Thursday, September 5, 2019

ICT Security Issues And Concerns

ICT Security Issues And Concerns ICT security issues and concerns are becoming more prevalent and increasingly complex as the pace of technology implementation continues to accelerate. How this phenomenon has affected the public sector and the private sector in our country. Discuss Each e-government project has its own version of the framework, where elements within the four components may differ according to the individuals agencys business or technical needs. List and explain the function of the components. 1.0 Introduction: ICT is the technology needed for information processing, in general, the use of electronic computers, software applications and communication devices to convert, retrieve, transmit, process, protect and store information from anytime, anywhere. Information and communications technology also known as (ICT) it is the sectors that process information which includes capturing, transmitting, and displaying information using electronic systems. Information communication technology sectors dont stop transforming our everyday life and economy. This sectors Core industries contain: Communications systems contain broadcasting, cable / broadband, telecommunications, and other program that distributes the systems. Computer systems including, network engineering, robotics, electronics, technical support and computer engineering. Software and digital media contains Internet security, web portals, web design, data management, computer animation, simulations, computer games, video games and computer programming. Information communication technology is the technology that needed for information processing such as for the creation, manipulation, storage, retrieval and communication of information. They are of immense value in a world in which there is an information explosion, and where knowledge is complex, ever-changing and cross-disciplinary in nature. Many of the skills of ICT are important aspects of Information Literacy, which relates to the ability to select, organise, analyse and use information effectively. Quick and effective access to information is regarded as essential for everyone in contemporary society; and the ability to construct knowledge from the information gathered has become crucial in Hong Kongs knowledge-based society. Citizens in the 21st century need to understand and be able to use ICT in order to function efficiently in modern society. To maintain the competitiveness of Hong Kong in the world economy, we need to develop interest and nurture talent in our students i n this area. The importance of ICT does not lie in the technology as such, but in its enabling function for access to knowledge and for communication with others. Rapid advances in ICT have continued to drive economic change, restructure businesses, affect education and employment, and contribute significantly to growth and wealth creation. (NATIONAL OPEN UNIVERSITY OF NIGERIA) 2.0 Answer Question 1: Ways severely harm your businesss effect 2.1 Virus: Computer viruses may be benign and result only in amusement or slight annoyance. The best known examples of such a virus are some versions of the Stoned virus which simply write Your computer is stoned on the monitor. Other viruses are more malignant and malicious, destroying or altering data. Once a virus is active in a host computer, the infection can spread rapidly throughout a network to other systems. A virus may attach itself to other programs and hide in them. Or it may infiltrate the computers operating system. All computer operating systems, (for example, MS- and PCDOS, Unix and Macintosh OS) are vulnerable, some more than others. Viruses enter computer systems from an external software source. Just as flowers are attractive to the bees that pollinate them, virus host programs are deliberately made attractive to victims. Often the attraction will be a new game made available for downloading from a computer bulletin board. Or it may be disguised as an executable file attached to an electronic mail message from a friend or business associate. Aside from viruses, there are other threats to user systems, including: Worm and Logic Bombs. (McAFEE Network Security Management) 2.1.2 Worm: Viruses are far from the only maverick programs that can disrupt a computer system. Worms are constructed to infiltrate genuine data processing programs and destroy or alter the data. Often what people believe is a virus infection is, in fact, a worm program. This is not as serious because worms do not replicate themselves. But the damage caused by a worm attack can be just as serious as a virus, especially if not discovered in time. For example, suppose a worm program instructs a banks computer to transfer funds to an illicit account. The fund transfers may continue even after the worm is destroyed. However, once the worm invasion is discovered, recovery is much easier because there is only a single copy of the worm program to destroy since the replicating ability of the virus is absent. This capability may enable it to re-infect a system several times. A worm is similar to a benign tumour while a virus is like a malignant one. (NC STATE UNIVERSITY) 2.1.3 Logic Bombs: Writing a logic bomb program is similar to creating a Trojan Horse. Both also have about the same