Work Place Patstudent Issc452 Discussion Respons

Work Place Patstudent Issc452 Discussion Respons

Hello,

I need two responses of at least 150 words each for the below students discussions for this week. Also in the bold below are the questions the students at answering.

1. What do confidentiality, integrity and availability have to do with security?

2. Security experts agree that average home computer users have very little knowledge regarding how to make their computers secure. How can this deficiency be addressed?


Student one:

1. What do confidentiality, integrity and availability have to do with security?

The CIA triad of confidentiality, integrity and availability are the pillars on which cyber security is built. Confidentiality keeps the information secured and inaccessible to those without authorization to see it. Using permissions and user access protocols as well as encryption helps maintain confidentiality. Ensuring good security habits, strong passwords and proper handling of data fall into this category. Integrity ensures that the data being received or viewed is accurate and unchanged by any unauthorized persons. This also applies to the integrity of systems and programs, ensuring that they are functioning as intended without unauthorized modifications. This includes data in transit, ensuring that the data arrives is the same as the data that was sent. This means using permissions that allow viewing but not the ability to modify the data, encrypting data during transmission and using checksums to ensure its integrity. Availability ensures that the resources are ready for use regardless of circumstances to include emergencies. This can mean mitigating ransomware or DOS attacks or the loss of data from natural disasters. This means keeping the network bandwidth open, having a well-articulated and implemented back up plan as well as a rehearsed recovery plan.

2. Security experts agree that average home computer users have very little knowledge regarding how to make their computers secure. How can this deficiency be addressed?

Unfortunately, this is a difficult problem to address. People only pay attention to their security when there is a problem. Also, when it comes down to a competition between security and convenience, convenience always wins. The best way to increase base knowledge of computer security is to start teaching it earlier in elementary and high school education. Schools have to start implementing a curriculum that is less about standardized tests and more about giving students the basic tools they need to succeed as adults and move forward in college or a trade. Given the ubiquitous nature of technology in society, learning how to protect themselves and their systems is one of those fundamental needs. This can help translate into better employees that understand cyber security in their personal lives and therefore can implement good habits in the work place.

-Pat

Student two:

What do confidentiality, integrity, and availability have to do with security?

The CIA triad (confidentiality, integrity, and availability) have much to do with security, especially cyber security. An article in Forbes put it this way, “CIA stands for the triad of values that security analysts, CISOs, and everyone in between are responsible for upholding: Confidentiality, Integrity, and Availability” (Cauthorn, 2019).

Each piece of the CIA triad is crucial to building a solid foundation in security for any network or business system. Confidentiality means that information is protected against unauthorized access by anyone who isn’t supposed to see it, including other employees. Integrity means protecting information from being altered by anyone who isn’t supposed to alter it. Keeping the integrity of a company’s information is critical to the success of any business. Availability means that the information is available to those who are authorized to access it. This includes any apps that are intended for use by employees or clients, sensitive information accessible by authorized personnel, and other information such as inventory levels.

Security experts agree that average home computer users have very little knowledge regarding how to make their computers secure. How can this deficiency be addressed?

Education is by far the best way. Mandatory updates and patches, such as what Microsoft has implemented with Windows 10 is a close second. If people aren’t aware of the threats that can target their computer, then they won’t do anything to fix it. Many people, at least those that I’ve talked to in my 20+ years of computer work, tend to think that cybercriminals don’t target individual people because there isn’t enough to steal. It’s appalling just how many clients I’ve assisted don’t even have basic anti-virus software on their home computers. Many of them install some sort of anti-malware solution once I’ve had to recover their computer from a virus or other form of malware. My personal philosophy is that if I can educate my clients to better security practices they will be more secure and have a better understanding of the threats that exist.

Works Cited

Cauthorn, M. “CIA”: Understand The Cybersecurity Triad in 5 Minutes or Less. Forbes. May 7, 2019. Accessed July 2, 2019.

-Bryan