StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

How Is Information Made Secure and Why Is This Necessary - Literature review Example

Cite this document
Summary
The paper "How Is Information Made Secure and Why Is This Necessary?" will begin with the statement that information security has a very important role in the role of privacy of the data. The field of Information security has developed over years to now where we have many ways of securing data…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER97.6% of users find it useful

Extract of sample "How Is Information Made Secure and Why Is This Necessary"

Information Security Student’s name: Institution: Instructor: Subject: Information Security Content Summary 3 Justification 3 Introduction 4 Importance of information security 5 Power, policy and position 5 Internal dangers 6 System administrators 6 Effective security configuration 6 Maintain software 7 Detect Security Breaches 7 Respond Intelligently 8 Independent security evaluations 9 Conclusion 9 Recommendation 10 References 11 Summary Information security has very important role on the role of privacy of the data (Brain, 2009). The field of the Information security has developed over years to now where we have many ways of securing data. Specialized means of ensuring that data is secure include use of databases, securing the applications and aligning the infrastructures so that they give the best results. Most breaches of security of information arises from lack of effective security configuration, inefficient or lack of system administrators, lack of clear policies and positions by organizations on securing their information. More so many firms do not have clear mechanisms to detect security breaches and clear ways of responding to those breaches. Organizations should aim to ensure that the data they deal with is secure for their own benefit and to the people or customers to whom they have been entrusted responsibilities by. Justification Financial institutions, government, corporations, military and business need a great deal in putting the putting in confidence information concerning the customers, employees, products, financial status and their research. There have again risen more information collection, processing and storage means, most advanced one being using computers and networks. It is therefore important to ensure that the integrity, confidentiality and availability of the data to the concerned parties are maintained throughout. Introduction Information security refers to protecting information and the systems of information from being accesses by the sources which are not authorized disclosure, use, disruption, inspection, perusal, modification, destruction or recording (Pauline, Julie, & Martin , 2003).For the information to be secure, it should be accessible to only those people who are authorized to have access to it. It should also be able to safeguard the completeness and the accuracy of this information and the methods used to process it, therefore maintaining its integrity. Furthermore, only authorized users should be able to access this information and the assets that are associated with it. Information security is achieved by putting in place sets of controls that ensures that the specific objectives of the security are met within the organization (Jean, 2002). Information systems involving areas like e-commerce is very important because it key to the development strategy of the market. In this area, consumers have expressed concerns over the safety and the privacy of the data. The companies with strong information security gain trust from the customers therefore putting focus in increasing their market shares (Sylvia, Larry, & Romulo, 2006). Information and data security is loss avoidance in business today where good security becomes a competitive advantage which would contribute directly to the revenue figures. This report paper seeks to determine how information is made secure and why information security is necessary. Importance of information security The main reasons we give a lot of care on the information systems is that there are some of the information we need to protect from unauthorized disclosure for competitive or legal reasons. All the information we refer to and store should be protected against deliberate or accidental modification and should be available in time as we require them to be. Pauline, Julie, & Martin (2003) observe that it is also important to put in place and maintain correct attribution of the information documents we have created, sent or received. Lastly, if poor security practices are allowed to damage the information systems, this might result to civil or criminal legal proceedings. Furthermore, negligence of information systems may lead to third parties being harmed when they get distorted information which would lead to more severe legal problems. Power, policy and position Policies are the expressions on the organization values. Relegating those involved with bleaching of the Information security will make the employees or people taking role in information act responsibly. Situations arises where information security is an afterthought where someone assigned to manage the security does lack defined responsibilities or has limited authorities or cannot serve alone (Brain, 2009). It is important that organizations recognize that information systems security is very important. Making the Chief Information Security Officer to report to head of the information technology in an organization would create conflict of interest. Rather, he or she should report to senior management like the CEO. Internal dangers Some damages caused to the information systems come from the authorized workers and personnel that are either incompetent or untrained. Some survey reports that about computer crimes that are linked to the people who are in charge of the information system. The management of any organization that is concerned with this kind of information should establish mechanism to counter such dangers. The Information system should be able to address these kinds of situations by ensuring that event the authorized people to not have total control over it. System administrators Establishing sound security architecture of information security greatly improves the security of information. System administrators fulfil the professional and legal obligation of supporting the technical staff on the basic hygiene of the system (Robert, Kenneth, & Scott, 2002). They ensure that the system is up to the date in terms of security software and help in establishing an emergency response mechanism in case of bleaching of the security. With this, the organization could intelligently respond to any accidental attacks and employ mechanism to investigate the evaluation services or the security assessment. Effective security configuration If the Information system we are dealing with has linkage to the internet security measures to counter anything that might cause the information to be insecure should be employed (Kabay, 2002). In this case properly configured firewall that implements the security policies for governing access to the corporate data should be employed. A firewall is the device used to filter the packets that comes or goes via the internet therefore allowing the control over the kind of information or commands that can be carried out to the corporate system by the remote users. If the firewalls are not properly configured, many people who are using the internet would gain access to the information meaning the information would be poorly protected. Another major problem in the design of the network is that no