The final project will entail the development of a detailed report on InformationSecurity as it pertains to Small-to-Medium sized Businesses. Your report should be from 16 to 18 pages (double space)...

Running Head: INFORMATION SECURITY                        1
INFORMATION SECURITY                                 16
INFORMATION SECURITY AS IT PERTAINS TO SMALL-TO-MEDIUM SIZED BUSINESSES
Table of Contents
Introduction    3
Background of Information Security    3
Recent Problems from Small to Medium Business in Information Security    5
Physical Security for the Small to Medium Businesses    6
Hardware Security for the Small to Medium Businesses    8
Software Security for the Small to Medium Businesses    10
Methods to Protect Information on the Web/Internet    12
Conclusion    14
References    15
Introduction
Information security means to protect the information as well as the information system from the unauthorized access, use, disclosure, disruption, modification, or destruction in any order to provide integrity, availability as well as confidentiality. Information is such a thing, which needs high protection from the hackers or related persons who always remain in a search to steal important and confidential information and exploit the computer system and the network in order to gain access.
Through information system, it reduces the risk of the data that gets attack in the IT system (Norbekov, 2020). This report would highlight the benefits of information security, recent problems for small-to-medium businesses in information security and finally methods to protect information on the web/internet.
Background of Information Security
Information is such a thing that needs high protections as it has the high chance to be exploited by the competitors or the revengers. Security is primarily the practice of preventing unauthorized access, over the information and creates a safe guard surrounded by it. With the help of security, the information remains protected from these corrupted or unauthorized section, which as a result helps any business or other organizational farms to reduce the hacking rates.
The combination of these three components is also known as the CIA Triad. The main goal of these three components is, firstly, with the confidentiality, organizations can prevent the unauthorized users in assessing the information by protecting the privacy of the information content. Secondly, integrity, which ensures the authenticity as well as accuracy of the information and thirdly, availability, ensures that the authorized users can assess the content of the information (Da Veiga, Astakhova, Botha & Herselman, 2020).
In any organizations, there exist different types of users, among which some users are acceptable whereas some are not. Certain users positively affect the organization; while on the other hand, some negatively affect the organization. Hence, in certain organizations some unauthorized users try to assess the crucial and important information and try to exploit them in order to satisfy their personal interest, whereas in certain organization some authorized users positively use the information for the betterment of the company and try to achieve the success.
Information security protects the data from the hackers whose main motifs are to ruin the information and make a copyright of it. There are usually three types of hackers, which includes white hat hacker, grey hat hacker and the black hat hacker. The black hat hackers are the one who hacks the malicious intent, the white hat hacker who is ethical hackers or rather save the organization from the evil hackers.
On the other hand, grey hat hacker is the expert who may sometimes violates the laws. Grey hat hacker enacts a blend of both of black as well as white hat activities. IT security is the world, which is controlled by white and black hat hacker world (Szczepaniuk, Szczepaniuk, Rokicki & Klepacki, 2020). As these days of pandemic, the hacking of the system and information security has increased a lot as most of the young teens are roaming here and there jobless and unemployed.
Due to Covid-19, the world is facing a huge crisis and leading an economic hardship, which are affecting them psychologically a lot. In order to survive in this struggle and hardship, they are selecting these criminal offenses and stealing the information in order to make the copyright and to sell them accordingly.
Information is such a thing, which needs high protection from the hackers or related persons who always remain in a search to steal important and confidential information and exploit the computer system and the network in order to gain access. Hence, protecting the information has become the most challenging aspect for every IT sector company in this pandemic where the hackers are roaming to control the information unauthorized and gets full access of it (El-Kenawy, Saber & Arnous, 2019).
Recent Problems from Small to Medium Business in Information Security
Information security means to protect the information as well as the information system from the unauthorized access, use, disclosure, disruption, modification, or destruction in any order to provide integrity, availability as well as confidentiality. However, in order to protect the information and provide a safe guard organization especially the small to medium organization has to face certain challenges and problems.
Firstly, the ransomware attack, which is one of the famous and well-known cybersecurity, challenges that almost organization faces. Ransomware attacks involve hacking into a user’s data and preventing them from accessing it until a ransom amount is paid. Through this ransomware attack, the attackers try to grab more money and for this, they do not release the data they stole from the organization until more money is paid (Sinha, Kumar Rai & Bhushan, 2019).
Secondly, IOT attack, where the devices include computing as well digital and mechanical devices that autonomously transit data, over a network. As the adoption of this kind of device include the mobiles, desktops, laptops and many more is increasing hence it becomes quite challenging for the business organizations to gain access over these devices which further open the door for other malicious attack (Rajendran, Nivash, Parthy & Balamurugan, 2019).
Thirdly, cloud services have now become popular and most of the individuals are now using these types of services for their personal as well as professional use. The attackers also use the cloud platform to hack the confidential information as well as expose the private secrets and exploit the organization. Fourthly, phishing attack is yet another major challenge faced by both small and medium businesses and this type of hacking include social engineering attack where the attackers steal users’ data through credit cards, or login into certain credential documents. Through this attack, the hackers can easily exploit the user’s data thoroughly until the user find about it.
Fifthly, through software vulnerabilities, the attackers usually catch up those files or information, which does not remain updated since months and these types of older software contain patches for security vulnerabilities that are fixed by the developers in the newer version. It sometimes becomes the tendency of the individuals or organization to keep the update activities pending or simply avoid the notification for future perspectives (Rot & Olszewski, 2017).
However, updating the software is one of the most important tasks that should be upgraded on the priority basis. Attack on the unpatched software version hence, becomes one of the major challenges in this regard. Apart from the above-mentioned attacks, the small and medium sized businesses often face hurdles in handling the information security systems due to the lack of awareness, financial capitals, unavailability of the resources and the increased threat advancements.
These hence lead to violation of the information and bring to intellectual threats to the property and information extortion. As through information system, it reduces the risk of the data that gets attack in the IT system;...