|
|
the practice of information security has become much more complicated and the need for qualified information security professionals has become critical. During this time, the International Information Systems Security Certification Consortium (ISC2) has made significant progress in testing and certifying information security practitioners as Certified Information System Security Professionals (CISSPs). Currently, almost 1000 practitioners have achieved certification and several hundred sit for the examination annually. Data secutiry The purpose of this document is to illustrate the importance of “data security on the web in workplaces”. It outlines the essential security measures implemented by workplaces to prevent hackers from the outside world (WWW) to gain unauthorised access to sensitive data and other resources and tampering with it. In preventing from such attacks in the workplace, which can cost a company dearly, this document analysis the network infrastructure design and software that can enhance workplace data security. It discusses such things as FTPS (secure file transfer protocol), HTTPS/SSL (secure hyper text transfer protocol/Secure Socket Layer), PKI (Public Key Infrastructure), firewalls, EFS (encryption file system) and VPN (virtual private networks). Workplaces around the world lack data security in terms of transactions over the web/Internet, which is why organisations are now taking greater security measures to ensure hackers do not gain unauthorised access to sensitive data. Researcher found that the "...highest percentage of companies that had been attacked by hackers in 2001 (44 percent) were in the enterprise space, which In-Stat/MDR defines as companies with more than 1,000 employees" [Tom Smith - Internetweek.com, 04 April 2002]. With such a high percentage, businesses are deploying as a standard to make transactions and data transfers more secure by implementing FTPS and HTTPS as appose to FTP and HTTP. Many organisations dealing with clients/customers transfer data of some sort from one another over networks. The mediums of such transfers are through "e-mails" which is unsecure and limited by size, "ISDN file transfer" (FTP) which is not secure for transferring sensitive data, or by copying data to "CD" and sending it, which is costly and time consuming. Due to new "...strict regulations and changes in privacy policies in the finance sector...workplaces are required to encrypt sensitive data transfers" [Samuel Byrne - AFR, 13 April 2002]. This statement has drawn concern in workplaces to get their act together and transfer data more securely using FTPS and HTTPS. FTPS is a process that provides secure encrypted file transfers between local and remote computers that allows bi-directional transfer of binary (images) and ASCII (data) files between computers.
|
