Securing and Protecting Information
Autor: eNVy51 • October 20, 2014 • Research Paper • 1,082 Words (5 Pages) • 1,219 Views
Securing and Protecting Information
How secure is an organizations information stored within online servers? How about an individual end-user’s various accounts used via the internet to make purchases on an originations website. However, the practice of securing and protecting information can be frustratingly elusive as ever-changing methods invented by cyber-criminals attempting to access this information grows more sophisticated and efficient. Securing and protecting an organizations information assets involves establishing and implementing a state-of-the-art, multi-dimensional approach, beginning with security authentication processes, which, in addition, involves information system design, security, and how the application is used.
Security Authentication Process
Many online application include some form of authentication before a user is granted access. One of the more familiar methods is the requirement of username and password. Usernames and passwords must be provided accurately in order to be granted access to applications, such as email accounts. More specifically, there are four categories which a system may require to establish an end-users identity: something you know, something you have, something you are, or something you produce (Whitman & Mattord, 2010). This process describes one component of the security authentication process known as, authentication.
Authentication
Authentication is generally described as “the confirmation that a user is who it is claiming to be” (Meyer, 2007). As mentioned previously, a common form of authentication being passwords which is classified as a single factor authentication as the username and password are the sole requirement to be granted access. Other online applications have specific requirements as to how a user’s password is formatted, such as requiring one number, a capitalized letter, or a special character such as a dollar symbol or asterisk. The logic for these unique requirements are to make it more difficult for cyber-criminals to gain access to such information. Unfortunately, single factor authentication is often not enough security, which requires network administrators to deploy further security measures to prevent attacks.
Multi factor authentication requires two or more factors to be authenticated prior to access to an application being granted (Meyer, 2007). An example of multi factor authentication is when an internet application requires a private key, which is something you have, along with a pass phrase, which is something you know.
Other examples of multi factor authentication may be the use of software tokens which is used by authenticated client side secure socket layers (SSL) in conjunction with hardware card readers that require a smart card that securely houses the user’s private key. This security method
...