Computer security is the process of preventing and detecting unauthorized use of your computer. Prevention measures help you stop unauthorized users from accessing any part of your computer system. Detection helps you to determine whether or not someone attempted to break into your system, if they were successful, and what they may have done.
Our computers have become an extension of everything we do from banking and investing to shopping and communicating with others through email or chat. You may not consider your communications “top secret,” most likely you do not want strangers reading your email, using your computer to attack other systems, sending forged email from your computer, or examining personal information stored on your computer.
Hackers do not care about your identity. Often they want to gain control of your computer so they can use it to launch attacks on other computer systems.
Having control of your computer gives the hackers the ability to hide their actual location as they launch attacks, often against high-profile computer systems such as government or financial systems.
Hackers have the ability to watch all your actions on the computer, or cause damage to your computer by reformatting your hard drive or changing your data.
Unfortunately, hackers are always discovering new vulnerabilities to exploit in computer software. The complexity of software makes it increasingly difficult to thoroughly test the security of computer systems.
Objectives of Computer Security
- Confidentiality: Confidentiality is critical to total data security. Encrypting data by using digital certificates and Secure Socket Layer (SSL) or virtual private network (VPN) connection helps ensure confidentiality when transmitting data across untrusted networks. Your security policy should conclude how you will provide confidentiality for information within your network as well as when information leaves your network.
- Auditing security activities: Monitoring security-relevant events to provide a log of both successful and unsuccessful (denied) access. Successful access records tell you who is doing what on your systems. Unsuccessful (denied) access records tell you either that someone is attempting to break your security or that someone is having difficulty accessing your system.
- Data integrity: Data is protected from unauthorized changes or tampering. Data integrity defends against the security risk of manipulation, in which someone intercepts and changes information to which he or she is not authorized. In addition to protecting data that is stored within your network, you might need additional security to ensure data integrity when data enters your system from untrusted sources.