Privacy is an important social issue involved in information society. Privacy deals with the collection and use or misuse of data. Data is constantly being collected and stored on each of us. This data is often distributed, sold or used without our knowledge. Privacy of hardware and software of consumers is another important issue. If hardware companies give a unique identification to each major component, the software company can use this number to uniquely identify each electronic documents created.
This could be useful in checking the piracy of users is compromised. Ethernet card is the only hardware component that has unique identification, which is used in communication. PROTECTING COMPUTER EQUIPMENT AND FILES Crimes involving illegal system access and use of computer services are also a concern. Google systems left unattended over weekends without proper security have been used for commercial use. Computer magazines regularly report cases where employees have used the facilities for their personal benefit sometimes at the cost of their employers.
Hackers make use of their computer knowledge to gain access to others computers. Sometimes, files, passwords, programs, or processing power are stolen. An intruder may alter the data or destroy the data making it unusable and useless. A hacker writes a small password snifter that is hidden from the computer owner. A password snifter can steal passwords and gain access to data and files. There are Antisniff Programs that can detect and block a password snifter. Depending on the nature of the computer crime that an organization anticipates, it may adopt controls.
Google’s controls are expensive to implement and the organization must evaluate the cost against the benefit. To summarize, here is a list of control guidelines: a) Install strong user authentication and encryption capabilities on your firewall. b) Upgrade the software with the help of patches, which are developed by vendors whenever a security gap is found in the software. c) Guest logins are always misused. Any book on Microsoft products advises against creating a guest login.
Group accounts such as head-sales should also be avoided. Such accounts become public very quickly and no body can be held responsible. d) Remote-logins also create serious threat to security. This fact is so well accepted that Linux does not permit super-user remote-login. There was a time when system accepted login and then prompted for password. While one typed password, a star will substitute each character. A person from a distance could easily learn the login and number of characters in the password.
Systems have now changed and login-password is accepted together. e) It is a good idea to have dedicated servers for applications that communicate with outside world. Encourage people to have separate passwords for lntranet and Internet if possible. f) In certain cases, the law requires that audit trail must be on. A document once created cannot be changed without leaving an audit trail. Most of the ERP packages, for instance, leave audit trail. In case of a crime, the audit trail can be of immense help