StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Information Security, Types of Threats and Modes of Classification - Assignment Example

Cite this document
Summary
Tthe reporter underlines that information security is an important aspect of the commercial and private organizations that deal directly with the customers. Their records are of importance not just to the organizations but also have a large value to the customers’ privacy, security and safety…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER95.5% of users find it useful
Information Security, Types of Threats and Modes of Classification
Read Text Preview

Extract of sample "Information Security, Types of Threats and Modes of Classification"

Information security Introduction: Information security is an important aspect of the commercial and private organizations that deal directly with the customers. Their records are of importance not just to the organizations but also have large value to the customers’ privacy, security and safety. While earlier forms of data were manual, modern time’s data is largely computerized. In modern times almost all segments of working sphere are computer enabled and are largely reliant on them. Businesses, office works, institutes all are dependent upon the technology and computers. However the usage of computer brings along certain pre requisites with itself which need to be fulfilled. These pre requisites include the manner in which the functions are conducted, the security concern, the legality and morality and its possible consequences and advantages. The need for classification: Classification is the protection of all the valuables that can possibly be used in different forms against various individuals. Every individual seeks privacy in their matters, and more so when it comes to their assets. The case becomes an inevitable one in case of banks and other departments that contain their records of nearly everything. Through these records an individual can be traced, their working places, their total assets, their family history, their careers, in short everything can be traced. For this purpose classification is desired. It is being achieved through set of procedures (Whitman & Mattord, 2011). Banks are one of those departments which are totally computerized in modern times and all the information flow is being conducted through dedicated online systems. In such cases, there is absolute need for proper mechanism and working formula which ensures safe and sound proceedings. The second important organization that needs classification of information is that of Defense department. Since it is the main stream organization that keeps the civilians and the country itself from any threats, therefore the classification of importance is the need of the organization. In both the organizations, classification is done so in a methodical approach performing clusters of information and members who can access it and who are to be barred from it. Types of information: Different organizations contain different information about their clients. For example a social welfare organization would contain information about an individual’s past working places, their family background. In case of banks the information could pertain directly to the monitory aspects. In Defense organizations, the information can be in form of the citizens, their belongings and backgrounds. The list of possible offenders who might be on verge of committing any serious felony and other serious crimes which can create panic in different possible ways. Types of threats: The nature of threats is relatively subjective and varies form organization to organization. In banks the threats and target area are mostly the financial zones, leading direct to the cash with drawls and card tracing. Modes of classification: Usually in highly sensitive organizations, the level of classification is a multi tier one. Though all information is strictly protected, yet those which can lead to direct damages are being protected in various layers. Even if a breach occurs in one layer, other layers are sufficiently strong enough to ensure protection of the classified data. Vulnerabilities: The vulnerabilities come in different form. While they can come through the non professional and lose practices by the workers and employees themselves, they can on other side come through the online tracking and hacking procedures. Many a times the networks and entire servers are being attacked by hackers and other infiltrators seeking access into the private data and once the credit card and social security numbers are being accessed; rest of the task is completed without any hurdle or haste. Classification level clustering in banking sector: Different cadre can be created for the information which can be segregated into segments for access. Public data access: Some of the data and information can be of public view nature. This mostly includes the bank annual sales, the relationship costs, supply chain mechanism, investments made, stocks rates and other information which is the right of every member knowing the facts about. Official data access: This section includes the data segment which ought to be accessed only by the official involved in the bank. No client and no outsider member will have the access to this data(Office, 2004). High priority security data access: This is the most special kind of data which cannot be compromised at any case. It involves the assets details of the bank clients, possible locker numbers, the credit card records, transactions, the bank deposit and exit time and other records of extremely sensitive nature. This data can be either in hard form, cash, in digital electronic form, or other physical assets. World Bank’s approach to classification of information: World Bank serves as the best example for many cases where the handling based on professional manners can be seen and learnt from. The methods so adopted in World Bank are very much flexible and transparent, with no chances of breaches. It provides all the details of projects and plans at hand, at the same time takes all the necessary steps vital for protecting the information that ought to be protected. Specific policies are being drawn for this purpose which makes professional tasks performing easier in many ways. The policies regarding various nations and their relations are also clearly chalked out (W.B, 2005). Department of defense working mechanism: D.o.D is specialized in gathering all the essential information and further providing it to the intelligence and law and order implementing agencies. Their function encompasses exposing all the threats that are faced by the country both locally and internationally. Need for classification: Department of Defense’s work needs high degree of classification since most of the work is based