ability to damage data, too. Logic bombs include a timing device so it will go off at a particular date and time. The Michelangelo virus is embedded in a logic bomb, for example. Other virus programs often include coding similar to that used in logic bombs, but the bombs can be very destructive on their own, even if they lack the ability of the virus to reproduce. One logic bomb caused major problems in the Los Angeles water departments system. Logic bombs are usually timed to do maximum damage. That means the logic bomb is a favoured device for revenge by disgruntled former employees who can set it to activate after they have left the company. One common trigger occurs when the dismissed employees name is deleted from payroll records. On one occasion, a student left a logic bomb timed to explode and wipe out his universitys records well after he had collected his degree and was long gone. This example illustrates the pernicious nature of logic bombs which can be written literally decades before they explode. (Virus Removal Support) 2.1.4 Phishing: The phishing is a common term for the creation and utilize by criminals of websites and e-mails, created to show people they come from well-known, trusted businesses and legitimate, government agencies and financial institutions attempt to gather personal, sensitive information and financial information. These criminals scam Internet users into disclosing their financial and bank information or other personal data for example passwords and usernames, or into unwittingly downloading malicious computer code onto their computers that can allow the criminals subsequent access to those computers or the users financial accounts. Nowadays most people wont reveal their credit card number, password and bank account to just anyone, extra action need to be taken by the phishers to trick their victims into giving up this information. Most of people trust automatic processes nowadays, believing them to be free from human error. However, many messages claim that a computerized audit or other automated process has revealed that something is amiss with the victims account. The victim is more likely to believe that someone has been trying to break into his account than believe that the computer doing the audit made a mistake. (HowStuffWorks, Inc ) 2.1.5 Pharming Besides, there is another threat called Pharming. Pharming means using technical means to redirect of an individual to an illegitimate entity, typically is Web site. Pharming collects personal information via redirecting Internet domain name of people requested to false Web sites. The sites can collect the information and there may be used to commit fraud and identity theft. For instance, an Internet user wishes to log in to his personal online banking account via the banking website, he/she is not really accessing the banks Web site if he/she was redirected to an illegitimate Web . Static domain name spoofing: A person or entity, normally called Pharmer, who tricks Internet users into inadvertently visiting the pharming Web site with advantage of slight misspellings of the domain names. For instance, a pharmer may use maybnk.com instead of maybank.com to redirect user. (Websense, Inc.) 2.1.6 Hacker: A hacker is someone who experts using electronics or computer systems and professional in programming. Hackers like to learn and explore how computer systems function and finding method to make them do what they do better, or do things they werent intended to do. Hacker is separate in two types which is White Hat and Black Hat: White Hat: These are considered the good guys and computer security experts. White hat hackers do not use their hacking skills to hack other people computer or some illegal purposes. They normally help other users protect from the black hats. Black Hat: These are considered the bad guys and they like to hack into other people computer to steal information such as deface websites, steal credit cards or hack bank. Black hat hackers like to use their hacking skills to do bad things for illegal purposes. A hacker can easily hack in the computer to steal information and look into the private things. The benign hacker is the person who likes to get into his/her own computer and understand how it works. The malicious hacker is the person who likes getting into other peoples systems. The benign hackers wish that the media would stop bad-mouthing all hackers and use the term attacker instead. (Introduction to Ethical Hacking) 3.0 Answer Question 2: E-Government: Terms used in this research are defined in this section to facilitate smooth and clear reading for all categories of readers. Some of the terms defined are e-Government, e-Government value chain and stakeholders, effective e-Government, and efficient e-Government. A number of definitions for e-Government have been offered in existing literature. Many terms such as digital government, inter-networked government (Tapscott, 1995) and government online has been used. The researcher deems all these terms to be synonymous. E-Government in simplest terms can be described as the use of ICT within government to make operations more efficient, improve quality of service and offer an easy access for citizens to government information and services (Kraemer and King, 2003). Kraemer also cited that Senators Lieberman and