EISA: Evaluating and Meeting the Security Needs - Research Paper Example

EISA: Evaluating and Meeting the Security Needs Number The security of an organization’s information technology infrastructureis highly crucial. In fact, research shows that the greatest challenge that the organizations faces are the information technology assets and infrastructure. To ensure stability of the department’s operation’s, the health of the entire cyber community should be guaranteed. Various researches have proven that the employees in the department contribute a whole lot to the security of the department’s information asset.

The paper gives an analysis of the information security needs of the human resource department at Intel Corp Company.There are two security elements that put into consideration the department. First, the physical security of the information system assets within the department should be tightened. The movement of visitors should be monitored. CCTV cameras should be installed in all the offices of the departments to take video footages of all the movements in the departments. In addition, the reception room should be organized so that all the visitors, who enters the offices in the department, clear with the secretary (Kovacich, 2008).

This will simplify the process of identifying the culprit in case the system’s assets such as a removable disk are stolen. In addition, the department’s employees should be checked when leaving the premises because instances have occurred where the internal employees steal the organizations assets. Some employees do not observe the ethical rules and regulations in the work places.The second and most crucial is the logical security of the assets. Logical security involves different activities that ensure the organization’s assets are secured logically.

The first logical security measure is the protection of the system from malicious programs that can be injected by the attackers. This is enabled via the use of anti-malware programs such as antivirus. It has been realized that some malware program can be injected to the system via the work station. As such, system should turn down any attempt by an employee or unauthorized person to insert an optical disk or USB storage device to a work station computer.Another crucial factor is the user account management and group privileges.

Some employees attempt to carry out actions that are not within their system privilege right. There should be a monitoring system that tracks and report such actions (Kovacich, 2008). For example, an employee who does not have the right to delete data, try to delete or alter some information in the system. The monitoring system should stop the action and notify the security officer. The security policy document should recommend severe punishment for an employee who engages in such a heinous act.

To prevent unauthorized users from accessing the department’s resources, all the work stations in the department should access the system by giving the authentication credentials. The system should prompt the user to enter the user name and password. In addition, the system should automatically log out if a work station remains unused for more than ten minutes. This will avoid situations where the user forgets to log the system out making it vulnerable for another person to access the system.

The settings are configured using Microsoft group policy and active directory.DMZ and enterprise firewalls are also configured in the router that controls the department’s assets to block suspicious request that comes into the department. The firewalls will also filter the outgoing requests to ensure that the internet resources that get into the department are trusted (Solomon & Kim, 2010). ReferencesKovacich, G. (2008). The information systems security officers guide: Establishing and managing an information protection program.

Butterworth-Heinemann.Solomon, M., & Kim, D. (2010). Fundamentals of information systems security. Jones & Bartlett Learning.Trcek, D. (2010). Managing information systems security and privacy. Springer.