Our website is a unique platform where students can share their papers in a matter of giving an example of the work to be done. If you find papers
matching your topic, you may use them only as an example of work. This is 100% legal. You may not submit downloaded papers as your own, that is cheating. Also you
should remember, that this work was alredy submitted once by a student who originally wrote it.
The paper “Herriard Information Technology System, Security, and Sustainability” is a thrilling variant of assignment on information technology. Herriard ensures the confidentiality of staff’s files by giving each and every Herriard member a unique password and userID to access their files…
Download full paperFile format: .doc, available for editing
Extract of sample "Herriard Information Technology System, Security, and Sustainability"
ASSESSMENT ONE
Name
Course
Tutor
University
City and state
Date
Task A1
Herriard IT System requires that every employee has a userID and password to authenticate their access into the information system. The users are required to change their credentials every 60 days for maximum protection. Every user has their defined permissions according to their job ranking which determines their level of access. Confidential information is only authorized for access by the top management officials.
The company has skilled expertise namely IT manager and the IT Security Manager whose main work is to ensure that the information system is secure and is operating efficiently. Furthermore, before any recommendations, implementation or maintenance of the system is done by the IT manager, the IT Security Manager and the CEO have to review and approve it.
Regarding the sharing of information, information is only divulged to other departments in a need to know basis. Even then, the manager of the department that owns the information has to sign off on the diversion. If multiple departments are involved, then all the concerned managers have to approve the information exchange. Non-disclosure agreements are signed before the actual exchange can begin.
Herriard has a security policy that every employee is required to familiarize themselves with and later sign as a pledge to adhere to the policies outlined in it.
Task A2
The company lacks some security components that expose their information system to threats. Chief among them is backup data storage. The company stores all its information on a central storage system that is placed within the building. Resultantly, the firm’s data is not secure from the events of data loss or data corruption. Moreover, the fact that the data storage is in-house means that in case of a tragedy, such as fire on the building, all the data stored will be destroyed. Off-site backup storage is ideal for the company.
Task A3
Personal information is sensitive in nature and it should be handled in a manner that protects its privacy. Therefore, an organization that uses this information ought to have comprehensive privacy legislation in place. The legislation should maintain integrity by ensuring that the information is presented and modified by the owners.
The legislation should explain how the information is used by the organization. In conjuction with this, the legislation should have the provision of the customer to opt their information out of any kind of usage that he or she may be uncomfortable with.
Some information disclosure scenarios are beyond the company’s control. These scenarios should be explicitly explained to the customer in the privacy policy. Despite these few scenarios, the legislation should explain how the company will protect the user information from unauthorized access.
In the event that the information is subject to exchange with third party partners, the legislation should outline this aspect and give a clear reason why it is the case.
Task A4
Herriard is an Australian company hence its information system uses the ISO/IEC 17799 Information Security Standard. This standard is used globally.
Task B1
Manmade threats include theft, arson and breakage of equipment.
Natural threats include flooding due to heavy rains.
Technological threats include electrical surge, disk corruption, unauthorized system access and modification and viral attack.
Physical threats include the wear and tear of the physical components.
Task B2
Security measures that can minimize the risk to the information system include the use of biometric doors. These doors should be placed in sensitive places such as the server room or the main IT control center. Only people with authorized biometric credentials should gain entry. This move will effectively minimize theft of high value information system equipment.
A backup and recovery center should be put in-place offsite to minimize the impact the natural threats such as flooding or technological threats such as disk corruption would have on the company’s normal operation.
There should be data access authorization levels that should restrict the access to data. Moreover, a two stage authentication process should be applied to ensure that unauthorized personnel cannot access sensitive information. Additionally, a user should be required to confirm every modification with a higher ranking officials credentials as a means of approving the changes being made, this will minimize risk of unwarranted modification and data access.
Finally, the information system should always have an updated antivirus scanning for malicious software and activity.
Task B3
1. McAfee Enterprise Storage Antivirus costs $4,995 (shopmcafee.com)
2. Microsoft Azure Cloud backup $500 baseline and $10 per protected instance and storage consumed. (azure.microsoft.com)
3. Tripp Lite Industrial Surge protector $45 each (amazon.com)
4. Adel Keyless Biometric door lock $132 each (amaozon.com)
Task C1
To avoid the formatting of a wrong disk by an administrator, the system should be customized to ask for a confirmation of each disk formatting. The confirmation can be in form of an approval by an IT specialist within the organization and or a senior company official. This process would ensure that 2 or 3 parties have double-checked that the disk being formatted is the correct one.
The threat of unauthorized people formatting the wrong disk can be controlled by the use of access level permissions. A user should only have access to the data that is relevant to their job ranking. Also, a two-step authentication process would minimize the risk of unauthorized users getting access to the system using stolen login credentials.
Task C2
Elements that should be added to Herriard Pty LTD include
1. Information security incident management
2. Mobile computing and information access
3. Security of physical components
Task C3
Herriard ensures confidentiality of staff’s files by giving each and every Herriard member a unique password and userID to access their files. Moreover, these two login credentials are changed every 60 days for maximized protection.
Also, the company enforces further confidentiality by restricting the sharing of files outside each staff members department. In cases where sharing is needed, it is under the approval of the manager and only in a need to know basis of the recipients.
Interaction with external networks is restricted to make sure that information is not leaked outside the office network as well as minimizing threats of remote hacks. In the event that the external exchange is unavoidable, the company uses a secure line that can only be used after approval is granted.
Files are marked with their levels of accessibility. Confidential files are only accessible to a handful of people in top ranks and cannot be copied or disclosed. Restricted files also follow the same guidelines of accessibility but are available to more people than the confidential files.
