Computer Security

Research Proposal

Description of the Topic

Initially, computer security was defined as the protection of a physical machine. This, however, has changed after the thorough publicity of data protection. Computer security is now known as the act of protecting information stored on computers from unauthorized access or compromise by individuals. The most common computer security techniques are focused on the use of passwords and data encryption (Henson & Taylor, 2014). A password is a secret code that allows access of a user to a file or a program while data encryption is the process of securing data for transmission by means of alphanumeric or symbols representing each letter of the alphabet that needs to be deciphered in order to be legible (Bhattacharya, 2011). Some organizations opt to restrict any unauthorized access into machine rooms, hereby, paying more attention to the physical machine. This rarely provides any meaningful protection given the development of networking, remote terminal access, and other various forms of communications (Chen, Nguyen, & Roscoe, 2013).

The development of technology brings new security concerns. Eventually, it requires new techniques to tackle these concerns. So far, the level of technology development is at a higher rate than the level at which new security solutions are formulated. It is caused by a single invisible security weakness (hole) discovered by a determined intruder, which often renders all the security measures pointless. Computer security is seen to be a battle of wits where the intruder attacks to find weak spots while a protector defends the system doing all possible to find the weak spots earlier and to reassure them. The technologies develop and it is important to stress the fact that this struggle constantly continues as each of the opponents master their skills and apply more and more ideas and technologies into being a winner in the battle (Calia, 2013).

If corrective actions are done and the necessary measures are implemented, the system can be effectively protected. However, there is no right to relax and ignore the fact that people can fail to see how the intruder finds the hole. At the same time, the intruder searches for the weakness in the system ignoring the fact that the protector works hard on its protection. The issue in the case of computer security is based mainly on the fact that both intruder and protector use similar techniques and only the mastery matters. Since it is impossible to be assured that the system is totally secure, the focus should be done on designing a system, a program, or a strategy that can make it very difficult for an intruder to succeed in the struggle. Considering the security weaknesses identified in the Government Information Security Reform Act, they “fell into six categories, including inadequate performance measures, few security education and awareness programs, and virtually no meaningful systems to detect, report and share incident information” (Frank, 2002, p. 11).

Why Is This Topic Important?

This topic of computer security is very important because the whole modern community depends on the information out of the computers. All the financial operations are done online, most of the private information and secured strategic facts are stored in the computers and on the servers. Recently, an increase in the awareness of computer security has been noticed. Many people agree that the struggle cannot last forever, and in case of intruder wins, people may face serious problems. Privacy must be protected. People trust computers a lot as they make their lives easy. At the same time, attention must be paid to the particular computer security strategies to assure that privacy is guaranteed. Having stolen personal information, criminals may use it for personal purposes that will surely create a lot of troubles to people (Boerner, 2014). Speaking about the business and different organizations, the failure to implement top-quality computer security may lead to the serious problems caused not only to people but to the economy of the country. If the organization works in the international arena, many foreign companies may suffer if privacy is not guaranteed and not protected.

Context of the Problem

Why Is It a Problem?

Nowadays, the term “computer security” is widely used in different spheres of human life. The fact is that a computer is prone to several risks only if it is not connected via a network to other computers. In recent years, the percentage of users of computer networks (especially the Internet ones) has grown rapidly. For this reason, the term “computer security” is used to describe the problems associated with the network after using computers and their resources. The problem is that the private information, which can be stolen from the computers may be used to harm people in private and financial way. Therefore, online criminals can successfully arrange financial crimes, sell private information, etc.

A computer virus is a small program written by a highly qualified programmer aimed at causing harm to the program files, stealing the information, deleting important software, etc. Viruses can replicate independently (without manual monitoring and guideline) and can perform different actions. Nowadays, more than 50 thousand computer viruses are known and this is not the stable data because the number of viruses increases every minute as well as the strategies aimed at protecting computers and software. Much time has passed from the time the first version of a computer virus was developed. However, most experts agree that computer viruses, as they are known for now, first appeared in 1986. Its history is closely related to the idea of creating self-reproduction programs. One of the pioneers of such self-production programs among computer viruses is considered to be a virus called “Brain”, created by Pakistan programmer named Alvi. Only in the U.S., this virus has hit more than 18 thousand computers. In the early era of computer viruses development, such programs were made for discovery only, gradually turning into an outright hostile confrontation of users and irresponsible and even criminal ‘elements.’ The problem has become so extended and serious that the issue of computer security is legally grounded. There are specific laws aimed at punishing computer criminals, who create and distribute viruses. Stealing of the information and intentional harm caused to personal privacy are followed by criminal laws.

