Evaluating and Meeting Security Needs - Research Paper Example

? Evaluating and Meeting Security Needs Introduction In information systems, data is an important aspect. The creation, manipulation, and control of data is crucial to the success of any organization. Owing to the high valued data/ information that a system might be having; sensitivity to its access should be very high (Dhilon, 2006). If the system has information that might be of high value, which is always the case, some intruders might try to access it illegally. Therefore, it is necessary to have data security measures to protect the data. In the enterprise information systems architecture framework, the business functions, and the information systems functions are integrated and operated centrally. This has numerous benefits, but also, great risks and vulnerabilities to the data. The most significant threat is that, if the data is tampered with or changed, it is all compromised at once. This paper will analyze the information security needs of the Light Walkers Company Ltd, and propose ways for meeting those needs within a network information systems architecture framework. The Light Walkers Company Ltd runs on an enterprise system structure where all the data and information system functions are centralized. The employment and integration of this system brings about great advantages to the organization. The limitations, though few, can be analyzed (Dhilon, 2006). One of the major concerns is the protection of data from intruders. Because of the centralization if its functions, Light Walkers Ltd is at a great risk of intrusion and illegal access to its files. If it is hacked, the hacker/intruder would have access to all their information. If it is infected by a virus, all their business files, due to their centrality, will also be damaged (Arison & Torkzadet, 2008). Unauthorized access from within the organization is also another security risk. Unauthorized personnel may access the system and alter data. This can happen accidentally or with intended malice, so as to gain from the data alteration. For these reasons, access to files in an information system running on enterprise architecture needs to be regularly and strictly monitored. In such a system, alteration or deletion of data may have disastrous effects. Another form of risk that the data faces is the risk of loss. As a result of the centralization of its functions, most information regarding the operation of Light Walkers Ltd is kept close together. If loss or damage was to occur to the storage and operating station, all the data would be lost at once. These are some of the security needs faced by this organization. Many of these problems are faced by organizations or companies running information systems on this platform (Arison & Torkzadet, 2008). One of the major problems that face centralization of data is the possibility of intrusion. To prevent this breach, the information should be kept in a secure place where access is heavily restricted. If the information is being transferred over a network, the information must be encrypted to prevent tampering with the information as it crosses the network. There are several ways in which intruders can access, change, tamper or modify the data (Dhilon, 2006). The problem of unauthorized access is also rampant in enterprise integrated systems. This can be handled by placing privileges on the personnel that have access to the data. This helps monitor who has had access to the systems and the changes that they have made. Also, because of the risk of tracking, administrators are advised to regularly change their credentials to achieve a high level of security (Dhilon, 2006). The use of ‘once off’ passwords should also be employed to levels where critical data is stored. This reduces risk of unauthorized access. Viruses and malicious computer programs are designed to damage a system. These programs usually attack vulnerable systems, and the damage they cause can be monumental because of the unexpected behavior of these programs. Light Walkers Ltd should have fully activated and functioning anti viruses and malware. This will help protect the system from these attacks. When the system runs on an open network, the chances of getting attacked are higher (Merkow & Beithaupt, 2005). The systems should always run on a localized network to improve security and reduce the number of attacks. Monitoring external access of the network will also help filter the unwanted programs. The risk of data loss or damage is also very likely. This comes as a result of the centralization of the data and functions. To reduce this risk, the system should be regularly backed up. This creation of backups will be very essential in the recovery of the system should it fail. The system will be able to get all its files. If regular updating is done, the amount of damage caused by data loss will be reduced significantly (Arison & Torkzadet, 2008). The process of backing up can be handled by a provision in the system, to automatically run a backup after a predefined amount of time. The other option is to manually back up. This can be done by the administrator. The records of the updating should always be kept, and a routine schedule observed. This setup will help other administrators know the schedule and study the history (Merkow & Beithaupt, 2005). Conclusion With the centralization of functions and data at Light Walkers Ltd, the employment of strict security is essential for the protection of data. The personnel should also monitor the system access and control the number of people with access to the database (Merkow & Beithaupt, 2005). The importance of the system’s backup cannot be underestimated. Regular backups will prove to be of great importance in the event that the data will be lost. A regular change of the password, for sensitive information access will help improve the overall security standing. The observation of these guidelines in the implementation of an enterprise architecture system will improve it a great deal. This will improve productivity at the organization, and as an added benefit, the cost of operations might go down. The business aspect has a lot of important data to handled, and will also be better protected. References Arison, D., & Torkzadet, G. (2008). Information systems project management. London: Sage Publishers. Dhilon, G. (2006). Principles of information security: Texts and cases. New Jersey: John Wiley & Sons. Merkow, M., & Beithaupt, J. (2005) Information security: Principles and practices. New Jersey: Prentice Hall. . Read More