Itm 431 Module 1 How to Achieve Business Information Security in Cyberspace
1353 Words6 Pages
In the 21st century, a business without a network mirrors a city with no roads. Small businesses, in particular, arguably have a greater need for network connections and information systems. Small businesses rely on information systems for several things, to include their communication and customer database.
Small businesses rely on network connectivity for communications. With the advancement in Voice Over Internet Protocol (VOIP), many businesses are using the internet to save on phone costs. Additionally, it is common for a business to have an in-house communications system. Take some installations in the Air Force for example; they use an Instant Messaging (IM) service for member-member contact. Many times, it is easier to reach…show more content… (Federal Trade Commission, 2002) These rules are in place to provide customer protection from theft or misuse. The top ten most common database attacks are excessive privilege, privilege abuse, unauthorized privilege elevation, platform vulnerabilities, SQL injection, weak audit, denial of service, database protocol vulnerabilities, weak authentication, and exposure of backup data. (Schulman, 2012) The majority of these attacks can be mitigated by firewalls, password protection, and appropriate permissions.
A firewall is a system designed to prevent unauthorized access to or from a private network. You can implement a firewall in either hardware or software form, or a combination of both. Firewalls prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet (i.e., the local network to which you are connected) must pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria. In protecting private information, a firewall is considered a first line of defense; it cannot be the only line of defense. Firewalls are generally designed to protect network traffic and connections, and therefore do not attempt to authenticate individual users when determining who can access a particular computer or network. Furthermore, firewalls can be set up to prevent employees from accessing certain content or downloading