(7.1) Information System Security

The five most common threats to ISS are accidents/natural disasters, employees and consultants, links to outside business contacts, outsiders (i.e. hackers), and viruses/worms.In order to safeguard against these threats, Gaming Evolution would first protect against consultants and employees by placing access restrictions on what employees and consultants can and cannot do. They would require a password and username in order to gain access to our database in order to make sure they are not a hacker or some other sort of outsider trying to gain access to our companies system. We would also implement firewalls, wireless LAN controls, and VPN's to project against viruses, worms, and malware. In order to authenticate a user, Gaming Evolution would use biometrics, such as body weight, fingerprints, and retinal patterns along wtih passwords, ID cards, and combinations and if deemed necessary, security questions.

The use of encryption would also be used by Gaming Evolution as a safeguard for the site aswell as B2B interations.

To send an encrypted message, the sender would decide to create a message to send to the receiver. First you use the receivers public key to encrypt the message. Once the message is encrypted the message is sent. When the receiver receives the message, they would then use their own private key to decrypt the message. Once the message is decrypted, they would then be able to read it.

To electronical sign a document, the sender would send a message asking for the sender to authenticate it's identity. The sender would then use their own private key to sign the message. After electronicaly signing the document, they would send them the signed document. When the receiver receives the document, they would use the senders public key to verify the signature. Once the signature has been verified, the receiver can be sure that it was the sender who sent the original document and signed it.