Running Head: THREATS TO ELEMENTS OF COMPUTER SECURITY
Threats To Elements Of Computer Security: Ways Employee Use of Emails May Breach Confidentiality, Integrity And Availability of Information.
Gertrude Nyandat
Grantham University
Abstract
Email has indeed become the primary communications medium for most organizations, While email is critical to the operation of almost all organizations, it is also susceptible to a variety of serious disruptions that range eavesdropping, identity theft, message interception and modification and false messaging are just some of the threats undermining the elements of a computing system. emailing provides an ...view middle of the document...
Gone are the days that email was regarded as secure eavesdropping, identity theft, message modification and false messaging are just some of the threats undermining the elements of a computing system
Confidentiality ensures that the necessary level of secrecy is enforced to prevent unauthorized disclosure or unauthorized usage. Virtually every email that you send has to go through a number of computers before it reaches the intended receiver which renders it vulnerable to interception. Emails can be intercepted at many points on route to the recipient. Hence making it open to confidentiality flaws. Assuming you work for company A and you are sending an Email to a relationship Manager who works for company B. attaching a document that is confidential and is not released to the public. The Documents needs to reach the Relationship manager as soon as possible. On Enroute to the Relationship manager’s inbox, A rogue IT Personnel from either organization intercepts the email read the contents and leaks the contents to the public, causing headache to both companies. The very fact that the information was leaked to the public compromises the confidentiality of the information. The information was Disclosed when it shouldn’t have.
Sensitive information can easily be distributed accidently or deliberately. Let’s start with accidentally; one of my functions is to processes waiver plans. (companies offer waiver plans when they want to raise capital) and one requirement for waiver plans is that no participant should know who is who and how much the other participant is contributing. Assuming Iam handling a waiver with 100 participants it will be cumbersome for me to send 100 emails with the same information, so I decided to create a distribution list. In the Cause of Sending the email I accidentally used the “TO”functionality instead of BCC (blind carbon copy) which makes the recipients invisible to all of the other recipients of the message. By doing this I have breached the confidentiality of the participants as they were supposed to be anonymous to each other. The participants might lose faith in our organizations since we did not protect their identity as required. Mallory couldn’t sum it better when he stated:
“Examples of how difficult it is for organizations to control information flow is demonstrated by how many people have accidentally sent a confidential e-mail to a distribution list when they meant to send it to an individual recipient.”(Mallery, nd)
Email as a tool is very great to an organization as it makes it easier and faster to send information from one user to another, but looking at the security standpoints it can cause a lot of damage to an organization's information.
Now the deliberate part, the majority of employees are reliable, trustworthy individuals seeking to use the system for legitimate purposes. Unfortunately there is always a bad apple in every bushel. Assuming the bad apple is in identity...