on intelligence information. Any leak of information can result in mess of the entire plan and activity. Schematic approach: Different approaches are being adopted for conducting the classification process. With variables being subjective, numerous defense organizations implement various kinds of classification mode techniques. All in all they have one objective in common and that is to protect all the information which could be used against the security and safety of country and its citizens. Clustering of classification: The information so classified is mostly of the foreign policy or the domestic policy pertaining to the law and order insurance along with other strategic decisions that are vital for the nation’s safety and prosperity. The nature of work is conducted mostly in a very silent manner and the objectives are achieved and kept under cover without catching major notice and attention. The following is the broad dissection of classification namely the confidential criteria, followed by secret information upholding and finally the top secret (Anderson, 2010). In the last mentioned criteria, the information is of immense importance and cannot be shared or leaked at any cost. This information is of high value towards the national security, its leaders, its policies and other unavoidable conditions. Further dissection involves the secret information programs body, permission to access section, control units and various others. Based on the clustering of people, they are broadly divided into authorized viewers, the employees, the information sharers and stake holders with whom sharing of information is vital. In case of American Department of Defense, improvements and changes have been introduced in the entire system periodically. The recent changes included the uniformity of the textual documents using the monogram, country specific code, other essential embossments along with the improvements in the processes undertaken for conducting the tasks. Controlled Access Program Coordination Office (CAPCO), and management staff working dossier was part of this classification process (D.o.D, 104,2009). The need for interoperability: Many organizations have distinct and patented patterns of classified operations and functions. This results in non compatibility between various departments. The need is being stressed by many decision making agencies notably the Congress for introducing a compatible and uniform classification system. It ensures smooth working and easy access between various stakeholders. The main advantage of entire compatible platform mechanism is ease of access to the information and combined working over various tasks. Difference in process structure would lead to starting a process from scratch every time. A step in this direction was the constitution of Control Register Marking Group (Jacobson & Boyle, 2003). Control Register marking Group: This process was under taken in a multi layer approach. With first layer looking into the hard form correction and update process, notably the papers, websites assortments, followed by the data bases up gradation and other necessary changes required at the back end for bringing about conformity. The data base would enable identification and segregation of the classified as well as non classified content and its access decision. The distinguishing factor like upper case usage of letters and small case is another aspect of the entire classification process and up gradation of methods. The different stages of classification process under the new system include the following segregations: Classification of information based on data and information collected from within the country This is followed by information from across the border. The information gathering and assortment from other parts which are of some importance to the country and its government, this followed by the dates. The top secret category information may not be revealed with anyone and does not strictly fall under the public access code of law. The unclassified information in defense departments: Defense department does not have to contain information which is strictly confidential; even it contains set of information which is mostly available to the citizens through the website and other means. This comes in form of the unclassified information. Unclassified documents and information section which is in access of every individual. It could be to the nature of working, the purpose and objectives, the success met in terms of the citizens protection, other information of past events that are in no conflict with the national security(D.o.D, 2012). Post project classification: The nature of content in defense department is such that the information might not be shared or disposed off in places where it can be re generated or the strategies of the government and its defense organizations can be comprehended. It must be kept under proper control even after years of the task is being completed. Marking categorization: Marking is done based on the degree of importance. It starts off with the top secret information followed by the joint classification section, leading to the nuclear arsenal related information. Different working units are employed for each of the above functions. Works cited: Anderson, R. J. (2010). Security Engineering: A Guide to Building Dependable Distributed Systems. John Wiley & Sons. Officer, C. i. (2004). DATA CLASSIFICATION SECURITY POLICY. George Washington University. D.o.D. (2009). Code of Federal Regulations, Title 48, Federal Acquisition Regulations System, Chapter 2 (Pt. 201-299), Revised as of October 1, 2009,. Government Printing Office. D.o.D. (2012). Department of Defense MANUAL. Department of Defense. Jacobson, L. G., & Boyle, M. (2003). Financial Management: Better Controls Essential to Improve the Reliability of Dods Depot Inventory Records. DIANE Publishing. Whitman, M. E., & Mattord, H. J. (2011). Principles of Information Security. Cengage Learning. W.B. (2005). Financial Sector Assessment: A Handboo. World Bank Publications. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Information Security, Types of Threats and Modes of Classification Assignment”, n.d.)
Information Security, Types of Threats and Modes of Classification Assignment. Retrieved from https://studentshare.org/business/1784768-information-security
(Information Security, Types of Threats and Modes of Classification Assignment)
Information Security, Types of Threats and Modes of Classification Assignment. https://studentshare.org/business/1784768-information-security.
“Information Security, Types of Threats and Modes of Classification Assignment”, n.d. https://studentshare.org/business/1784768-information-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF Information Security, Types of Threats and Modes of Classification