Thompson defined e-Government as a wayto better use IT advances to achieve greater effectiveness and to provide citizens easy, electronic access to government programs, services and information. (Axelsson, Karin, Linkà ¶ping University) The term e-Government also refers to the planned and coordinated use of ICT to strengthen the core functions of public institutions. Not every computer in use in the public sector amounts to e-Government. When electronic data processing emerged on a more widespread basis, its initial focus was on isolated and targeted modernization efforts in a limited number of key sectors. Today, however, the focus is on the networking of workplaces, administrations, and political institutions as well as on Information and Communications Technology based communication with customers or citizens. This calls for concepts that are geared to integrating the modernization goals and investment planning of various institutions and based on a thorough examination and analysis of service portfolios and the demand for public services. The implementation of e-Government requires strong leadership and a vision. It also requires a comprehensive strategy that is not only benchmarked on global best practices, but also sensitive to existing political and economic conditions and realities. For E-Government to become a reality, governments, in consultation with stakeholders, should follow a common nationwide strategic framework, which articulates the governments vision, targets and milestones, technical approach and standards for e-Government systems. Such a framework should also address information privacy, security, maintenance, and interface standards. (Axelsson, Karin, Linkà ¶ping University) 3.1 Four main components of E-Government: An implementation framework is designed to guide and manage the execution of the E-Government strategy. This framework is an adaptation of Accentures Business Integration Framework and can be broken down into four main components which are Programme Management, Technology, Process, and Strategy. Each E-Government project has its own version of the framework, where elements within the four components may differ according to the individual agencys business or technical needs. 3.1.1 Programme Management: The Program manager of E-Government chooses an initiative to be implemented and establish the strategy and goals that is aimed at accomplishing through this initiative. Next, the government agency that would lead this initiative is identified and agreed upon. The agreement or commitment gained from the chosen agency and governing body, acts as the green-light to go ahead with the implementation. With this, the project committee can begin to assess the policies that are dependent on the initiative. Policy amendments that are possibly required are highlighted. The framework is where all the planning processes are placed. A project plan will be planned and documented by the Program managers. Functional areas that will be targeted are identified. Critical success factors for this initiative are identified in order to maintain a focus on the objective and goals. Policies that were identified to be amended will be planned for according to relevant standards and regulations. New infrastructure that will be required are identified, planned for and scoped. With the policies in place, the program managers would now need to assess whether in-house skills and staffing resources are sufficient. Otherwise, alternatives such as short-term contracting and outsourcing would have to be selected. This is where procurement planning comes into place. (Roslind Kaur) 3.1.2 Technology: Although e-Government is often defined as online government or Internet-based government, many non-Internet based e-Government technologies can be named in this context, including telephone, fax, personal digital assistants (PDA), short messaging service (SMS), multimedia messaging service (MMS), and third-generation technology (3G), general packet radio service (GPRS), WiFi, Worldwide Interoperability for Microwave Access (WiMAX) and Bluetooth. Other technologies can include closed-circuit television (CCTV), tracking systems, radio-frequency identification (RFID),road traffic management, biometric identification, and regulatory enforcement, smart cards, identity cards, and other communication applications, polling station technology (for non-online e-voting), television and radio-based delivery of government services, online chat, electronic mailing lists and newsgroup, online community facilities, email, and other messaging technologies. Other aspects of technology to be considered in the implementation of e-Government are enablement, interoperability such as the e-Government interoperability framework (e-GIF) and semantic web issues, legacy technology, and implications for software choices (open source or proprietary software, and suitable programming languages). (OOH KIM LEAN) 3.1.3 Process: In contrast to traditional government processes, e-Government is characterized by extensive use of communication technology, the impersonal nature of the online environment and the ease of information can be collected (data-mining), processed and used by multiple parties (Warkentin, Gefen, Pavlou Rose, 2002). However, e-Government has the implicit uncertainty of using an open