SlideShare a Scribd company logo

Ict security essay

rubtumproject.com
rubtumproject.com

รับเขียน essay และงานภาษาอังกฤษทุกรูปแบบติดต่อรับทำโปรเจค.net หรือ 0831585457

Technology
1 of 8
ICT Security 1. Introduction 1.1 Definition of ICT 1.2 ICT Security in General Terms 2. Risk Assessment 2.1 Steps 2.2 Governance 3. Security Concerns 3.1 People 3.2 Physical Security of Assets 3.3 Wireless 3.4 Web Threats 4. Risk Assessment of a Private School
1. Introduction The globalization and ever changing technological landscape of society influenced our way of life to change rapidly. We concerned with technology in every parts of daily life. Global economy at the present time depends on new technology, knowledge, and information. Whoever contain effective all of the three factors is easier to success. So, the old tradition of teaching in school that students learn in the fixed period of time and wait for only teachers is not enough for the globalization anymore. All students need to find more information outside the class. Learning by themselves is an important thing that causes a student to differ from one another. “The illiterate of the 21st century,” according to a noted futurist, “will not be those who cannot read and write, but those who cannot learn, unlearn and relearn.” (Toffler, 2011) Information and communication technologies (ICTs) can be one of the most useful tools for student learning. It supports students to learn what they want to know easier than going to join a tutoring center or asking some advices from a teacher. Some mediums of ICT are every effective. Students can learn step by step according to well-designed products. Not only the ICT components expand student’s knowledge, they also help teacher to access effective knowledge for their students. Teachers will design what to teach effectively within the fixed period. Students will get the best information from their teachers. Besides, if there are some parts that students feel that they do not have enough information, they can find out more by the ICT mediums. It seems like using the ICTs is very simple. In fact, setting the ICTs into the educational system is very complicated. It concerns complex process, technique, and budget. Indeed, getting the technology and physically installing it into an environment is the easiest part provided you have the capital. Other areas of concern include software, training, governance and security. ICT security in particular is of great import and concern and should be given due consideration when ICT is present in any capacity. 1.1 Definition of ICT Information and communication technology or ICT is mostly defined as the internet which is technology providing accesses to information through telecommunications. Somebody may confuse about its meaning because of it is similar to information technology or IT. Intact, ICT includes all kinds of telecommunications, covering phone, Internet, wireless network, and other telecommunication mediums. ICT is useful for both private and government sectors. The easy example is using ICT in school. With ICT, learning process in schools at all levels will be more effective due to easy access to information. Students in one school can search the Internet to find information from anywhere in the world. It is also convenient for teachers in many aspects such as designing teaching plan, consulting, meeting, and etc. Therefore, the meaning of ICT is some mediums based on telecommunications. 1.2 ICT Security in General Terms Another apt expression of writing regarding ICT states, “Our technological powers increase, but the side effects and potential hazards also escalate” (Toffler, 2011). One of the most important of these “side effects” and potential hazards in terms of ICT is security. Presently, the meaning of the word security implies reflections and reasoning which are different from just a few years ago. In the past, society and business thought about security in terms of physical theft, fraud, sabotage and perhaps more sinister methods. However, with sensitive information increasingly being entrusted, stored and transmitted using ICT, security has taken on new meanings and relevance. Businesses must therefore take into account that defense and the prevention of adverse events with regard to ICT security has become an important consideration when conducting business over the internet and in an effort to protect the ability to be productive and competitive. Security is something any business with ICT cannot do without. One technology writer surmises, “Security is the protection of information, systems and services against disasters, mistakes and manipulation so that the likelihood and impact of security incidents is minimised” (B o r a n S . , 2003).
Due to increasing application of information and communication technologies, ICT systems represent the foundation and the means of transmission for all pieces of information that are fundamental to businesses. ICT systems are more increasingly more complex and in turn vulnerable with the growing presence of viruses. In fact, launching or acquiring damaging attacks against ICT systems requires less and less skill. Damage can often occur without the knowledge of the users and transmission of viruses can be accomplished covertly and unwittingly. ICT systems themselves are also becoming more complex and as a consequence are likely to be exposed to intrusions and technology develops. Further, the spread and increasing use of wireless technology has created new opportunities for attacks, which are difficult to defend as they are literally and figuratively available to anyone. In spite of all these factors, most attacks to ICT systems still take advantage of weaknesses that have no clear solutions in the never ending war between attackers and defenders. The different classifications of attacks to ICT are numerous with the most prevalent being:  Theft of information storage hardware (laptops, hard drives, hard disks, tapes, etc.)  Denial of service  Virus contamination  Trojan horses  Piracy and fraud  Unauthorized access or changes to information or system data/settings  Unauthorized use 2. Risk Assessment It is nearly impossible to be completely prescriptive about ICT security and one of the first tasks required when dealing with ICT security is to identify and assess overall and specific risks. The process is usually divided into four main phases. 1. Identifying the risk 2. Evaluating the risk 3. Analyzing the risk 4. Managing the risk There will always be a need to assess ICT security, and doing so is good practice for any business that wants to carry on its function because without knowing what the risks are it is impossible to manage them. Although risks to ICT systems will change and evolve as technology is adopted to support a business’ mission, it is not a subject that should be taken lightly or disregarded in any stretch of the imagination. Since ICT is at the core of how businesses operate and function, particular care to this part of an organization, company or business is paramount. 2.1 Steps First, it is important to identify any possible areas of risk and glean the most understanding possible of what those risks may be. Second, once identified thought must be given to how the risk may cause harm to the business and how likely that risk may occur (e.g. high, medium, low likelihood). Next, an analysis is conducted to determine what possible consequences would result if the risk did occur. Finally, once the risk factors have been established and researched, systems, policies and procedures can be put in place to eliminate or at least minimize the risk. ICT security risk assessment needs to be included in any business organization’s overall risk management strategy.
2.2 Governance Merely having policies and procedures in place to combat security risks is in itself not enough. These policies and procedures will need to be enforced and regularly reviewed for relevance. This means that one or several members of an organization’s staff, depending on the nature of the organization, is clearly identified and given the responsibility of assessing, planning for, carrying out, and documenting ICT risk assessments. These staff members will also be given the task of reviewing those policies and procedures put in place for effectiveness and compliance. The overall decisions on ICT security policy should be made at the managerial level. It is important that decisions be made within the framework of the organization’s function and overall goals and thus decisions and recommendations concerning ICT security should be reviewed by management or someone who is aware of the wider strategic issues, whether or not they are technically competent. 3. Security Concerns 3.1 People People are the biggest threat to the security of ICTs, whether inadvertently or deliberately. The very core idea of human nature is that we are not infallible and that we make mistakes, again often inadvertently. No matter how technically complex an ICT security policy, people are usually the weak link that creates or exacerbates risk. It is important that an organization’s staff be educated about the potential risks and how they can avoid them. Proper training should be given to all members of an organization regarding the policies and procedures of ICT. “Information security (IS) management polls continue to reveal that insider threat, due to disgruntled employees or dishonest employees, is the number one risk to the security of computing resources. Likewise, the 1996 National Retail Security Survey indicates that 42% of inventory shrinkage is due to employee theft. Further, today’s highly competitive, technologically advanced workplace generates an environment where talented technicians move from one organization to another, and take their knowledge with them” (K r a u s e , M i c k i , & T i p t o n , 1997). 3.2 Physical Security of Assets ICT hardware is generally expensive and therefore should be safeguarded from theft, not only from the point of the theft itself, but also because of the valuable information housed within. Taking precautions will reduce the risks associated with ICT hardware and any possible disastrous results. 3.3 Wireless ICT systems sometimes become susceptible to risk because of the wireless standards used by an organization. All standards of wireless fidelity (WiFi) are accessible by anyone with the right equipment and skills. Therefore any system using wireless could be tapped into and information compromised, altered, or stolen. With the sensitive nature of the information stored on ICT these days, particular care should be exercised when using wireless as a means of information transmission. Since all data transmissions using wireless travel through the frequency waves, it becomes possible to intercept or copy the information transferred.