Finally, every staff member has a personal storage area, also called home directory, that is different from the shared departmental storage and cooperate storage in order to safe guard their files’ confidentiality.
Task D
Task E
no
yes
Task F
Makes order
Confirms quote price
Schedules order Enter sales
Order from suppliers
Completes order Receives completed order from external suppliers
Ship product
Issue invoice
Task G
The system would require the tests which include functionality testing to verify that the functions of the individual modules of the system work as expected and at efficient performance. Integration testing would confirm whether all the modules would work together perfectly when combined. Similarly incremental testing would be handy in verifying that in the event of other modules being added to the system, the addition would work flawlessly.
The recommended initial test criteria would start with testing if the source code complies properly without returning unintended error messages. After which, installation would follow. The installation should be done on the local machines to see if they can handle the system at their present configurations which include operating systems and hardware specifications.
Once the installation passes the test, the next step would be to ensure that text inputs are validated before being processed such that the system only accepts the input types that are valid and those that won’t return error messages. Also, text handling features such as copying, pasting and normal editing should also be tested. These features are paramount to achieve an efficient system interaction and leaving them unchecked would hinder productivity.
Consequently, after input validation is successful, the next step should be testing if all the core functionalities of the system work. Each module comes with its own set of functionalities; all these features should not only work but do so in acceptable response times.
Every well programmed system should have shortcuts to access the most used features. This sales processing system should be tested for these features too. Most shortcuts are made of key combinations. These combinations should not only work but they should also utilize reasonable keys that are easy for the user to remember.
Finally, a good system should afford the user a bit of personal customization. These preferences are found in settings. The system settings should be tested to ensure that they affect the overall system in the expected manner.
References
Amazon.com, Adele Keyless Biometric Fingerprint Door Lock. Available from: < https://www.amazon.com/Adel-Biometric-Fingerprint-Trinity-788/dp/B00270UU4C >. [16th August 2016].
Amazon.com, Tripp Lite 8 Outlet Industrial Safety Surge Protector. Available from: < https://www.amazon.com/ >. [16th August 2016].
Azure.microsoft.com, Pricing - Cloud Backup | Microsoft Azure. Available from: < https://azure.microsoft.com/en-us/pricing/details/backup/>. [16th August 2016].
Shop.macafee.com, Business Security Software | McAfee SMB Store. . Available from: < http://www.shopmcafee.com/store/mfesmb/en_US/list/ThemeID.37653000/categoryID.66300400>. [16th August 2016].
Read
More
Share:
CHECK THESE SAMPLES OF Herriard Information Technology System, Security, and Sustainability
The case study 'information technology Security' demonstrates that computers came in and finally the Internet.... In the 1970s, there was an increase in the usage of information technology.... information technology can perform countless tasks for the organization like capturing, storing, processing, exchanging, and using information for the company.... This essay is about the project management of an information technology application....
For this reason, information should be as confidential as possible for sustainability and accuracy of its use.... Technology of Information security Name Institution Technology of Information security Introduction The use of cryptography is a necessity for the consequence of the revolution of information in the world today.... They include the data encryption standard (DES), pretty good privacy (PGB), and the Rivest Shamir, Adleman (ARS) system....
The paper 'Information and Systems security' seeks to evaluate Network security as one of the most highly debated topics in the present-day world.... Network security has many dimensions.... The author states that Network security has become a very essential part of each and every network present on this planet- be it the Internet which we use or the LANs (Local Area Networks) and MANs (Metro Area Networks).... With this ease of information access comes the issue of security....
This essay "information technology and Security" is about new information products and services available for use in organizations include teleconferencing, microcomputers, software packages, distributed data processing, automated offices, voice mail, networking, database management systems.... information technology and SecurityIntroductionThe proliferation of information technology can be overwhelming and the Internet technologies are now seen as staples or natural resources, just like coal, cotton, fish, and so on....
There is a connection between security and the accessibility of information in an organization.... International Conference on Information security and Assurance (ICISA) , & Park, J.... Advances in information security and its application: Third international conference, ISA 2009, Seoul, Korea, June 25-27, 2009: proceedings.... In the information technology- Security information technology- Security Information Assurances Information assurance describes the measures that organizations take to protect and restore the quality of information in a bid to enhance the reliability of its sources....
"Information system security Plan" paper focuses on the four sections of the NIST's security plan such as General Description, System Environment, Laws, regulations, and Security Control Selection.... In that direction, the information technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) has developed guidelines on the ways to formulate and adopt a security plan.... The other important section of the NIST guidelines in selecting the necessary or even tailor-made security control....
This coursework "information technology Security" describes different types of attacks and the main aspects of security.... The discussion that follows will outline some of the challenges of information technology security.... ifferent attack methodologies can be employed by a cracker to attack an organization whose information technology is not secure.... This is especially with regard to the increasing methodologies that can be employed by crackers to attack the information system of an organization....
I have discovered that through risk assessment processes, current and future security and computer configuration issues can be easily identified and controlled so as to maintain the availability, confidentiality, and integrity of my computing systems and environment.... This coursework "Information Technology and Information system security" presents Information Technology that is changing at a high pace.... Due to the spreading of news about the latest computer viruses, information attacks, and new vulnerabilities as well as updates needed for operating systems as circulated across the globe, it becomes necessary for individuals to develop appropriate security mechanisms to protect their computer systems and information resources against threats....
8 Pages(2000 words)Coursework
sponsored ads
Save Your Time for More Important Things
Let us write or edit the assignment on your topic
"Herriard Information Technology System, Security, and Sustainability"
with a personal 20% discount.