Questions:
• What are the countermeasures to those threats, and how do they fit within the Situational Crime Prevention framework?
• How does the current law help or hinder your countermeasures? Are there any proposals for laws that would assist?
• Is your problem of international scope and, if so, how?
The report is describing about the policy profile. There are so many threads which are being described in the report. Trojans is the main focus of the report while Spyware, Virus or Worms and Eavesdropping are also being described. Protection amount which should be used upon the company asset are also described in the report. There are so many crime prevention techniques to protect the important data, are also defined in the report. Law and international scope is also described.
There are so many threats which may affect the computers and may damage the software, hardware of the computer systems. Every threat has different kind of features like some threat only harm the files in the computer systems but some may harm the havoc of the computer system. So the threat is very dangerous for any organization because it may loss the very important data of the organization. It may be very dangerous sometimes.
(Michael E. Whitman 2003)
These are some regularly seen threats which may affect the information security of any organization-
Trojans is very dangerous threat which affects the systems. In this report Trojan is being focused. It looks very normal or simple software but in actual it is very dangerous software. It hides between the harmless programs and when installed on the system, it affects all the files throughout the system and wreck the havoc of the system. It works very quickly just like ancient Trojan horses. To protect the data from Trojans always use binary digital signature. (HowStuffWorks 2014)
There are so many techniques which are used to measure the vulnerability and to protect from the virus.
There is little description about the viruses which are described in the profile is as follows-
It may damages the hardware or software of the computer systems and may give the access of important information to the hackers. The system can be protected from Spyware, Virus or Worms by using good antivirus.
The Trojan horse affects all the files throughout the system and wreck the havoc of the system. It works very quickly just like ancient Trojan horses. The system can be protected Trojan horse by using binary digital signatures.
The Eavesdropping contains the information of IP addresses, operating system of the computer systems. After taking all the above necessary information, it attacks on the computer system. The system can be protected from Eavesdropping by using encryption decryption techniques.
Now we have to protect our organization from Trojans or any other threat, it is good if we able to know about the value of the assets of the organization before sending the money on the asset. If the asset is more valuable, it should gain more safety and protection. There are some techniques by which we can know the weakness or vulnerability of the asset like SLE (Single Value Expectancy).
It can be calculated as-
Single Value Expectancy = Asset Value * EF (Exposure Factor)
After getting Single Value Expectancy, the Annual Loss Expectancy can also be calculated in this way-
Annual Loss Expectancy= Single Value Expectancy*Annual rate of Occurrence (Michael E. Whitman, Herbert J. Mattord,2011)
The crime can be prevented from threats by using technical controls, network security policy, access controls etc. these are some factors which may prevent the crimes from happening-
Technical Control
Technical controls are used for information security. Some technologies which used in technical control are-
Richard Bejtlich (n.d.)
Network authentication helps a lot in network security. In network authentication, if the uses or any application gets connected to the server outside the local area network, the server setting prompts for authentication and user cannot access anything on the server without verification.
Access Control is the restriction of selected resources in the information security field. It is the most effective feature to save the internet environment from threats and viruses.
Encryption is also one of the best techniques to save important data from threats. The important data get encrypted before data storage and if the hacker hacks the data, it would not be easy to take information from the encrypted data.
Technical control basically use the security features and techniques to save the important asset and information from the threats like Encryption/Decryption, digital signature etc.
Access Rights
The access right is the process in which all information or files cannot be accessed by all employees. The file which is important should be accessed by only relevant persons.
In network security policy, the document should be signed by all employees to not illegal use of the information. Each and every employee should sign the document and if any employee do the illegal thing with the company, it should be punished e.g. if there is policy of the company that the employee cannot share his password with any other person, and then it should be maintained.
Every organization should obey some laws to make the protective environment. There should be some rules of every organization to protect the important and necessary information of the organization. Every person should have its own responsibility to obey that rules and it should be signed by all employees of the company like access right; it is the process in which all information or files cannot be accessed by all employees. The file which is important should be accessed by only relevant persons. In this way, if the company employees will follow up rules and regulations, it would be very easy to protect the organization.
Internet security is international issue now a day. All over the world, internet is being used. The e-Commerce on internet is the most important factor which gets affected by threats now a day. The e-Commerce on the internet is a new way of business in mostly all areas like Education, Corporate, Stock Marketing, Music Industry etc.
Internet contributes more than 90% in the trends and developments of the e-Commerce. It is the base that is used for the e-Commerce. Without internet, there is no meaning of the e-Commerce. Internet is the medium by which the consumers, retailers, distributers, organizations and all the factors used in the e-Commerce connect with each other. (LitLangs 2012)
The e-Commerce solution can increase the business in a very vast area and reduces the cost of the man power resources. The e-Commerce is basically the trading business via the internet. In the recent few years, the e-Commerce is growing in the international market. There are some sites that are very popular in the internet market for the e-Commerce – Yahoo, e-Bay etc.
On behalf of the security issue, the e-Commerce is very risky business solution. There should be very high security on the payment gateway and there should be proper authentication while dealing with the customers.
The information on the internet can be easily delivered to the consumers by the organization and the consumers also query regarding the products. The internet reduces the cost of the managing the resources used in the traditional retail shop. The internet is the base by which we can give the medium to the consumers to choose the appropriate product. The information on the internet is generally perfect, but sometimes there is the chance of passing the malicious information over the internet. So the security issue is always there and there should be very high security on the payment gateway and should be proper authentication while dealing with the customers, but still, the internet is the only medium now a day for growing the market and increase the value of the e-Commerce. The internet reduces the man power and resources cost in marketing the products of the organization etc. but besides all these factors security issue is very high. Threats and viruses get spread while downloading files from internet etc. Therefore security is the major issue all over the world.
Conclusion
The report is giving the complete detail about policy profile. Trojan threat is being fully described in the report. Internet security is the major issue now a day and the report is giving the complete information about information security. There is one major problem arise in the internet. The retailers and consumers are doing the illegal file sharing and downloading the files from the internet e.g. they are creating pirated music files and doing uploads on the network sites. But in the coming days, the pirating of the music files is going to decrease by using proper authentication and other security techniques.
References
[1] Michael E. Whitman 2003, Enemy at the Gate: Threats to Information Security, Viewed on 3 Feb 2015 <https://classes.soe.ucsc.edu/cmps122/Spring04/Papers/whitman-cacm03.pdf>
[2] Richard Bejtlich (n.d.), Security Operations: Do You Caer, Viewed on 3 Feb 2015, <https://taosecurity.blogspot.in/2008/07/security-operations-do-you-caer.html>
[3] Principles of Information Security Fourth Edition, Michael E. Whitman, Herbert J. Mattord 2011, Viewed on 3 Feb 2015
[4] HowStuffWorks 2014, How Trojan Horses Work, Viewed on 3 Feb 2015 <https://computer.howstuffworks.com/trojan-horse.htm>
[5] LitLangs 2012, Resources Package, Viewed on 3 Feb 2015<https://www.ecommerce-digest.com/resources.html>
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download