StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Information Security for Small Businesses - Research Paper Example

Cite this document
Summary
The paper "Information Security for Small Businesses" describes that small businesses often ignore the need for such measures and are likely to face severe consequences since the lack of effective information security protocols is likely to cause reputational, financial, and market share damages…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.9% of users find it useful
Information Security for Small Businesses
Read Text Preview

Extract of sample "Information Security for Small Businesses"

? Information Security for Small Businesses Information Security The advancement in the field of computers has carried mankind to another level. All fields of life have been revolutionized with its advent and have changed its mode of operations, for example, acquisition of education has been made easier with the emergence of virtual learning platforms; organizations have improved their business procedures with information management systems etc. Information systems manage information in such a way that all business processes can be executed in an effective and efficient manner. Information and data might be related to the business processes of any organization or the buying trends of customers; such information has acquired significant relevance in the modern world as it gives greater power to the person who possesses it. Therefore, the protection of information and data should be prioritized as one of the foremost steps in every organization, whether small or large. Identity theft and credit card frauds are aggravating crimes that are witnessed due to criminal acts of data thefts. Organizations around the world tend to suffer such thefts that jeopardize their reputation, and often face lawsuits from their clients. One such incident was witnessed last year with Sony PlayStation when their PlayStation network in the British division faced data theft. The Guardian (2011) reported that around 77 million users’ data was stolen. The stolen information included names, addresses, date of births, passwords and credit card numbers. The data thefts of such nature are likely to cause credit card frauds and bank frauds while attempting identity thefts. The online games service had to remain shut down for a week since they did not want the incident to recur before appropriate measures were taken to combat the attack. Richmond Williams (2011) stated that such an enormous attack was likely to damage the reputation of Sony and threaten its capability to compete with other giant competitors such as Apple, Google, etc. It is also vital to ensure that information security measures are updated regularly to stop any intruder from taking advantage of any obsolete protection software (which is often noticed in small organizations). Alongside financial losses and reputation damages, ineffective information security measures are also likely to instigate legal actions and investigations against organizations. With reference to the example under discussion, a lawsuit was filed against Sony for not providing enough security to the data of their customers. The customers wanted compensation from Sony for the damages caused by the data theft at Sony. Jones (2011) stated that the respective company was likely to face as much as ?500,000 of fine for not being able to protect their customer’s sensitive information. With the comprehension of the consequences of not implementing effective security measures, it is also important to understand the different types of vulnerabilities that exist in organizations. Confidentiality of data implies the safe keeping of data against any revelation without the approval of the owner of the information. The revelation of data might not be intentional by the organization; however, the data flow that is implemented for the transfer of the data might involve some unreliable third parties that might take advantage of such exposure of data. Data integrity implies that no change or corruption should happen to the data; such corruption and changes are likely to occur if effective information access procedures are not implemented. Availability of data refers to the presence of data and service upon the need of the customer and employees; cyber attacks on an organization can make an online service go offline or delete important data by adopting different types of intrusions and virus attacks etc. Authenticity and non-repudiation are interrelated concepts that involve the proof of identity of the interacting parties. Authenticity implies that the interacting parties need to be sure that the incoming messages are really coming from the claimed identity, rather than an impostor communicating from some unreliable source. Non-repudiation involves the presence of a proof of identity that can assure the recipient of the data about the authenticity of the information; this proof of identity can be shown to other participants as well to prove the identity of the sender. Authorization implies the revelation of data to only those individuals who are allowed to view it, since unauthorized individuals might cause harm or steal the data. Effective information security measures ensure that only authorized personnel are allowed to access the data for the protection of privacy of their customers or their own business processes. The increasing information security threats have provoked the IT industry to develop solutions that can combat such attacks and threats of information security. Another type of common attack in the current times is the denial of service (DOS) attack that comprises sending an excessive number of requests to a server to make it unavailable for a legitimate request or to crash the server. Such attacks are initiated by cyber criminals that might be maintaining a whole network of compromised and effected computers which are used to send requests repeatedly on an automated basis. According to GossWeiler, Kamvar and Baluja (2009), Completely Automated Public Turing test to Tell Computers and Humans Apart (CAPTCHA) is a program that requires the reproduction of letters or figures that might be written in an ambiguous and unclear manner. The given phrases are always written in such a way that only a human eye can recognize the characters in a better manner than computer character recognition systems. Therefore, the reproduction of these characters ensures the computer that the request is legitimate and not attempting a DOS attack. In the light of the above arguments and definitions, it can be stated that a small company undertakes substantial risks if effective security measures are not taken to protect the data from revelation to unreliable sources, usage of unprotected data flows and networks and unauthorized access by individuals who might not be permitted to do so. Small businesses often ignore the need for such measures and are likely to face severe consequences since the lack of effective information security protocols are likely to cause reputational, financial and market share damages. References GossWeiler, R., Kamvar, M., Baluja, S. (2009). What’s up CAPTCHA? A CAPTCHA based on image orientation. International World Wide Web Conference Committee (IW3C2). Jones, R. (2011, April 28). Sony faces legal action over attack on PlayStation network. BBC. Richmond, S., & Williams, C. (2011, April 27). Sony admits massive PlayStation Network user data theft. The Telegraph. The Guardian. (2011, May 1). Sony bosses apologize over theft of data from PlayStation Network. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Information Security Small Businesses Research Paper”, n.d.)
Retrieved from https://studentshare.org/information-technology/1457118-information-security-white-paper
(Information Security Small Businesses Research Paper)
https://studentshare.org/information-technology/1457118-information-security-white-paper.
“Information Security Small Businesses Research Paper”, n.d. https://studentshare.org/information-technology/1457118-information-security-white-paper.
  • Cited: 0 times

