StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Securing and Protecting Information - Essay Example

Cite this document
Summary
Security and Protecting Information Instructor Institution Date Securing and protecting information Development of information security strategies protecting complex data and information across a wide network while also improving system performance as well as ensuring easy data retrieval when necessary is one of the most challenging tasks in network design (Dhillon, 2007)…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER99% of users find it useful
Securing and Protecting Information
Read Text Preview

Extract of sample "Securing and Protecting Information"

Security and Protecting Information Securing and protecting information Development of information securitystrategies protecting complex data and information across a wide network while also improving system performance as well as ensuring easy data retrieval when necessary is one of the most challenging tasks in network design (Dhillon, 2007). This is even made worse by the porous and complex nature of modern transactions and the increasing demand for safe and secure information storage and retrieval mechanisms.

The process of securing and protecting information refers to defending data and information from unauthorized access, disclosure, modification, inspection, use or destruction (Layton, 2007). Information security includes protection of all forms of information and data including both physical and electronic forms. Information security encompasses four main areas that aim at safeguarding the whole integrity of the information collected and stored for future retrieval. These are availability of the data and information on demand, confidentiality, accountability on the part of individuals charged with the responsibility of managing the information, and data integrity (Dhillon, 2007).

A security authentication process refers to the process of determining he individuals authorized to access, retrieve, alter and use information at specified times and in a specified manner. The authentication process involves putting in place measures to determine which individuals are authorized to access the information stored. Creating a security authentication process for any piece of information comprises of various steps. The first step involves identifying the information that needs to be protected.

This entails an organization examining its records to find out which set of information is vulnerable and therefore seek to protect it (Allen, 2001). This may be employee details, market research, and product information among others. The next step is conducting an analysis of security risks associated with the information identified as being vulnerable. The organization needs to determine what types of risks are likely to interfere with the information. This may include hackers, physical force, loss of data through accidents, leaking of information to unauthorized parties among others.

The next step is developing a security plan in line with the risks associated with the information identified. The security plan includes timelines for implementing the security measures and details of what needs to be done. The process then moves to the next step of developing a security policy detailing the specific measures to be taken to safeguard the information (Dhillon, 2007). After developing the policy, the next step is to develop the procedures to be taken in order to implement the security policies enacted.

The next step is to seek support from relevant people regarding the measures taken. This involves achieving buy in from both technical staff and the managers of the organization. The users of the systems developed to protect the information will then be taken through the next step which is training. The last step in the process is to implement the policies and maintain and protect the information. There are various methods that can be used to ensure authentication and authorization process is enabled and that the information is protected as required.

Authentication involves determining if a user is indeed who he claims to be in order to grant him the authority to access the stored information. There are two main components of an authentication process. First the authentication process can determine which type of users ought to access the information and the type of information to be accessed. The other component is determining the time of access, such that the information can only be accessed at specified times by the authorized individuals.

The two components can be implemented simultaneously or each as a single authentication element (McNab, 2004). An authentication process determines three main things before granting authority to an individual to access stored information. These include considering what issues the user knows, such as simple usernames and passwords; what the users has, such as smart cards; and the physical characteristics of the user such as finger prints. Consequently, authentication measures include mechanisms such as the use of usernames and passwords, biometric technology, single sign on systems (SSO), public key infrastructure and digital certificates (Layton, 2007).

These authentication considerations will greatly affect the design and development process for new information systems in the future in various ways. First the need to protect information will be a very important factor in developing new system in order to maintain the confidentiality and integrity of information stored in the new systems. The new systems will also need to be highly structured such that the authentication process is reliable and effective in protecting data stored in it. There are other preventive measures for securing data and information such as backups and remote storage techniques.

These methods are gaining popularity among system users and developers but also have their own share of disadvantages that need to be taken in to consideration such as the amount of resources needed for backup and redundant storage (McNab, 2004). These methods can also be more effective if they are used together with the authentication techniques identified so as to prevent unauthorized access. References Allen, J. H. (2001). The CERT Guide to System and Network Security Practices. Boston, MA: Addison-Wesley.