internal barriers are employed concerning the access of the information. Its is therefore critical that firewall are placed in strategic positions of the organization so as to reduce the violation of the policies concerning the security. This will reduce the damages that can be caused if the external firewalls are breached. Maintain software A major problem is faced by the information systems when software are not kept up to the date. Kabay (2002) observes that by ensuring the system administrators have all the resources they need to maintain the system and further update them on regular bases based on the changing situations, the systems shall always be secure. The system managers should subscribe to the alert services and computer emergency response teams and also be able to implement the security patches as often as possible. Most criminal hackers make takes the advantage of vulnerabilities; failing to heed warning and failure to regularly update and maintain the security system. Detect Security Breaches Among the major changes in security paradigm in the recent years is the realization that it is hard to achieve perfect security. According to Kabay (2002), some of the problems making it hard to achieve total security include the authorized personnel making mistakes therefore having some occasions as a result of revenge or dishonesty. For this reason, it is very important to be able to detect the breaches and be ready to respond in an intelligent way to them. The least kind of response to detect the problems is by audit trail or examining the log files. Another better tool that can complement audit trail is the modern intrusion of the detection system. This software is good tools that are able to detect any unusual pattern in the use of the system. Depending on how sensitive they are, they can be able to flag any unusual behavior by anyone working within the organization. It is also possible to spot intruders by detecting the attacks in the profile. This kind of software could be programmed to inform or alert system administrators of the potential problem by using a number of tools like pagers, e-mail, alarms or even telephone calls. Respond Intelligently It is important that whenever we detect a problem in bleach of information security we respond to it. An internal computer emergency response team should be put in place before there is a need that directly relate to it. In case of emergency, the team would have already set up means through which they would counter it (Olive &Jack, 2005). This team should include legal staff that have knowledge in damaging of law evidence, and the law enforcement that is required to effectively prosecute the malefactors. The emergency response should be able to involve beyond the technical battening, electronic hatches. The organization should be prepared to lies with the law enforcement authority and have a well organized relationship with the public to plan to keep stockholders, employees and the public accurately informed on the events whenever conditions allows such disclosure (Jean, 2002). Organizations should also think of ways to entrap attacks from outside in simulated areas that have sensitive information. This will enable the law enforcement experts to have more time to locate any intruder and be able to plan in advance for their arrest. These plans should be tested many times and ensured that they work well before they are used. Independent security evaluations Olive & Jack (2005) observe that most organization recognizes the benefits of using formal methodologies and guidelines in establishing the security policies. Some groups have developed policies yet being unable to devote enough time to maintain these policies. Some information technology staffs may lack the expertise in the information security and sometimes the upper management fails to give them the appropriate support measures to enable them protect the corporate information assets (Kabay, 2002). In these cases and external organization like professional associations, consultants and certifying authorities could serve a very useful purpose in altering the corporate culture and be able to make security experts to work to the best interest of the organization. Conclusion People working and living within a corporate should understand that security of the information does not come by buying gadgets and installing them no matter how good they may seem to be (Jean, 2002). Information security is a process and need to be woven in the corporate culture of any organization with the appropriate attention to the changing landscape and the advantage of the market. It should be able to address the issues of vulnerabilities, threats, market advantage and the risk of damage. Appropriate measures should be put in place to address violations of the policies and the misuse of information so that those found guilt. Recommendation i. The information resources should be available to the appropriate people which in the best ways through the hardware, the network, the software, the infrastructure, the facilities and any other such resources that does support the learning, teaching, research and the administration roles that have been authorized and designated. ii. The information that is used for learning, teaching, administration or research should be safeguarded so that they can be trusted so that they correctly reflect the reality which they represent. iii. The information should be confidential so that only the authorized persons can use it for authorized purposes. iv. It should be able to support the academic pursuits meaning that the requirement to ensure that the information is secure must go hand on hand with the need to support those who want to use it for legitimate academic objectives. v. The access of the information should be such that it promotes the value of that information through appropriate use. The value of information may reduce through misinterpretation, misuse and other unnecessary restrictions to its access. References Brain, B (2009). Information Security: Why secure information? Manila: Cardinal Book Store Jean, N. (2002). Data Integrity: How data is distorted, 3-12. Kabay,E. (2002)What’s Important for Information Security: A manager’s Guide, 5-20. Olive S. C., &Jack, J. (2005). Guide to NIST Information Security document, Security of Information in IT, 5 (24), 1-13. Pauline, C., Julie, D., & Martin, R. (2003). Corporate Information Security, Best practices in Metrics team, 3 (1), 3-10. Robert, F., Kenneth, I., & Scott, C. (2002). New Challenges, New strategies, Security in New information Age, 7 (3), 41-50. Sylvia, C., Larry, D., & Romulo, R. (2006). Information Security in Fedel Agencies, Computer Information Security, 4 (1), 5-10. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Information Security Importance, Internal Dangers, System Administra Literature review, n.d.)
Information Security Importance, Internal Dangers, System Administra Literature review. https://studentshare.org/information-technology/2046654-what-is-information-security-how-is-information-made-secure-and-why-is-this-necessary
(Information Security Importance, Internal Dangers, System Administra Literature Review)
Information Security Importance, Internal Dangers, System Administra Literature Review. https://studentshare.org/information-technology/2046654-what-is-information-security-how-is-information-made-secure-and-why-is-this-necessary.
“Information Security Importance, Internal Dangers, System Administra Literature Review”. https://studentshare.org/information-technology/2046654-what-is-information-security-how-is-information-made-secure-and-why-is-this-necessary.
  • Cited: 0 times

