Why Security, What's the need?
This is a good question, why do we need security in today's world. Why don't we make information freely accessible by anybody and everybody, after all we all have a right to know, don't we...
Private security
Well first of all. No we do not all have a right to know everything. There are many things that people have a right to keep secret, from PIN's to Medical information, nobody really has a right to know any of them except for the individual in question. There have been several pieces of legislation to do with security by the government, one is the Data Protection act 1984, this states that any person has a right to see any information that is held about them on computer and they can demand that any incorrect or unnecessary information can be either amended or deleted. This does not apply to either MOD, or police information, so you cannot get information deleted from police computers. Also, this does not apply to non computer stored information. The DPA also demands that information be kept safe, well this is where security is needed. Legally speaking, storing as much as someone's address, name or E-Mail address and not protecting it is against the law. Well how can it be protected, There are two ways to prevent unauthorised access to files:
1. Encrypt it.
2. Physically protect it
The only way to be sure that nobody can get to your files is to keep it in a secure Room, that is lined with lead and filled in with concrete. But this is impractical as at least one person needs to be able to get to the information. Now we come to a problem, if one person can get in, then anybody can, keys can be stolen, all codes can be cracked, and people can be forced to use finger or voice prints and retina scans. So security is not really about preventing people from accessing information that they shouldn't be able to it is merely about minimising the chance of them getting in. So encryption is used, more information on encryption can be found in the next section. The main problem with encryption is that a method that people can use to get passwords called bruteforcing (see passwords) is quite easy and doesn't always take a long time. This means that the information is not secure. This brings us to another argument, why use computers, they are probably the least secure method of keeping things, copies of documents can be made easily and with little or no evidence to show that a copy has been made. Why not use paper, it is more difficult to copy, a photocopier is needed and the document has to be obtained before it can be copied. This is not always true for computers. The main flaw for computers is often the main advantage, it is a world-wide network linking millions, probably billions of computers together called the Internet. Although this has major advantages such as instant communication and a wealth of information, it also has drawbacks that come in the form of two programs called NetBUS and BackOrifice. These programs allow anybody to control any computer, from anywhere in the world, with little or no way that they can be tracked down. So a 'secure' file can be sent from one computer to another, (I don't like the word 'downloaded', it can give rise to confusion, so I always use 'copied', 'sent' or 'moved'.) where the receiver has as much time as he/she likes to decrypt the file and read it. Also 'secure' transmissions of credit card numbers can be intercept and E-Mails can be intercepted and decrypted without too much hassle, although it can take a long time (many years) in extreme cases (more information can be found in passwords.)
Company Security
Security in companies is supposedly just as important as private security but in my opinion, it is not. Companies should not be allowed any extra degree of security, when this file was written (early 1999) there was an advert on ITV (English TV) to do with IBM preventing hackers from finding out the salaries of 'Senior VP's' and mailing all the company. In my opinion (remember this is is just an opinion and any arguments can be sent to [email protected]) Companies should not be allowed to keep things like salaries a secret. All people at the same level should be paid the same. But back to the security now, the advert used a stereotypical 'hacker' and *in my opinion* was very one sided. But at the moment, they are allowed to and so the information must be kept secure and unauthorised access prevented. This faces the same problems as personal security (see above). Organisations such as the MOD, FBI and CIA keep data secure and they are probably allowed to, unless it contains information about Aliens or Extra terrestrials!(for all you conspiracy theorists). However I think I'll leave that to a certain partnership of Special Agents to do, because, I can't be bothered... There is not really much more to write under the heading of security so, I'll leave it there...
Additional...
Well that just about sorts it out. We need security in a lot of things we do but really we are shooting ourselves in the foot with some new inventions. Read some of the other sections to find out more about the different methods of securing things. And remember: Security is not about preventing unauthorised access, merely decreasing the chance of it. If people want your information so badly that they are prepared to wait years, its probably best to destroy it. However, remember the 'Recycle Bin' and 'Norton UnErase' can even prevent that! aren't some inventions just brilliant!
Home Email ([email protected])