Information Security Report: Secure Communication Analysis
VerifiedAdded on 2023/04/23
|18
|5248
|321
Report
AI Summary
This report offers a comprehensive overview of secure communication techniques within the context of information security. It begins with an introduction to interception communication, emphasizing the legal framework and the role of warrants. The report then delves into various information security techniques, including authentication, encryption, integrity, availability, anti-virus software, firewalls, and hybrid solutions. A significant portion of the report is dedicated to the interception of communications by nation-states, detailing legal aspects and the role of government agencies. Furthermore, the report explores secure email practices, highlighting the vulnerabilities and challenges associated with email communication. The report concludes with recommendations for enhancing secure communication in business organizations. The report examines the historical context of intercepted communications through the Babington Plot and Mary Queen of Scots, offering a detailed analysis of relevant security technologies and strategies.
Running head: SOFTWARE ENGINEERING
Software Engineering
Name of Student-
Name of University-
Author’s Note-
Software Engineering
Name of Student-
Name of University-
Author’s Note-
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1SOFTWARE ENGINEERING
Table of Contents
Introduction......................................................................................................................................2
Information Security Techniques Used...........................................................................................2
Interception by Nation States...........................................................................................................6
Secure email.....................................................................................................................................7
Conclusions and recommendations...............................................................................................12
References......................................................................................................................................14
Table of Contents
Introduction......................................................................................................................................2
Information Security Techniques Used...........................................................................................2
Interception by Nation States...........................................................................................................6
Secure email.....................................................................................................................................7
Conclusions and recommendations...............................................................................................12
References......................................................................................................................................14
2SOFTWARE ENGINEERING
Introduction
Interception communication mainly includes listening to calls that are made on the
telephone or might also include the opening as well as reading of the content to some other’s
letters or e-mails (Aydın, 2016). This can be allowed only under authority of the warrant that is
signed by Secretary of State where they gets satisfied. Under the Act of section 4, it can be stated
that if a person intercepts the communication in between a course of transmission with the help
of tele-communication system, then it is considered to be a punishable offence.
Considering the email, the instant messaging applications are becoming very popular and
it is one of the popular method of e-communication (Anugurala & Chopra, 2016). There are
approx. 270 billion of emails that are sent every day according to the survey conducted in 2017
and it is expected to increase its number by 320 billion by the end of 2021.
This report discusses the techniques used for information security in detailed. The
interception of the nation state are also discussed in this report along with the secure email
techniques that are to be used in most of the companies. There are many techniques that are to be
followed by the companies are also explained in this report. There are also conclusion and
recommendations that are explained regarding secure email and interception communication in
the business organizations.
Information Security Techniques Used
The cyber security is a prominent threat that all the organizations faces and it is
increasing in number. The threat that is due to cyber security is because of the unauthorized
attempts to gain the private the private data having explicit aim to steal the similar to intimidate
or the coerce users that leads to information blackmailing.
Introduction
Interception communication mainly includes listening to calls that are made on the
telephone or might also include the opening as well as reading of the content to some other’s
letters or e-mails (Aydın, 2016). This can be allowed only under authority of the warrant that is
signed by Secretary of State where they gets satisfied. Under the Act of section 4, it can be stated
that if a person intercepts the communication in between a course of transmission with the help
of tele-communication system, then it is considered to be a punishable offence.
Considering the email, the instant messaging applications are becoming very popular and
it is one of the popular method of e-communication (Anugurala & Chopra, 2016). There are
approx. 270 billion of emails that are sent every day according to the survey conducted in 2017
and it is expected to increase its number by 320 billion by the end of 2021.
This report discusses the techniques used for information security in detailed. The
interception of the nation state are also discussed in this report along with the secure email
techniques that are to be used in most of the companies. There are many techniques that are to be
followed by the companies are also explained in this report. There are also conclusion and
recommendations that are explained regarding secure email and interception communication in
the business organizations.
