Awareness and challenges of Internet security
Steve Hawkins
Technical Writer/Analyst, Dell Computers Co., Austin, Texas, USA
David C. Yen
Department of Decision Sciences and MIS, Miami University, Oxford, Ohio, USA
David C. Chou
Department of Business Computer Information Systems, St Cloud State
University, St Cloud, Minnesota, USA
Introduction
The threat of computer security is one of the
main barriers to Internet commerce. With
the current popularity and the potential
profits of e-commerce, many executives face
a conflict situation. That is, connecting to the
Internet and expanding their business would
risk the threat of intrusion. On the other
hand, remaining disconnected from the
Internet would sacrifice their customer
contact and services.
Seven members of the Lopht Heavy
Industries, an independent watchdog group
composed of seven hackers, informed the
Senate Committee on Governmental Affairs
in 1998, that ``it would take only 30 minutes
for them to render the Internet unusable for
the entire nation'' (Yasin, 1998). There is
more. Officials from the General Accounting
Office (GAO) also met with the committee
and stated that the GAO has uncovered
serious computer security weaknesses at
both the State Department and the Federal
Aviation Administration that could
jeopardize the operations of both
governmental agencies (Yasin, 1998).
Organizations in both the public and the
private sectors are aware of the needs of
Internet security. It is interesting to know
how both sectors take action to protect their
Internet data and corporate systems. Internet
security is recognized as the methods used by
an organization to protect its corporate
network from intrusion.
The best way to keep an intruder from
entering the network is to provide a security
wall between the intruder and the corporate
network. Since the intruders enter the
network through a software program (such
as a virus, trojan horse, or worm) or a direct
connection, firewalls, data encryption, and
user authentication can restrain a hacker.
While many tactics provide assurance of
protection, carelessness can also be a key
factor. As a result, awareness training and
education should be used to remind staff that
an Internet security breach could have a
profound effect on the health of the
organization and, hence, their job security
(Everett, 1998).
When a company is connected to the
Internet, any user in cyberspace can have
access to its Web site. Installing firewalls,
intrusion detection systems (IDS), and user
authentication software are the necessary
precautions a company must take to protect
themselves. Ultimately, the best protection
from intrusion is to constantly keep
watching for intrusion and to employ the best
protection you can afford while travelling
through the untamed terrain of cyberspace.
This article begins with an overview of
Internet security and the technologies used
in protecting the data on a computer system.
Next, this article investigates the awareness
of Internet security in selected industries
from the public and the private sectors. New
developments and challenges regarding data
protection and Internet security are
addressed in the last sections.
Technology for Internet security
There are a variety of methods that a
company can employ to protect itself from
unauthorized access. Some of the most
popular methods are:
.
firewalls;
.
user authentication;
.
data encryption;
.
key management;
.
digital certificates;
.
intrusion detection systems (IDS);
.
virus detection;
.
virtual private networks (VPN);
.
extranets.
The current issue and full text archive of this journal is available
at
http://www.emerald-library.com
[ 131 ]
Information Management &
Computer Security
8/3 [
2000
] 131±143
# MCB University Press
[
ISSN 0968-5227
]
Keywords
Internet, Security,
Computer networks, Companies
Abstract
Internet security is an important
issue today. Corporate data are at
risk when they are exposed to the
Internet. Current technologies
provide a number of ways to
secure data transmission and
storage, including encryption,
firewalls, and private networks.
This article discusses the
awareness of Internet security and
challenges faced in both the
public and the private sectors.