Management Information System
Essay by sadkfh • October 20, 2016 • Dissertation • 2,249 Words (9 Pages) • 1,926 Views
[pic 1]
NAME: FARAIMUNASHE MAKOMEKE
REG NUMBER: W150879
PROGRAM: BSc. (HONOURS) INFORMATION SYSTEMS
INTAKE: 17
COURSE CODE: MANAGEMENT INFORMATION SYSTEMS
LECTURER: MRS MUDANGWE
ASSIGNMENT: 1
`
QUESTION: Outline the security concerns around an MIS. (What are e risks involved & how u encounter them)
COMMENTS:
DEFINITIONS:
MANAGEMENT INFORMATION SYSTEM (MIS)
Management information system refers to a computer-based system that provides managers with the tools to organize, evaluate and efficiently manage departments within an organization. In order to provide past, present and prediction information, a management information system can include software that helps in decision making, data resources such as databases, the hardware resources of a system, decision support systems, people management and project management applications, and any computerized processes that enable the department to run efficiently.
Security is a multi-faceted problem that requires close analysis of all the vulnerable factors in a business infrastructure. Some of the security concerned are outlined here
Unauthorised access
This can be solved by introducing authentication methods that seek to guarantee the identities of system users which have to logon to the system using credentials such as a username and password. More secure methods such as fingerprint authentication can be used as passwords can be guessed or stolen. System security monitors are programs that monitor the use of computer systems and networks and protect them from unauthorized use, fraud, and destruction.
Spoofing and Sniffing
Hackers attempting to hide their true identity often spoof ,or misrepresent themselves by using fake e-mail addresses or masquerading as someone else .Spoofing redirecting a Web link to an address different from the intended one ,with the site masquerading as the intended destination .Links that are designed to lead to one side can be reset to send users to a totally unrelated site ,one that benefits the hacker .For example ,if hackers redirect customers to a fake Web site that looks almost exactly like the true site ,they can collect and process orders effectively stealing business as well as sensitive customer information from the true site. It is should be noted that while a sniffer is a type of eavesdropping program that monitors information travelling over a network. When used legitimately, sniffers can help identify potential network trouble-spots or criminal activity on network, but when used for criminal purposes, they can be damaging and very difficult to detect. Sniffer enable hackers to steal proprietary information from anywhere on a network, including e-mail messages, company files, and confidential reports.
Malware and Viruses
New security threats are emerging every day from malware programs that can be unintentionally installed on a user’s machine, these can attempt to deceive employees into giving up confidential information, to viruses, worms, and strategic identity theft attempts. The threat that attacks the information in organizations can be difficult to handle if it spreads via the network. Updating Antivirus programs software can help lower the risk.
Worms
A variation of virus that is targeted at networks, take advantage of security holes in operating systems and other software to replicate endlessly across the Internet, thus causing servers to crash, which denies service to Internet users. Worms can destroy data and programs as well as disrupt or even halt the operation of computer networks. A worm is similarly constructed to get into data-processing programmes and to modify or destroy the data, but it differs from a virus in that it does not have the ability to duplicate itself. The consequences of worm attack can be as serious as those of the virus attack. For example, a bank computer can be instructed, by a worm program that consequently destroys itself, to continually transfer money to an illegal account.
Trojan horses
A Trojan appears as a legitimate in order to gain access to computer. The use of Trojans to disrupt company activities or gain access to confidential information has grown sharply in the past few years. Most of the Trojans encountered by business organization are designed to gather information and transmit regular reports back to the owner. Typically, a Trojan will incorporate a key logging facility, which also called a 'keystroke recorder' to capture all keyboard input from a given computer. Capturing keyboard data allows the owner of the Trojan to gather a great deal of information, such as passwords and the contents of all outgoing e-mail messages.
Trojans are often used as delivering systems for spyware and other forms of malware. When a Trojan horse is being as spyware, it monitors someone computer activities. It is designed to give owners control over the target computer system. Effectively, the Trojan act as a remote control application, allowing the owner to carry out actions on the target computer as if they were sitting in front of it. Sometimes, the owner of the Trojan will make no effort to conceal their activities, for example, the victims sees actions being carried out but is unable to intervene, short of switching off the computer. More often, however, the Trojan operates silently and the victim is unaware that their computer is running programs, deleting files, sending e-mail, etc. Trojan horses can destroy files and data, but commonly contain spyware, and an even backdoor program. Trojans is usually contained in software downloads from unknown or entrusted source.
...
...