- Introduction
- Solutions to Part A: Asset Vulnerability
- Solutions to Part B: Possible Threats against Asset
- Solutions to Part C: Likelihood of Threat Occurrence
- Solutions to Part D: Consequences to Mission-Critical Business Processes
- Solutions to Part E: Effect to Organization Competitive Advantage
- References
Introduction
With the modern uncertainty in information and physical safety, even computer programmers who understand the inner technical operations for software admit that there is no single way to eliminate computer security threats. However, software developers struggle so hard to improve the security levels of existing software.
As a result, the constant improvement allows more users to enjoy new software functionalities, as well as the security benefits that come with the new deals. According to relevant sources, software risks will always exist as long as various systems within the computer system are working, as well as allow people to access emails, social networks, and e-commerce.
In addition, programs with malware and hackers are always present and in search for confidential information. The major source of software vulnerability can be attributed to coding errors. While coding errors affect some languages such as C and C more than other languages like Java, coding is a problem that is likely to affect all languages (Foremanm, 2009).
Solutions to Part A: Asset Vulnerability
In many ways, modern technology seems to offer solutions to almost every single problem. While software vulnerability has been a key problem for the computer programs, technology has come up with solutions to curb this evil. This part of the project presents ways through which computer security has become uncomplicated.
It has become easy to identify software weaknesses and vulnerabilities identified in phase I as well as give means to fix the vulnerabilities to the original state. With the sophistication of computer security systems, it is continually getting easy to create software that provides protective measures against hackers.
Some of these security systems include windows firewall, antivirus, and antispyware that are designed to prevent the software from several security threats (Wright, 2009).
It has become clear that in the society today, there is no way to avoid computer security vulnerability; hence, it is worth to understand the ways of preventing the software protection from being compromised. In an effort to the plot and explain the answer to this vulnerability, the study has identified the solutions to preventing this destruction.
Identifying the area where the computer software is vulnerable is a challenging task, which must be conducted so as to prevent the computer from being vulnerable. Fortunately, technological innovation has enabled the manufacture of honey pot machines, which is considered as the key to stable computer assets (Schalager, 2008).
In an attempt to identify vulnerabilities posed by hackers and other threats like viruses, honey pot machines have been devised to solve vulnerability as soon as it happens. In addition, the machines give an identified location within the system where there is a key threat to susceptibility.
Honey pot machines have the capacity to catch someone trying to break into the system. These machines play a vital role in computer security and also in guarding the software against various threats by identifying the area where vulnerability lies.
Solutions to Part B: Possible Threats against Asset
Passwords
On several occasions, passwords have created a large impact in providing security to the computer system. While many people leave their systems without passwords, they underestimate the potential that passwords have in preventing computer software vulnerability. Has a first step, passwords limit the number of people who can access information and destroy or replace it while eliminating the chances of missing and stolen files (Kiountouzis, 2002).
Passwords and other means of authentication block other software that might be detected as malware within the system. Since having a password is a significant step in preventing software vulnerability, computer individuals must be on the watch out for the privacy of their passwords.
The character combination of password should not be too predictable by other users or individuals who access the same machine. As discussed in phase one, weak and default passwords is increased by use of words found in the dictionary, lack of diversity in the characters used and use of information which is readily crucial to the user (Anna, 2010).
Outdated/in original software
While many computer users do not regularly update their system, they ignore the fact that software that is not current is more vulnerable to computer anxiety than software that is constantly updated. In addition, in real software does also pose a greater threat to the system being hacked because they lack the confidence carried by original software.
According to relevant sources, computer users must be sensitive and use up-to-date versions of computer software so as to increase the security of their systems. Additionally, this will ensure that their sensitive information is protected against computer malware since new programs are equipped with improved security features. Therefore, it is essential that the average computer user maintains an updated version of their programs, as well as other protection software.
Solutions to Part C: Likelihood of Threat Occurrence
Common Weakness Enumeration
As discussed earlier, coding errors have posed the greatest threat to computer vulnerability. In a struggle to eliminate coding errors, various measures have been implemented by software developers.
Software such as the Common Weakness Enumeration enables the immediate identification of coding errors that might pose a threat to computer security. The software is providing a networked selection of software weaknesses that are enhancing the development of tools, which can detect vulnerability within operating systems, as well as codes.
CERT Coding Secure Standard
With modern technology, software engineers have been able to work to develop software that is less vulnerable. In this effort to develop software that is less vulnerable, the CERT coding secure standard has been devised by Carnegie University in collaboration with software engineers.
As such, the system can detect problems within a program that makes it vulnerable; hence, issue a report on coding standards that will provide security, as well as conduct an educational campaign for software developers. This process is motivated so as to deliver software that will be remarkably secure.
SAMATE
Individual governments involved in software production have not been left behind in an effort to eliminate coding errors in software construction. In this effort, the US government department of Homeland in its own initiative sponsored tools for evaluating and providing metric security software assessment. The project known as SAMATE is involved in identifying, enhancing and developing tools to improve software security.
