Running head: HARDWARE AND SOFTWARE SECURITY 1

Hardware and Software Security

Student’s Name

Institutional Affiliation

Date
 2
HARDWARE AND SOFTWARE SECURITY
Abstract

Computer security is basically the protection of information and computer systems from

unauthorized use, theft and harm. It involves a process of detecting and preventing unauthorized

use of your computer system. Computer Security means securing a machine by keeping it

patched and updated. Computer Security also involves technological and managerial procedure

safeguards applied to computer software, hardware and data to ensure protection against

deliberate or accidental unauthorized access to the computer system data. Hardware security is

the protection of physical systems from harm. Software security involves application of

techniques that mitigate, access and protect software systems from vulnerabilities. Computer

privacy is concerned with legal requirements and morals to protect data from dissemination and

unauthorized access. The issues involved in Computer privacy are political decisions concerning

access to information while issues of computer security entail the protections and procedures for

enforcing the privacy decisions. The incentives for privacy and security are found in the desire

for industrial security, information sharing and military secrecy. Computer Security must prevent

loss due to tempering, natural disaster, destruction and malicious entry. User authentication and

identification must protect both software and hardware.

Keywords: Computer security, hardware security and software security

 3
HARDWARE AND SOFTWARE SECURITY
Hardware and Software Security

Computer security can take two forms. Hardware security which protects the peripheral

hardware and the machine from electronic intrusion, theft and damage. Software security which

provides barriers and cyber tools that protects files, programs and the information flow to and

from a computer. Hardware security is the protection of physical systems from harm. It also

refers to vulnerability protection which comes in the form of a physical device rather than

software that is installed on the hardware of a computer system. Software security involves

application of techniques that mitigate, access and protect software systems from vulnerabilities.

Software security focuses on protecting assets of value from attacks that may lead to their

damage or loss.

Hardware Security

Hardware security can relate to a device used to monitor network traffic or scan a system.

Common examples include proxy servers and hardware firewalls. Less common examples

include hardware security modules (HSM), which is a physical device that manages and protects

digital keys which provide cryptoprocessing and strong authentication. Traditionally, these

modules came in form of an external device or a plug-in card that attaches directly to a network

server or a computer. Hardware systems provides strong security than software is capable and

can add an additional layer of security for important systems (Wang et al., 2014).

Equipment destruction attacks focus on computing devices and networked non-

computing devices such as the ever-increasing number of connected devices in M2M or IoT

(Internet of Things) environments. These environments are bringing communications and

connectivity to large numbers of hardware devices that must be protected through either software

or hardware-based security. In order to access the security of a hardware devices, it is important

 4
HARDWARE AND SOFTWARE SECURITY
to consider vulnerabilities existing from its manufacture and other potential sources such as the

device data and running code on a network. Any device should be protected if it connects

directly to the internet and the stringency of that protection should be in line with the need. A

system controlling the intensity and the color of lights in Wi-Fi LED foe a dwelling may not

require much security.

In the case of more outstanding hardware and more critical function, the added reliability

and lower number of vulnerabilities associated with hardware-base security may make it

advisable. Critical infrastructure involves network, systems and assets whose continuous

functions is deemed necessary to ensure the security of a given nation, its public’s health and

economy safety (Genge et al., 2015). Critical security is a growing area of concern around the

world.

Types of Hardware security

Hardware security protects the peripheral hardware and the machine from electronic

intrusion, theft and damage.

Regular Maintenance

Regular maintenance is essential for proper function of the computer. Computers and its

peripherals should be cleaned using dust cleaner. Latest and update antivirus should be used to

scan the hard disk in order to make the system virus free.

Insurance

Generally, people insure life, health, buildings, company, vehicles, etc. People ensure

computers nowadays so that incase it gets damaged or stolen, you can claim the insurance

amount and get a replacement. So, it qualifies to be a computer security measure.

 5
HARDWARE AND SOFTWARE SECURITY
Dust and Smoke Free Environment

Dust is a major factor which causes infection to our computers. Dust affects both internal

and external parts of computer system. Computers should be kept in a smoke and dust free

environment. Cover or dust cleaner can be used to prevent computers from dust.

Air Condition.

Suitable temperature and air circulation in the computer room is necessary. High or low

temperature in the computer system may cause unexpected crashes during operations. Heat can

break down junctions or contracts the chip. There should be a proper air circulation and

conditioning to provide a suitable temperature in the computer system. This air conditioning

mechanism is facilitated by the computer fans which prevents overheating.

