One of the problems in internet security is the secureness of connection. It can be addressed to the technical area. The authentication process then becomes the opportunity to intercept traffic and get necessary information. Technical imperfection of authorization solutions facilitates the process of acquiring the authorization data for the third parties (Arief & Besnard, 2005).
Another problem related with technology is poor encryption methods that are used to protect websites’ databases from hackers’ attacks. Simple algorithms used to encrypt a database with users’ authorization information could be cracked for a relatively minor time, which gives no opportunity to apply any extra emergency measures to protect it. Finally, distributed-denial-of-service (DDoS) attacks are not rare these days. Even the most sophisticated security systems could collapse if a group of hackers wants to perform DDoS attack on a server (Arief & Besnard, 2005).
However, internet security has problems, not connected with technical solutions. Poor password management solutions could provide access to the highly secured system without even breaking into it. As it was stated before, users are the weakest spot in the security system (Arief & Besnard, 2005). They forget passwords, tell them to the third parties, write them down in order to remember, create too simple passwords, and make many other mistakes that an IT manager could miss. Therefore, password management that is not user friendly, complicated, and unsecure can be a substantial threat to the security system as well.
Patch management can be a threat too. Updates of the software solutions are aimed to fix the existing bugs, problems, as well as improve/extend functionality and add new useful features. Some IT managers might think that patch management is nothing more than running automatic updates of the software and that is it. Software will do the rest. It is not true. Patch management is about appropriate maintenance of all software solutions that are present in the IT infrastructure of an enterprise.
The fact that any software needs patches confirms the idea that there are vulnerabilities in any system that can be used for the unauthorized access by the third parties. It is not that obvious that patch management influences security as much as password management does but it is true. It means that techniques and requirements used in password management could be used for patch management in order to improve it and make more secured.
Intrusion Detection and Prevention
Intrusion detection system (IDS) and intrusion prevention system are the parts of computer and network security system of any organization that wants to keep its information untouched. Intrusion detection, in general, is the process of tracking the possibility of the events that could occur in any computer system or network and processing the events in terms of identifying their nature. In case of intrusion detection, the appropriate computer security policies are being applied. The complexes that track such incidents and monitor networks are called IDS. In more general meaning, IDS are also added with prevention systems and called either IDS/IPS or IDPS. IDPS of different kind is an important …
Posted by: Shalonda Fogel