Solutions to Part D: Consequences to Mission-Critical Business Processes
Firewall
In addressing the short term computer security vulnerabilities, many computers use technological innovations such as web-based firewall that acts as a shield of the system. Though firewall is an effective shield that blocks unwanted and threatening viruses or malware, it does not solve the problem permanently. In providing a permanent solution, the computer user must find a solution for the software.
Vulnerability scanners
Vulnerability scanners have been the primary tools through which computer user provide guidance for their software.
Vulnerability scanners in the modern world meet in a variety ranging from database security scanner, port scanner that examines the computer ports, network vulnerability scanners, computer worm and web application security scanner among others. As seen from the names of the vulnerability scanners, the various scanners differ in their function in that they are used to examine different types of computer security vulnerability.
Penetration test
Conducting a penetration test is another channel through which the computer security vulnerabilities can be easily detected and repaired. Penetration test in computer software security parameters depending on the amount of knowledge the person conducting the investigation has about the system.
An individual must be well informed on the systems within their place before conducting the test. They help identify any possible security threat being posed by hackers or other malicious software.
Computer antivirus
Computer antivirus software comes in all prices ranging from a few dollars to thousands of dollars. The computer antivirus plays an enormous role in preventing malware and viruses that have a devastating effect on computer software. Malware and viruses have the potential to slow down computer software and alter information.
When left unattended, such software can eventually lead to the breakdown of the entire system; hence, result in loses that would have been prevented. Initiating constant updates for the antivirus ensure that most of the growing inventions in computer viruses are blocked out of the system (McClure, 2009).
As established within the paper, there is a justified cause for any obligation to adopt the precautionary measures for computer security vulnerability. In situations where the user stays without adequate protection systems, the computer will remain vulnerable to key threats and may breakdown at any moment.
Fortunately, several preventative tools are affordable while other offers come free, especially with trial versions. For instance, many antiviruses are free within the computer software market; hence, there is a reasonable accessibility to computer security systems.
More so, there is no damage that is charged in installing a password into the computer system. On the other hand, while some of the software such as HP security fortified and the IBM application may be a little higher, the additional cost is justified.
Solutions to Part E: Effect to Organization Competitive Advantage
HP fortified software
In an effort to establish a competitive advantage, software developers have formulated effective software, which is not vulnerable to various attacks. Software provider HP has been in the forefront in devising software security Assurance. HP fortified software can identify the primary purpose of vulnerabilities that are running and those that are dormant.
While being aware that some languages are vulnerable to computer security, the Hp fortified software can discern the existing vulnerability in eighteen of the languages. Hp security can eliminate the vulnerabilities and provide protective measures against insecurity (Williams, 2009).
The internet has become a global village that connects people to almost everybody and everything through online shopping and social networks, among other functions. Though this has changed the world into a global village, it has also posed the largest source of threats to the computer software.
Through the internet, computer users are able to interact with other users, but at the same time, they become exposed to computer malware and data hackers.
While considering threats posed over the internet, IBM has created software that is automatically scanned while on the web and allows the computer user to fix some of the recommendations. The software can identify any vulnerability within the system and support solution to coding errors.
Configuration setting
On the other hand, software security threats associated with the infrastructure and network host are easily eliminated by changing the configurations setting for such a system. One question that can be easily solved by a configuration setting is access to insecure website.
The owner of the computer can receive significant warnings before opening information that is dangerous; hence, the system generates a significant level of protection to the end-user. Viruses and malware are easily blocked and eliminated from the system through a configuration setting.
In providing a solution to computer security vulnerability, patches can be easily applied in the system in order to repair any weak areas of the system. Patches are often present after the vulnerability in the computer security has been identified.
On the effect of installing the precautionary measures, there is a 100% assurance that the business will be secure (Wright, 2009). Modern businesses rely on the technological aspect of computers to perform their business; hence, installing proper security measures in such computer systems will provide a significant level of protection to confidential information.
Government’s jurisdiction has been exposed to destruction through the leakage of sensitive information, and this is not an exception to existing companies and businesses.
As a result, sophisticated computer hardware and protection software have undergone continuous improvement so as to counteract such deficiencies. In fact, the future is expected to bring fourth key security features among computer systems that will boost their security.
References
Anna, F. (2010). Unknown Vulnerability: The basics. New York, NY: McGraw-Hill.
Foremanm, C. (2009). Vulnerability management: Dealing with Computer Security Vulnerability. New Jersey: Morgan Kaufmama publication.
Kiountouzis, A. (2002). Information Systems Security: Facing the Information Society of the 21st Centrury. London, England: Chapman and Hall ltd.
McClure, S. (2009). Hacking Exposed: Network Security Secrets and solutions. New York, NY: McGrawHill.
Schalager, D. (2008). When Technology Fails: Technology Disasters. London, England: Gale Research, INC.
Williams, A. (2009). Improving Information Technology Security: Vulnerability Management. Ney York, NY: McGrawHill.
Wright, G. (2009). Computer and Security: The Vulnerability involved. London, England: Taylor and Francis Group.