System analysis and design are the arts of evaluating information systems and forming systems that carry on the communication within the firm. System analysis is a formal inquiry carried out to help people identify a better action to take to make better decisions in technology. Systems design is the method of defining the architecture, systems’ components, network interfaces, and data to meets specified requirements.
The system design process develops systems to satisfy the users’ specifications. The communication system is full of security breaches, which corrupt the system network system (Beekman 34). The destructions bring about a significant challenge to the operations of businesses in the economy. The paper discusses different types of system security. It discusses the ways of preventing cyber-attacks and the consequences of cyber-attacks.
System development process
The system development process defines the methods to use to form a system of networks. The decision on what system to utilise depends upon different factors. The factors include the level of trust in the operating environment, the levels of security the systems it will connect to, the people using the system, and the sensitivity of the data under consideration. Other factors include the critical nature of the functions of the business and the cost of installing the system.
E-commerce is the area that threatens the security of a firm. E-commerce brings about the threat because it uses the internet network to do business (Richards 103). The threats under consideration range from hacking, personal data breaches, and to access to unauthorized information. Technology developers involve measures to curb the attacks.
Most commercial applications have a security control built to eliminate the chances of access by other users. The increased worldwide threat to cyber-attacks is the reason for the necessitated level of cybercrime awareness globally. Although the world is doing so much to curb cyber-attacks, the criminals also become more sophisticated in their skills prompting researchers to discover new methods of preventing attackers.
Existing Technological Problems
Technology is a definite thing in organizations. The advantages are brought about by the ease of movement of information and how fast it is to calculate and keep records. Most people keep their valuable information in computers. The information may be sensitive or sometimes may cause great harm if exposed to the world. Due to the growth in technology and globalization, unlawful access and sharing of information increased around the network system (Perker 81).
The illegal accesses involve hacking of computer systems and personal data breaches. Systems hacking is the act of using software to access networks and websites without the administrator’s permission. A hacker conducts the hacking process in a remote area to accesses a computer system in a different location. The adverse effect of hacking is exploiting the networks to obtain information from persons, then using the information for selfish purposes.
The last problem is the corruption of folders by viruses and worms. Viruses are software created to get corrupt files in the system. Viruses or worms emerge from sharing removable devices between computers. The infections may also infect computers through the internet system. Computer and software programmers develop viruses and worms to cause distraction of the network system among technology users.
Today’s Business Needs in Light of the Identified Problems
Firms embraced technology to ease communication and flow of information around the business. The process became possible due to the affordability of technology devices and the internet. Today, organizations can conduct businesses with offices across the globe without travelling to the other office. Just as the information travels across the system, the network develops weaknesses that hackers can exploit. Businesses risk losing valuable data that the exploiters can use to harm the business (Perker 81). Leaked information can cause losses to the firm. It is the mandate of the managers to ensure that the technological systems are secure.
Organizations need to protect their businesses from cyber-attacks to protect vital information from spilling. The process starts with organizations employing qualified workers in the IT department. The IT workers need to develop systems analysis and design groups to deal with technological problems. The personnel needs to analyze the physical components of devices to ensure that they are in good shape.
The system designers need to analyze the architectural design of the firm’s network sector to identify weaknesses. The designers and analysts need to put measures of security like encrypting files and passwords to limit access to files by unauthorized users. If the panel finds a problem, the people look for ways to curb the situation to aid in avoiding the future occurrence of the same. Anti-virus software and other software are vital to protect the network system from infection from viruses. Technology continues to grow. The systems analysts and designers need to keep updating their software and systems to keep up with the latest developments (Perker 81).
Stakeholders in Security Systems Development
There are no definite stakeholders in systems security development. Different companies specialize in selling protective applications and antivirus software for computer networks. Some companies are involved in the development of specific types of security systems. It is a big process to protect the entire system from unlawful access. A firm may decide to use products from different companies.
It is upon the firm’s preference to determine which company they feel is capable of protecting its network system. For the physical problems of the technology devices, it is upon the firm to implement their own ways for security to secure the devices. IT personnel protect the network from unauthorized intruders by putting up firewalls to protect the networks from attacks.
Challenges in Designing and Implementing Security Systems
Programmers develop security systems to secure a network, but the same programs have their downfalls. Some security firewalls are vulnerable to attacks. Security systems are supposed to protect the network from cyber-attacks, but hackers always find a weakness and exploit it to intrude on important information of the firm. The breach mostly occurs if the attacking software has a higher designed protocol than the protocol firewall. It may also occur when the security programmer is the hacker attacking the system.
The network users need to have enough knowledge of technology security. The systems administrators may lack all the knowledge of securing information with the security procedures (Perker 81). Lack of knowledge risks the organization from leaking information that is vital, causing huge firm losses. The firm should have a body of trained employees on the maintenance and design of the technology system. Constant training is important to keep the systems analysts aware of the latest technologies.