People and Place Who Consider Computer Security a Problem

Viruses are only active when they have interfered in the program or software. They tend to join the file or penetrate into it. In this case, the file is called infected with a virus. The virus enters the computer only with an infected file. However, infected file may cause no problems at all until a particular time comes. Depending on the virus type and the time of duration, viruses can behave differently inside the computer. Even the visual effect from the virus activity may differ. Both home and commercial computers can be infected that can lead to serious security troubles. Private information at home and corporate secrets in the organization may be equally important, everything depends on the information.

As has already been mentioned above, data protection is the main focus of computer security, especially when it deals with the financial data of the organization or the protection of personal income. Data protection is an important element for financial systems. When dealing with the network, a user should remember the existence of several plausible threats. The first threat is caused by the intentional access, reading or change of the information. The second thread is limited to incorrect identification of the self with fraudulent purposes. The third thread is caused by unauthorized access from one network to another.

The main requirements for commercial operations are confidentiality, integrity, authentication, authorization, and secrecy guarantees. Threats to information security are the backside of the use of information technology. There are a lot of consequences of the failure to meet the security requirement. The categories and the actors may significantly differentiate depending on the problem; however, computer security is not confined solely to information security, it is essentially a broader concept.

Information relationships can suffer physical and/or moral hazard, not only from unauthorized access to information but also due to the block of the system and the inability for further work. There are three significantly different categories of actors that need information security, namely government agencies, businesses, and individuals.

The legislative level is one of the most essential factors that ensure information security. This whole complex of measures is aimed at creating and maintaining the public’s negative relation to the violations and violators of information security. Moreover, the most important thing in law is to create a mechanism to harmonize the process of drafting the progress of information technology. Other levels of security are as follows procedural level, administrative level, software, and technical level, etc.

Purpose of the Research of This Problem

The purpose of the research is to identify the most dangerous aspects of computer security in the organizations in California and to stress the best ways out of the situation. Additionally to the assessment of the current situation with the computer security, the study is going to stress the particular suggestions the organizations should refer to for making sure that all the necessary actions are done in order to protect employee privacy and company financial security. Technology development is a very rapid process, and hacker’s knowledge grows fast. Therefore, it is important to know the main strategies of computer security to assure the protection of every kind of information to prevent troubles.

The Problem Statement

Computer security is one of the primary problems people face in regards to the usage of computers, as more and more people and organizations use them for storing important information and making financial transactions. According to Weise and Sepinuck (2013), “there are three requirements for a security interest to attach; that is, to come into existence: the debtor must authenticate a security agreement that describes the collateral; value must be given; and the debtor must have rights in the collateral” (p. 1255). The problem of computer security is reviled in the following aspects, the history of the issue and why it is a problem, the place and the target audience for whom computer security is a problem, and the purpose of the research on this problem. Information protection must be placed on the primary stage of the development in computer technologies as the failure to guaranty the security of the data may cause very serious problems not only to the particular person or a company but to the whole community, which may result in a serious crisis. Therefore, this proposal is aimed at developing a particular change in the vision of computer security and the network world. As the problem of computer security occurs at the global level and has high importance and priority, it will involve numerous investments and required resources to increase the protection of computers and networks.

Research Questions

Computer security, and information protection, in particular, is one of the most essential issues for any person and organization in the modern world. The role of computer security is to provide users with the protection of data resources and uphold data integrity, confidentiality, and availability (The Importance of Computer Security, 2013).

In many cases, people do not think about computer security as a serious issue. However, it becomes urgent as soon as it arises. A breach in security can result in harmful problems to a person or business. Computer security has become one of the primary problems humanity faces in terms of computer usage. A good security plan and the plan related to the emergency actions ensure users that the information that is held in networks and computers is secured and safe (Adam, Dogramaci, & Gangopdhyay, 1999).

The research objectives are:

· To analyze the history of computer security and its relevance to the present times;

· To identify the category of people who are subjected to the breakage of computer security, and the ways of making computers and networks safe and secure;

· To determine the degree of effectiveness of the current computer policy related to data security;

· To determine security holes in the present security policy;

· To determine the threats of security holes.

The problem of computer security as reached global scopes and is considered to be extremely important. Therefore, the main aim of the research is to make the world of computers secured.

