Computer Security

Computer security entails cybersecurity and physical security, both being used by enterprises to protect against unauthorized access to data centers and other computerized systems. Information security is designed to maintain the confidentiality, integrity and availability of data as a subset of cybersecurity Cybersecurity: Cybersecurity requires the coordination of efforts throughout an information system which are: application security, information security, network security, disaster recovery, operational security and end-user education. The most problematic elements of cybersecurity is the constantly evolving nature of security risks. Physical security: Physical security is the protection of computer hardware from theft or damage and its related documents. The examples of security measures used to protect the hardware include PC locks, keyboard-lock, smart cards and bio-metric devices. A facility is physically secure if it is surrounded by a barrier such as a fence, has secure areas both inside and outside the facility, and can resist penetration by intruders. Features to uphold computer security: Physical Access Controls to ensure physical security, a regime of access controls must be put in place. In physical access control, we create both physical barriers and electronic protocols that will authenticate the user of the resource whose security we are safeguarding. Electronic Access Controls with advances in technology, we are moving away, though not totally, from the physical barriers to more invasive electronic controls that include card access control systems, firewalls, and passwords Information Security Controls information security includes the integrity, confidentiality, and availability of information at the servers, including information in files and databases and in transition between servers, and between clients and servers. The security of information can be ensured in a number of ways. The most common are cryptography for information transmission and authentication and audit trails at the information source and information destination servers. Cryptography, the science of writing and reading coded messages, forms the basis for all secure transmission. This is done through three functions: symmetric and asymmetric encryption, and hash functions. • Main components of threats in information systems security i. Ransomware is a type of malware that involves an attacker locking the victim’s computer system files through encryption and demanding a payment to decrypt them. ii. Phishing is a form of fraud where fraudulent emails from reputable sources with the intention to steal sensitive data. iii. Social engineering is an attack that relies on human interaction to trick users into breaking security procedures so as to gain sensitive information that is protected iv. Malware is any malicious file or program used to harm a computer such as worms, viruses, trojan horses and spyware