The Newly Adopted Policy of the University
The prime objective of this paper is to focus on the privacy and security issues associated with a university. The university has different kinds of stakeholders such as the internal stakeholder and external stake holder (Yan et al. 2018). The different types of stakeholders use the private network of the college which is a real matter of concern considering the network security of the college. The paper will be focusing on the different threats which the college network might be facing in the coming years. The paper will provide a perception about the newly adopted policy of the college authority (Liu and Murphy 2016). The existing and the proposed type of authentication types will be discussed in this paper with prime importance. The paper will also highlight the effectiveness of the password-based authentication schemes with the certificate-based authentication.
This unit of the paper will be focusing on the newly incorporated policy of a university. The new policy was supposed to be helping the college authority to cope up with the internal threats of the private network used by the college authority (Pusey, Gondree and Peterson 2016). The website used by the college authority has two major specifications such as the user module which is maintained by the students and the admin panel which are maintained by the teaching staffs of the college. Alteration of essential data can be a huge loss from the point of view of both college authority as well as from student perspective (Baylis et al. 2017). The library management system is the other essential component of the college which is very much prone to the security issue as a wide range of users both outside and inside the environment are accessing the system. The threats coming from the internal stakeholders is also considered as a cyber-security threat. The newly incorporated BRING YOUR OWN DEVICE policy has some significant issues related with it such as it increases the chances of intrusions as the college network gets associated with wide range of personal devices (Tang 2017). This may have a negative impact on the privacy and security of the college network. As a security consultant effective risk analysis technique such as the brain storming should be adopted by the college authorities as the technique can quantify the level of vulnerability and helpful in proposing a risk mitigating plan (Muhirwe. and White 2016). The implementation of a dedicated IT security team can be useful under this circumstances. After considering all the risk associated with the new policy it can be said that this policy is not at all suited for this organisation as it has more limitations than benefits.
The foremost determination of this unit of the paper is to focus on the effectiveness of two types of authentication schemes. The security of a password based systems is very much less than the certificate based systems. The login credentials of the users can be easily tracked in the password based systems while in certificate based systems (Raj et al. 2017). The use of public key cryptography along with the digital certificate for certificate based authentication purposes is the main reason why it give so much security comparing with the password based systems. The privacy and security provided by certificate based authentication is helpful in mitigating the server related issues (Settle, Doyle and Steinbach 2017). The certificate based authentication involves the application of the digital certificates which enhances the security of the network. The risks and vulnerabilities associated with the newly incorporated BYOD policy can be effectively minimised with the help of the certificate based authentication technique (Simon and Banford 2017). It can be said that the application of the certificate based authentication scheme can provide more security the college than the password based authentication process.
|
Password based authentication |
Certificate based authentication |
|
The password based authentication usually takes more time than the certificate based authentication scheme. |
This authentication scheme is less time consuming than password based authentication. |
|
The security provided by this type of authentication is not enough to main security and privacy of any network. |
The security provided by this authentication scheme is way better than the password based authentication. |
|
Complex alphanumeric passwords with symbols should be used in this authentication scheme. |
Digital certificates are used in this type of authentication scheme. |
|
Reliability and integrity is not at all maintained in this technique. |
Reliability and integrity of the system can be achieved with the help of this authentication technique. |
Comparison Between Certificate-Based Authentication and Password-Based Authentication
Table 1: Difference between certificate based and password-based authentication
Created by the authorr
This section of the paper will be focusing on the anti-spam guideline, the role and objectives of the anti-spam guideline will be described in this section as spamming and phishing in emails are one of the major cyber security issues related to the network (Turcotte et al. 2016). The Spam Act was enacted in 2003 in the Australian parliament, it restricted the unsolicited commercial electronic messages sent by the spammers for their personal business and benefits. The structure of a spam mail is email header with an empty field, an invalid email address, malformed message ID, list of the recipients to and in cc and bcc. It may lead the user to an invalid HTML page without a plain text body part (Tang et al. 2017). The college authority should be taking all the risk mitigation strategies to contain or minimise the issues related to the spam emails. Strict guidelines should be implemented by the governing body of the college so that the stakeholders are aware of the issues coming from the spam emails. The practised of using the anti-spam soft wares should be more encouraged in every computer system in the college network. Ad block options should be installed in the computer system which can mitigate the risks involved considering the privacy and security of the college (Calhoun 2017). The stakeholders of the college should not be accessing the spam messages and avoid the unsubscribe options as it will notify the spammers about the user activities.