Security firewalls cannot hide the network topology. Weakness in the topology exposes the private network to the outside world. The inability of the firewalls to hide provides a vulnerable point where hackers can use to manipulate the firm’s systems. Another security challenge is that the firewalls have limited auditing capabilities. Auditing is the process of trying to revise the books of accounting and determine if the company keeps the books in a true and fairway.
If a firewall has limited auditing capabilities, the auditors may be unable to identify some embezzled cash through the system (Csonka 9). The auditors may be unable to access all the financial information of the firm, limiting the scope of the audit.
The last challenge is that firewalls may be expensive to install. The life spans of firewalls are low, and firms need to keep updating their systems. To update the systems, one needs to purchase new ones and sometimes hire professionals to install the software. Every time the firm encounters a security breach, it has to revise the security system. Small businesses might be unable to conduct the security system due to a lack of finances.
In-house or outsourced
In-house security systems are the firewalls and security measures created by the firm itself. Outsourced security systems are the cyber-attack preventers purchased or acquired out of business. A firm may decide on whether to outsource their security system or use the in-house -built system. In-house built systems involve the organization’s measures to prevent technological problems like physical measures taken. The physical measures involve hiding files from public viewing by passwords and encrypted files preventing the computers. A firm may also utilize the IT personnel to form their own firewall software to protect the firm against a security breach.
Outsourced security systems protect the network system from attacks using external measures. The external measures include purchasing firewalls from security companies. Outsourcing firewalls include purchasing antivirus software together with software that controls hacking and other cyber evils. Some organizations employ outside professionals to design their network and to analyze the firm’s technology systems. Many companies prefer to outsource their firewalls from companies that specialize in security software production. A firm may decide to use the in-house system alongside an outsourced security system.
Advantages of outsourcing
Outsourcing enables a firm to gain what they cannot acquire from their own staff. Outsourcing enables firms to gain firewalls from professional companies. Some companies concentrate on providing security to other users at a price. The firm has professionals to provide the other users whatever they need to their specifications. The outsourcing companies may also provide installation services, which the in-house personnel might not know how to install (Csonka 9).
Outsourcing is easy to maintain. To maintain the outsourced firewalls, one needs to purchase a product that best fits the organization’s applications. The firms may decide to use different securities for different offices. The outsourced company may not know the weaknesses of the system as they only do what they are asked (Perker 34). The in-house IT personnel may use the information on the firewalls to manipulate the system to their advantage. Firms may decide to use both systems to their advantage. A firm may build security in the way it can through its personnel. That which it cannot make they may decide to outsource.
Disadvantages of outsourcing
The first disadvantage is the expensive way of purchasing firewalls. Firewalls are not cheap on the shops and may be expensive for a company to maintain such a system. It is expensive to pay an outsider to install or design security measures for a firm. It is expensive to keep updating systems to keep up with new applications in the firm (Csonka 9).
The last disadvantage is that an outsourced company may not understand the needs of a firm the way the internal personnel understands it. Internal personnel may be better persons to provide security. The reason to this is that they are easily available, and they understand the faults in the business.
The Prevailing Trends in Security Systems
The trends in security systems are several. Most businesses prefer to use the in-house-built systems. Others use the outsourced systems. In most cases, organizations tend to use the two ways simultaneously. In-house built systems are available in large firms where they have the money to hire system personnel to handle their networks. The small businesses use outsourced persons probably due to the expenses of hiring and the small business network (Beekman 34). The big organizations utilise outsourced systems when the threat is too complex to handle on its own. The world is changing technologically just as systems keep on changing. The criminals change too. Current security measures are necessary for every firm.
The system analysis and development process is the method of analysing a network in its physicality, identifying and designing a network that best fits the firm’s specifications. Due to the technology level in the world, most organizations adopted the communication system of transferring information from one place to the other using the internet. The internet contains loopholes that sometimes threaten the work of organizations. Hackers and cyber-attackers are a major disadvantage to the system. The cyber attackers might access information that may cause huge damages to organizations. The firms need to instil a strong security system to curb the same.
Beekman, Gann. Computer security and risks: Navigating tomorrow’s technology, Redwood City: Benjamin Cummings Publications, 2002. Print.
Csonka Peter. “The Draft council of Europe convention on cyber-crime: A response to the challenge of crime in the age of the internet.” Computer Law & Security Report 16. 5 (2000): 3-14. Print.
Perker, Donn. “Crime.” Encyclopaedia of science and technology 15.6 (2003): 34-456. Print.
Richards, Collie. “Anatomy of a bug: understanding a computer virus.” Journal on Computer Education 74.5 (2000): 12-15. Print.