Since the society has become progressively dependent on networks for business, the management of company’s information online has developed into an issue to be concerned. AIS, which is short for Accounting Information System, is not merely related to accounting information management as the business develops around the world. In the various explanations of AIS in the Lecture 1, p12130 Accounting Information System, presented at the University of Nottingham Ningbo by Trevor Bayley, Vaassen (2002) defined AIS as provides information for decision-making and accountability to internal and external stakeholders providing the right conditions for decision making and ensures that no assets illegitimately exit the organisation. In terms of practice of business by networks, the security of information is important. This essay will first describe a related News story. Then, several ways of illegally getting access to essential information by hackers will be provided. Moreover, considering the formation and reality of network business, the essay will analyse how to guarantee the security of a company from two aspects, externally and internally. Finally, a brief conclusion will be provided.
Reported by BBC News (2011), hackers, who targeted crucial information of oil exploration and bidding contracts, have penetrated the networks of at least five oil and gas firms for years. These penetrations started in November 2009 and are estimated to have touched a dozen multinational oil, gas and energy companies. Revealed by Greg Day, the director of security strategy at McAfee, cyber-attacks are more likely to invade the networks that are established by code and tools easily accessible on the internet. It is analyzed that hackers first control the external server of a company’s website in order to have access to internal networks. Once the previous work done, hackers will make the internal network settings paralyzed for the purpose of obtaining sensitive documents, proprietary production data and other useful information. As a matter of fact, companies with website, containing important trade information and treasured IT properties, can be attacked by disaffected employees, hackers, competitors, industrial spies and so on. According to the news story reported by BBC (2011), at least five oil and gas firm have been invaded through the network for years, which denotes one of the computer fraud and abuse technologies, hacking.
The shocking news has reminded the author of the essay to consider what to do to protect company information. It is defined by Romney and Steinbart (2009) that ‘hacking is the unauthorized access and use of computer system, usually by means of a personal computer and a telecommunications network’. Several ways are being used by hackers to get access to computer for different purpose. War dialing is the means that hackers can break into the PC in connection with dial-up modem. As for war driving, it is an approach specifically focusing on unprotected wireless networks. In addition, hackers can use botnet, named from robot network, to hijack the unwitting PCs, which is the action of controlling victim’s computer to perform illicit activities (ibid). These are mainly methods of hacking known around the information technology world.
For Protecting Company’s business trade through the network and sensitive information of transactions, clients, and staff etc., it is necessary for companies to implement relative measures. Confidentiality, integrity and authentication or availability are main technical areas that should be considered of computer security. Explained by Kinkus (2002), confidentiality concerns about secrecy or privacy, meaning that information can only be accessed by authorized identities, while integrity is based on the protection against unapproved modifications which cannot be discovered by the authorized users. Authentication is defined as users of computer are who they entitled to be and Availability...
Please join StudyMode to read the full document