Information Systems Security

Computer system threats come in many different forms. Some of the most common threats today are software attacks, theft of intellectual property, identity theft, theft of equipment or information, sabotage, and information extortion. Most people have experienced software attacks of some sort. Viruses, worms, phishing attacks, and trojan horses are a few common examples of software attacks. The theft of intellectual property has also been an extensive issue for many businesses in the IT field. Intellectual property is the ownership of property usually consisting of some form of protection. Theft of software is probably the most common in IT businesses today. Identity theft is the attempt to act as someone else usually to obtain that person's personal information or to take advantage of their access to vital information. Theft of equipment or information is becoming more prevalent today due to the fact that most devices today are mobile. Cell phones are prone to theft and have also become far more desirable as the amount of data capacity increases. Sabotage usually consists of the destruction of an organization′s website in an attempt to cause loss of confidence to its customers. Information extortion consists of theft of a company′s property or information as an attempt to receive a payment in exchange for returning the information or property back to its owner. There are many ways to help protect yourself from some of these attacks but one of the most functional precautions is user carefulness.

Governments, military, corporations, financial institutions, hospitals and private businesses amass a great deal of confidential information about their employees, customers, products, research and financial status. Most of this information is now collected, processed and stored on electronic computers and transmitted across networks to other computers.

Should confidential information about a business' customers or finances or new product line fall into the hands of a competitor or a black hat hacker, a business and its customers could suffer widespread, irreparable financial loss, as well as damage to the company's reputation. Protecting confidential information is a business requirement and in many cases also an ethical and legal requirement. A key concern for organizations is the derivation of the optimal amount to invest, from an economics perspective, on information security. The Gordon-Loeb Model provides a mathematical economic approach for addressing this latter concern.

For the individual, information security has a significant effect on privacy, which is viewed very differently in different cultures.

The field of information security has grown and evolved significantly in recent years. There are many ways of gaining entry into the field as a career. It offers many areas for specialization including securing network(s) and allied infrastructure, securing applications and databases, security testing, information systems auditing, business continuity planning and digital forensics.

Database Management System

A database management system (DBMS) is a set of program that allows the creation of datafile, the alteration of the data in these files and the extraction of date from the files. The idea with a DBMS is that all the data is kept centrally and only authorized system can access data via the DBMS.

All database management systems allow the following:

• data files to be set up by creating tables (or datafiles) which may be linked together
• users to ask queries of the data e.g search for data meeting certain criteria
• addition of more data (appending), deletion and editing of existing data
• alteration to the structures of the datafiles or tables
• security by allowing only certain people access to each of the datafiles or tables
• user to import data into the database from other packages and data to be transferred to another package (exporting)

File Organization

There are several methods to organize file.

• Serial Files: Here records don't follow each other in any particular order, if another record needs to be added it can just be added to the end of the file.

• Sequential Files: They are like serial files except the the records are held in a certain sequence e.g to order pupil file in admission number sequence

• Random Files: Random files have to be stored on disk and they are not stored in any order on the disk surface. The disk operating system keeps a map of the disk surface and using this map the read/write heads can go straight to the data. In this way, the data is found without the whole disk having to be read. Random access allows data stored on disk to be found extremely quick.