CHECK THESE SAMPLES OF How Is Information Made Secure and Why Is This Necessary

Rudy Giuliani: The Man And His Moment

What Giuliani has created was a necessary sense of awareness and a plan to fall back into in the type of situation they were in (“Rudy Giuliani: The Man and his Moment” p.... he creation of the OEM proved to be a sort of warranted blessing that enabled for the mobilization of a number of people and equipped them with the necessary demeanor that should budge them from bewilderment to action.... Led by Richard Sheirer, the new director made it imperative that his men are prepared to act without consulting papers whenever a crisis happens (“Rudy Giuliani: The Man and his Moment” pp....
5 Pages (1250 words) Essay

Business - building trust in the e-business

Customer care: a presence of an organized customer care plan is necessary; providing services to customers efficiently related to information about produced, transaction and even about what Edward Entrepreneur is about.... (PROquest, 2011)With the objective to understand how trust is formed in commercial relational exchanges that take place within electronic environments, our review of the literature identified a number of works that provided the necessary theoretical background to aid our endeavors towards filling this gap5....
2 Pages (500 words) Essay

The case for christ (student edition)

In your discussion, explain which arguments or pieces of evidence are most convincing to you and why!... In your discussion, explain which arguments or pieces of evidence are most convincing to you and why!... In your discussion explain which arguments or pieces of evidence are most convincing to you and why.... 64 "Therefore, give orders for the grave to be made secure until the third day, otherwise His disciples may come and steal Him away and say to the people, He has risen from the dead, and the last deception will be worse than the first....
2 Pages (500 words) Essay

The inclusion of children with down syndrome in mainstream primary schools

These affectations may either be genetic or a product of environmental elements.... Regardless of the causes of these affectations, their impact is often considered seriously damaging to the mental… Down syndrome is one of these diseases affecting children.... It is considered a genetic defect wherein the child has 47 chromosomes, instead of the normal 46....
11 Pages (2750 words) Essay

Small business and its challenges

n every business, slight changes are necessary in order to better meet the needs of the target market.... It involves analyzing information regarding one's… Since Mort's company has existed for almost a century, and it is a family business that has been passed down to generations, her forecast on Long term forecasts allows company time to better position itself in the market competitively and at the same time enable it to implement any new approaches.... They will assist her in keeping records and vital information in good state and even upgrade her way of keeping tabs on which bodies are...
4 Pages (1000 words) Case Study

Aspects of eBuy Pharmaceuticals IT

It is therefore very necessary to create a strong and secure online platform for doing business.... If eBuy is to weather the completion and be a market beater in the next 4-5 years as envisaged in the company's medium-term goals, the digital platform it seeks to establish should secure, just as much as it should be easy to use by the various stakeholders.... ompetition in e-business is always in terms of how strong, secure, and efficient the online platform is....
8 Pages (2000 words) Coursework

Network Security and Control Mechanisms - Threats and Challenges

It is essential to secure data as attacks could prove detrimental to the organization or individual owning it.... It is essential to secure data as attacks could prove detrimental to the organization or individual owning it.... nbsp; How does an organization make sure that users receive all the information that they are entitled to access?... how does one show evidence of compliance with respect to policies that deal with data release?...
15 Pages (3750 words) Research Paper

Public Defense Measures Based on Safe Conditions

The building concerned is a government building that will be housing sensitive United States citizenship requests and thus, needs to secure at the highest possible level.... The concept is designed to deliver the most secure physical security for the building in its interior and exterior parameters.... The facility needs to be as secure as Fort Knox and be guarded the same way the Secret Service guards the American president....
6 Pages (1500 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us