Management of Information Technology Resources and Information Security - Case Study Example

Information Security Name Institution Information Security This paper is an information security mapping case study and aims at identifying the importance of information to companies and the society in general, discuss concepts, values, and techniques which relate to information security, and present advantages, threats, and susceptibilities linked to various IT environments. The paper will reflect on a case study involving Robert, a Client Manager for Biomed Devices in Perth. He carries a laptop, smart phone, and iPad everywhere he goes. He uses Microsoft word 2010 for all his operations and does not use third party firewalls for protection of his computer. To pick up the most extreme advantages from your organization's information system, it is necessary to exploit all its abilities (Liang & Xue, 2009). Information systems pick up their significance by transforming the information from organization inputs to create information that is helpful for dealing with the company’s operations. To expand the information system competence, one may either add more data to make the information more exact or utilize the information in various new ways (Beaudry & Pinsonneault, 2005). Part of administration is assembling and distributing information, and information frameworks can make this process more effective by permitting administrators to convey quickly. Email is fast and potent; however managers can utilize information frameworks considerably and productively by putting away archives in folders that they impart to the workers who need the information (Yen & Bakken, 2011). This kind of correspondence lets employees team up in a systemic manner. Every worker can convey additional information by making changes that the information framework tracks. Then, the administrators gather the inputs and send the recently changed document and to his intended interest group. The times of expansive document rooms, columns of file organizers and the mailing of records is fading away (Lumley, Coetzee, Tladinyane & Ferreira, 2011). Today, most organizations store computerized versions of archives on servers and storage gadgets. These documents are promptly accessible to everybody in the organization, despite the geographical difference (Kumar & Gambhir, 2014). Organizations have the capacity to store and keep up a gigantic measure of accurate information economically, and workers benefit from quick access to the records they require. How organization's operations are managed relies on the data at hand. Information frameworks can offer more comprehensive and current information, permitting the operation of the organization to be more proficient (Barnett et al., 2013). Managers can utilize information systems to increase benefits over competitors or to discrete the organization by offering improved client service. Sales information provides awareness about what clients are purchasing and allows the stocking or production of goods that are selling fast. With guidance from information system, it is possible to improve company’s operations. The organization information system assisting in settling of better choices by conveying all the information required and by displaying the consequences of choices made. Choice may include picking a strategy from a few options and doing the conforming roles. When there is accurate and current information, decisions are settled with certainty. In cases where more than one decision looks suitable, it is possible to utilize the information system to predict diverse situations. For every possibility, the system can ascertain key pointers such as expenses and benefits to assist in figuring out which option gives the most valuable result. Every organization needs records of its processes for money related and administrative purposes, for discovering problem sources, and making remedial move. The information system stores records and improvement histories, communication records and operational information. The \trick of using this recording capability is consolidating the data and utilizing the system to process and present it as helpful verifiable data. Such information can be utilized in preparation of expense estimates, making predictions and to assess how various activities influenced the key organization indicators. Once in a while referred to as computer security, Information Technology security is data security associated with technology. It is beneficial to note that computer does not just refer home desktop. A computer is any gadget with a processor and some memory (Sambamurthy, Bharadwaj & Grover, 2003). Such gadgets can vary from non-networked standalone gadgets as modest as calculators, to networked portable processing gadgets, for example, cell phones and tablet PCs. IT security experts are often found in any significant enterprise because of the nature and worth of the information in big organizations. They are in charge of keeping all the technology within an organization free form attacks that aim at revealing confidential information or gaining control of the company systems. The IT Environment Framework consists of four major sections as described below. 