Figure1. Illustration of wireless transmission risk mobile device eavesdropping server interference active attack (I m a i , 2006) 3.4 Web Threats The Internet has also played a role in the presence and spread of ICT risk. Just about every aspect of web based information and communication necessitates the transfer (e.g. downloading, uploading, duplicating) of information and often risks are present at this stage. Just as the common cold is easily transferred between people, so also can ICT risk be transferred from device to device, computer to computer, system to system and network to network. It can then become an amorphous risk to all until it is identified and managed. 4. Risk Assessment of a Private School The specific aspects of security mentioned previously were done so because these are also the most overlooked areas of ICT security at the scrutinized location of this document, a private educational facility in Southeast Asia. The school in question has ICT infrastructure in place throughout the facility for use by both staff and students. There is ICT present in most classrooms, two libraries, in the staff offices, and in various other areas of the school. All of the ICT components operate on a common network and, with the exception of staff and administration computers, are accessible to the student population. It is possible to close accessible points to a network. However, the school can provide some budget and time for the controllers to monitor. If the school does not have enough budgets, frequent checking is also a powerful method to investigate the happening problem and solve it. Mostly, the risks in security concern misconfiguration and poor programming of the staff. The school should search for an effective specialist to be an administrator. If the network is controlled by proper staff, the risks will reduce. The risks identified at the private educational facility mentioned herein will also be accompanied by possible and available remedies. 4.1 Configuration Errors- These errors create risks that enable attackers to destroy systems. Configuration is the most important part to protect the system; however, there maybe some errors such as incorrect setting file permission, setting poor password, and leaving some services open. The solution to reduce these configuration errors is setting standard procedures for a system administrator to follow. Moreover, there should be a follow-up team to monitor some errors that may happen from configuration. This risk is present at the facility. The administration does not have a schedule for setting or changing default network passwords and any passwords currently in place are not safeguarded. As a possible remedy, a member of the ICT department should be tasked with creating a schedule to change or reset passwords on all facility networks and servers which only the management echelon will be advised of. 4.2 Default Accounts- Some applications install with default accounts and passwords. In some instances, the installation programming uses a default user ID and password that the installer uses with the intention of changing at a later time. Most of these default accounts have default passwords
associated with them, and even if administrators have changed the default passwords on these accounts, the accounts themselves are common targets for attack. Once the account is breached, the attacker has administrator rights over the system. System administrators should rename or delete these default accounts so that they are less likely to become targets of attack. 4.3 File Permissions- Improper file permissions can also be a source of vulnerability. File permissions determine what the user has access to and what programs that user can run. Additionally, since some programs run under the context of a higher-level user, mis-configuration of security settings on these programs could allow a user to elevate their access. Sometimes, settings directories give full programming access to the “everyone” group, giving any user access into the system programming. The facility should regularly review file permissions and set them at the most restrictive level possible while still achieving the desired level of the sharing. 4.4 Network Architecture- A secure network should be designed and constructed to separate the internal network from access by external sources using the Internet and all incoming and outgoing traffic should be filtered through a robust and effective firewall. At present, all ICT resources in classrooms at the facility have direct connections through local access networks (LAN) without the benefit of being monitored or filtered by any security methods. Additionally, students with access to the school’s computers are also in possession of portable information storing devices such as external hard drives, CDs and DVDs, and USB drives. In this way viruses and other forms of malicious software are downloaded from various sources and then transmitted or spread throughout the network. As a remedy, classroom computers should have their access to the Internet routed through administrator controlled firewalls that are closely monitored. Additionally, use of external information storage devices should be restricted to only those computers that are free of risks and regulated by competent school staff. 4.5 Virus and Anti-Virus- Most businesses think anti-virus software is the cure for attacks of this nature. The threat from viruses varies with the type of malicious activity they attempt to perform. Some viruses offer only annoyances with no permanent damage done, while others enable remote attackers to gain unauthorized access to systems, applications and networks. The widespread problems resulting from these viruses demonstrate a person’s abilities to hide malicious code relatively well. It also shows how easy it is for users to unknowingly execute this code and compromise the security of their system. Recent virus-scanning programs are quite advanced, but the scanners are only as good as the virus definitions. Virus scanners must be constantly updated. Additionally, many new viruses may not appear in the database and may be missed. Virus-scanning tools that employ heuristics and sandboxes should be used in an attempt to catch these undefined viruses. Heuristics involve looking for code or programs that resemble or could potentially be viruses. Sandboxes actually execute the code or application in a quarantined environment and examine what the program does. If the program appears to be a virus, the virus package quarantines the program and performs an alert function. The heuristics and sandboxes hopefully catch any newly developed exploits and viruses that may not have been included in the most recent virus definitions update. Here at this facility, while anti-virus software exists, it is often outdated and the definitions seldom updated, a sort of “install and forget” mentality. The remedy for this problem and area of risk is to regularly update the anti-virus software and to ensure that the virus scanning software is current with the level of programming available.. 4.6 Wireless Networks- The facility regularly stores sensitive information such as student and staff personal information, grades, exams and, more importantly, exam answers, on network computers with wireless capabilities. The area of risk here is that the wireless network is easily accessible. This network and the information stored within should be structured in an intranet with a centralized access point for data transmission to outside sources. That centralized access point should use LAN as opposed to wireless to maintain a better state of security. Currently. Any student with a proper device such as a laptop can access the wireless network and in turn, with the proper skills and knowledge, access the information contained therein.
5. Conclusion The educational facility scrutinized in this document is quite obviously lax in their approach to network security. In fact, the issues/risks identified here are not the only problems faced by this facility. Additionally, there is an issue of governance. Perhaps that should be the first step in order to get the school headed in the right direction with regard to ICT security. Currently there appears to be no identifiable party tasked with regulating the ICT infrastructure. Until this comes about, the risks faced by the school will continue to be a source of great concern. As stated by the United Nations Educational , Scientific and Cultural Organization, “The use of ICT cuts across all aspects of economic and social life. Technological developments in ICT are very rapid. Technology quickly becomes obsolete requiring new skills and knowledge to be mastered frequently. Adaptation is only possible when based on a sound understanding of the principles and concepts of ICT.” (Daniel J., 2002)
References 1. Toffler, Alvin. BrainyQuote.com. Xplore Inc, 2011. 15 February. 2011. http://www.brainyquote.com/quotes/quotes/a/alvintoffl409080.html 2. Toffler, Alvin. BrainyQuote.com. Xplore Inc, 2011. 15 February. 2011. http://www.brainyquote.com/quotes/quotes/a/alvintoffl386113.html 3. B o r a n , S e a n . " I T S e c u r i t y C o o k b o o k . " b o r a n . c o m . B o r a n C o n s u l t i n g , 0 2 . J u n e . 2 0 0 3 . W e b . 1 6 F e b 2 0 1 1 . < h t t p : / / w w w . b o r a n . c o m / s e c u r i t y / >. 4. K r a u s e , M i c k i , a n d H a l T i p t o n . " H a n d b o o k o f I n f o r m a t i o n S e c u r i t y Management." cccure.com. CRC Press LLC, 1997. Web. 16 Feb 2011. http://www.cccure.org/Documents/HISM/ewtoc.html 5. Imai, Hideki. Wireless Communications Security. Norwood, MA, USA: Artech House, Inc., 2006. 44. Print. 6. Daniel, John. Information and Computer Technology in Education: A Curriculum for Schools and a Programme of Teacher Development. 15 Feb. 2011. United Nations Educational, Scientific and Cultural Organization. 2002 <http://unesdoc.unesco.org/images/0012/001295/129538e.pdf>.

