What Your Business Should Know about Internet Security

By Mcguire, Brian L.; Roser, Sherry N. | Strategic Finance, November 2000 | Go to article overview

What Your Business Should Know about Internet Security


Mcguire, Brian L., Roser, Sherry N., Strategic Finance


Recent attacks against web-sites such as Yahoo, Amazon.com, E*Trade, and eBay plus periodic virus outbreaks such as ILOVEYOU and Melissa should remind companies that security issues must remain a primary concern for everyone doing business on the Internet. The Internet opens new doors for a company worldwide, but it also opens the company up to security vulnerabilities.

Businesspeople who participated in Ernst & Young's sixth annual Information Security (EYIS) survey, for example, believe that "as connectivity grows, driven by eCommerce and the Internet, so does risk [from industrial spies, foreign governments, competitors, and even legitimate business partners]." The Information Infrastructure Standards Panel is growing concerned as intruders become even more sophisticated at stealing or destroying information. And the threat isn't limited to external perpetrators. Disgruntled employees actually are more likely to commit some type of computer crime against their former employers. They're more familiar with system weaknesses, and they're better able to cover their tracks. The Computer Emergency Response Team (CERT[R]) at Carnegie Mellon University receives multiple daily reports of security breaches, an increase from the one every other day reported in 1990. (Current reports are available at www.cert.org/summaries/CS-2000-03.html.)

In the EYIS survey, more than 59% of the participants reported financial losses in the past year due to system downtime, system failures, or security breaches, yet only 41% of the organizations had Business Continuity Planning (BCP) in place. In approximately 45% overall, BCP wasn't even in the budget.

How can you manage the threat of Internet security if your company is conducting or contemplating business online? Access to information on the Internet is decentralized, so the security of the information should also be decentralized. Setting up security measures involves time, money, and inconvenience for everyone involved--and all levels of management need to be involved.

HOW DOES YOUR COMPANY USE THE INTERNET?

The Open User Recommended Solutions (OURS) Consortium is a task force made up of 60 corporate users and computer vendors. OURS has identified several steps companies should take to establish Internet security. First, a company must identify how it will use the Net, and then it should assess the risks involved and perform a cost/benefit analysis to determine if the benefits outweigh the potential costs.

In the EYIS survey, 80% of those reporting provide some degree of remote access to their organization--dialin, leased line, Internet, or Virtual Private Network (VPN). This is just one of several good reasons to perform a risk analysis. For example, in a healthcare organization patient information is extremely confidential. This high degree of confidentiality demands rigid information security. That means a healthcare organization most likely would assess its potential risk as high. But a company with information of very little value on its system may assess its risk as low, with fewer required security measures.

IDENTIFY POSSIBLE THREATS

After a company identifies how it will use the Internet, it needs to identify the threats that are present online, OURS suggests. Here are nine basic threats that cover the areas that should be of greatest concern for any company:

1. Data destruction,

2. Interference,

3. Modification/replacement,

4. Misrepresentation/false use of data,

5. Repudiation,

6. Inadvertent misuse,

7. Unauthorized altering/downloading,

8. Unauthorized transactions, and

9. Unauthorized disclosure.

The objective is to make an attack on your company's computer system as difficult as possible. Deterrence is the logical approach because a good hacker can get into almost any system. A recent survey of IS managers and security experts defined Internet security as just one other issue that must be dealt with and made part of the overall business plan. …

The rest of this article is only available to active members of Questia

Sign up now for a free, 1-day trial and receive full access to:

  • Questia's entire collection
  • Automatic bibliography creation
  • More helpful research tools like notes, citations, and highlights
  • A full archive of books and articles related to this one
  • Ad-free environment

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
One moment ...
Default project is now your active project.
Project items

Items saved from this article

This article has been saved
Highlights (0)
Some of your highlights are legacy items.

Highlights saved before July 30, 2012 will not be displayed on their respective source pages.

You can easily re-create the highlights by opening the book page or article, selecting the text, and clicking “Highlight.”

Citations (0)
Some of your citations are legacy items.

Any citation created before July 30, 2012 will labeled as a “Cited page.” New citations will be saved as cited passages, pages or articles.

We also added the ability to view new citations from your projects or the book or article where you created them.

Notes (0)
Bookmarks (0)

You have no saved items from this article

Project items include:
  • Saved book/article
  • Highlights
  • Quotes/citations
  • Notes
  • Bookmarks
Notes
Cite this article

Cited article

Style
Citations are available only to our active members.
Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

(Einhorn, 1992, p. 25)

(Einhorn 25)

1

1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

Cited article

What Your Business Should Know about Internet Security
Settings

Settings

Typeface
Text size Smaller Larger Reset View mode
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

Help
Full screen

matching results for page

    Questia reader help

    How to highlight and cite specific passages

    1. Click or tap the first word you want to select.
    2. Click or tap the last word you want to select, and you’ll see everything in between get selected.
    3. You’ll then get a menu of options like creating a highlight or a citation from that passage of text.

    OK, got it!

    Cited passage

    Style
    Citations are available only to our active members.
    Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn, 1992, p. 25).

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences."1

    1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

    Cited passage

    Thanks for trying Questia!

    Please continue trying out our research tools, but please note, full functionality is available only to our active members.

    Your work will be lost once you leave this Web page.

    For full access in an ad-free environment, sign up now for a FREE, 1-day trial.

    Already a member? Log in now.