Computer systems play an important part in the modern society. However, there are various individuals and professional criminals with ill intentions to compromise information systems security and privacy of computer systems. Security is one the major discipline in computing that is concerned with ensuring that computer systems are protected and also the users of safe from any form of malicious activities that might affect normal operations and functioning of computer systems (Bayuk, 2009). Despite the effort and advanced tools developed to ensure computer systems are secured and kept safe, there are various security and privacy issues that need to be addressed and mitigated to ensure sensitive data is not compromised.
Information systems security and safety is one of the contemporary issues in the field of computer security. There are many computers systems that contain sensitive data and need to be secured in order to ensure that the data stored in them is safe from any form of interference. Threats against the information systems infrastructure for the government and the private sector are rife. Hackers are devising new and sophisticated methods to gain unauthorized access to computer systems for personal gains. There is critical and sensitive data in banks that needs to be secured from malicious cyber activities (Herold, 2010). The privacy issue in computing is a spectrum problem that finally needs to be assessed and addressed in the modern information society. Computer systems with sensitive information and those handling private information should ensure that there is controlled user access, developed incentives against any form of penetration, protection of the hardware and the files, and securing physical access of information systems infrastructure.
Even though computer security influenced various early computing systems, the discipline began to be studied in the early 1970s. One of the traditional objectives of computer security is to ensure that Confidentiality, Integrity, and Availability of information systems and resources is guaranteed. Confidentiality is the goal that aims at ensuring that only the authorized individuals have access to information systems resources (Bayuk, 2009). The goal of integrity is to ensure that the information stored in computer systems infrastructure is not tampered or interfered with, neither during transmission, or during its storage. Availability ensures that both information and any computer resources are always available when they are required by the authorized individuals. By implementing the three objectives, safety of information systems is guaranteed against activities of criminals such as hackers, crackers, and cyber terrorists.
Security and privacy are problems that are associated with computer applications and systems. Privacy is an issue that is concerned with the computer community in association with maintaining the personal information of every individual in a computerized record keeping systems. Privacy deals with the rights of people in regard with the collection and storage of their information in a computer record keeping system on their activities, processing, storage, dissemination, and use of their information to determine them (Herold, 2010). One of the main aspect is the social and legal problem that is linked with the field of computing majorly because a computerized record keeping system is much efficient than using manual filing systems. Therefore, the threats to personal privacy from the manual information keeping systems are potentially enlarged in computer systems.
Security in computer information systems security includes the technical and procedural measures that are required to prevent any form of unauthorized access, use, modification, and dissemination of data processed or stored in a computer system; prevent any deliberate act of denial of service, and offer protection to computer systems in their entire physical form (Herold, 2010). Mechanisms for controlling access are especially significant in multiprogrammed and time-shared systems where many users are served or access resources at the same time. In such environment, access control measures should be taken to prevent any interference of users who might want to illegally access the data and programs stored in the computer systems.
There are several implementation measures to employ as security safeguards. They include physical safeguards such as fire protection, locks, water protection, among others for the purpose of prevent physical access and damage to the computer systems that are associated with sensitive information. It is recommended to implement computer hardware safeguards that include memory protection for the purpose of implementing an access control mechanism between the computer resources and the user as well isolating users from each other. Providing software safeguards such as access to files is important in protecting a barrier between data files and the users which are not authorized to access such resources (Bayuk, 2009). Using various techniques to authenticate users based on automatic recognition of some hard to forge or biometrical physical features of a person is also effective in deterring any threat to computer information systems security. There are several automated recognition techniques that have been developed and can be implemented to secure and ensure safety of sensitive information. In addition, cryptography techniques can be implemented in communication links between computers systems and between terminals and computer systems in order to offer protection to information from being intercepted by capture, wiretapping, and modification at illegal computer terminals.
In a nutshell, the increasing use of computer systems to store large amount of sensitive data has brought the need to address the emerging security and privacy issues. Securing private information has been one of the major concerns in the field of information technology. There are various security and privacy issues that need to be addressed and mitigated to ensure sensitive data is not compromised. The traditional objectives of computer security is to ensure that Confidentiality, Integrity, and Availability of information systems and resources is guaranteed. Therefore, implementation of various security threat mitigation mechanisms can help in overcoming them.
- Bayuk, J. (2009). Enterprise Information Security and Privacy. Artech House
- Herold, R. (2010). Managing an Information Security and Privacy Awareness and Training Program, Second Edition. CRC Press