Information Security - Essay Example

Information Security Table of Contents Table of Contents 2 An Overview of Information Security 3 Ensuring the Effectiveness of the Information Security Policies 3Policies and Measures 4Protection of the Data and the Steps Involved 5Enhancing the Information Security 6References 7An Overview of Information SecurityThe basic concept of the information security in an organization involves providing assistance to the organization’s mission. Every individual organization is open to the elements of worries which at times can influence the organization adversely (Elky, 2006).

At this instance, the discussion will be based on the importance of information security of a healthcare organization named OUMC Edmond. The organization deals with healthcare so, because of its nature of work it needs to store a lot of information regarding healthcare, finance and similar other numerous sensitive information. Thus, it becomes must for an organization to safeguard and make certain about the security of all the stored data. The intention of the policy in relation to information security is to defend the privacy, dependability and ease of admission of the systems as well as the information’s (CMS, 2006).

Ensuring the Effectiveness of the Information Security Policies The organization OUMC Edmond checks with the security policies regarding the information security as how developed and effective they are by reviewing them occasionally and also by updating them. The organization also monitors that whether the employees are abiding by the policies or not. They keep a check that whether any unlawful access is being taking place or not. This is how the organization makes sure about the development and effectiveness of its policies regarding the safety of the data.

Policies and Measures There are numerous policies that can be implemented by organizations to make certain of the privacy, accessibility and dependability of the data. OUMC Edmond sets its security policies in order to protect the information. The organization applies specific security policies such as data ownership, security and classification, usage of password, cryptography, data content, physical security, and mail ownership in electronic form, measures to manage and prevent virus, accountability regarding the end user as well as acceptable use, security awareness, backup and even preservation of the records among others.

The above mentioned policies can be observed as the measures to prevent unlawful access to the information. The organization implements data content, data ownership, data classification and data security to deal with the stated issues. These are the security policies that are applied by OUMC Edmond so as to make sure of the confidentiality, accessibility and dependability of the data (Weise & Martin, 2001).Protection of the Data and the Steps InvolvedAn organization can protect itself from the loss of its data with the help of the Data Protection Act.

In order to abide by this act, an organization will have to discharge a variety of lawful responsibilities. The organization needs to inform the Information Commissioner in relation to the information that an organization is processing. Generally all the information are stored in transportable devices which can get damaged at any time so, it is important that the information is encrypted. The degree of safety offered by the encryption is required to be updated and rechecked occasionally to make sure that the data would be retrieved even if the portable device was damaged, stolen or lost.

Technological assistance should be taken in this regard. Apart from the technological safety, organizations need to have policies regarding the suitable usage and protection of the transportable devices that are being used and also confirm that the employees are appropriately skilled (Ico, n.d.).The implementation of e-business is now possible for organizations to access the data in case of catastrophic events such as fire (Butler, 2001). The security procedures of the information system also offer significant inputs in handling the information technology systems (Kissel & Et. Al., 2008).

Enhancing the Information SecurityHowever, the organization can implement effective systems of information technology in the form of software that would be tailor-made according to the requirements of the organization and would have high security control as well as highly protected. Organizations should keep an alternative back up of the data and ensure strict monitoring of the employees with regard to the security policies. These are the additional ways by which OUMC Edmond can further enhance their information security systems.

ReferencesButler, J., (2001). E-disaster Recovery Means Continuous Availability. Information Management: Strategy, Systems and Technologies.CMS, (2006). CMS Policy for Information Security. Centers for Medicare & Medicaid Services, Pp. 1-5.Elky, S., (2006). An Introduction to Information System Risk Management. SANS Institute InfoSec Reading Room, Pp. 1-14.Ico, (No Date). Data Protection FAQs- For organisations. Home. Retrieved Online on September 12, 2011 from http://www.ico.gov.uk/Global/faqs/data_protection_for_organisations.

aspxKissel, R. & Et. Al., (2008). Information Security. Security Considerations in the System Development Life Cycle, Pp. 1-44.Weise, J. & Martin, C. R., (2001). Data Security Policy – Structure and Guidelines. Sun Microsystems, Inc, Pp. 1-18.