Information Security Techniques Used
The cyber security is a prominent threat that all the organizations faces and it is
increasing in number. The threat that is due to cyber security is because of the unauthorized
attempts to gain the private the private data having explicit aim to steal the similar to intimidate
or the coerce users that leads to information blackmailing.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3SOFTWARE ENGINEERING
If the internet and the technology included in formation has made the lives simple, it has
given birth to some number of threats that are security based (Shameli-Sendi, Aghababaei-
Barzegar & Cheriet, 2016). To protect the data that are important in an organization is equally
important for the organizations implementing some appropriate techniques of data security as
well as implementing data privacy. The first process that is to be taken place is to identify the
personal data and confidential data that are needed to be protected from being leaked out to
outside parties. The identification of the data can be made if the auditing process of the
organization works properly. Once the data analyst understands the meaning of data security, the
next process that is involved is understanding all the methods with the portions of data that are
vulnerable as well as need for a definite protection.
The tools and the related techniques used to tackle the concern of cyber security are
explained below:
Confidentiality: The procedure of authentication is the fundamental technique of cyber
security that intends in verifying the user identity that are based on the information that are
stored in security domain in the system of Mary Stuart and Antony Babington. The common
mode involved in governance is the password technology (Sanzgiri & Dasgupta, 2016). There
are similar other techniques as well that are used in governance such as inserting the SIM card
used in a cell phone. The SIM cards are equipped with some unique ID that passes over some
secured communication line that helps in identifying a cell phone. The challenge that is
encountered in the process of authentication is unwanted access by some unauthorized users for
eavesdropping the authenticated message. The password gets transmitted over some insecure
medium that is liable and can be intercepted by unauthorized people. They can use the password
If the internet and the technology included in formation has made the lives simple, it has
given birth to some number of threats that are security based (Shameli-Sendi, Aghababaei-
Barzegar & Cheriet, 2016). To protect the data that are important in an organization is equally
important for the organizations implementing some appropriate techniques of data security as
well as implementing data privacy. The first process that is to be taken place is to identify the
personal data and confidential data that are needed to be protected from being leaked out to
outside parties. The identification of the data can be made if the auditing process of the
organization works properly. Once the data analyst understands the meaning of data security, the
next process that is involved is understanding all the methods with the portions of data that are
vulnerable as well as need for a definite protection.
The tools and the related techniques used to tackle the concern of cyber security are
explained below:
Confidentiality: The procedure of authentication is the fundamental technique of cyber
security that intends in verifying the user identity that are based on the information that are
stored in security domain in the system of Mary Stuart and Antony Babington. The common
mode involved in governance is the password technology (Sanzgiri & Dasgupta, 2016). There
are similar other techniques as well that are used in governance such as inserting the SIM card
used in a cell phone. The SIM cards are equipped with some unique ID that passes over some
secured communication line that helps in identifying a cell phone. The challenge that is
encountered in the process of authentication is unwanted access by some unauthorized users for
eavesdropping the authenticated message. The password gets transmitted over some insecure
medium that is liable and can be intercepted by unauthorized people. They can use the password
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4SOFTWARE ENGINEERING
in disguise in place of the original user. The problem is then encountered by the process of
encryption.
Integrity: The process of encryption renders the data that are undecipherable without
using of any application of proper key for unlocking the data. For combating a process of
encryption, the developer needs to solve many mathematical problems such as factorization of
large prime numbers that usually takes astronomical amount resource as well as time included in
the computing process of Mary Stuart and Antony Babington. There is systematic encryption that
usually uses same key for purpose to encode the message as well as decode the message (Joshi &
Singh, 2016). The security of encryption is same as the key involved in encryption. Encryption
includes key distribution that are generally accompanied by some potential risk associated with
security of data. The process of asymmetric encryption uses public key for encrypting the data or
the message and the associated private key is used for decrypting the code. Most of users in the
recent days uses security protocols that employs the asymmetric encryption for the distribution
of the keys.
Availability: The Digital Signature is achieved from similar mathematical algorithms that
are required for the asymmetric encryption of Mary Stuart and Antony Babington. In the digital
signature techniques of information security the user can test the processes that are involved in
private key including some of the information encoded in it (Abomhara, 2015). Any other
unauthorized user can get the decrypted code if the person has the public key that verifies the
credential of the person. The process of digital signature in presence of exact reciprocal of the
encryption of public key and functions are taken for assumption for the authorized users who has
the private key.
in disguise in place of the original user. The problem is then encountered by the process of
encryption.