Analyzing and contrasting data mining based network intrusion detection system

This thesis covers the different types of intrusions and justify how they can be best detected using available data mining tools.... This thesis also covers the different types of intrusions and justify how they can be best detected using available data mining tools.... Intrusion needs to be detected as we cannot stop intrusions but we can minimize them and stop hackers from threats.... hellip; This research discusses data mining and the significance of IDSs for network security followed by few drawbacks, provides data mining and its various techniques in an elaborate manner, in relation to the present topic apart from various methodologies implemented till date, concludes the work done and gives plan for future work....
46 Pages (11500 words) Essay

Security of Information in Government Organizations

Important aspects of information security: asset classification, types of threats and implication of those threats are described in this paper.... Through information security, government organizations can secure information from broad variety of threats so as to certify steadiness, lesser risks and higher commercial prospects.... The paper is based on the importance and critical aspects of information security in government organizations.... … The purpose of information security for government organizations is to confirm stability of governance and decrease information loss or damage by inhibiting and reducing the effect of security misconducts or breaches....
15 Pages (3750 words) Essay

Information Security Risk Assessment Framework

(2008) Security Risk Analysis for Asset in relation to Vulnerability, Probability of threats and Attacks.... Summary: Poorly understood modes of failure propagate information risks.... Neudorfer, Marinos & Schaumuller-Bichl highlight that organizations are exposed to threats and vulnerability that hinder business lifespan.... The common criteria approach has one weakness in that it loses focus on the relevant threats and security considerations after their exclusion from the framework....
15 Pages (3750 words) Annotated Bibliography

How to Maintain Network Security

However, the expandable adoptability has provided new loopholes for threats and vulnerabilities.... However, with its extensive adoption, threats and vulnerabilities are also growing.... However, frequent updates are required, for firmware and hardware, to keep them updated for potential threats that may disrupt data or perform any security breach.... From time to time, the hackers and cyber criminals develop new threats.... However, these modules need frequent updates for virus definitions and new threats, which may disturb the network....
24 Pages (6000 words) Essay

Combining Anomaly and Signature based Intrusion Detection Systems

hellip; To sum up, many studies and researches have been conducted to overcome issues related to the detection techniques, still, there were loopholes for threats and vulnerabilities to sneak in.... On the other hand, threats and vulnerabilities related to data communication networks are significantly increasing.... The word 'known' is important because threats that are detecting so far are categorized as known threats and are called signatures....
8 Pages (2000 words) Essay

Advanced Persistent Threats against RSA Tokens

nbsp;The information security management team requires authentic and on-time information for constantly monitoring new and potential threats and techniques.... Mike Clop pert is a Co-Chair of the cyber threat intelligent summit says that cyber threat intelligence can facilitate organizations to maintain an information classification and protection mechanism based on the priorities of these cybercriminals.... The paper ''Advanced Persistent threats against RSA Tokens'' tells that Today, where every technology interrelated to Information technology involves the '....
5 Pages (1250 words) Essay

The Development Information Security

Consequently, this ever-increasing security threat has led to the development of numerous information security standards.... This security framework provides steps to establish best suited information security Management System (ISMS) for SMEs.... This essay describes increasing trend of digitized information, globalization of markets and resources has accelerated the incident of data loss and security issues.... hellip; security risks for large, small or medium enterprises are alike....
25 Pages (6250 words) Essay

Information Classification for a Bank and a University

The government has also a right to certain types of information from the organization in order to carry out its functions like taxation and licensing  Information classification is very important for organizations.... Organizations are in possession of numerous types of information that need to be classified based on their integrity, value to the firm, confidentiality, and availability.... The author of the "Business Test Styles" paper discusses information classification for a bank and a university....
6 Pages (1500 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us