Recommended

CHAPTER-3-4 human condition and Good life.ppt
CHAPTER-3-4 human condition and Good life.pptCHAPTER-3-4 human condition and Good life.ppt
CHAPTER-3-4 human condition and Good life.pptDavid Western
 
6
66
6Zaralucille
 
Retail Industry: The Future of Developing India
Retail Industry: The Future of Developing IndiaRetail Industry: The Future of Developing India
Retail Industry: The Future of Developing IndiaCustomer Centria
 
Biodata Cv Dr. Shriniwas Kashalikar
Biodata Cv Dr. Shriniwas KashalikarBiodata Cv Dr. Shriniwas Kashalikar
Biodata Cv Dr. Shriniwas Kashalikarabhishekka
 
Bpk sebuah kemubudziran
Bpk sebuah kemubudziranBpk sebuah kemubudziran
Bpk sebuah kemubudziranOetjoe Jauhar
 
PA2040 Environmental Sensing
PA2040 Environmental SensingPA2040 Environmental Sensing
PA2040 Environmental SensingInternet of Things DC
 
Carrers i places
Carrers i placesCarrers i places
Carrers i placesMontsete
 
Estadistica daniel Mogollon
Estadistica daniel MogollonEstadistica daniel Mogollon
Estadistica daniel Mogollondiamenel
 

Recommended

CHAPTER-3-4 human condition and Good life.ppt
CHAPTER-3-4 human condition and Good life.pptCHAPTER-3-4 human condition and Good life.ppt
CHAPTER-3-4 human condition and Good life.pptDavid Western
 
6
66
6Zaralucille
 
Retail Industry: The Future of Developing India
Retail Industry: The Future of Developing IndiaRetail Industry: The Future of Developing India
Retail Industry: The Future of Developing IndiaCustomer Centria
 
Biodata Cv Dr. Shriniwas Kashalikar
Biodata Cv Dr. Shriniwas KashalikarBiodata Cv Dr. Shriniwas Kashalikar
Biodata Cv Dr. Shriniwas Kashalikarabhishekka
 
Bpk sebuah kemubudziran
Bpk sebuah kemubudziranBpk sebuah kemubudziran
Bpk sebuah kemubudziranOetjoe Jauhar
 
PA2040 Environmental Sensing
PA2040 Environmental SensingPA2040 Environmental Sensing
PA2040 Environmental SensingInternet of Things DC
 
Carrers i places
Carrers i placesCarrers i places
Carrers i placesMontsete
 
Estadistica daniel Mogollon
Estadistica daniel MogollonEstadistica daniel Mogollon
Estadistica daniel Mogollondiamenel
 
Retailing Trade in India
Retailing Trade in IndiaRetailing Trade in India
Retailing Trade in IndiaAswani Raj
 
Leyes De Conjuntos
Leyes De ConjuntosLeyes De Conjuntos
Leyes De Conjuntossolracoznofla
 
Safe Ride Pitch
Safe Ride PitchSafe Ride Pitch
Safe Ride PitchAbhay Kshirsagar, M.S., CISA
 
The how to research guide
The how to research guideThe how to research guide
The how to research guidealice21alicia
 
Bonding agents2/ dental crown & bridge courses
Bonding agents2/ dental crown & bridge coursesBonding agents2/ dental crown & bridge courses
Bonding agents2/ dental crown & bridge coursesIndian dental academy
 
Libros de texto para el curso 2016-2017
Libros de texto para el curso 2016-2017Libros de texto para el curso 2016-2017
Libros de texto para el curso 2016-2017Antonio Merino
 
Programme des festivités du quarantenaire des Trompettes de Jéricho
Programme des festivités du quarantenaire des Trompettes de JérichoProgramme des festivités du quarantenaire des Trompettes de Jéricho
Programme des festivités du quarantenaire des Trompettes de JérichoKoffi Sani
 
Geotricosis (micosis oportunista)
Geotricosis (micosis oportunista)Geotricosis (micosis oportunista)
Geotricosis (micosis oportunista)Víctor Bravo P
 
Proywcto de aprendizaje 1 A Yuneidy Teran
Proywcto de aprendizaje 1 A Yuneidy TeranProywcto de aprendizaje 1 A Yuneidy Teran
Proywcto de aprendizaje 1 A Yuneidy Teranyuneidyteran2002
 
Pharmaceutical calculations uptu ppt
Pharmaceutical calculations uptu pptPharmaceutical calculations uptu ppt
Pharmaceutical calculations uptu pptDr Vinay Gupta
 
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
 
Information security threats encountered by Malaysian public sector data cen...
Information security threats encountered by Malaysian public sector data cen...Information security threats encountered by Malaysian public sector data cen...
Information security threats encountered by Malaysian public sector data cen...nooriasukmaningtyas
 
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...AI Publications
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - GuidelinesPedro Espinosa
 
Classmate 1Cybersecurity risk can be characterized as the ris.docx
Classmate 1Cybersecurity risk can be characterized as the ris.docxClassmate 1Cybersecurity risk can be characterized as the ris.docx
Classmate 1Cybersecurity risk can be characterized as the ris.docxbartholomeocoombs
 
Institutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military PerspectiveInstitutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military PerspectiveGovernment
 
Cyber Security Conference - Trustworthy computing cybersecurity white paper
Cyber Security Conference - Trustworthy computing cybersecurity white paperCyber Security Conference - Trustworthy computing cybersecurity white paper
Cyber Security Conference - Trustworthy computing cybersecurity white paperMicrosoft
 
Why Is Security A Shared Responsibility.pdf
Why Is Security A Shared Responsibility.pdfWhy Is Security A Shared Responsibility.pdf
Why Is Security A Shared Responsibility.pdfCiente
 
Paper Titled Information Security in an organization
Paper Titled Information Security in an organizationPaper Titled Information Security in an organization
Paper Titled Information Security in an organizationMohammed Mahfouz Alhassan
 
820 1961-1-pb
820 1961-1-pb820 1961-1-pb
820 1961-1-pbMohammed Mahfouz Alhassan
 
Information Technology For Educational Development
Information Technology For Educational DevelopmentInformation Technology For Educational Development
Information Technology For Educational DevelopmentTheresa Singh
 
Atos wp-cyberrisks
Atos wp-cyberrisksAtos wp-cyberrisks
Atos wp-cyberrisksHenk van der Tweel
 

More Related Content

Viewers also liked

Retailing Trade in India
Retailing Trade in IndiaRetailing Trade in India
Retailing Trade in IndiaAswani Raj
 
The how to research guide
The how to research guideThe how to research guide
The how to research guidealice21alicia
 
Bonding agents2/ dental crown & bridge courses
Bonding agents2/ dental crown & bridge coursesBonding agents2/ dental crown & bridge courses
Bonding agents2/ dental crown & bridge coursesIndian dental academy
 
Libros de texto para el curso 2016-2017
Libros de texto para el curso 2016-2017Libros de texto para el curso 2016-2017
Libros de texto para el curso 2016-2017Antonio Merino
 
Programme des festivités du quarantenaire des Trompettes de Jéricho
Programme des festivités du quarantenaire des Trompettes de JérichoProgramme des festivités du quarantenaire des Trompettes de Jéricho
Programme des festivités du quarantenaire des Trompettes de JérichoKoffi Sani
 