technological infrastructure for transaction via the newness of the communication medium interact with a government website. This would indirectly increase the spatial and temporal separation between citizens and government; more uncertainty and concern about the reliability of the underlying Internet and related government infrastructure interfaces. As overall these unique differences increase uncertainty and reduce perception of citizen control, imposing a barrier to e-Government adoption. (OOH KIM LEAN) A number of research papers in e-Government were published in recent years to help practitioners to improve government service quality, responsiveness, convenience and accessibility to both citizens in urban and rural area. Their effort can be categorized into few issues: (i) The concept, theories, history, structure, initiatives, policy, key principles, impact, challenges, and development success factors of e-Government; (ii) The technology application, 13knowledge spillover, innovative efforts and approach to facilitate e-Government implementation and evaluation; (iii) Management support or implementation strategies such as framework for managing the lifecycle of transactional e-Government services to facilitating the e-Government services. To provide more intuitive and maintainable lifecycle for electronic tax submission (one of the e-government service to citizens), government must overcome shortcoming happen during the lifecycle such as implicit knowledge, user interaction, code reusability, communication with back-end system, business reengineering required to upgrade to workflow flexibility and resolve security issue (Vassilakis, Laskaridis, Lepouras, Rouvas Georgiadis 2003) (iv) the assessment, measurement of e-Government services provided to public sector and its effects on economic, social benefits of the implementation; (v) key factors affecting acceptance , expectation and usage intention of e-Government services. (OOH KIM LEAN) 3.1.4 Strategy: The process of adopting advanced ICT solutions for the transformation of e-government faces many challenges. Due to the complex nature of these projects and the sheer number of stakeholders involved, effective visualization and management of such initiatives is highly critical but needs to be simple in order to accelerate understanding off and buy in into the framework. However it is important that the framework represent all important aspects of the e-government strategy. That said, despite years of governmental efforts to implement e-government initiatives, there are no commonly established methods and frameworks for the visualization of an overarching e-government strategy. A comprehensive framework needs to account for how the different supporting and impeding forces impacting projects being implemented as a part of such a strategy. Given that such a framework will also have a long lifecycle and encompass a broad scope, the framework also needs to remain applicable regardless of changes in the environment. As most projects go through much iteration of technical and process changes, any changes within the ecosystem should not risk the validity of the strategy framework. Hence the framework needs to be adaptable to changing environments and should be defined in a technology neutral manner. Such an approach will also allow the framework to act as the bridge between decision makers and implementers, thus reducing the mismatch between the expected versus realized outcomes. (Roslind Kaur) 4.0 Conclusion and Recommendation: In my opinion, Information is the life wire of todays business organizations, institutions and industries. Information and Communication Technologies (ICT) covers all advanced technologies in manipulating and communicating information. Information is an organized, meaningful and useful interpretation of data. However, Information and Communication Technologies is very important and much of benefit. Viruses are designed to proliferate and propagate. This means each and every contact between your system and any other system is an opportunity for infection. That can include floppy disks and contacts via modem (or other network connection). Be especially careful of users who frequently use a number of different systems outside your company. Hacker is also dangerous to all the computer users, a hacker can easily hack in the computer to steal information and look into the private thing. Governments around the world have pursed e-government programs seeking to electronically govern internal and external operations and to provide coherence between the various administrative government units so that they work to complement and complete each other. However, and despite the fact that many governments have injected substantial investments, most e-government initiatives in our view have not delivered the transformation environment sought from their implementation. This research study was developed to support the United Arab Emirates in pursuing its objective towards e-government transformation. It presented an innovative framework developed from a government practitioners viewpoint and in light of the existing literature in the field. The recommended approach is an amalgamation of learnings from various e-governments initiatives across the globe.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.