Friday, January 31, 2020
Information Security College Essay Example | Topics and Well Written Essays - 750 words
Information Security College - Essay Example Information security essentially requires that the genuine parties to a transaction are identified, the actions they are allowed to perform are determined and their actions are limited to only those that are necessary to initiate and complete the transaction. Anything beyond that means that an intrusion attack is taking place. A new technology that has come up to secure information is the use of "tokens". Token is a form of two-factor authentication whereby the user needs a combination of something he knows for e.g. a password and something he has e.g. a token, to log on to a system. Tokens come in various shapes and sizes and they are mainly of two types; "passive tokens" are storage devices that contain a secret code that allow users to gain access to a network, whereas "active tokens" are usually small stand-alone electronic devices that generate a one-time password that is only useful for a single log-on and the user logs on to the system using this one-time password. Currently there are 20 vendors who are involved in the marketing of these handheld devices and the price ranges from $30 to $100 per unit. Companies wanting to use this technology can choose anything that serves their need and purpose because it can be customized and costs accordingly. However, four vendors are the market leaders because their products are sold the most; three vendors have the token device the size of a small calculator with a keyboard and use a 'challenge response' strategy. The fourth vendor supplies a device that is the size of a credit card and operates on a random number basis. Tokens are becoming increasingly popular among major companies today because they provide a very good and reliable solution to safeguard information. Over the years, companies have tried various means by which the network and information of the company would remain safe and not get in the wrong hands. However, more often than not, expert hackers have managed to break in and damage the whole network of companies. As a result of this, companies have faced enormous amounts of losses and experienced damages beyond repair. Companies using the technology of tokens are realizing that it is becoming extremely significant for the smooth running of their business without fearing the attack from hackers and losing valuable information. Tokens offer several advantages mainly: The password used in tokens is dynamic and cannot be re-used or guessed as it is a one-time password only. Tokens save costs as less money is spent on installing security technologies like firewalls etc and expert personnel don't need to be hired for the maintenance of these technologies. Since all the transactions require digital signing, it validates user identity. Even if the token device is lost or stolen, other built-in features prevent illegal access. Some tokens also have an audit trail and a built-in alarm that alerts the security director or mainframe operator to illegal access attempts. The size of the devices are such that they are portable and enable authentication for members of the company from anywhere, anytime. As more and more businesses are going online, the need to protect the company's network from attacks is greater than ever. A large amount of high-tec information passes to and fro among
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.