In order to achieve the objectives of the study, the following research questions will ensure that the study remains focused on the main issues:

1. Why are computer and network security essential?

2. How can users ensure computer security?

3. What are the potential dangers of computer security breakage?

4. What should be done to improve the situation with computer security?

5. What are computer security mechanisms?

6. What is the effectiveness of the computer security mechanism?

The research questions allow formulating the following hypotheses of the research.

The breakage of computer security is disastrous for the community and its privacy.

It is time and cost consuming to make the computer secure, but in case of security breaking the financial losses may be much greater.

Does proper education help to make computers secure?

The data and information that most private and corporate users store on their hard drives are usually more valuable than the computers themselves. It means that the importance of computer security is based on the way how harmful it can be if the data and information are lost (The Importance of Computer Security, 2013). In addition, the importance of computer security is closely related to network security and is extended to computer skills. Users should be aware of the risks of the Internet, particularly when they want to download any information. Moreover, users should be extremely attentive while sharing personal information with others and keep the information about their credit cards closely guarded. Properly applied security mechanisms can protect computers. Used in combination, they are able to provide the security users require without a usability loss to the system users (Zittrain, 2008).

Referring to the objectives and the research questions, the data is gathered by the methods of qualitative research that can help existing information regarding computer security, the ways ensuring computer security, and security mechanisms. Qualitative research is used for data collection as a way to observe human attitudes and their behavior through the use of interviews, surveys, and observations. In addition, qualitative research can help understand the problem under analysis from the perspective of computer users. Therefore, a qualitative study can provide a good representation of the research problem.

Significance of the Study

Modern society can be characterized by the constant increase in the roles of computerized systems. Computers have nowadays become an integral part of human life and are used for everything, starting from banking spheres and ending in shopping and communication. Computers and supportive technologies store private information, emails, corporate information, etc. Hence, it is essential for users not to lose their private information, or passwords for online accounts and to prevent the possibility of redistributing the data. The increased use of computer systems both at work and in the everyday life has led to the problem of the increased risk for society to become vulnerable to misuse the computer systems, as well as the information and data that is stored there. A security breach may lead to serious problems to a person or to his/her business (The Importance of Computer Security, 2013). The increasing sophistication and volume of computer security threats include data theft, phishing scams, and a variety of other online vulnerabilities.

Today’s communication conducted online requires people to be maximum attentive and to assure that the prevention of personal and corporate data thefts takes place. People have to share different documents, some secured information including credit card data, passwords, worksheets, and others. Most daily actions are highly dependent on the security of data stored in computers. The necessity to share this information demands vigilance about securing computer systems and information (Why Cyber Security is Important, n.d.). This explains the significance of investigating the problem of privacy protection and the ways of computer security.

The actions directed at computer security are aimed at preventing and detecting unauthorized computer use. Additionally, prevention measures analyzed in the study help people stop illegal intrusion into the users’ information and prevent the access of any part of one’s computer system. Detection helps users to determine whether anyone else made attempts to break into the system or not. It is evident that there are a lot of aspects and additional issues which deserve attention while spring about computer security and data protection. Thousands of infected web pages are discovered every day and a huge number of records have been involved in data breaches. New ways and methods of attacks are launched continuously. However, the study provides basic instructions related to computer security, highlighting the importance of data security and the essential approaches to system and data protection (Why Cyber Security is Important, n.d.).

Study Significance Both in Theory and Practice

The study is significant both for theoretical research and practical implementation. First, it provides a valuable theoretical basis for the research topic, making the readers aware of computer security problems. The study gives a better understanding of the importance of computer security, making computer users aware of the risks of the Internet, particularly when they want to download any information. The study may be a useful guide for computer users who need to address the issue of computer and information security. Second, the research may be used as a guide to making one’s computer protected from any outside threats, as it explains how to ensure computer security. Properly applied security mechanisms and software described in the paper may help to protect users’ computers. In addition, the study recognizes different types of risks a computer user may face in an online world. Nowadays, the protection of information and data stored in computers has become a crucial necessity, rather than simple responsibility.

The Benefits of This Research

The current research provides insight into the basic ways of computer security, making emphasis on the fact a good security plan is required to ensure users that the information in their networks and computers is safe. Another benefit of the study is that it helps to identify the category of users who tend to be subjected to the computer security breakage, as well as determine the degree of effectiveness of the chosen computer policy that ensures data security. Thus, the study is beneficial in terms of practice and theory, as it provides a better understanding of the researched topic and discusses the issues that need urgent solutions.

