Access over 20 million homework & study documents


NTC 360 Security Disadvantages




Showing Page:
Security Disadvantages
While there may be an abundance of reasons in order to implement as many security
measures as one could dream of, there are drawbacks to some of these implementations.
As previously stated, there are many attack points that a hacker can find in which to
infiltrate a corporate network. An internal hacker can steal the login and password of a
careless employee, thereby having unfettered access to company networks under the
guise of legitimate work. In this case, the hacker can steal corporate documents that can
be leaked to competitors. Outside hackers can gain access via the TCP/IP protocol by
imitating a legitimate network IP address, thereby fooling the corporate servers into
thinking the hacker is actually a company workstation. Firewalls can be circumvented in
this same manner. By spoofing a legitimate IP address, the firewall is fooled into
allowing the hacker entry beyond the firewall. Virus’ can wreak havoc on corporate
networks by initiating as a regular program, such as svchost.exe, thereby going
undetected as anything harmful by the virus scan program. These are but a few of the
vantage points that a hacker may take to perform his dirty deeds. The question that
remains is: To what extent is one willing to go to in order to safeguard a network? Is
there a point where having too many precautions becomes a burden for a network?
The simplest and most basic security measure to initiate is a user login and password for
every user on a corporate network. This, in theory, means that only authorized users will
be using corporate resources. However, this is only as good as the users safeguard their
information. Careless users will often write their passwords down and leave them taped
to the back of their keyboards. Any disgruntled employee who has a motive can delete
or damage any resource that the stolen ID may have access to. Not only that, server logs
will show that the damage was done by the stolen ID, rather than the actual person.
Encryption is a valuable tool in providing security for sensitive data. Network data can
easily be intercepted in any number of ways. In order to prevent that, encryption
‘scrambles’ the message, making it nearly impossible for a person to intercept and
decipher. However, doing so requires a considerable increase in computing power and
time. The message must be encrypted by the sending computer, then sent where the
receiving computer must decrypt the message. This may seem trivial, but on a larger
scale, the increase requires greater computing power, and delays in message delivery,
thereby necessitating computers of greater scale.
Computer virus scanning programs are very effective in scanning for most transgressing
programs, bugs, viruses, and Trojan programs that are in currently in existence. There are
a multitude of malicious programs whose sole intent is to wreak havoc on ones network.
An anti-virus program will scan programs for ‘signature’ lines of code against a known
inventory of malicious programs. This is very effective, but once again, there is an
increase in the amount of required computing power and the associated delays in
computer response time. Another possible detractor is that the majority of these
programs often require a licensing fee per computer. So, the larger the business, the
greater the amount of money the corporation must pay to maintain a certain level of

Sign up to view the full document!

lock_open Sign Up
There are other disadvantages to implementing security measures and they all come
down to what a corporation is willing to endure. Covering all possible aspects that a
hacker may use to infiltrate a network is extensive and takes its toll on a computer
systems’ resources. Does the corporation find that the nature of their networks is worth
the financial investment to upgrade their hardware and software to secure their networks?
Or would a corporation rather risk downtime as their network is assaulted on a daily
basis? More times than not, a corporation will seek to ensure they are protected from all
forms of attacks, especially if it has ever happened before.

Sign up to view the full document!

lock_open Sign Up
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Awesome! Made my life easier.