Power Protection Device.

Computers require steady voltages of 110V or 220V. The frequent power failure or

fluctuations in electric voltage can damage computer hardware. The device that safeguard the

computer systems from the frequent power failure or fluctuation of electric voltage is called

power protection device. Power protection devices include Volt Guard which maintains a

constant voltage level, Spike Guard which protect computer from sudden high voltage and

Uninterrupted Power Supply which stores electricity and provides back up power so that data

loss is prevented.

Software Security

Software security main purpose is to protect software against malicious attack and hacker

risks so that the software continues to function perfectly under such potential risks. Security is

essential in providing authentication, integrity and availability. Software Security is one the most

important area of concern that is required to build trustworthy systems. There is evident increase
 6
HARDWARE AND SOFTWARE SECURITY
in the security research area over the last decade. Software security have been explored by

researchers in order to provide new security solutions in terms of security features development,

security modeling and the specification and implementation of the security mechanisms that have

to be embedded in software systems. It important to ensure that security mechanisms that are in

place are correctly implemented. Conducting a test on these security mechanisms is very crucial

in order to avoid ending up with security flaws inside the application or the system.

Software security is basically the process of building, designing and testing software for

security. Today’s software is troubled with both implementation bugs and design flaws resulting

in unacceptable security risks. The notion of security software security risk has become common

yet we have only recently begun to systematically investigated how to build secure software

system. The practice of software security remains in its infancy. Software security problems with

security ramification including implementation bugs such as buffer overflows and design flaws

such as inconsistent error handling promise to be with us for years. Internet based software

applications have become common attack targets since they are easy to exploit. Good software

security practice leverages good software engineering principles and practices. It involves

thinking security early in the software lifecycles, knowing and understanding common problems

such as language-based flaws and pitfalls, designing for security and subjecting all software

artifacts to thorough risk, review and testing.

Software security is an activity that requires a cultural change since there is no magic tool

that will result in secure software with no activity. Software security borrow a lot from

programming languages, software engineering and security engineering. There are three pillars

of software security; applied risk management, software security best practices and knowledge.
 7
HARDWARE AND SOFTWARE SECURITY
Applied risk management is way to gather the requisite data in order to make a good

judgement call based on knowledge of threats, impacts, vulnerabilities and probabilities. It can

be conducted at the architectural level referred to threat modeling security and at the level of

tracking and reducing as a full software development lifecycle activity. The software micro-

processes can be applied regardless of core software development process used to create a set of

software artifacts. The software artifacts can include; architectural documents, requirements and

use, design documents, test plans, test results, source code and feedback from the field. A

customized Secure Development lifecycle can be created by adapting the existing Secure

Development Lifecycle to include the software security best practices. Gathering, encapsulating

and sharing security knowledge that can provide a solid foundation of software practices is the

third pillar. Knowledge training and management play a key role in encapsulating and spreading

the emerging disciplines effectively. Software security can be organized into seven knowledge

categories; rules, principles, guidelines, exploits, vulnerabilities, historic risks and attack pattern.

Types of Software Security

Any software designed to identify, repair, prevent and repair damage caused by others on

your network or computer can be referred to as security software. Security software may be

focused on preventing attacks from reaching their target, on limiting the damage attacks can

cause if they reach their target and on tracking the damage that has been caused so that it can be

repaired. As the nature of malicious code and attacks evolves, security software also evolves.

Firewall

A firewall provides protections against authorized attacks by shielding you network or

computer from unnecessary network traffic. Firewall can be implemented with software or

hardware. Some computer operating system includes software firewalls in the operating system
 8
HARDWARE AND SOFTWARE SECURITY
itself. For instance, Microsoft windows has built in firewall. Servers and routers can include

firewalls. Moreover, there are hardware dedicated firewalls that sole purpose is protecting a

network from unauthorized access.

Antivirus

Antivirus software is a program that is designed to detect, search, prevent and remove

malicious software and software viruses. It is designed to cease an attack that in progress that

could be prevented and to repair damages done by the attack. This software is useful because it

addresses security issues in cases where attacks have made it past firewall.

Antispyware

Antispyware is designed to prevent unauthorized software from stealing information that

is on the computer. Antispyware does not trigger antivirus into action since spyware does not

need to attempt to damage operating system or data files. However, antispyware software can

detect particular actions spyware is taking by monitoring the communication between a external

message recipients and a computer. When unauthorized communications occur, antispyware

software can notify the user and block stop further communications.

