Information Security Planning for Website Businesses
Added on 2023-06-11
7 Pages1701 Words179 Views
Running head: INFORMATION SECURITY PLANNING
Information Security Planning
Name of the Student
Name of the University
Author Note
Information Security Planning
Name of the Student
Name of the University
Author Note
1INFORMATION SECURITY PLANNING
Discussion of the security aspects of a new website business
Nowadays it has been very common to businesspersons about the security loopholes that exist
within the cyberworld. They are aware of the fact that the cyberworld is wary of numerous security
problems that encompass the entire system (Asghari, van Eeten & Bauer, 2015). Therefore, as it is
necessary for a business to go digitized, it is equally necessary that a businessperson be aware of the
solutions to tackle as well as prevent security threats to the new website business (Elyashar, 2016). There
are few general things that are absolutely necessary for businesspersons to take into consideration while
implementing the inception towards a website business. The following are the aspects of a website
business that needs to be taken care of for any businessperson to keep away the risks of cyber threats and
make the most of the online website business:
Assets: In case of website businesses, the most important assets are considered to be the
domain, the website hosting, the website or CMS access, the emails accounts used for the
purpose, the advertising and other social media accounts, and the Customer Relationship
Management or CRM or the Customer Database. These aspects of the website business
needs to be taken care of as the breach of any one of these would lead to chaos in the
business process leading to further downfalls.
Threats: There are various tools and processes that are able to be put into place that
safeguards a website business from cyber threats. It helps in the backing up of data that
may help in recovery of lost data if any breaches are likely to occur (Grant et al., 2014).
Threats that would have control over the computers and connecting devices would most
likely be curbed with the help of these tools and processes.
Vulnerabilities: Any kind of website business needs to take care of the SQL injections,
Cross Site Scripting or XSS, broken authentication and session management, and security
misconfiguration. These should be taken care of to maintain complete security against the
vulnerabilities in the website business.
Discussion of the security aspects of a new website business
Nowadays it has been very common to businesspersons about the security loopholes that exist
within the cyberworld. They are aware of the fact that the cyberworld is wary of numerous security
problems that encompass the entire system (Asghari, van Eeten & Bauer, 2015). Therefore, as it is
necessary for a business to go digitized, it is equally necessary that a businessperson be aware of the
solutions to tackle as well as prevent security threats to the new website business (Elyashar, 2016). There
are few general things that are absolutely necessary for businesspersons to take into consideration while
implementing the inception towards a website business. The following are the aspects of a website
business that needs to be taken care of for any businessperson to keep away the risks of cyber threats and
make the most of the online website business:
Assets: In case of website businesses, the most important assets are considered to be the
domain, the website hosting, the website or CMS access, the emails accounts used for the
purpose, the advertising and other social media accounts, and the Customer Relationship
Management or CRM or the Customer Database. These aspects of the website business
needs to be taken care of as the breach of any one of these would lead to chaos in the
business process leading to further downfalls.
Threats: There are various tools and processes that are able to be put into place that
safeguards a website business from cyber threats. It helps in the backing up of data that
may help in recovery of lost data if any breaches are likely to occur (Grant et al., 2014).
Threats that would have control over the computers and connecting devices would most
likely be curbed with the help of these tools and processes.
Vulnerabilities: Any kind of website business needs to take care of the SQL injections,
Cross Site Scripting or XSS, broken authentication and session management, and security
misconfiguration. These should be taken care of to maintain complete security against the
vulnerabilities in the website business.
2INFORMATION SECURITY PLANNING
Risks: Website businesses have previously been subjected to security risks and data
breaches. However, in a website business, it is not just that there is only one kind of
security risk. It can occur from the perspective of the business and the perspective of
technical risks as well. Both these risks are to be taken utmost care of as a risk can further
develop into an impending threat for a website business.
Mitigation and protective measures: Hacking a website and processing threats against
the website organizations is a common phenomenon. Therefore, the owner of the website
business should focus on the steps that should be taken to reduce adverse effects of these
threats and hacks.
Discussion on the use of the 3DES encryption algorithm
In the year 1977, the DES block cipher was first introduced but it has been chided by many
cryptographers as a historical interest (Bhanot & Hans, 2015). However, triple DES has had practical
importance according to the cryptographers. This fact fall true for both 2 Key and 3 Key triple DES.
A 2 key or 3 key triple DES forms a symmetric block cipher that applies the DES cipher
algorithm thrice to each data block. Therefore it becomes extremely difficult as well as to much tenuous
for any hacker to go through each data block trying to hack the single data block thrice in a row. 2 Key
triple DES provides 80 bits of security and hence is much more powerful of an encryption process than
that of the 3 key triple DES (Amsler et al., 2016). Therefore, if any business organization opts for
adopting a 2 key triple DES encryption for its security process for blocking data, it would be absolutely
feasible and heavily recommended as an encryption process altogether.
However, a business organization has huge amount of data generating every day, and hence
encrypting data in accordance to these enormous amounts of generated data may need a huge storage
capacity, which is difficult to achieve unless cloud storage is implemented for the organization’s data
storage system.
Risks: Website businesses have previously been subjected to security risks and data
breaches. However, in a website business, it is not just that there is only one kind of
security risk. It can occur from the perspective of the business and the perspective of
technical risks as well. Both these risks are to be taken utmost care of as a risk can further
develop into an impending threat for a website business.
Mitigation and protective measures: Hacking a website and processing threats against
the website organizations is a common phenomenon. Therefore, the owner of the website
business should focus on the steps that should be taken to reduce adverse effects of these
threats and hacks.
Discussion on the use of the 3DES encryption algorithm
In the year 1977, the DES block cipher was first introduced but it has been chided by many
cryptographers as a historical interest (Bhanot & Hans, 2015). However, triple DES has had practical
importance according to the cryptographers. This fact fall true for both 2 Key and 3 Key triple DES.
A 2 key or 3 key triple DES forms a symmetric block cipher that applies the DES cipher
algorithm thrice to each data block. Therefore it becomes extremely difficult as well as to much tenuous
for any hacker to go through each data block trying to hack the single data block thrice in a row. 2 Key
triple DES provides 80 bits of security and hence is much more powerful of an encryption process than
that of the 3 key triple DES (Amsler et al., 2016). Therefore, if any business organization opts for
adopting a 2 key triple DES encryption for its security process for blocking data, it would be absolutely
feasible and heavily recommended as an encryption process altogether.
However, a business organization has huge amount of data generating every day, and hence
encrypting data in accordance to these enormous amounts of generated data may need a huge storage
capacity, which is difficult to achieve unless cloud storage is implemented for the organization’s data
storage system.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
The Cyber Security Issue of Hacking - Deskliblg...
|6
|1256
|335
JP Morgan Data Breachlg...
|5
|722
|96
Cyber Security.lg...
|13
|2534
|2
Cyber Security Management: Case Study: Australian Red Cross Blood Service data breach: The value of good communicationslg...
|8
|1431
|372
Cyber Security Applied Research 2022lg...
|8
|2211
|24
iT Securitylg...
|17
|5127
|60