Emerging Opportunities in Information Security System
Information security systems are ways of protecting and defending information from any unauthorized disruption, access, modification, inspection, destruction, use or recording. This general term is used mindless of the form that data may use or take. Computer usage is in a variety of forms ranging from home used computers, standalone computers and those that are used in big enterprises. Berg, Seymour & Goel (2013) observes that the major enterprises have employed highly qualified information technology specialist due to the value and nature of data that is contained in such big enterprises. They are responsible for keeping data of the company from any possible malicious cyber-attacks that will attempt to breach into vital private information to gain control of the internal information systems of an organization (Berg, Seymour & Goel, 2013).
Rapid technological advances have rendered information security systems to jeopardy simply because of the new vulnerabilities that render the existing security systems obsolete. Therefore, this has made many organizations to install up to date software to keep their systems updated. On the other hand, there are externalities that usually occur in an organization; externalities may be positive or negative. Many organizations have internalized these externalities and interacting partners to their system by protecting them from vulnerable information security behaviors. Craig (2008) notes that as technology progresses, new vulnerabilities and threats arise, organization has employed a continuous evaluation of their security systems of organizational methods, services, products and technology to maintain their information systems effectively. Continuous evaluation mechanisms in an organization are critical in achieving information security objectives (Craig, 2008).
According to Jansen & Reih (2010), organization that relies on using data for their day-to-day operations should put in place administrative controls on their information through written standards, procedures, policies, and guidelines. Administrative controls are critical because they inform people on how to run their businesses and to establish a certain framework that need to be followed in accessing certain information. Many organization have put in place the use of visas and MasterCard to identify whom the person is, there are additional security systems that have put in places such as password policy, corporate security policy, disciplinary policy and the hiring policies (Jansen & Reih, 2010).
Logical controls are in place to control unauthorized access of information from unknown persons. Information security experts have come with the way of putting in place host-based and network firewalls, passwords, access control lists, network intrusion detection systems and data encryption to protect their information against any malicious attacks (Huerta, 2011). Organization though are not secure with this system of logical control such that it will happen that an individual have been transferred to a certain organization or department, the organization must have to change the access controls of an individual for protection (Berg, Seymour & Goel, 2013).
The evolution of the internet has shaped up the information security systems environment to a better level. The immediate next version of the internet protocol, the IPv6 has many provisions and features such as the key passing, data encryption, and digital signatures. This version is universal but its development is taking a low pace, but it has been leaked to various university websites and prospects are expected (Flick, 2009).
As it has been noted early by Flick (2009), the emergence of various innovations such as the cryptographic method analysis and the elliptical methods affects the time required to break or generate breaking codes. Therefore, technology has aided the protection of data from being corrupted by unknown and malicious individuals. Many software have been designed to enable many people or organizations to retrieve the information that have been lost. Organization can also use some hardware that has been designed to store information such as the DVDs, CDs, memory cards and flash disks. The cost of data storage has been reduced thus enabling many entities to ensure security of their information. Huerta (2011) added that protection tools have become better, the internet has become secured, and the introduction of internet crowding has helped many enterprises to keep their encrypted information for backup services (Huerta, 2011).
Information security systems are supposed to protect information of an organization throughout the life span of the information; it should start with the creation of the information on through to the disposal of the information. In the lifetime of information, it may pass through many different stages of information processing system, and this will subject information into different ways of threats. In order to protect information, every component of information systems should have its way of protection mechanisms. The strength of any information system is not greater than its weakness, organizations, therefore, should not rely on current and superior security systems but instead they should keep on updating those systems (Kadel, 2004).
Access to information has been enhanced, and it has restricted people who are not authorized to access that information. The computers that are used by many people to access information have been authorized and protected from any vulnerabilities. Many mechanisms are put in place to protect information loss or any cyber-attack from malicious individuals. Data encryption, use passwords, and firewalls have been considered as advent opportunities that are being used by different organizations to protect their data. Information security systems have been frequently updated to cope with current vulnerabilities that may be considered as threat to information.
Flick, C. (2009). Informed consent in information technology: Improving user experience. (Doctoral Dissertation) @ Charles Sturt University. Retrieved from http://Liedra.net/thesis/main.html
Huerta, Frank (2011). Emerging Database Technology: Promoting Business Resilience
International Financial Law Review, 20(6), 315-324.
Kadel, L A (2004): Designing and Implementing Effective Information
Security Program: Protecting the Data Assets of Individuals, Small and Large Business.
Jansen, B. J., &Reih, S. (2010). The seventeen theoretical constructs of information searching and information retrieval. Journal of the American Society for Information Science and Technology, 61(8), 1517-1534. Retrieved from http://www.faculty.ist.psu.edu
Berg, K L, Seymour & T, Goel, R (2013).History of Databases.International
Journal of Information Security Science, 2(5), 32-3;http://www.cluteinstitute.com/.Vol17 No1.
Craig S Wright (2008). Requirements for record keeping and Document Destruction in a Digital
World.Communications of the Association For Information Systems, 15(), 577-591. Retrieved from http://aisel.aisnet.org/cais/