Organizations that use computer systems must protect those systems and the information they contain. The functions and services of computer systems are critical for success. Disabling or compromising the computer systems that a business uses can cause irreparable damage to the business and its customers (Vahid et al., 2017).
Two of the threats that organizations must consider are viruses and phishing. A computer virus is a program that is designed to damage, encrypt, or steal information, computer software, or hardware. Viruses must be kept away from critical information systems. Organizations can use a network firewall to prevent unauthorized access to systems. Without it, viruses can be placed directly onto computer systems by hackers who access the systems from outside of the organization's network. Virus scanning software detects viruses that are in storage and memory of computer systems, but in many cases the damage has already been done (Khan et al., 2017).
Phishing is another way that viruses can end up on critical computer systems. Phishing happens when malicious users send emails to authorized individuals, trick them into giving up their credentials, or run a program to implant a virus onto their computer systems. Phishing emails are created to look as though they came from a legitimate source such as a bank or service provider. An uneducated user might believe that these emails originate from within their organization. They might click the links in the email for that reason. Once they click, a variety of things can happen. Sometimes users are taken to a login page that looks like their own network or service provider's page (O’Leary, 2019). Once passwords are entered, they can be stored for later use by the malicious perpetrators. Sometimes, just a click is needed to run a remote program that implants the virus onto their computer systems.
The best ways to avoid these types of disasters include protection and education. The protection of computer systems involves analyzing all of the ways hackers can get into an organization's systems. It is similar to walking around a house and considering all of the ways that a burglar could get inside. Each 'door' must be identified and locked. Network firewalls can be used to ensure that only authorized users have access to critical systems. In addition to network firewalls, user education is critical. Users should be taught how to identify a phishing email, and this training should include identifying when and how they are allowed to use their network credentials (Kirlappos & Sasse, 2012). It should also include resources they can access via the telephone for support. For example, an organization might have a strict policy that they will never ask for your password in an email. If a user gets an email asking them for credentials, they will know it is not legitimate.
As computers become more and more entangled in the day to day operations of businesses, keeping them running clean is critical. With a 'heads-up' attitude and the right approach, business owners can stay safe.
References
Khan, H. A., Syed, A., Mohammad, A., & Halgamuge, M. N. (2017). Computer virus and protection methods using lab analysis. 2017 IEEE 2nd International Conference on Big Data Analysis (ICBDA), Big Data Analysis (ICBDA), 2017 IEEE 2nd International Conference On, 882–886. https://doi-org.proxylibrary.ashford.edu/10.1109/ICBDA.2017.8078765
Kirlappos, I., & Sasse, M. A. (2012). Security Education against Phishing: A Modest Proposal for a Major Rethink. IEEE Security & Privacy, Security & Privacy, IEEE, IEEE Secur. Privacy, 10(2), 24–32. https://doi-org.proxy-library.ashford.edu/10.1109/MSP.2011.179
O’Leary, D. E. (2019). What Phishing E-mails Reveal: An Exploratory Analysis of Phishing Attempts Using Text Analysis. Journal of Information Systems, 33(3), 285–307. https://doi-org.proxy-library.ashford.edu/10.2308/isys-52481
Vahid, F., Lysecky, S., Wheatland, N., Lysecky, R., & Edgcomb, A. (2017). INT 100: Fundamentals of Information Technology & Literacy. [Electronic Version]. Retrieved from: https://learn.zybooks.com/zybook/ASHFORDINT100AcademicYear2018
No comments:
Post a Comment