Week Seven Case Study
Data security is a critical factor that all individuals and organizations should be concern about. When taking into consideration sensitive data that businesses and individuals hold from financial information to personal information such as social security numbers, any breach in security could be damaging. Data security are methods used to protect data and sensitive information from unauthorized users by preventing unauthorized access to computers, databases and websites (techopedia, 2014). A certain data input/storage/output environment that I came face to face is my frequent visit to Merrick Bank’s online website. As a member of Merrick Bank, I have ...view middle of the document...
The user would have to authenticate their identity again in order to gain access to their account again. In additional, if the website is idle, meaning there is no activity, or the user leaves the computer for a period of time while the website is up, then the website will timeout. The user would have to log back into the system.
As mention previously, Merrick Bank also has a list of security measures that are implemented. For example, Merrick Bank uses secure socket layer. Secure socket layer, or SSL, is a procedure for transmitting data securely across the web (Merrick, 2014). Secure Socket Layer uses a private key for encrypting data that is sent over the connection. Encryption ensures the protection of sensitive information. At the present time, the bank uses 128-bit encryption. Merrick Bank also uses authentication (Merrick, 2014). This method is the only way that users can access their account online. In addition, Merrick Bank implements firewalls to prevent unauthorized users from accessing private networks.
Another security measure that is implemented is an intrusion detection system (Merrick, 2014). The intrusion detection system, or IDS, detects if an unauthorized user is trying to break into the system. It also can detect the whether the system is being misused by legitimate users. The software makes notifications to Merrick Bank when suspicious or illegal activities are detected (Merrick, 2014). Although Merrick Bank has several state-of-the art security measures, there are areas for improvement. One area of improvement is authentication by entering a username and password. Once a username and password is establish, the user will utilize the information to gain access to the system. In my personal experience, I have had my login information compromised.
In my opinion, I think to reduce the risk of a security breach, Merrick Bank should make it mandatory to authorized users to change their passwords every six months. For example, Florida Institute of Technology forces current students to create a new password every few months. In addition, students can’t create a password that was already used. I believe this is a good way of ensuring that sensitive information is protected from hackers. Another suggestion that Merrick Bank can provide their customers is a virtual keyboard. Customers can utilize a virtual keyboard while trying to log into their account. This feature protects their login information, such as their pin...