Geotricosis (micosis oportunista)
Geotricosis (micosis oportunista)Geotricosis (micosis oportunista)
Geotricosis (micosis oportunista)Víctor Bravo P
 
Proywcto de aprendizaje 1 A Yuneidy Teran
Proywcto de aprendizaje 1 A Yuneidy TeranProywcto de aprendizaje 1 A Yuneidy Teran
Proywcto de aprendizaje 1 A Yuneidy Teranyuneidyteran2002
 
Pharmaceutical calculations uptu ppt
Pharmaceutical calculations uptu pptPharmaceutical calculations uptu ppt
Pharmaceutical calculations uptu pptDr Vinay Gupta
 

Viewers also liked (10)

Retailing Trade in India
Retailing Trade in IndiaRetailing Trade in India
Retailing Trade in India
 
Leyes De Conjuntos
Leyes De ConjuntosLeyes De Conjuntos
Leyes De Conjuntos
 
Safe Ride Pitch
Safe Ride PitchSafe Ride Pitch
Safe Ride Pitch
 
The how to research guide
The how to research guideThe how to research guide
The how to research guide
 
Bonding agents2/ dental crown & bridge courses
Bonding agents2/ dental crown & bridge coursesBonding agents2/ dental crown & bridge courses
Bonding agents2/ dental crown & bridge courses
 
Libros de texto para el curso 2016-2017
Libros de texto para el curso 2016-2017Libros de texto para el curso 2016-2017
Libros de texto para el curso 2016-2017
 
Programme des festivités du quarantenaire des Trompettes de Jéricho
Programme des festivités du quarantenaire des Trompettes de JérichoProgramme des festivités du quarantenaire des Trompettes de Jéricho
Programme des festivités du quarantenaire des Trompettes de Jéricho
 
Geotricosis (micosis oportunista)
Geotricosis (micosis oportunista)Geotricosis (micosis oportunista)
Geotricosis (micosis oportunista)
 
Proywcto de aprendizaje 1 A Yuneidy Teran
Proywcto de aprendizaje 1 A Yuneidy TeranProywcto de aprendizaje 1 A Yuneidy Teran
Proywcto de aprendizaje 1 A Yuneidy Teran
 
Pharmaceutical calculations uptu ppt
Pharmaceutical calculations uptu pptPharmaceutical calculations uptu ppt
Pharmaceutical calculations uptu ppt
 

Similar to Ict security essay

AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
 
Information security threats encountered by Malaysian public sector data cen...
Information security threats encountered by Malaysian public sector data cen...Information security threats encountered by Malaysian public sector data cen...
Information security threats encountered by Malaysian public sector data cen...nooriasukmaningtyas
 
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...AI Publications
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - GuidelinesPedro Espinosa
 
Classmate 1Cybersecurity risk can be characterized as the ris.docx
Classmate 1Cybersecurity risk can be characterized as the ris.docxClassmate 1Cybersecurity risk can be characterized as the ris.docx
Classmate 1Cybersecurity risk can be characterized as the ris.docxbartholomeocoombs
 
Institutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military PerspectiveInstitutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military PerspectiveGovernment
 
Cyber Security Conference - Trustworthy computing cybersecurity white paper
Cyber Security Conference - Trustworthy computing cybersecurity white paperCyber Security Conference - Trustworthy computing cybersecurity white paper
Cyber Security Conference - Trustworthy computing cybersecurity white paperMicrosoft
 
Why Is Security A Shared Responsibility.pdf
Why Is Security A Shared Responsibility.pdfWhy Is Security A Shared Responsibility.pdf
Why Is Security A Shared Responsibility.pdfCiente
 
Paper Titled Information Security in an organization
Paper Titled Information Security in an organizationPaper Titled Information Security in an organization
Paper Titled Information Security in an organizationMohammed Mahfouz Alhassan
 
Information Technology For Educational Development
Information Technology For Educational DevelopmentInformation Technology For Educational Development
Information Technology For Educational DevelopmentTheresa Singh
 
2015_ICMSS_Institutional_Cybersecurity_s02
2015_ICMSS_Institutional_Cybersecurity_s022015_ICMSS_Institutional_Cybersecurity_s02
2015_ICMSS_Institutional_Cybersecurity_s02Government
 
2 Security And Internet Security
2 Security And Internet Security2 Security And Internet Security
2 Security And Internet SecurityAna Meskovska
 
Vulnerability Assessment ( Va )
Vulnerability Assessment ( Va )Vulnerability Assessment ( Va )
Vulnerability Assessment ( Va )Monica Rivera
 
Database Security Is Vital For Any And Every Organization
Database Security Is Vital For Any And Every OrganizationDatabase Security Is Vital For Any And Every Organization
Database Security Is Vital For Any And Every OrganizationApril Dillard
 
Current Issues In Education Technology WPG Consulting .pdf
Current Issues In Education Technology WPG Consulting .pdfCurrent Issues In Education Technology WPG Consulting .pdf
Current Issues In Education Technology WPG Consulting .pdfmeetsolanki44
 
Cyber security: challenges for society- literature review
Cyber security: challenges for society- literature reviewCyber security: challenges for society- literature review
Cyber security: challenges for society- literature reviewIOSR Journals
 
Cyber Security - CollegeEssay.org - 2024
Cyber Security - CollegeEssay.org - 2024Cyber Security - CollegeEssay.org - 2024
Cyber Security - CollegeEssay.org - 2024CollegeEssay.Org
 

Similar to Ict security essay (20)

AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
 
Information security threats encountered by Malaysian public sector data cen...
Information security threats encountered by Malaysian public sector data cen...Information security threats encountered by Malaysian public sector data cen...
Information security threats encountered by Malaysian public sector data cen...
 
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...
Cultivating Proactive Cybersecurity Culture among IT Professional to Combat E...
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - Guidelines
 
Classmate 1Cybersecurity risk can be characterized as the ris.docx
Classmate 1Cybersecurity risk can be characterized as the ris.docxClassmate 1Cybersecurity risk can be characterized as the ris.docx
Classmate 1Cybersecurity risk can be characterized as the ris.docx
 
Institutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military PerspectiveInstitutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military Perspective
 
Cyber Security Conference - Trustworthy computing cybersecurity white paper
Cyber Security Conference - Trustworthy computing cybersecurity white paperCyber Security Conference - Trustworthy computing cybersecurity white paper
Cyber Security Conference - Trustworthy computing cybersecurity white paper
 
Why Is Security A Shared Responsibility.pdf
Why Is Security A Shared Responsibility.pdfWhy Is Security A Shared Responsibility.pdf
Why Is Security A Shared Responsibility.pdf
 
Paper Titled Information Security in an organization
Paper Titled Information Security in an organizationPaper Titled Information Security in an organization
Paper Titled Information Security in an organization
 
820 1961-1-pb
820 1961-1-pb820 1961-1-pb
820 1961-1-pb
 
Information Technology For Educational Development
Information Technology For Educational DevelopmentInformation Technology For Educational Development
Information Technology For Educational Development
 
Atos wp-cyberrisks
Atos wp-cyberrisksAtos wp-cyberrisks
Atos wp-cyberrisks
 
2015_ICMSS_Institutional_Cybersecurity_s02
2015_ICMSS_Institutional_Cybersecurity_s022015_ICMSS_Institutional_Cybersecurity_s02
2015_ICMSS_Institutional_Cybersecurity_s02
 
2 Security And Internet Security
2 Security And Internet Security2 Security And Internet Security
2 Security And Internet Security
 