Research Design and Methodology

Research Procedures

The research refers to qualitative data analysis for assessing the computer security of the organization. Having an intention to assess the security situation in the organization, to find the most dangerous aspects of the computer security and to stress on the best ways out of the situation, the qualitative research methods based on the interview is the best outcome. It is for a reason that computer security is mainly a concern of the intrinsic/in-built security makeup of the hardware and software of a computer system. The objective of the study is to assess the cybersecurity situation in small businesses in California by means of questioning the employees and testing the business’s cybersecurity. The research seeks to test the hypothesis that small to medium businesses in the USA are not ready or properly positioned in case of a cyber-attack (Wilson & Tim, 2011).

Data Collection

Both primary and secondary methods of data collection will be used. First, the research will test the general awareness of the businesses concerning cybersecurity. Second, the research will also seek to establish the technical readiness of these businesses in case of a cyber-attack. The primary methods include issuing questionnaires to general employees of these businesses and interviewing the managers. Five hundred questionnaires will be issued in fifty enterprises across various industries, which use the Internet as one of the main means of information sharing. The questionnaires will focus on the awareness of the staff about the existing measures of computer security by the company they work for. These include, for instance, protection of staff passwords, presence of an IT department and training on cybersecurity. The aim is to find the industry with the greatest employee awareness on computer security as well as capture the general awareness. The interviews aim to test the managers’ awareness as well as their sensitivity to the issue of computer security. A total of fifty interviews will be conducted; one in each of the fifty enterprises where questionnaires are issued. In addition, the research team shall engage the information technology staff of the businesses in a qualitative interview concerning the state of their computer security: architecture and alert systems.

The secondary research methods involve the search for available sources online. Secondary resources will be used for researching the current achievements in the field of computer technology. Also, the hypotheses will be checked by means of the analysis of the sources related to the problem. The study will refer mainly to scholarly articles due to the fact that they contain reliable and authoritative information. These sources are expected to provide information concerning the averages SME investment in computer security as well as awareness levels. In addition, secondary sources will also provide information concerning government policy on computer security and data protection.

These methods seek to answer various questions concerning computer security in small-to-medium enterprises in California. Both methods seek to answer the question of awareness of computer security issues. The presence of a computer security department (permanent or contingent) in the business is also an important qualitative parameter. In addition, the research investigates the architecture of computer systems with the aim to identify possible loopholes executable by hackers (Kaven & Oliver, 2011). The IT staff are also tested on their knowledge of common hacker codes.

The relevance of Research Methodology

The analysis will seek to identify coherence between the responses of the managers and the employees. In addition, the relationship between ignorance and/or indifference and the number of cyber-attacks or security breaches previously experienced will be worked out. The amount of money invested in computer security will also be correlated with more awareness and preparedness. In addition, existing flaws in the computer security systems will be identified along with potential recommended solutions. Qualitative methods have both advantages and disadvantages. First, most qualitative data needed is very sensitive to the business. As such, many respondents must be involved so as to ascertain the reliability of the analysis arrived at. This is expensive in terms of money and time. The distinct advantage, however, is that if successful, the research will reveal important security information, which can be used to improve national computer security.

Organization of the Study

The organization of the study will provide an overview of the chapters in the research project titled “Computer Security.” The study will define the main hazards, computer security attacks and the history of such attacks. The study will also provide information on the ways to reduce the possibility of computer security attacks and the harm such attacks may cause. The first chapter in the study is going to focus mainly on the context of the problem. Overall, the first chapter will dwell upon the historical data on the computer security problem with identifying the threats and targets that are affected. Finally, the purpose of the research on the computer security problem will be defined by stressing the main aspects which will be covered. The second chapter will disclose information about the problem statement. The chapter subsections will highlight the aspects of financial fraud, the possible theft, and theft of proprietary information. The information provided will give a better understanding of why the problem under analysis is so serious. The third chapter will cover the research questions that have been critically assessed for the research project. Here are the research questions, which are going to be covered in this chapter:

1. Why are computer and network security essential?

2. How can users ensure computer security?

3. What are the potential dangers of computer security breakage?

4. What should be done to improve the situation with computer security?

5. What are computer security mechanisms?

6. What is the effectiveness of the computer security mechanism?

The fourth chapter will cover the information about the significance of the study. Overall, the significance of the information is going to be assessed by means of understanding the importance of computer security in modern society. Furthermore, the significance of the study in both theoretical and practical fields is going to be considered with reference to the existing research in the field. Finally, the benefits of the research will be identified. The fifth chapter will focus on describing the research design and methodology focusing particularly on research procedures used for the study, data collection methods and relevance of the research methodology. The sixth chapter will consider the research results obtained from the questionnaires and interviews. It is important to assure that all the results are properly arranged and systemized in the tables to keep them together. The analysis of the research results will be conducted in the seventh chapter. The discussion is one of the most important chapters as it will help to understand the research results and will end with the suggestions people and companies need to refer to with the purpose of assuring computer security and information protection.