Integrity: The process of encryption renders the data that are undecipherable without
using of any application of proper key for unlocking the data. For combating a process of
encryption, the developer needs to solve many mathematical problems such as factorization of
large prime numbers that usually takes astronomical amount resource as well as time included in
the computing process of Mary Stuart and Antony Babington. There is systematic encryption that
usually uses same key for purpose to encode the message as well as decode the message (Joshi &
Singh, 2016). The security of encryption is same as the key involved in encryption. Encryption
includes key distribution that are generally accompanied by some potential risk associated with
security of data. The process of asymmetric encryption uses public key for encrypting the data or
the message and the associated private key is used for decrypting the code. Most of users in the
recent days uses security protocols that employs the asymmetric encryption for the distribution
of the keys.
Availability: The Digital Signature is achieved from similar mathematical algorithms that
are required for the asymmetric encryption of Mary Stuart and Antony Babington. In the digital
signature techniques of information security the user can test the processes that are involved in
private key including some of the information encoded in it (Abomhara, 2015). Any other
unauthorized user can get the decrypted code if the person has the public key that verifies the
credential of the person. The process of digital signature in presence of exact reciprocal of the
encryption of public key and functions are taken for assumption for the authorized users who has
the private key.
5SOFTWARE ENGINEERING
Anti-virus: Threats that comes from the computer virus or comes from the undesirable
small programs helps in triggering all unwanted commands without the involvement of the
explicit consent of the user assuming the monstrous proportions (Sari & Karay, 2015). The
software of anti-virus mainly carries two different functions: one is the software prevent
installation of virus in the system and then helps to scan the entire system for finding the viruses
that are installed in the system. Most of the viruses constructed targets the operating system of
Windows. This is because the Windows Operating system is the preferred computing platform in
terms of mass. The users of Apple and Linus comes under the virus attack that are built in the
operating system.
Firewall: The firewall actually changes any attempt that are done by the unauthorized
access to system when the system is connected to the internet by the hackers or is connected with
some other network connections are to be used by Mary Stuart and Antony Babington. The
firewalls mainly comes in bundle consisting with operating systems and the firewalls are turned
up by default (Rasmussen et al., 2018). The commercial firewall can be sought is the level of
security in the default firewall is not at all strong or is posing interference to the legitimate
activities of network.
Hybrid Solutions: There are also hybrid solutions that can be used for techniques
included in information security. The hybrid solution or the ensemble method for detecting the
virus is necessary for the organizations. Hybrid solutions include to have a talented analyst who
is able to perform the 15% of the total work that is available in the organization (Huang et al.,
2017). There has to be multiple solution for mitigating the data threat in an organization.
Detecting some high quality intelligence as well as prioritizing the vulnerabilities, there is a
needs of hybrid solutions. The best solution to implement an information security technique is to
Anti-virus: Threats that comes from the computer virus or comes from the undesirable
small programs helps in triggering all unwanted commands without the involvement of the
explicit consent of the user assuming the monstrous proportions (Sari & Karay, 2015). The
software of anti-virus mainly carries two different functions: one is the software prevent
installation of virus in the system and then helps to scan the entire system for finding the viruses
that are installed in the system. Most of the viruses constructed targets the operating system of
Windows. This is because the Windows Operating system is the preferred computing platform in
terms of mass. The users of Apple and Linus comes under the virus attack that are built in the
operating system.
Firewall: The firewall actually changes any attempt that are done by the unauthorized
access to system when the system is connected to the internet by the hackers or is connected with
some other network connections are to be used by Mary Stuart and Antony Babington. The
firewalls mainly comes in bundle consisting with operating systems and the firewalls are turned
up by default (Rasmussen et al., 2018). The commercial firewall can be sought is the level of
security in the default firewall is not at all strong or is posing interference to the legitimate
activities of network.
Hybrid Solutions: There are also hybrid solutions that can be used for techniques
included in information security. The hybrid solution or the ensemble method for detecting the
virus is necessary for the organizations. Hybrid solutions include to have a talented analyst who
is able to perform the 15% of the total work that is available in the organization (Huang et al.,
2017). There has to be multiple solution for mitigating the data threat in an organization.