Vulnerability Assessment ( Va )
Vulnerability Assessment ( Va )Vulnerability Assessment ( Va )
Vulnerability Assessment ( Va )
 
Database Security Is Vital For Any And Every Organization
Database Security Is Vital For Any And Every OrganizationDatabase Security Is Vital For Any And Every Organization
Database Security Is Vital For Any And Every Organization
 
Current Issues In Education Technology WPG Consulting .pdf
Current Issues In Education Technology WPG Consulting .pdfCurrent Issues In Education Technology WPG Consulting .pdf
Current Issues In Education Technology WPG Consulting .pdf
 
Ethiopia reba paper
Ethiopia reba paperEthiopia reba paper
Ethiopia reba paper
 
Cyber security: challenges for society- literature review
Cyber security: challenges for society- literature reviewCyber security: challenges for society- literature review
Cyber security: challenges for society- literature review
 
Cyber Security - CollegeEssay.org - 2024
Cyber Security - CollegeEssay.org - 2024Cyber Security - CollegeEssay.org - 2024
Cyber Security - CollegeEssay.org - 2024
 

More from rubtumproject.com

ปัจจัยทางการตลาดที่ส่งผลต่อการรับประทานอาหารที่ครัวดารา ม.บูรพา
ปัจจัยทางการตลาดที่ส่งผลต่อการรับประทานอาหารที่ครัวดารา ม.บูรพาปัจจัยทางการตลาดที่ส่งผลต่อการรับประทานอาหารที่ครัวดารา ม.บูรพา
ปัจจัยทางการตลาดที่ส่งผลต่อการรับประทานอาหารที่ครัวดารา ม.บูรพาrubtumproject.com
 
บทที่ 5 (แก้ไขครั้งที่ 1)
บทที่ 5 (แก้ไขครั้งที่ 1)บทที่ 5 (แก้ไขครั้งที่ 1)
บทที่ 5 (แก้ไขครั้งที่ 1)rubtumproject.com
 
ตัวอย่างบทที่ 2 พฤติกรรมป้องกันโรคเอดส์ของกลุ่มชายรักชาย
ตัวอย่างบทที่ 2 พฤติกรรมป้องกันโรคเอดส์ของกลุ่มชายรักชายตัวอย่างบทที่ 2 พฤติกรรมป้องกันโรคเอดส์ของกลุ่มชายรักชาย
ตัวอย่างบทที่ 2 พฤติกรรมป้องกันโรคเอดส์ของกลุ่มชายรักชายrubtumproject.com
 
ตัวอย่างงานเขียนโปรแกรมด้วย Access
ตัวอย่างงานเขียนโปรแกรมด้วย Accessตัวอย่างงานเขียนโปรแกรมด้วย Access
ตัวอย่างงานเขียนโปรแกรมด้วย Accessrubtumproject.com
 
รับจัดฟอร์แมต ตัวอย่างงานจัดหน้าของม.ราชภัฎจัทรเกษม
รับจัดฟอร์แมต ตัวอย่างงานจัดหน้าของม.ราชภัฎจัทรเกษมรับจัดฟอร์แมต ตัวอย่างงานจัดหน้าของม.ราชภัฎจัทรเกษม
รับจัดฟอร์แมต ตัวอย่างงานจัดหน้าของม.ราชภัฎจัทรเกษมrubtumproject.com
 
รายงานการสัมมนาทางสังคมวิทยา กรณีอั้มเนโกะ มหาวิทยาลัยธรรมศาสตร์ รหัส 53
รายงานการสัมมนาทางสังคมวิทยา กรณีอั้มเนโกะ มหาวิทยาลัยธรรมศาสตร์ รหัส 53รายงานการสัมมนาทางสังคมวิทยา กรณีอั้มเนโกะ มหาวิทยาลัยธรรมศาสตร์ รหัส 53
รายงานการสัมมนาทางสังคมวิทยา กรณีอั้มเนโกะ มหาวิทยาลัยธรรมศาสตร์ รหัส 53rubtumproject.com
 
DFD ระบบจองรีสอร์ทออนไลน์
DFD ระบบจองรีสอร์ทออนไลน์DFD ระบบจองรีสอร์ทออนไลน์
DFD ระบบจองรีสอร์ทออนไลน์rubtumproject.com
 
DFD ระบบจองรีสอร์ทออนไลน์
DFD ระบบจองรีสอร์ทออนไลน์DFD ระบบจองรีสอร์ทออนไลน์
DFD ระบบจองรีสอร์ทออนไลน์rubtumproject.com
 
คู่มือการใช้งานระบบการจัดการหนังสืออิเล็กทรอนิกส์
คู่มือการใช้งานระบบการจัดการหนังสืออิเล็กทรอนิกส์คู่มือการใช้งานระบบการจัดการหนังสืออิเล็กทรอนิกส์
คู่มือการใช้งานระบบการจัดการหนังสืออิเล็กทรอนิกส์rubtumproject.com
 
บททีี่ 1-5 การควบรวมกันขององค์กรนวัตกรรม
บททีี่ 1-5 การควบรวมกันขององค์กรนวัตกรรมบททีี่ 1-5 การควบรวมกันขององค์กรนวัตกรรม
บททีี่ 1-5 การควบรวมกันขององค์กรนวัตกรรมrubtumproject.com
 
บทที่ 3 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพ
บทที่ 3 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพบทที่ 3 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพ
บทที่ 3 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพrubtumproject.com
 
บทที่ 2 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพ
บทที่ 2 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพบทที่ 2 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพ
บทที่ 2 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพrubtumproject.com
 
วิทยานิพนธ์บทที่ 4 พัฒนาการท่องเที่ยว
วิทยานิพนธ์บทที่ 4 พัฒนาการท่องเที่ยววิทยานิพนธ์บทที่ 4 พัฒนาการท่องเที่ยว
วิทยานิพนธ์บทที่ 4 พัฒนาการท่องเที่ยวrubtumproject.com
 
บทที่ 3 ระบบ android ocr
บทที่ 3 ระบบ android ocr บทที่ 3 ระบบ android ocr
บทที่ 3 ระบบ android ocr rubtumproject.com
 
ตัวอย่างบทที่่ 1-2 โปรแกรม
ตัวอย่างบทที่่ 1-2 โปรแกรมตัวอย่างบทที่่ 1-2 โปรแกรม
ตัวอย่างบทที่่ 1-2 โปรแกรมrubtumproject.com
 
ตัวอย่างบทที่ 2 ระบบ e-learning สอนphotoshop
ตัวอย่างบทที่ 2 ระบบ e-learning สอนphotoshopตัวอย่างบทที่ 2 ระบบ e-learning สอนphotoshop
ตัวอย่างบทที่ 2 ระบบ e-learning สอนphotoshoprubtumproject.com
 
ตัวอย่างบทที่ 3 ระบบ e-learning สอนphotoshop
ตัวอย่างบทที่ 3 ระบบ e-learning สอนphotoshopตัวอย่างบทที่ 3 ระบบ e-learning สอนphotoshop
ตัวอย่างบทที่ 3 ระบบ e-learning สอนphotoshoprubtumproject.com
 
ตัวอย่างงานเกมส์เขียนด้วยภาษา C
ตัวอย่างงานเกมส์เขียนด้วยภาษา Cตัวอย่างงานเกมส์เขียนด้วยภาษา C
ตัวอย่างงานเกมส์เขียนด้วยภาษา Crubtumproject.com
 
ตัวอย่างแบบสอบถามงานวิจัย
ตัวอย่างแบบสอบถามงานวิจัยตัวอย่างแบบสอบถามงานวิจัย
ตัวอย่างแบบสอบถามงานวิจัยrubtumproject.com
 
