Computer security’s five components:
- Deterrents to computer crime
- Identification and access
- Encryption
- Protection of software and data
- Disaster recovery plans
Deterrents to computer crime:
- Enforcing laws
- CERT: The Computer Emergency Response Team
- Provides round-the-clock information on international computer security threats
- Tools to fight fraudulent and unauthorized online uses
- Rule-based detection software
- Predictive-statistical-model software
- Employee Internet management software
- Internet filtering software
- Electronic surveillance
Identification and access:
- Verify legitimate right of access by what you have, what you know, and who you are
- What you have: cards, keys, signatures, badges
- What you know: PINs and passwords; callback provision
- Who you are: biometrics (such as hand geometry, fingerprint scans, iris recognition, face recognition, voice recognition)
Encryption:
- The process of altering readable data into unreadable form to prevent unauthorized access
- Advantage: encrypting data that is available over the Internet keeps thieves and crackers from reading it
- Disadvantage: encrypting data may prevent law-enforcement officials from reading the data criminals are sending to one another
Protection of software and data:
- Restrict access to online files; use transaction logs
- Use audit controls to track who used what programs and servers, which files were opened, and so on
- Use people controls—screen applicants; do background checks; monitor Internet, email, and computer usage; use shredders for discarded documents and materials
Disaster-recovery plans:
- Method of restoring information-processing operations that have been halted by destruction or accident
- Back up everything; put mainframes in different locations
- Plans range in price and complexity
- Automatically store data redundantly in two or more places
- Have an off-site computer-based data storage center with independent power supply