1 - IT Systems Services: This area of the system represents all specialized solutions and services set up around Systems, which are viewed as basic with the end goal of meeting a set of practical or behavioral objectives inside one or more particular Operating Environment (O’Sullivan & Dooley, 2012). Examples of such technical solutions or Systems could be small as those thought to be Atomic Systems, for example, Computing Devices, Storage, and Software, or as substantial as those thought to be Composite Systems, for example, Document Management Systems, Application Monitoring Systems, Business Intelligence Systems, or even business related Systems, for example, Accounting or Payroll Systems. Enormous or minute, a System is a System and no Environment is complete until all important Systems are totally represented, made accessible, steady, repeatable, and are legitimately upheld for the Environments that influence such Systems (Lapointe & Rivard, 2005). 2 - IT Operational Services: This area of the structure speaks to all Operating Services that are set up to help keep up or utilize any Systems made accessible in one or more particular Operating Environment (Shaikh & Haider, 2011). This incorporates the Services that are directly connected to particular Systems, for example, Release Management and Deployment Management, and those that are more general in nature and not System particular, for example, Project Management, Incident Management, and Problem Management among others. 3 - IT Operating Environment Services: notwithstanding the past two parts of the system, this area characterizes the organized and limited Operating Environments that empower tasks related to System and Technology to occur in confined areas that do not affect other regions of work, and additionally all the significant Services set up to support such tasks. Such Services comprise of the tasks important to develop an Environment, the work important to tear down an Environment, the work important to Deploy to an Environment, and the work important to support an Environment (Ray, Muhanna & Barney, 2005). These Services apparently get to be more multifaceted when the managers and administrators of such Environments must manage numerous Organizations, attempting to run different forms of work, at the same time, throughout a typical Environment, in a way that permits what the business frequently alludes to as a multi-tenure model for operations. 4 - The Systems Development Life Cycle (SDLC): This area of the system represents the SDLC for which a particular Environment is a piece of, including all the approaches, models, systems, and work important to move a System through such a SDLC in a successful and profitable way. It is the SDLC that drives the reason for a particular Operating Environment and, in this way, all the work important to make, convey to, work, bolster and/or tear down an Environment (Buntin, Burke, Hoaglin & Blumenthal, 2011). A decently characterized SDLC characterizes what Environments must exist as well as helps an Organization and its Resources see how best to move Systems and other pertinent Solutions through such Environments and, at last, through the SDLC, itself. Computer system threats come in a wide range of forms (Nolan & McFarlan, 2005). The most well-known dangers today include software attacks, data fraud, theft or damage of equipment, and data coercion. Many people have encountered some form of software attacks. Viruses, worms, phishing attacks, and trojan horses are few examples of software attacks. The theft of intellectual property has additionally been a far-reaching issue for some organizations in the IT field. Intellectual property refers to the possession of protected property. Software theft is likely the most common in IT organizations today. Identity theft is the effort to carry out activities as someone else so as to acquire the crucial data. Robbery of equipment or data is getting to be more common today because of the versatility of most gadgets today (Sittig & Singh, 2011). Laptops and mobile phones are inclined to robbery and become significantly more alluring as the measure of information limit increases. Sabotage normally comprises of the destruction of an organization′s site trying to cause loss of certainty to its clients (Buhalis & Law, 2008). Data extortion comprises of theft of a company′s property or data as an endeavor to get payment in exchange of giving back the data or property back to its owner. There are numerous approaches to help shield a company from some of these assaults yet a standout amongst the most useful safety measures is user carefulness. The IT Environment Framework is utilized to help IT Professionals distinguish and comprehend the most essential ideas connected with the configuration, conveyance, operations and support of the diverse IT Operating Environments which are viewed as basic to most IT Organizations (Ashton & Stacey, 1995). It is usually argued that profoundly controlled and repeatable Operating Environments are the establishment for all fruitful IT Delivery in organizations of any size, not considering their industry. This Framework assists in the identification of similitudes and contrasts between such Environments, with objectives of revealing insight of common patterns. It eventually leads IT Organizations and their ventures to high levels of effectiveness and quality, while at the same time aiding in the reduction of operational costs (Taylor, Artman & Woelfer, 2012). Robert is a client manager for BioMed Devices in Perth, Western Australia. Roberts carries a laptop, smartphone, iPad with him everywhere he goes. The potable gadgets are prone to theft and this presents huge threat to the information system of the business. Robert utilizes Microsoft Office Professional 2013 for all his business needs. He does not use third part protection for his information. Microsoft word is prone to malware attacks and can result to information loss. Viruses refer to files created to do harm or for criminal tasks. Third party protection such as updated antivirus software ensures up-to-date information. While