Detecting some high quality intelligence as well as prioritizing the vulnerabilities, there is a
needs of hybrid solutions. The best solution to implement an information security technique is to
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6SOFTWARE ENGINEERING
ensemble the solutions as well as the best practices that allows to see the procedures in real time
so that the user can use it (Alshaikh et al., 2018). To detect as well as react to the activities of
machine time is the main motive of the system developer. As the process of machine activities
generates lots of data, it is therefore not useful to stop the attacks. It is important to identify the
truth source that will provide clarity to validate as well as invalidate the assertions in the
organization.
Interception by Nation States
Interception includes lawful authority that takes place in accordance with the warrant that
is issued under the section 5 of RIPA. According to RIPA, Interception is defined by
telecommunication service as any of the service that consists in provision of accessing and the
facilities that are used to make the facilities in any of the telecommunication system of the Mary
Stuart and Antony Babington. Under the section 2 of the RIPA making clear that there may be
ant service that consists of or might include the creation of the facilitating, management or the
storage of the transmitted communication or can be transmitted by the help of a system that
provides the service of telecommunication (Cavelty & Mauer, 2016). There are services that is
based on internet includes email that are web based, applications that are used for messaging as
well as service based on cloud. The definition of the telecommunication service included in
RIPA is considered as a broad service that are relevant for the new technologies.
The commissioner included in the Interception of the Communication ensures that the
agencies of government act according to the legal responsibilities that includes the intercepting
communication. The commissioner can review the role involved in Home Office Secretary of
State for issuing the warrants of interception.
ensemble the solutions as well as the best practices that allows to see the procedures in real time
so that the user can use it (Alshaikh et al., 2018). To detect as well as react to the activities of
machine time is the main motive of the system developer. As the process of machine activities
generates lots of data, it is therefore not useful to stop the attacks. It is important to identify the
truth source that will provide clarity to validate as well as invalidate the assertions in the
organization.
Interception by Nation States
Interception includes lawful authority that takes place in accordance with the warrant that
is issued under the section 5 of RIPA. According to RIPA, Interception is defined by
telecommunication service as any of the service that consists in provision of accessing and the
facilities that are used to make the facilities in any of the telecommunication system of the Mary
Stuart and Antony Babington. Under the section 2 of the RIPA making clear that there may be
ant service that consists of or might include the creation of the facilitating, management or the
storage of the transmitted communication or can be transmitted by the help of a system that
provides the service of telecommunication (Cavelty & Mauer, 2016). There are services that is
based on internet includes email that are web based, applications that are used for messaging as
well as service based on cloud. The definition of the telecommunication service included in
RIPA is considered as a broad service that are relevant for the new technologies.
The commissioner included in the Interception of the Communication ensures that the
agencies of government act according to the legal responsibilities that includes the intercepting
communication. The commissioner can review the role involved in Home Office Secretary of
State for issuing the warrants of interception.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7SOFTWARE ENGINEERING
The Centre can order to authorize a total of 10 agencies for monitoring the online
communications as well as intercepting the data that are included in the computer system. As per
the intelligence source the communication of the online data as well as to monitor the computer
system is not that easy as alleged by the opposition.
The agencies included in interception conducts surveillance on the internet
communication for many years that can be related as terrorism (Aydın, 2016). For example, with
the help of crucial intercept communication, there was a blast in Bodh Gaya in the year 2013.
The NIA (National Investigation Agency) included permission from the secretary of home
minister for monitoring the online communication included in certain aspects and they were
intercepted form the gateway of internet. The intercepts actually gives the agency some crucial
leads to suspect.
There are some interception warrants that are issued on serious grounds and are valid for
the initial period for at least three month. The interception was generally issued on the national
security for the well-being of UK grounds that are valid only for the initial period for a tenure of
six months. The warrant that is issued under urgency procedure is valid for five working days
from the issuing date that is renewed by the State of secretary.
When the interception is occurred, it results to person that acquires the subject of
communication that leads to communication subject of legal privilege (Mampilly, 2015). The
Secretary of State is only official who is responsible for issuing the warrant, but there can be
exceptional as well as compelling circumstances who can make the warrant if needed in the
Mary Stuart and Antony Babington. Under such circumstances, it can be only considered in
some special cases and within some restricted range cases. The interception is generally
considered as the intelligence that is necessary for countering threat.