Conclusion
From the above paper, it can be concluded that there are different types of security and privacy issues in the private network used in the college. The enhanced specifications of two types of authentication processes are highlighted in this paper in such a way that it will be helping the readers to know about the usability of those authentication processes. The paper will also provide an in-depth knowledge about the server validation of those authentication processes. The extensive development in the field of Information technology has given rise to different cyber security issues such as ransomeware. The paper highlights an anti-spam guideline which will be helpful in containing those cyber security issues. The guideline includes the definition of the spam and the different types of spam emails. The paper also focuses on the different risk mitigation strategies against the spam threats. Instructions are given to the IT administrators of the college authorities to minimize the spam threats as well as the other types of cyber security threats such as ransomeware.
Reference
Calhoun, C.D., 2017. Incorporating Blended Format Cybersecurity Education into a Community College Information Technology Program. Community College Journal of Research and Practice, 41(6), pp.344-347.
Tang, C., Tucker, C., Hawthorne, E.K., Servin, C. and Moore, T., 2017, March. Curricular Guidance for Associate-Degree Transfer Programs in Computer Science with Contemporary Cybersecurity Concepts. In Proceedings of the 2017 ACM SIGCSE Technical Symposium on Computer Science Education (pp. 717-717). ACM.
Turcotte, M., Moore, J., Heard, N. and McPhall, A., 2016, September. Poisson factorization for peer-based anomaly detection. In Intelligence and Security Informatics (ISI), 2016 IEEE Conference on (pp. 208-210). IEEE.
Simon, N. and Banford, M., 2017, March. Cyber Crime Investigators: Pathways from High School to Cybersecurity Careers for First Generation College-Bound Students. In Proceedings of the 2017 ACM SIGCSE Technical Symposium on Computer Science Education (pp. 717-717). ACM.
Settle, A., Doyle, J. and Steinbach, T., 2017. Participating in a Computer Science Linked-courses Learning Community Reduces Isolation. arXiv preprint arXiv:1704.07898.
Raj, R.K., Ekstrom, J.J., Impagliazzo, J., Lingafelt, S., Parrish, A., Reif, H. and Sobiesk, E., 2017, October. Perspectives on the future of cybersecurity education. In Frontiers in Education Conference (FIE) (pp. 1-2). IEEE.
Muhirwe, J. and White, N., 2016. CYBERSECURITY AWARENESS AND PRACTICE OF NEXT GENERATION CORPORATE TECHNOLOGY USERS. Issues in Information Systems, 17(2).
Tang, C., 2017. COMMUNITY COLLEGE CORNER ACM guidelines for associate-degree computer science transfer programs. ACM Inroads, 8(3), pp.20-22.
Baylis, T., Williams, A., Piotrowski, V., Peterson, R. and Siraj, A., 2017. Strategies to Develop a Diverse and Inclusive Cybersecurity Pipeline Panel.
Pusey, P., Gondree, M. and Peterson, Z., 2016. The outcomes of cybersecurity competitions and implications for underrepresented populations. IEEE Security & Privacy, 14(6), pp.90-95.
Ya, Z., Robertson, T., Yan, R., Park, S.Y., Bordoff, S., Chen, Q. and Sprissler, E., 2018. Finding the weakest links in the weakest link: How well do undergraduate students make cybersecurity judgment?. Computers in Human Behavior, 84, pp.375-382.
Liu, X. and Murphy, D., 2016, September. Engaging females in cybersecurity: K through Gray. In Intelligence and Security Informatics (ISI), 2016 IEEE Conference on (pp. 255-260). IEEE.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