Tentative Reference List

Every research study must contain a list of reliable sources from which the researcher seeks to find information about the research topic. Also, the sources help make an assessment of the current achievements in the field with the reference containing reliable information incredible sources. Different types of sources exist including journal articles, books, encyclopedias, monographs, and encyclopedias. This paper presents a list of ten peer-reviewed journal articles that are going to be used in the research study on the topic of computer security. The list of the scholarly peer-reviewed articles is supported with a concise description of the information in the source stressing its reference to the study under analysis.

Coker, C. A. M. (2003). Contribution of traditional schooling to the education of the artist in Sierra Leone. (Ph.D. thesis).

This article provides a detailed review of various research methodologies that can be used during the research studies. The source can be used for assessing the best technologies for research conduction in the current

Dionysiou, I., & Ktoridou, D. (2012). Enhancing dynamic-content courses with student-oriented learning strategies: The case of computer security course. International Journal of Cyber Ethics in Education (ijcee), 2(2), 24-33.

This article discusses how to develop and enhance dynamic content courses for students in computer security courses. Some of the things can be learned from the article are devoted to the issue of what constitutes computer security, the importance of computer security and how to ensure computer security among others. This information will help to develop the strategies for dealing with possible computer threats.

Guaragno, J. P., & Monma, C. L. (1996). Computer security in jeopardy. Contingency Planning & Management, 1(5), 20.

The information in the article assists in learning more about computer security and the various threats it faces. It also helps to get information about how to plan for and manage computer security threats. This article will be helpful in understanding the significance of the problem and confirmation the fact that the problem requires much attention.

Hutchings, A. (2012). Computer security threats faced by small businesses in Australia. Trends and Issues in Crime and Criminal Justice, 433, 1-6.

This article discusses a variety of computer security threats faced by small businesses mainly in Australia. It is very important to learn the security threats and how small institutions can deal with them. Also, the research described in the article is closely related to the information, which is going to be analyzed in the study under analysis. Therefore, the procedures and the conclusion done in this research may be helpful in creating the parallels and arranging the discussion.

Janicke, H., Cau, A., Siewe, F., & Zedan, H. (2012). Dynamic access control policies – specification and verification. Computer Journal, 56(4), 440.

One of the major things this article focuses on is how to develop and implement appropriate access control tools and policies that would ensure the ultimate computer and network security. This information will help to analyze the existing knowledge in the computer security field for addressing the most important issues in the current research.

Kranz, G. (2012). Securing cyberspace: Virginia companies and universities ramp up to thwart computer attacks. Virginia Business, 27(3), 42-43.

From this article, I hope to learn how organizations or institutions can secure their computer networks from attacks. In the article, the author focuses on companies and universities in Virginia and how they ramped up to prevent attacks on their computer systems. Based on the examples provided in the article, I learn some of the techniques that the Virginian companies and universities used and to establish if they can be adopted by other organizations.

Michalski, J. T. (2006). Network security mechanisms utilizing network address translation. International Journal of Critical Infrastructures, 2(1), 10-49.

From this article, I hope to learn the various security mechanisms that can be used to secure computer systems and networks.

Sloggett, D. R., & Beechener, J. (2012). Growing cyber threats gain attention: The need to protect sensitive IT networks places yet another security burden on an industry that is already familiar with the threat of terrorism. Ihs Jane’s Airport Review, 24, 28-40.

From this article, I hope to learn how to protect computer networks from threats and attacks. The article also highlights the need or importance of protecting computer networks from attacks.

Trim, P. R. J. (2005). Managing computer security issues: Preventing and limiting future threats and disasters. Disaster Prevention and Management, 14(4), 493-505.

From this article, I learn how to manage computer security issues. The article highlights various ways and techniques for preventing and limiting computer security threats as well as how to deal with disasters caused by computer security threats.

Turk, T. (2007, January 01). System dynamics simulation of computer networks: Price-controlled QoS framework. Mathematics and Computers in Simulation, 78(1), 27-39.

The main focus of this article is one how computer networks can be simulated to prevent them from possible threats and attacks. The recommendations section may involve this particular information.

Leadership styles to be applied by Tesco employee in Order to gain Competitive Advantage

Computer Technologies in Education