The Centre can order to authorize a total of 10 agencies for monitoring the online
communications as well as intercepting the data that are included in the computer system. As per
the intelligence source the communication of the online data as well as to monitor the computer
system is not that easy as alleged by the opposition.
The agencies included in interception conducts surveillance on the internet
communication for many years that can be related as terrorism (Aydın, 2016). For example, with
the help of crucial intercept communication, there was a blast in Bodh Gaya in the year 2013.
The NIA (National Investigation Agency) included permission from the secretary of home
minister for monitoring the online communication included in certain aspects and they were
intercepted form the gateway of internet. The intercepts actually gives the agency some crucial
leads to suspect.
There are some interception warrants that are issued on serious grounds and are valid for
the initial period for at least three month. The interception was generally issued on the national
security for the well-being of UK grounds that are valid only for the initial period for a tenure of
six months. The warrant that is issued under urgency procedure is valid for five working days
from the issuing date that is renewed by the State of secretary.
When the interception is occurred, it results to person that acquires the subject of
communication that leads to communication subject of legal privilege (Mampilly, 2015). The
Secretary of State is only official who is responsible for issuing the warrant, but there can be
exceptional as well as compelling circumstances who can make the warrant if needed in the
Mary Stuart and Antony Babington. Under such circumstances, it can be only considered in
some special cases and within some restricted range cases. The interception is generally
considered as the intelligence that is necessary for countering threat.
8SOFTWARE ENGINEERING
Secure email
When a user sends an email, it does not only goes from sender to the receiver directly.
There are many intermediate processes through which the email travels. In Mary Stuart and
Antony Babington most of the emails that are in a network have to travel to multiple networks as
well as servers before the recipient gets the email (Wiegel, 2015). The pause points that are
included in emails for the attacks are because of the unsecure networks, the people who are
savvy enough to hack the email, and also the vulnerable servers. Because of the email messages
are not encrypted, the hackers actually manages to break the network of the email or the server
and can get email contents easily and can read the contents of emails. The hackers if get the
access of the network, they can even have access to the attachments. Some of the servers can
store the emails that are 10 years old. Even the hackers do not target or can obtain the messages
of the email, they can even hack the password that are needed for entering the email account
since the user does not have two factor authentication.
When the email is sent, the content of the email cannot be disseminated by the sender
from the recipients. The email gets forwarded to the receiver and is saved automatically and can
also be printed. The emails are accessible on different electronic devices that can include the
exposure to the unwanted users. The device of the sender and the emails cannot be compromises
and the recipient cannot suspect the theft or the intrusion.
Email is considered as a useful as well as necessary means that at helps to establish a
communication between the sender and recipient of Mary Stuart and Antony Babington. Many
confidential information are sent through email that are discovered and are exploited (Anugurala
Secure email
When a user sends an email, it does not only goes from sender to the receiver directly.
There are many intermediate processes through which the email travels. In Mary Stuart and
Antony Babington most of the emails that are in a network have to travel to multiple networks as
well as servers before the recipient gets the email (Wiegel, 2015). The pause points that are
included in emails for the attacks are because of the unsecure networks, the people who are
savvy enough to hack the email, and also the vulnerable servers. Because of the email messages
are not encrypted, the hackers actually manages to break the network of the email or the server
and can get email contents easily and can read the contents of emails. The hackers if get the
access of the network, they can even have access to the attachments. Some of the servers can
store the emails that are 10 years old. Even the hackers do not target or can obtain the messages
of the email, they can even hack the password that are needed for entering the email account
since the user does not have two factor authentication.
When the email is sent, the content of the email cannot be disseminated by the sender
from the recipients. The email gets forwarded to the receiver and is saved automatically and can
also be printed. The emails are accessible on different electronic devices that can include the
exposure to the unwanted users. The device of the sender and the emails cannot be compromises
and the recipient cannot suspect the theft or the intrusion.
Email is considered as a useful as well as necessary means that at helps to establish a
communication between the sender and recipient of Mary Stuart and Antony Babington. Many
confidential information are sent through email that are discovered and are exploited (Anugurala
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9SOFTWARE ENGINEERING
& Chopra, 2016). So, for the organization investing on a service having the maximum security
tools are needed and their files and the documents are not be shared by anyone.
