COMPUTER SECURITY                                                                 

When undertaking any form of electronic transaction, it is important to ensure that confidential details (eg. password, pin number, credit card details, etc.) remain confidential. 
This can be done by encoding (or encrypting) details. Before sending your information off, it is transferred into a code that is difficult to break into and read. If the information does end up somewhere you do not intend it to go to; it is useless unless the other end has the information required to break the code.

Some people will still take the risk and send encrypted details electronically (eg. fax or email without encoding). This is of course a greater risk; however, no more of a risk than allowing people to see your credit card details in any retail shop.  When you think about it, a credit card imprint that is recorded in any retail store, may be read and copied by just about anyone who works in that store (and that type of credit card fraud requires far less sophistication than breaking into an internet transmission. Some credit card companies also have the added ability to stop payment if the consumers details have not been authorised. This places extra responsibility on the web site owner to make sure they check and even authorise credit card payments before shipping goods or supplying services.
The buyer should always look for the little padlock sign   which is displayed at the bottom right hand corner of the browser before starting to give their credit card details or any other personal information. The padlock sign indicates that the website is encrypted and more secure.

The good news for the buyer is that in many cases if any credit card fraud occurs the bank takes the responsibility and pays back the money which was stolen from the credit cards.

How to protect your business

  • Antivirus software — software which detects and removes known computer viruses.
  • Firewall software — software which acts as an intelligent gateway between your computer and the rest of the Internet. It monitors the traffic flowing in and out of your system and checks if it’s authorised to do so.
  • Online banking security features — features that banks include in their online banking service offerings to protect their customers, and themselves, during online banking transactions.
  • Online transaction (buying and selling) security features — features such as encryption used on websites to protect customer details during transactions. These are often part of the Internet Service Provider package, so ask your ISP.

LEARN MORE:
Study our Information Security Course - click here for more details
 
Extract from our course....                                                                                                                      
 
Basic Security Concepts
 
The most important security concepts related to information on the internet are confidentiality, integrity and availability, whereas the most important concepts related to the people using the information on the internet are authorisation, authentication and non-repudiation.

A key issue of displaying information on the internet or on any other information system is to make sure that only the authorised people are able to view that information. Confidentiality is a very important attribute when it comes to information security, but when unauthorised people obtain access to information, the result will be loss of confidentiality. In some countries, there is a need to protect the privacy of individuals and prevent unlawful access to their information. This includes but is not limited to: information stored in banks, hospitals and medical records, medical laboratories and medical research data, the tax office, and many others.

When private information is circulating on an insecure network, it may be subject to many forms of misuse, including theft and corruption. Data corruption occurs when information is modified by a third-party, thus resulting in the loss of integrity for this data. It is important to note that information can be modified by people with or without malicious intent; for this reason, it is important to keep confidential information secure at all times, to avoid any accidental tampering (such as human error) or intentional tampering.

Needless to say, it is always important to maintain data integrity during any type of communication, but in critical cases such as EFT (electronic funds transfer), army and security agencies communications, and air traffic control, maintaining data integrity becomes an absolute necessity.
This means extreme care should be taken to prevent data from being deleted, modified, or inaccessible; this resulting in loss of data availability and people won’t be able to access the information when required.

To secure data availability on the network, it is important to reduce network outages as much as possible, because the availability of the network itself is extremely important. If the network is down, network users will not be able to access the network and any resources available on that network.

Most organisations nowadays apply some form of security to restrict unlawful access to data stored on their networks. This is mainly achieved by using authentication and authorisation which will be explained below:

  • Authentication on a network provides a proof that a network user is indeed the person they are claiming to be, either by asking the user to input a password (something they know), a smartcard (something they have), or a biometric identity print (such as a finger print).
  • Authorisation on a network provides a proof that a certain network user has the right to read a file, run a program, delete a folder, or perform other network activities.

It is important to understand that authentication and authorisation work together, because a user needs to be authenticated first before they can be authorised to perform network activities.

 
 
Use our free career and course counselling service.