Module errors which sap database integrity to fires
Module 5 Data Security What is a computer security risk? A computer security risk is any event or action that could cause loss of or damage to computer hardware, software, data, information, or processing capability. Some breaches to computer security are accidental, others are planned intrusions. Some intruders do no damage; they merely access data, information or programs on the computer before logging off.
Other intruders indicate some evidence of their presence either by leaving a message or by deliberately altering or damaging data.Computer systems are vulnerable to many threats which can inflict various types of damage resulting in significant losses. Damage can range from minor errors which sap database integrity to fires which destroy entire computer centers. Losses can stem from the actions of supposedly trusted employees defrauding the system to outside hackers roaming freely through the Internet.
The exact amount of computer-related losses is unknowable; many losses are never discovered and others are covered up to avoid unfavorable publicity.Common Threats A wide variety of threats face today’s computer systems and the information they process. In order to control the risks of operating an information system, managers and users must know the vulnerabilities of the system and the threats which may exploit them. Knowledge of the threat environment allows the system manager to implement the most cost-effective security measures.
In some cases, managers may find it most cost-effective to simply tolerate the expected losses.The following threats and associated losses are based on their prevalence and significance in the current computing environment and their expected growth. •Virus A computer virus is a potentially damaging computer program that affects a computer negatively by altering the way the computer works without user knowledge or permission. •Worms A worm is a program that copies itself repeatedly for example in memory or on a network, using up resources and possible shutting down the computer or network. •Trojan horse This is a program that hides within or looks like legitimate program.
A certain condition or action usually triggers the Trojan horse. Unlike a virus or worm, a Trojan horse does not replicate itself to other computers. •Physical and Infrastructure The loss of supporting infrastructure includes power failures (including outages, spikes and brownouts), loss of communications, water outages and leaks, sewer problems, lack of transportation services, fire, flood, civil unrest, strikes, and so forth. System owners must realize that more loss is associated with fires and floods than with viruses and other more widely publicized threats.A loss of infrastructure often results in system downtime, sometimes in unexpected ways. For example, employees may not be able to get to work during a winter storm, although the computer system may be functional.
•Malicious Hackers Hackers, sometimes called crackers, are a real and present danger to most organizational computer systems linked by networks. From outside the organization, sometimes from another continent, hackers break into computer systems and compromise the privacy and integrity of data before the unauthorized access is even detected.Although insiders cause more damage than hackers, the hacker problem remains serious and widespread. Organizations do not know the purposes of a hacker; some hackers only browse, some steal, some damage. This inability to identify purposes can suggest that hacker attacks have no limitations. Finally, hacker attacks make people feel vulnerable because the perpetrators are unknown.
•Industrial Espionage Industrial espionage involves collecting proprietary data from private corporations or government agencies for the benefit of another company or organization.Industrial espionage can be perpetrated either by companies seeking to improve their competitive advantage or by governments seeking to aid their domestic industries. Foreign industrial espionage carried out by a government is known as economic espionage. Industrial espionage is on the rise. The most damaging types of stolen information include manufacturing and product development information.
Other types of information stolen include sales and cost data, client lists, and research and planning information.