Dhillon, G. (2007). Principles of Information Systems Security: text and cases. NY: John Wiley & Sons. Layton, T. P. (2007). Information Security: Design, Implementation, Measurement, and Compliance. Boca Raton, FL: Auerbach publications. McNab, C. (2004). Network Security Assessment. Sebastopol, CA: O'Reilly.

Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Securing and Protecting Information Essay Example | Topics and Well Written Essays - 750 words”, n.d.)
Retrieved from https://studentshare.org/information-technology/1485522-securing-and-protecting-information
(Securing and Protecting Information Essay Example | Topics and Well Written Essays - 750 Words)
https://studentshare.org/information-technology/1485522-securing-and-protecting-information.
“Securing and Protecting Information Essay Example | Topics and Well Written Essays - 750 Words”, n.d. https://studentshare.org/information-technology/1485522-securing-and-protecting-information.
  • Cited: 0 times

CHECK THESE SAMPLES OF Securing and Protecting Information

Protecting Information through Network Security

The paper looks into the concept of abuse of internet resources, how people are often deprived of their valuables, further providing an insight into number of events how they occurred and what mechanism was being adopted for it, followed by the procedures and techniques to explain as to how can these challenges can be overcome....
7 Pages (1750 words) Book Report/Review

Protecting Operating Systems, Security Vulnerabilities

Identification is crucial in safeguarding the integrity, privacy, and availability of any information technology infrastructure or system (Lakshmana, 2007).... The paper "protecting Operating Systems, Security Vulnerabilities" highlights that different classifications of system criticality define what security measure best caters to a specific security need....
8 Pages (2000 words) Essay

Critical Infrastructure Protection

As such, the DHS has a responsibility of identifying, evaluating, and protecting these critical infrastructures from acts of terrorism, sabotage, or disasters.... The DHS is also responsible for securing the U.... securing borders in this case implies the...
3 Pages (750 words) Assignment

Research Project : Information Security Management

The process of Securing and Protecting Information refers to defending data and information from unauthorized access, disclosure, modification, inspection, use or destruction.... Instructor Institution Date information Security Introduction information systems have increasingly come under attack from various security threats.... hellip; information systems are the various types of systems that are used to store useful information about individuals and companies....
3 Pages (750 words) Research Paper

Computer Security and Protecting Its Data and Information: Proper Measures and Strategies

Halibozek (2008) attributes this to their ability to store voluminous data and quick access to information through macros, queries and other shortcuts that can be defined by the user.... Their main disadvantage is that they are vulnerable to information security risks that may result in loss or damage of important information.... In extreme cases, they cause total failure of the machines leading to loss of information that cannot be recovered....
7 Pages (1750 words) Research Paper

Information Security as an Important Process

The paper 'information Security as an Important Process' presents information technology that is an area that has received much prominence in recent times, following the need for businesses to globalize and exploit opportunities existing beyond the borders of the country.... hellip; One of the most important ways of understanding and exploiting these opportunities is relying on important information sources to research and identify key aspects of prime importance....
12 Pages (3000 words) Case Study

Security of Information in Business Organisations

That aside, the concept of information security is interpreted according to the specific purpose(s) for which protecting information by a particular businessman becomes a primary concern (Gupta, 2009).... … INTRODUCTIONSecuring business information may be defined as a process of protecting any form of information that is vital to one's business interests and business's wellbeing (Cisco Systems Inc.... (2012) states that INTRODUCTIONSecuring business information may be defined as a process of protecting any form of information that is vital to one's business interests and business's wellbeing (Cisco Systems Inc....
14 Pages (3500 words) Essay

Information Security Mapping for Biomed Devices

The paper "information Security Mapping for Biomed Devices" will discuss the significance of information to organizations and society, describe and apply ideas relating to information security, and discuss the benefits, shortcomings, and risks o various IT environments.... He stores his information on a laptop and carries an iPad and a smartphone.... He uses Microsoft word 2013 for all his business activities which contain detailed and confidential information about his clients....
7 Pages (1750 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us