The business application that can be used in a company is considered as the most critical
application used in businesses. The businesses mostly depends on email when they needs to send
important information that includes proprietary materials, account number of the customers or
the private employees and also might include confidential negotiations. The processes that can be
used to secure the emails are explained below:
1. Encryption of e-mail as well as server connections: If the email is just sent to the
recipient without the process of encryption, it can be easily hacked by the intruders. Email
encryption is one of the most important process that are needed to be implemented while sending
an email (Speicher et al., 2018). The connection that is between the servers are also to be
encrypted by the use of TLS (Transport Layer Security). For encrypting the business
communications, the businesses needs to make sure that the clients are provided with software
that are used to decrypt the message of the email. Some secure email services needs website that
includes a person who wants to receive to website for unlocking the email.
2. Verify: Mainly two things are to be taken into account for including email for a
business process. It is important to know the person who can sent email is actually the person
who is sending the email. The person is to be verified for its authentication (Rompas & Perdana,
2018). The second things that is to be kept in mind is that the content of the email should not be
altered when it is on its way.
3. Secure Web based email: The web based accounts can be hacked easily by the
hackers. The main target of the hackers is to attack the accounts present in the web based email
& Chopra, 2016). So, for the organization investing on a service having the maximum security
tools are needed and their files and the documents are not be shared by anyone.
The business application that can be used in a company is considered as the most critical
application used in businesses. The businesses mostly depends on email when they needs to send
important information that includes proprietary materials, account number of the customers or
the private employees and also might include confidential negotiations. The processes that can be
used to secure the emails are explained below:
1. Encryption of e-mail as well as server connections: If the email is just sent to the
recipient without the process of encryption, it can be easily hacked by the intruders. Email
encryption is one of the most important process that are needed to be implemented while sending
an email (Speicher et al., 2018). The connection that is between the servers are also to be
encrypted by the use of TLS (Transport Layer Security). For encrypting the business
communications, the businesses needs to make sure that the clients are provided with software
that are used to decrypt the message of the email. Some secure email services needs website that
includes a person who wants to receive to website for unlocking the email.
2. Verify: Mainly two things are to be taken into account for including email for a
business process. It is important to know the person who can sent email is actually the person
who is sending the email. The person is to be verified for its authentication (Rompas & Perdana,
2018). The second things that is to be kept in mind is that the content of the email should not be
altered when it is on its way.
3. Secure Web based email: The web based accounts can be hacked easily by the
hackers. The main target of the hackers is to attack the accounts present in the web based email
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10SOFTWARE ENGINEERING
(Durumeric et al., 2015). For using the browser that is web based, the user needs to ensure that
the connection established is to be encrypted with the protection of Secure Sockets Layer.
4. Educate the employees: The technology that is used as the best security technology is
the main source in inviting risk in the business. Human curiosity is the most primary risk source.
Risk is not only associated with the outgoing emails from the company (Lerner, Zeng &
Roesner, 2017). The emails that are incoming in the company are also prone to risk. There might
be malicious spam and the method of sending spams by the hackers are changing day by day.
The hacker very well know the usage of botnets, as well as hijacking the computers of the
unsuspected victims so that they can unleash barrages. From a survey, it has been analyzed that
almost 42% of the spam that are employees in organization receives could be blended attack
(Bajeh et al., 2015). The malware that is responsible for compromising the network is not present
in email and therefore the email enters the security gateways. The malware gets in the victim’s
system when the user clicks the URL that is sent through email for visiting a particular website
or page. So, all these techniques are to be known by the employees and they are to be educated
so that they can know all such possibilities from where risk can be faced.
5. Update the software: There are many business that set up the email service for the
system and leave it as it is (Baumgäertner et al., 2015). To remain safe from the risk, all the
software should be updated. Understanding the vulnerabilities as well as installing the updates
are important part of the security.
6. Scanning of email for the content: Using software in an organization can help to
filter for the content of the email that contains improper images and languages for both the
incoming and the outgoing email in an organization (Fowler, 2017). To scan the emails helps to
protect the company from any risks and the reputation of the company.