บัญชีกำไรขาดทุนร้านซ่อมแซมเสื้อผ้า
บัญชีกำไรขาดทุนร้านซ่อมแซมเสื้อผ้าบัญชีกำไรขาดทุนร้านซ่อมแซมเสื้อผ้า
บัญชีกำไรขาดทุนร้านซ่อมแซมเสื้อผ้าrubtumproject.com
 

More from rubtumproject.com (20)

ปัจจัยทางการตลาดที่ส่งผลต่อการรับประทานอาหารที่ครัวดารา ม.บูรพา
ปัจจัยทางการตลาดที่ส่งผลต่อการรับประทานอาหารที่ครัวดารา ม.บูรพาปัจจัยทางการตลาดที่ส่งผลต่อการรับประทานอาหารที่ครัวดารา ม.บูรพา
ปัจจัยทางการตลาดที่ส่งผลต่อการรับประทานอาหารที่ครัวดารา ม.บูรพา
 
บทที่ 5 (แก้ไขครั้งที่ 1)
บทที่ 5 (แก้ไขครั้งที่ 1)บทที่ 5 (แก้ไขครั้งที่ 1)
บทที่ 5 (แก้ไขครั้งที่ 1)
 
ตัวอย่างบทที่ 2 พฤติกรรมป้องกันโรคเอดส์ของกลุ่มชายรักชาย
ตัวอย่างบทที่ 2 พฤติกรรมป้องกันโรคเอดส์ของกลุ่มชายรักชายตัวอย่างบทที่ 2 พฤติกรรมป้องกันโรคเอดส์ของกลุ่มชายรักชาย
ตัวอย่างบทที่ 2 พฤติกรรมป้องกันโรคเอดส์ของกลุ่มชายรักชาย
 
ตัวอย่างงานเขียนโปรแกรมด้วย Access
ตัวอย่างงานเขียนโปรแกรมด้วย Accessตัวอย่างงานเขียนโปรแกรมด้วย Access
ตัวอย่างงานเขียนโปรแกรมด้วย Access
 
รับจัดฟอร์แมต ตัวอย่างงานจัดหน้าของม.ราชภัฎจัทรเกษม
รับจัดฟอร์แมต ตัวอย่างงานจัดหน้าของม.ราชภัฎจัทรเกษมรับจัดฟอร์แมต ตัวอย่างงานจัดหน้าของม.ราชภัฎจัทรเกษม
รับจัดฟอร์แมต ตัวอย่างงานจัดหน้าของม.ราชภัฎจัทรเกษม
 
รายงานการสัมมนาทางสังคมวิทยา กรณีอั้มเนโกะ มหาวิทยาลัยธรรมศาสตร์ รหัส 53
รายงานการสัมมนาทางสังคมวิทยา กรณีอั้มเนโกะ มหาวิทยาลัยธรรมศาสตร์ รหัส 53รายงานการสัมมนาทางสังคมวิทยา กรณีอั้มเนโกะ มหาวิทยาลัยธรรมศาสตร์ รหัส 53
รายงานการสัมมนาทางสังคมวิทยา กรณีอั้มเนโกะ มหาวิทยาลัยธรรมศาสตร์ รหัส 53
 
DFD ระบบจองรีสอร์ทออนไลน์
DFD ระบบจองรีสอร์ทออนไลน์DFD ระบบจองรีสอร์ทออนไลน์
DFD ระบบจองรีสอร์ทออนไลน์
 
DFD ระบบจองรีสอร์ทออนไลน์
DFD ระบบจองรีสอร์ทออนไลน์DFD ระบบจองรีสอร์ทออนไลน์
DFD ระบบจองรีสอร์ทออนไลน์
 
คู่มือการใช้งานระบบการจัดการหนังสืออิเล็กทรอนิกส์
คู่มือการใช้งานระบบการจัดการหนังสืออิเล็กทรอนิกส์คู่มือการใช้งานระบบการจัดการหนังสืออิเล็กทรอนิกส์
คู่มือการใช้งานระบบการจัดการหนังสืออิเล็กทรอนิกส์
 
บททีี่ 1-5 การควบรวมกันขององค์กรนวัตกรรม
บททีี่ 1-5 การควบรวมกันขององค์กรนวัตกรรมบททีี่ 1-5 การควบรวมกันขององค์กรนวัตกรรม
บททีี่ 1-5 การควบรวมกันขององค์กรนวัตกรรม
 
บทที่ 3 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพ
บทที่ 3 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพบทที่ 3 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพ
บทที่ 3 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพ
 
บทที่ 2 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพ
บทที่ 2 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพบทที่ 2 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพ
บทที่ 2 การพัฒนาความคิดสร้างสรรค์ด้วยโปรแกรมคอมพิวเตอร์กราฟิกและการวาดภาพ
 
วิทยานิพนธ์บทที่ 4 พัฒนาการท่องเที่ยว
วิทยานิพนธ์บทที่ 4 พัฒนาการท่องเที่ยววิทยานิพนธ์บทที่ 4 พัฒนาการท่องเที่ยว
วิทยานิพนธ์บทที่ 4 พัฒนาการท่องเที่ยว
 
บทที่ 3 ระบบ android ocr
บทที่ 3 ระบบ android ocr บทที่ 3 ระบบ android ocr
บทที่ 3 ระบบ android ocr
 
ตัวอย่างบทที่่ 1-2 โปรแกรม
ตัวอย่างบทที่่ 1-2 โปรแกรมตัวอย่างบทที่่ 1-2 โปรแกรม
ตัวอย่างบทที่่ 1-2 โปรแกรม
 
ตัวอย่างบทที่ 2 ระบบ e-learning สอนphotoshop
ตัวอย่างบทที่ 2 ระบบ e-learning สอนphotoshopตัวอย่างบทที่ 2 ระบบ e-learning สอนphotoshop
ตัวอย่างบทที่ 2 ระบบ e-learning สอนphotoshop
 
ตัวอย่างบทที่ 3 ระบบ e-learning สอนphotoshop
ตัวอย่างบทที่ 3 ระบบ e-learning สอนphotoshopตัวอย่างบทที่ 3 ระบบ e-learning สอนphotoshop
ตัวอย่างบทที่ 3 ระบบ e-learning สอนphotoshop
 
ตัวอย่างงานเกมส์เขียนด้วยภาษา C
ตัวอย่างงานเกมส์เขียนด้วยภาษา Cตัวอย่างงานเกมส์เขียนด้วยภาษา C
ตัวอย่างงานเกมส์เขียนด้วยภาษา C
 
ตัวอย่างแบบสอบถามงานวิจัย
ตัวอย่างแบบสอบถามงานวิจัยตัวอย่างแบบสอบถามงานวิจัย
ตัวอย่างแบบสอบถามงานวิจัย
 
บัญชีกำไรขาดทุนร้านซ่อมแซมเสื้อผ้า
บัญชีกำไรขาดทุนร้านซ่อมแซมเสื้อผ้าบัญชีกำไรขาดทุนร้านซ่อมแซมเสื้อผ้า
บัญชีกำไรขาดทุนร้านซ่อมแซมเสื้อผ้า
 

Recently uploaded

SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 

Recently uploaded (20)

SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 

Ict security essay

  • 1. ICT Security 1. Introduction 1.1 Definition of ICT 1.2 ICT Security in General Terms 2. Risk Assessment 2.1 Steps 2.2 Governance 3. Security Concerns 3.1 People 3.2 Physical Security of Assets 3.3 Wireless 3.4 Web Threats 4. Risk Assessment of a Private School
  • 2. 1. Introduction The globalization and ever changing technological landscape of society influenced our way of life to change rapidly. We concerned with technology in every parts of daily life. Global economy at the present time depends on new technology, knowledge, and information. Whoever contain effective all of the three factors is easier to success. So, the old tradition of teaching in school that students learn in the fixed period of time and wait for only teachers is not enough for the globalization anymore. All students need to find more information outside the class. Learning by themselves is an important thing that causes a student to differ from one another. “The illiterate of the 21st century,” according to a noted futurist, “will not be those who cannot read and write, but those who cannot learn, unlearn and relearn.” (Toffler, 2011) Information and communication technologies (ICTs) can be one of the most useful tools for student learning. It supports students to learn what they want to know easier than going to join a tutoring center or asking some advices from a teacher. Some mediums of ICT are every effective. Students can learn step by step according to well-designed products. Not only the ICT components expand student’s knowledge, they also help teacher to access effective knowledge for their students. Teachers will design what to teach effectively within the fixed period. Students will get the best information from their teachers. Besides, if there are some parts that students feel that they do not have enough information, they can find out more by the ICT mediums. It seems like using the ICTs is very simple. In fact, setting the ICTs into the educational system is very complicated. It concerns complex process, technique, and budget. Indeed, getting the technology and physically installing it into an environment is the easiest part provided you have the capital. Other areas of concern include software, training, governance and security. ICT security in particular is of great import and concern and should be given due consideration when ICT is present in any capacity. 1.1 Definition of ICT Information and communication technology or ICT is mostly defined as the internet which is technology providing accesses to information through telecommunications. Somebody may confuse about its meaning because of it is similar to information technology or IT. Intact, ICT includes all kinds of telecommunications, covering phone, Internet, wireless network, and other telecommunication mediums. ICT is useful for both private and government sectors. The easy example is using ICT in school. With ICT, learning process in schools at all levels will be more effective due to easy access to information. Students in one school can search the Internet to find information from anywhere in the world. It is also convenient for teachers in many aspects such as designing teaching plan, consulting, meeting, and etc. Therefore, the meaning of ICT is some mediums based on telecommunications. 1.2 ICT Security in General Terms Another apt expression of writing regarding ICT states, “Our technological powers increase, but the side effects and potential hazards also escalate” (Toffler, 2011). One of the most important of these “side effects” and potential hazards in terms of ICT is security. Presently, the meaning of the word security implies reflections and reasoning which are different from just a few years ago. In the past, society and business thought about security in terms of physical theft, fraud, sabotage and perhaps more sinister methods. However, with sensitive information increasingly being entrusted, stored and transmitted using ICT, security has taken on new meanings and relevance. Businesses must therefore take into account that defense and the prevention of adverse events with regard to ICT security has become an important consideration when conducting business over the internet and in an effort to protect the ability to be productive and competitive. Security is something any business with ICT cannot do without. One technology writer surmises, “Security is the protection of information, systems and services against disasters, mistakes and manipulation so that the likelihood and impact of security incidents is minimised” (B o r a n S . , 2003).
  • 3. Due to increasing application of information and communication technologies, ICT systems represent the foundation and the means of transmission for all pieces of information that are fundamental to businesses. ICT systems are more increasingly more complex and in turn vulnerable with the growing presence of viruses. In fact, launching or acquiring damaging attacks against ICT systems requires less and less skill. Damage can often occur without the knowledge of the users and transmission of viruses can be accomplished covertly and unwittingly. ICT systems themselves are also becoming more complex and as a consequence are likely to be exposed to intrusions and technology develops. Further, the spread and increasing use of wireless technology has created new opportunities for attacks, which are difficult to defend as they are literally and figuratively available to anyone. In spite of all these factors, most attacks to ICT systems still take advantage of weaknesses that have no clear solutions in the never ending war between attackers and defenders. The different classifications of attacks to ICT are numerous with the most prevalent being:  Theft of information storage hardware (laptops, hard drives, hard disks, tapes, etc.)  Denial of service  Virus contamination  Trojan horses  Piracy and fraud  Unauthorized access or changes to information or system data/settings  Unauthorized use 2. Risk Assessment It is nearly impossible to be completely prescriptive about ICT security and one of the first tasks required when dealing with ICT security is to identify and assess overall and specific risks. The process is usually divided into four main phases. 1. Identifying the risk 2. Evaluating the risk 3. Analyzing the risk 4. Managing the risk There will always be a need to assess ICT security, and doing so is good practice for any business that wants to carry on its function because without knowing what the risks are it is impossible to manage them. Although risks to ICT systems will change and evolve as technology is adopted to support a business’ mission, it is not a subject that should be taken lightly or disregarded in any stretch of the imagination. Since ICT is at the core of how businesses operate and function, particular care to this part of an organization, company or business is paramount. 2.1 Steps First, it is important to identify any possible areas of risk and glean the most understanding possible of what those risks may be. Second, once identified thought must be given to how the risk may cause harm to the business and how likely that risk may occur (e.g. high, medium, low likelihood). Next, an analysis is conducted to determine what possible consequences would result if the risk did occur. Finally, once the risk factors have been established and researched, systems, policies and procedures can be put in place to eliminate or at least minimize the risk. ICT security risk assessment needs to be included in any business organization’s overall risk management strategy.
  • 4. 2.2 Governance Merely having policies and procedures in place to combat security risks is in itself not enough. These policies and procedures will need to be enforced and regularly reviewed for relevance. This means that one or several members of an organization’s staff, depending on the nature of the organization, is clearly identified and given the responsibility of assessing, planning for, carrying out, and documenting ICT risk assessments. These staff members will also be given the task of reviewing those policies and procedures put in place for effectiveness and compliance. The overall decisions on ICT security policy should be made at the managerial level. It is important that decisions be made within the framework of the organization’s function and overall goals and thus decisions and recommendations concerning ICT security should be reviewed by management or someone who is aware of the wider strategic issues, whether or not they are technically competent. 3. Security Concerns 3.1 People People are the biggest threat to the security of ICTs, whether inadvertently or deliberately. The very core idea of human nature is that we are not infallible and that we make mistakes, again often inadvertently. No matter how technically complex an ICT security policy, people are usually the weak link that creates or exacerbates risk. It is important that an organization’s staff be educated about the potential risks and how they can avoid them. Proper training should be given to all members of an organization regarding the policies and procedures of ICT. “Information security (IS) management polls continue to reveal that insider threat, due to disgruntled employees or dishonest employees, is the number one risk to the security of computing resources. Likewise, the 1996 National Retail Security Survey indicates that 42% of inventory shrinkage is due to employee theft. Further, today’s highly competitive, technologically advanced workplace generates an environment where talented technicians move from one organization to another, and take their knowledge with them” (K r a u s e , M i c k i , & T i p t o n , 1997). 3.2 Physical Security of Assets ICT hardware is generally expensive and therefore should be safeguarded from theft, not only from the point of the theft itself, but also because of the valuable information housed within. Taking precautions will reduce the risks associated with ICT hardware and any possible disastrous results. 3.3 Wireless ICT systems sometimes become susceptible to risk because of the wireless standards used by an organization. All standards of wireless fidelity (WiFi) are accessible by anyone with the right equipment and skills. Therefore any system using wireless could be tapped into and information compromised, altered, or stolen. With the sensitive nature of the information stored on ICT these days, particular care should be exercised when using wireless as a means of information transmission. Since all data transmissions using wireless travel through the frequency waves, it becomes possible to intercept or copy the information transferred.
