Summary Of Information Systems Security

Summary of Information Systems Security.

There are several different types of computer virus. The link virus attaches itself to the directory structure of a disk. Parasitic viruses insert copies of themselves into legitimate programs, such as operating system. Macro viruses are created using the high-level programming languages found in e-mail packages, web browsers and applications software. All viruses, except anti-viruses must be considered to be harmful.

Two other kinds of programs are related to computer viruses; worms and Trojans. A worm is a small program that moves through a computer system randomly changing or overwriting data. A Trojan appears as a legitimate program in order to gain access to a computer system.

Reducing the Threat to Information Systems

There are four main approaches that can be taken to ensure the integrity of an information systems. These are containment, deterrence, obfuscation and recovery.

The strategy of containment attempts to control access to an information system.

A strategy based upon deterrence uses the threat of punishment to discourage potential intruders.

Obfuscation concerns itself with hiding or distributing assets so that any damage caused can be limited.

A strategy based upon recovery recognises that, no matter how well defended, a breach in the security of an information system will eventually occur. Such a strategy is largely concerned with ensuring that normal operation of the information system is restored as quickly as possible