on the road, Robert leaves his computer in his car. His computer is prone to theft which would result to significant data loss. He ought to be more cautious with his computer for the safety of his company. Use of public internet café is also associated with various risks which include people gaining access to personal online activity, people viewing the screen, risk of malware and spyware, and theft of confidential information from browser history. Also, public Wifi is not always secure and may enable unauthorized people to view personal information. Robert should utilize secure, encrypted Virtual Private Network (VPN) and use an updated antivirus software system. In conclusion, this paper presented information security mapping case study and aimed at identifying the importance of information to companies and the society in general, discussed concepts, values, and techniques which relate to information security, and presented advantages, threats and susceptibilities linked to various IT environments. According to this paper, the key aspect of information security is user carefulness. The most common dangers today linked to information technology include software attacks, data fraud, theft or damage of equipment, and data coercion. In this case study, Robert should install updated security system in his computer, avoid using of public wifi and computers, and leaving his gadgets unattended, as it may lead to significant data loss. Concept Map References Alhawari, S., Karadsheh, L., Talet, A. N., & Mansour, E. (2012). Knowledge-based risk management framework for information technology project. International Journal of Information Management, 32(1), 50-65. Ashton, W. B., & Stacey, G. S. (1995). Technical intelligence in business: understanding technology threats and opportunities. International Journal of Technology Management, 10(1), 79-104. Barnett, D. J., Sell, T. K., Lord, R. K., Jenkins, C. J., Terbush, J. W., & Burke, T. A. (2013). Cyber Security Threats to Public Health. World Medical & Health Policy, 5(1), 37-46. Beaudry, A., & Pinsonneault, A. (2005). Understanding user responses to information technology: A coping model of user adaptation. Mis Quarterly, 493-524. Benitez-Amado, J., & Walczuch, R. M. (2012). Information technology, the organizational capability of proactive corporate environmental strategy and firm performance: a resource-based analysis. European Journal of Information Systems, 21(6), 664-679. Buhalis, D., & Law, R. (2008). Progress in information technology and tourism management: 20 years on and 10 years after the Internet—The state of eTourism research. Tourism management, 29(4), 609-623. Buntin, M. B., Burke, M. F., Hoaglin, M. C., & Blumenthal, D. (2011). The benefits of health information technology: a review of the recent literature shows predominantly positive results. Health affairs, 30(3), 464-471. Kumar, U., & Gambhir, S. (2014). A Literature Review of Security Threats to Wireless Networks. International Journal of Future Generation Communication & Networking, 7(4). Lapointe, L., & Rivard, S. (2005). A multilevel model of resistance to information technology implementation. MIS quarterly, 461-491. Liang, H., & Xue, Y. (2009). Avoidance of information technology threats: a theoretical perspective. MIS quarterly, 71-90. Lumley, E. J., Coetzee, M., Tladinyane, R., & Ferreira, N. (2011). Exploring the job satisfaction and organisational commitment of employees in the information technology environment. Southern African Business Review, 15(1), 100-118. Nolan, R., & McFarlan, F. W. (2005). Information technology and the board of directors. Harvard business review, 83(10), 96. O’Sullivan, D., & Dooley, L. (2012). Collaborative innovation for the management of information technology resources. Professional Advancements and Management Trends in the IT Sector, 207. Ray, G., Muhanna, W. A., & Barney, J. B. (2005). Information technology and the performance of the customer service process: A resource-based analysis. Mis Quarterly, 625-652. Rindfleisch, T. C. (1997). Privacy, information technology, and health care. Communications of the ACM, 40(8), 92-100. Roberts, N., & Grover, V. (2012). Leveraging information technology infrastructure to facilitate a firm's customer agility and competitive activity: An empirical investigation. Journal of Management Information Systems, 28(4), 231-270. Sambamurthy, V., Bharadwaj, A., & Grover, V. (2003). Shaping agility through digital options: Reconceptualizing the role of information technology in contemporary firms. MIS quarterly, 237-263. Shaikh, F. B., & Haider, S. (2011, December). Security threats in cloud computing. In Internet technology and secured transactions (ICITST), 2011 international conference for (pp. 214-219). IEEE. Sittig, D. F., & Singh, H. (2011). Defining health information technology–related errors: new developments since To Err Is Human. Archives of internal medicine, 171(14), 1281-1284. Stoneburner, G., Goguen, A., & Feringa, A. (2002). Risk management guide for information technology systems. Nist special publication, 800(30), 800-30. Tallon, P. P., & Pinsonneault, A. (2011). Competing perspectives on the link between strategic information technology alignment and organizational agility: insights from a mediation model. Mis Quarterly, 35(2), 463-486. Taylor, H., Artman, E., & Woelfer, J. P. (2012). Information technology project risk management: bridging the gap between research and practice. Journal of information technology, 27(1), 17-34. Yen, P. Y., & Bakken, S. (2011). Review of health information technology usability study methodologies. Journal of the American Medical Informatics Association, amiajnl-2010. Read More