum security requirements. The Certification Phase of the C&A process includes a system analysis to identify weaknesses in the operation of the system, as well as an analysis of the potential vulnerabilities of these weaknesses....   [tags: Risk, Security, Computer security, Vulnerability]

Better Essays
994 words (2.8 pages)

Essay on Why is Database Security So Important?

- Introduction Databases have become one of the most power pillars within organizations, regardless of size, industry, or geographical location. Databases are used for the sole purpose of storing and retrieving pertinent information, that in many cases deliver a vital blow to operations in any organization, and for this sole reason, hardware and software make database security a paramount feature that must not be overlooked. Database security issues cover a wide spectrum; however, this paper will discuss database issues as related to database applications mainly using Oracle’s database application....   [tags: storing, retrieving data]

Better Essays
2015 words (5.8 pages)

Essay on Data Security And Information Assurance

- Pradeep Kumar Chagantipati Cuw id: F00437246 Data Security and Information Assurance: Data Security • Data security is defined as keeping the data safe and restricting unauthorized access. • The key role of data security is to guarantee protection while ensuring individual or corporate information. • Data is stored as columns and rows in our databases, system servers and computers. Information could be anything that can be perused or generally interpreted in human form. • In order to prevent unauthorized access, we need to follow certain methods to ensure data is secure  Encryption: Here data is encrypted, only the receiving end possess a decoding key....   [tags: Information security, Computer security, Security]

Better Essays
727 words (2.1 pages)