Home Computers

Some small businesses and home computers usually implement security software at the

desktop level. This category of security software is also referred to as end-point security, remains

resident on the desktop. This software can slow computer performance because the software is

running. However, it can react instantly to attacks because it operates in real time.

Network Security

It’s more cost-effective to implement security at the network level when several

computers are all connected to a common network. Antivirus can be installed on a server and
 9
HARDWARE AND SOFTWARE SECURITY
then loaded automatically to each desktop. However, firewalls are usually purchased as an

independent device or installed on a server. This independent device is inserted into a network

where the internet connection comes in. any data going out and in of network over the internet is

filtered through the firewall even though computers inside the network communicate unimpeded.

Benefits of Security Software

Prevention of spyware, viruses and identity theft. Unauthorized user or hackers are

finding it difficult to create viruses that may pose as an anti-virus software. Once they infect you

computer, they can delete your data, slow down your process speed and destroy your network or

computer systems. Identity theft can be prevented by using the software to protect the

confidential personal information such as financial data, passwords and social security numbers

of your system’s users (Furnell, 2007).

Protection of valuable information. Information is the key and most valuable asset of an

organization and protecting it is vital. Data corruption which can cause loss of critical

information can be detrimental to an organization. Visa USA and MasterCard International Inc.

require data encryption and limiting access to sensitive information are only handles by

information-technology security (Picanso, 2006).

Ensure compliance. Many IT departments need to comply with insurance, legal and

industry restrictions to perform the transmission and management of data. Some of the essential

regulations to take into consideration includes PCI/DSS, FIPS, Gramm-Leach Bliley, FISMA

and HIPAA. Security software provides the encryption they require for compliance whenever

your file is accessed, circulated across various devices, shared, and sent from or received in your

system.
 10
HARDWARE AND SOFTWARE SECURITY
Security for clients. It provides clients peace of mind by making them aware that your

system is protected. This benefit potentially increases your marketability and sales. Having

enough security solutions assures customers that the information is safe with you.

Reduced costs of development. Implementation of security solutions prevents high cost

along away which may result as a loss of data. The sooner you have the security software

installed in your system, the better. You will have more codes to modify if you choose to do it

later. Inadvertent data loss and retrieval may cost a lot of money and amount of time when not

prevented. In 2016, the cost of cybercrime in the global economy reached upwards of around

$450 billion and it was anticipated to reach up to $2 trillion by 2019 (Neyret, 2016).

Conclusion

Computer security try to ensure the integrity, confidentiality and availability of computer

system and their components. The main part of a computer system subjected to attacks: software,

hardware and data. The communication among these three are subjected to computer security

vulnerabilities. It can be difficult to differentiate between an ordinary human and a security

attack since these security situations may arise in many everyday activities. A threat could cause

harm and vulnerability is a weak link through which harm could occur. To control such a

situation, we can either diminish the threat, bock or close vulnerability. (Pfleeger, 2012). We

rarely achieve perfect security: no exercisable vulnerabilities and no viable threats. Failure to

recognize a threat or unwillingness to close a vulnerability is risky. Incomplete security measures

are not a bad situation but it demonstrates a balancing act. An attacker requires three things:

opportunity, method and motive. None of these three things is in short supply which means that

attacks are inevitable.

 11
HARDWARE AND SOFTWARE SECURITY
Countermeasures controls through the hardware and software security can be applied to

the programs, the system, the data, the communication links, the physical device and the

personnel. Therefore, hardware and software security are important in the computing world.
 12
HARDWARE AND SOFTWARE SECURITY
References

Furnell, S. M. (2007). Computer insecurity: Risking the system. Springer Science & Business Media.

Genge, B., Kiss, I., & Haller, P. (2015). A system dynamics approach for assessing the impact of cyber-

attacks on critical infrastructures. International Journal of Critical Infrastructure Protection, 10, 3-

17.

Neyret, A. (2016). Stock Market Cybercrime

Pfleeger, C. P., & Pfleeger, S. L. (2012). Analyzing computer security: a

threat/vulnerability/countermeasure approach. Prentice Hall Professional.

Picanso, K. E. (2006). Protecting information security under a uniform data breach notification

law. Fordham L. Rev., 75, 355.

Wang, C. H., Raskin, S., & Rozenboim, L. (2014). U.S. Patent No. 8,813,218. Washington, DC: U.S.

Patent and Trademark Office.