IT Security. Epworth - Assignment Example

Task IT SECURITY The field of IT has many developments that enable those using it to store profile data. The data is widely applied by many firms because it is exceedingly reliable. Its reliability lies in the fact that information stored does not leak into the hands of the enemy. The developments in technology have enabled people to save most of their bulky information in database (Yilmaz, 2010). This is because the database can hold as much information as possible. The storage of information is at times prone to intrusion from the foes. It is at this point that the persons using the database have to ensure that there is utmost security of the stored information. Other trends in IT include such things as the use of wireless LANS (Stewart, Tittel and Chapple, 2011). This is one of the developments that are in IT. IT comprises of many contentious issues like the use of suites of security technology, reputation risk, online awareness and the wireless LAN technology. Task1 (Reputational risk) The chief officer for security at Epworth is the person concerned with the security of the firm’s information stored in the database. His claims that the system is robust against reputational risk are a heap of lies. This is because the database of the Epworth organization is accessible to any web server. The web server can directly access the web where the health care firm stores information concerning to the employees and the patients. This direct access is the one that makes me defy the fact that the reputation of the patients is safe. Secretive patient’s information storage occurs in the database (Honey, 2009). Therefore, the security officer’s remarks are not true. Current observations show that the fact that the database is accessible to all employees of the Epworth health care .This accessibility is the key to hacking of necessary information concerning the organization (Neef, 2003). Another current issue that shows that the database storage of information is at risk is the fact that no security parameters are in place. The hacking of the information stored in the database has become especially common (Loh, 2007). Hacking of useful information enables malicious people to distort the activities of an organization. Task 2 (Suite of security technologies) There are many ways of preventing the database from the access of the enemies. An IBM analyst has recommended to Epworth a suite of security technologies aimed at database compromise and data loss prevention at a cost of $40,000 per year. This would ensure that the database information is free from falling into the hands of the enemy. Therefore, it would be beneficial to implement the suite because of different reasons. One of the reasons is the fact that the database information is exceedingly necessary to any firm. The cost of installing the prevention mechanisms may be high but the benefits are many (CDTM, 2007). Epworth would have the assurance that the security of information pertaining to their patients and workers is safe. Purchasing a licensed copy of the security suite is also particular because the firms can assure their patients that their details are safe. The other reason as to why this is necessary is that the cost of replacing the lost information would be more than the cost of installing the security kit (Whitman and Mattord, 2010). The installation of database security is necessary because the process of coming up with new details about patients is costly. Contacting and informing the patients about their account numbers and providing new cards would be exceedingly tedious. The last reason for the installation would be the fact that database compromise is up to 25%. Task 3 (online training of employees) If Epworth were to bestow me with the task of conducting online employee awareness, this would be a go ahead for the firm. On-line employee awareness and training course for safeguarding sensitive patient information is a practice that any firm requires. This would ensure that the employees are aware of the requirements of ensuring that the patient’s details are safe. Five of the items required in the on-line awareness and training course include various things. One of the items is the use of twitter. This would ensure that my employees act as my followers. Therefore, my followers would ensure that they access the directions required in the database. The other way of conducting my training would be using blogs (Kaplan and Jones, 2006). This would enable me to post any information that I have for my employees. The third way would be by sending video clips to my employees concerning the requirements of working. This would ensure that they could follow the clips for their own benefit. The other way would be through directing my employees to you-tube materials handling issues on employment. The last way would be dispatching documents that relate to employment for my employees to become acquainted with the database. Task 4 (Responsible use of wireless LAN technology) “Responsible Use of Wireless LAN Technology” is a decree given by the Epworth Health care. Issuing of a specific security policy is something that is necessary for the firm. There are three purposes served by the issue-specific security .One of the purposes is the fact that a firm can be able to access information that is necessary from the current media. Some of these benefits include such things as easy transfer of information between all persons involved. The wireless LAN technology includes the use of Wi-Fi and other wireless gadgets as the modern use of I phones (Robert, 2009). These gadgets make communication easier through the way they use the current modes of communication. Therefore, the use of the modern ways of communication brings about easier ways of diverging information in the current world. The other purpose is that the information based in the database is kept safe. The information is kept secure from the adversaries. The other purpose of issuing the security policy is the fact that all persons can only access the information in the database using some specific codes (Stewart, 2011).This ensures that security is kept paramount. In conclusion, it is worth identifying that Epworth Health Care would have safety through proper database control. This would ensure that information concerning the patients does not leak out. Therefore, this is achieved through the installation security suites (Vacca, 2007). Security suites ensure that database information is kept safe at all times. The other way of ensuring that database information is safe is by training the employees on how to maintain security. This would ensure that database maintaining is by the same people who use it. The database is a proper mode of storage of any information and requires utmost security (Baron, 2002). This would be through applying the right measures .Therefore; the database becomes safe and reliable to all persons. Taking precaution is the best thing to do because the information stored is equally necessary. This ensures that any organization has a safe database that can be both accessible and reliable. List of References Barron, Ann, 2002, Technologies for education: a practical guide, Green wood village: Libraries Unlimited, Pp.234, print Bartz, Robert, 2009, CWTS: Certified Wireless Technology Specialist Official Study Guide: Exam PW0-070, Hoboken: John Wiley and Sons, Pp.504, Print. CDTM, Munchen, 2002, CDTM Trend Report 2002. IT-Security in Global Corporate Networks, Munchen: BoD – Books on Demand, Pp.281, Print. Honey, Garry, 2009, A Short Guide to Reputation Risk, Burlington: Gower Publishing, Ltd Pp.119, Print. Kaplan, Steve and Jones Andy, 2006, Citrix Access Suite 4 advanced concepts: the official guide, New York: McGraw-Hill Prof Med/Tech, Pp.245, Print. Loh, Patrick, 2007, Future of Innovation & Enterprise, Peninsula; Knowledgeworks Consultants, Pp.116, Print. Neef, Dale, 2003, Managing corporate reputation and risk: developing a strategic approach to Corporate integrity using knowledge management, London: Elsevier/Butterworth Heinemann, Pp.257, Print. Stewart , James, Tittel Ed and Chapple Mike, 2008, CISSP: Certified Information Systems Security Professional Study Guide, Hoboken, John Wiley and sons, Pp. 888, print. Stewart, James, 2011, Comp TIA Security+ Review Guide: Exam SY0-301, Hoboken: John Wiley and Sons,Pp.360,Print. Vacca, John, 2007, Practical Internet security.Ohio: Singer, Pp.536, Print . Whitman, Michael and Mattord Herbert, 2010, Principles of Information Security, London: Cengage Learning, Pp.217, Print . Yilmaz, Ayse, 2010, Reputation Risk Management and Corporate Sustainability, LAP Lambert Hamburg: Academic Publishing, Pp.624, Print Read More