CHECK THESE SAMPLES OF Information Security for Small Businesses

Information Security

Threats and Vulnerabilities small businesses having limited knowledge of computers, networks, and software are highly vulnerable to a range of serious information security threats.... The growing rate of computer hacking activities is the major factor making small businesses vulnerable to information security threats.... When 21% small businesses indicated a denial of service attack, 20% firms pointed that there system had been made into bots (NIST)....
3 Pages (750 words) Research Proposal

Information Security Management

This paper ''information security Management'' takes a look at the security threats that an SME faces online and its need of information security management to tackle these threats.... This paper would take a look at the security threats that an SME faces online and its need of information security management to tackle these threats.... An effective information security management allows businesses to implement various measures that would protect various data and assets that the business owns....
18 Pages (4500 words) Research Proposal

Delivering Internet Success to Small Businesses

The paper "Delivering Internet Success to small businesses" states that with the help of free online training consideration given to those who are a novice in the system, a small scale business operator would be able to get the help that he needs to protect the information that he intends to post.... This is especially true for small scale businesses.... The book of Rick Segel (2006) on The essential online solution: the five-step formula for small business success mentions of the five most important considerations that online business owners should give particular attention to....
6 Pages (1500 words) Literature review

Information Security of Business

information security essentially requires that the genuine parties to a transaction are identified, the actions they are allowed to perform are determined and their actions are limited to only those that are necessary to initiate and complete the transaction.... The author concludes that as more and more businesses are going online, the need to protect the company's network from attacks is greater than ever.... This is the age of information technology and the information is one thing that is going to transfer while conducting businesses, no matter what and with information comes the issue of security....
3 Pages (750 words) Term Paper

Information Security Program Development

This paper "information security Program Development" discusses information itself as an asset most important to an organization.... We will discuss the case BIC Insurance Company which has decided to migrate to an up to date and modern information security system.... It is the fundamental requirement and business deeply depends on knowledge and information no matter how big or small a company is or what its information requirements are, all information or raw data lies in the organizations' computer system which is highly pruned to being violated and misused if proper security measures are not adopted....
9 Pages (2250 words) Case Study

Security Issues in E-commerce

hy should small businesses Tighten Security?... Ecommerce will enable the small business to shorten procurement cycles through the use of on-line cataloguing, checking, and payment, gain access to global markets at a smaller portion of traditional costs, ensure product, marketing information and prices are always up to date, allow them to compete with large businesses over a common platform, and increase sales opportunities.... Benefits that e-Commerce can bring to small Companies ...
5 Pages (1250 words) Essay

Information Security Policy: Development Guide for Large and Small Companies

A paper "information security Policy: Development Guide for Large and Small Companies" outlines that the government and organizations should establish appropriate policies.... information security laws and practices involve the ways of ensuring that organizations protect and manage their information, that is in order to prevent it from getting lost or being distorted for the purpose of achieving laid goals.... information security Policy: Development Guide for Large and Small CompaniesInformation security laws and practices involve the ways of ensuring that organizations protect and manages their information, that is, in a confidential and safe manner, in order to prevent it from getting lost or being distorted for the purpose of achieving laid goals....
2 Pages (500 words) Case Study

Small Businesses

This paper "small businesses" presents small businesses broadly from the perspective of enterprising and entrepreneurship.... The authors also assert that the often creators of jobs are the small businesses compared to big businesses, and people wishing to encourage the creation of more jobs.... Thus, it is undoubtedly evident that this book is the ultimate reference to scholars and practitioners in the field of enterprise, entrepreneurship and small businesses....
9 Pages (2250 words) Literature review
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us