Digital Security Essay Example | Topics and Well Written Essays - 2000 words

Digital Security - Essay Example Digital security devices include secure personal devices such as SIM cards, smart-card based USB tokens, e-passports, secure chips in contactless payment cards, and they give an individual the freedom to shop, communicate, travel, work and bank using his or her digital identity in a manner that is enjoyable, convenient and secure. Therefore, digital security is of utmost important since a lot of information is available on the various digital platforms. Some is personal or private information and some is extremely sensitive information. Therefore, any person or firm needs to put in place security measures that ensure that the security of systems is not breached. This paper examines computer security principles, cryptology and its associated applications and secure software engineering. Computer Security Principles There are many methods and approaches that are used to secure computer systems. However, specific intrinsic expectations have to be met regardless of whether the system is large or small, or is owned by a private organization of by a government. Therefore, there exists generally accepted system security. These principles usually address computer security from an extremely high-level point, and are to be applied when developing computer security policy and programs, and in the creation of new systems, policies and practices (Guttman & Swanson, 1996). Thus, practices encompass broad areas such as accountability, integration and cost-effectiveness. Principles differ from practices in the sense that the latter guides organizations on the types of objectives, procedures and controls that constitute an effective computer security program. Principle 1: Computer Security Supports the Organization’s Mission The aim of computer security is to protect the valuable resources of an organization. These include software, hardware and information. By selecting and applying adequate safeguards, computer security supports a firm’s mission by protecting it s financial and physical resources, legal position, reputation, employees and other intangible and tangible assets (NIST, 1995). Sometimes security can be viewed as a nuisance due to the rules and procedures that are imposed on systems, users and managers. However, well-chosen security procedures and rules are there to protect significant assets as well as support the overall mission of the firm. As such, security should be viewed as a means to an end, and not an end in itself. Take an example of a private business. Usually, making profit is primary while good security is secondary. Therefore, security should be able to support this primary goal of making profit. Principle 2: Computer Security is an Integral Element of Sound Management Information and computer systems are crucial assets that support an organization’s mission. Protecting these systems is as important as the protection of other organizational resources such as employees, physical assets and money. It should be observed that the inclusion of security considerations in managing computers and information does not totally eradicate the possibility that the assets might be harmed. According to Hayden & Feringa (2004), this is why the managers of an organization have to decide the level of risk that they are ready to accept, taking into the account the costs associated with security controls. When a firm’