Targeted DoS DoS attacks have overwhelmed some of

Targeted
DoS

 

DoS attacks have overwhelmed some of the largest websites
in the world, including Reddit, Twitter and Netflix. DoS attacks slows websites
to a crawl and sometimes force crucial services offline by ambushing businesses
with massive amounts of web traffic. The means to carry out a DoS attack and
the motives may vary, but it typically leads to downtime and legitimate
customers losing confidence in the organization – and it is not necessarily due
to an Internet-borne incident.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

Malicious Internet Content

 

Drive-by downloads, malware, viruses,
trojans.

Balancing Information Security and Access

“If your data is only worth $10,000, and
you would need to spend $15,000 to make it safe, it doesn’t make financial
sense,”(said John Avery, Irvine, California.)

 

It is impossible to obtain
perfect security. The major challenge with employees and information security
is walking the line between making it so secure that employees are unable to
access information they need to do their job, or relaxing it so much they are
able to walk off with data. A core principle of information security is
ensuring separation of duties.

Techniques to make software more secure

 

Security in small and
medium-sized enterprises is more than just preventing viruses and blocking
spam. Every organization is different but in many instances the threats are
common to all. Security is a cost of doing business but those that prepare
themselves well against possible threats will benefit the most in long term.

 

Practice managers should check
job descriptions to ensure employees’ access to information is based on the
functions they serve within the organization.

 

Although less glamorous than
other topics on information security, backups remain one of the most reliable
solutions. Making use of backups can have a direct business benefit when things
go wrong.

 

Policies are the basis of every
information security program. It is useless taking security precautions or
trying to manage a secure environment if there are no objectives or clearly
defined rules. Policies clarify what is or is not allowed in an organization as
well as define the procedures that apply in different situations. They should
be clear and have the full backing of senior management. Finally, they need to be
communicated to the organization’s staff and enforced accordingly. There are
various policies, some of which can be enforced through technology and others
which have to be enforced through human resources. For example, password
complexity policies can be enforced through Windows domain policies. On the
other hand, a policy which ensures that company USB sticks are not taken home
may need to be enforced through awareness and labelling. As with most security
precautions, it is important that policies that affect security are driven by
business objectives rather than gut feelings. If security policies are too
strict, they will be bypassed, thus creating a false sense of security and
possibly new attack vectors.