  • 5. Figure1. Illustration of wireless transmission risk mobile device eavesdropping server interference active attack (I m a i , 2006) 3.4 Web Threats The Internet has also played a role in the presence and spread of ICT risk. Just about every aspect of web based information and communication necessitates the transfer (e.g. downloading, uploading, duplicating) of information and often risks are present at this stage. Just as the common cold is easily transferred between people, so also can ICT risk be transferred from device to device, computer to computer, system to system and network to network. It can then become an amorphous risk to all until it is identified and managed. 4. Risk Assessment of a Private School The specific aspects of security mentioned previously were done so because these are also the most overlooked areas of ICT security at the scrutinized location of this document, a private educational facility in Southeast Asia. The school in question has ICT infrastructure in place throughout the facility for use by both staff and students. There is ICT present in most classrooms, two libraries, in the staff offices, and in various other areas of the school. All of the ICT components operate on a common network and, with the exception of staff and administration computers, are accessible to the student population. It is possible to close accessible points to a network. However, the school can provide some budget and time for the controllers to monitor. If the school does not have enough budgets, frequent checking is also a powerful method to investigate the happening problem and solve it. Mostly, the risks in security concern misconfiguration and poor programming of the staff. The school should search for an effective specialist to be an administrator. If the network is controlled by proper staff, the risks will reduce. The risks identified at the private educational facility mentioned herein will also be accompanied by possible and available remedies. 4.1 Configuration Errors- These errors create risks that enable attackers to destroy systems. Configuration is the most important part to protect the system; however, there maybe some errors such as incorrect setting file permission, setting poor password, and leaving some services open. The solution to reduce these configuration errors is setting standard procedures for a system administrator to follow. Moreover, there should be a follow-up team to monitor some errors that may happen from configuration. This risk is present at the facility. The administration does not have a schedule for setting or changing default network passwords and any passwords currently in place are not safeguarded. As a possible remedy, a member of the ICT department should be tasked with creating a schedule to change or reset passwords on all facility networks and servers which only the management echelon will be advised of. 4.2 Default Accounts- Some applications install with default accounts and passwords. In some instances, the installation programming uses a default user ID and password that the installer uses with the intention of changing at a later time. Most of these default accounts have default passwords
  • 6. associated with them, and even if administrators have changed the default passwords on these accounts, the accounts themselves are common targets for attack. Once the account is breached, the attacker has administrator rights over the system. System administrators should rename or delete these default accounts so that they are less likely to become targets of attack. 4.3 File Permissions- Improper file permissions can also be a source of vulnerability. File permissions determine what the user has access to and what programs that user can run. Additionally, since some programs run under the context of a higher-level user, mis-configuration of security settings on these programs could allow a user to elevate their access. Sometimes, settings directories give full programming access to the “everyone” group, giving any user access into the system programming. The facility should regularly review file permissions and set them at the most restrictive level possible while still achieving the desired level of the sharing. 4.4 Network Architecture- A secure network should be designed and constructed to separate the internal network from access by external sources using the Internet and all incoming and outgoing traffic should be filtered through a robust and effective firewall. At present, all ICT resources in classrooms at the facility have direct connections through local access networks (LAN) without the benefit of being monitored or filtered by any security methods. Additionally, students with access to the school’s computers are also in possession of portable information storing devices such as external hard drives, CDs and DVDs, and USB drives. In this way viruses and other forms of malicious software are downloaded from various sources and then transmitted or spread throughout the network. As a remedy, classroom computers should have their access to the Internet routed through administrator controlled firewalls that are closely monitored. Additionally, use of external information storage devices should be restricted to only those computers that are free of risks and regulated by competent school staff. 4.5 Virus and Anti-Virus- Most businesses think anti-virus software is the cure for attacks of this nature. The threat from viruses varies with the type of malicious activity they attempt to perform. Some viruses offer only annoyances with no permanent damage done, while others enable remote attackers to gain unauthorized access to systems, applications and networks. The widespread problems resulting from these viruses demonstrate a person’s abilities to hide malicious code relatively well. It also shows how easy it is for users to unknowingly execute this code and compromise the security of their system. Recent virus-scanning programs are quite advanced, but the scanners are only as good as the virus definitions. Virus scanners must be constantly updated. Additionally, many new viruses may not appear in the database and may be missed. Virus-scanning tools that employ heuristics and sandboxes should be used in an attempt to catch these undefined viruses. Heuristics involve looking for code or programs that resemble or could potentially be viruses. Sandboxes actually execute the code or application in a quarantined environment and examine what the program does. If the program appears to be a virus, the virus package quarantines the program and performs an alert function. The heuristics and sandboxes hopefully catch any newly developed exploits and viruses that may not have been included in the most recent virus definitions update. Here at this facility, while anti-virus software exists, it is often outdated and the definitions seldom updated, a sort of “install and forget” mentality. The remedy for this problem and area of risk is to regularly update the anti-virus software and to ensure that the virus scanning software is current with the level of programming available.. 4.6 Wireless Networks- The facility regularly stores sensitive information such as student and staff personal information, grades, exams and, more importantly, exam answers, on network computers with wireless capabilities. The area of risk here is that the wireless network is easily accessible. This network and the information stored within should be structured in an intranet with a centralized access point for data transmission to outside sources. That centralized access point should use LAN as opposed to wireless to maintain a better state of security. Currently. Any student with a proper device such as a laptop can access the wireless network and in turn, with the proper skills and knowledge, access the information contained therein.
  • 7. 5. Conclusion The educational facility scrutinized in this document is quite obviously lax in their approach to network security. In fact, the issues/risks identified here are not the only problems faced by this facility. Additionally, there is an issue of governance. Perhaps that should be the first step in order to get the school headed in the right direction with regard to ICT security. Currently there appears to be no identifiable party tasked with regulating the ICT infrastructure. Until this comes about, the risks faced by the school will continue to be a source of great concern. As stated by the United Nations Educational , Scientific and Cultural Organization, “The use of ICT cuts across all aspects of economic and social life. Technological developments in ICT are very rapid. Technology quickly becomes obsolete requiring new skills and knowledge to be mastered frequently. Adaptation is only possible when based on a sound understanding of the principles and concepts of ICT.” (Daniel J., 2002)
  • 8. References 1. Toffler, Alvin. BrainyQuote.com. Xplore Inc, 2011. 15 February. 2011. http://www.brainyquote.com/quotes/quotes/a/alvintoffl409080.html 2. Toffler, Alvin. BrainyQuote.com. Xplore Inc, 2011. 15 February. 2011. http://www.brainyquote.com/quotes/quotes/a/alvintoffl386113.html 3. B o r a n , S e a n . " I T S e c u r i t y C o o k b o o k . " b o r a n . c o m . B o r a n C o n s u l t i n g , 0 2 . J u n e . 2 0 0 3 . W e b . 1 6 F e b 2 0 1 1 . < h t t p : / / w w w . b o r a n . c o m / s e c u r i t y / >. 4. K r a u s e , M i c k i , a n d H a l T i p t o n . " H a n d b o o k o f I n f o r m a t i o n S e c u r i t y Management." cccure.com. CRC Press LLC, 1997. Web. 16 Feb 2011. http://www.cccure.org/Documents/HISM/ewtoc.html 5. Imai, Hideki. Wireless Communications Security. Norwood, MA, USA: Artech House, Inc., 2006. 44. Print. 6. Daniel, John. Information and Computer Technology in Education: A Curriculum for Schools and a Programme of Teacher Development. 15 Feb. 2011. United Nations Educational, Scientific and Cultural Organization. 2002 <http://unesdoc.unesco.org/images/0012/001295/129538e.pdf>.