(Durumeric et al., 2015). For using the browser that is web based, the user needs to ensure that
the connection established is to be encrypted with the protection of Secure Sockets Layer.
4. Educate the employees: The technology that is used as the best security technology is
the main source in inviting risk in the business. Human curiosity is the most primary risk source.
Risk is not only associated with the outgoing emails from the company (Lerner, Zeng &
Roesner, 2017). The emails that are incoming in the company are also prone to risk. There might
be malicious spam and the method of sending spams by the hackers are changing day by day.
The hacker very well know the usage of botnets, as well as hijacking the computers of the
unsuspected victims so that they can unleash barrages. From a survey, it has been analyzed that
almost 42% of the spam that are employees in organization receives could be blended attack
(Bajeh et al., 2015). The malware that is responsible for compromising the network is not present
in email and therefore the email enters the security gateways. The malware gets in the victim’s
system when the user clicks the URL that is sent through email for visiting a particular website
or page. So, all these techniques are to be known by the employees and they are to be educated
so that they can know all such possibilities from where risk can be faced.
5. Update the software: There are many business that set up the email service for the
system and leave it as it is (Baumgäertner et al., 2015). To remain safe from the risk, all the
software should be updated. Understanding the vulnerabilities as well as installing the updates
are important part of the security.
6. Scanning of email for the content: Using software in an organization can help to
filter for the content of the email that contains improper images and languages for both the
incoming and the outgoing email in an organization (Fowler, 2017). To scan the emails helps to
protect the company from any risks and the reputation of the company.
11SOFTWARE ENGINEERING
7. Vet the vendor: For making the email of an organization secure, mostly a third party
vendor is hired (Zeng, 2017). The vendor that is chosen by the organization is to be chosen
carefully and need to study the services that are to be given by the vendor.
Ensuring e-mail confidentiality tips
There are many organizations that think that sending confidential information through
email is a safe process. There are only few organizations who thinks that messaging in email can
be quite risky as because the email are quite similar as an open postcard (Cousin et al., 2017). To
ensure the confidentiality involved in electronic communication is a very simple as well as easy
process. There are 6 tips that are to be ensured for the security of the email as well as ensuring
the confidentiality are stated below:
1. Identifying the confidential information: The most important part is to identify the
information that are confidential in an organization of Mary Stuart and Antony Babington.
Confidential data might include the information of customer, contracts, personnel matters, as
well as information that are related to the development of products, innovations as well as
business strategies (Bax, 2018). All the employees in the organization should be able to
recognize the data that are confidential. There should be good practice in the organization that
are needed to be deployed. The risk associated with the email are to be identified and their
importance of mitigation are an important issue in an organization.
2. Present of important information as well as tools: There should be rules as well as
prohibitions that are considered as the best way for securing the electronic communication in the
organization (Wang, Li & Rao, 2016). In the work flow, rules and prohibitions are often ignored
7. Vet the vendor: For making the email of an organization secure, mostly a third party
vendor is hired (Zeng, 2017). The vendor that is chosen by the organization is to be chosen
carefully and need to study the services that are to be given by the vendor.
Ensuring e-mail confidentiality tips
There are many organizations that think that sending confidential information through
email is a safe process. There are only few organizations who thinks that messaging in email can
be quite risky as because the email are quite similar as an open postcard (Cousin et al., 2017). To
ensure the confidentiality involved in electronic communication is a very simple as well as easy
process. There are 6 tips that are to be ensured for the security of the email as well as ensuring
the confidentiality are stated below:
1. Identifying the confidential information: The most important part is to identify the
information that are confidential in an organization of Mary Stuart and Antony Babington.
Confidential data might include the information of customer, contracts, personnel matters, as
well as information that are related to the development of products, innovations as well as
business strategies (Bax, 2018). All the employees in the organization should be able to
recognize the data that are confidential. There should be good practice in the organization that
are needed to be deployed. The risk associated with the email are to be identified and their
importance of mitigation are an important issue in an organization.
2. Present of important information as well as tools: There should be rules as well as
prohibitions that are considered as the best way for securing the electronic communication in the
organization (Wang, Li & Rao, 2016). In the work flow, rules and prohibitions are often ignored
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 18
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.