Security Policies in Information Technology Field - Case Study Example

Case study on three IT security Policies Table of contents 1- Introduction 2- Critical analysis of Three IT security policies 3- Deficiencies of each discussed 4- Recommendations 5- Conclusion 6- References Weblog Site Weblog Post Weblog Comment Website Web Video Executive summary Security policies for the organizations have become vital. Many businesses have ill-defined or incomplete security policies. This case study report is intended at evaluating the three IT security policies of the different organizations and the inadequacies have been pinpointed. Completely new and comprehensive IT policy additives have also been discussed in the technical report on this case study given below. Today, the computer networking systems are highly vulnerable and prone to the hackers, viruses and other cyber dacoits. Therefore the network security systems have to be sound, dependable and free from risks (Marcel Decker, New York, 1997). This is only possible if the systems and service packs are continuously updated and different versions are enhanced. This dream of a foolproof secure network system can only be realized when the computer hardware is 100% compatible with the policy of security protocols. This report is also intended at demonstrating the analytical reporting skills, research and learning skills in the contemporary security policies of the different organizations. Comparison of Policies Organization Policy Analysis SANS Organization SANS (Organization), Acceptable Use Policy is quite effective and has some preferable margins over the others as far as utility of their IT for projects training is concerned. According to this organization their security purely depends on vigilance by all participants and has always to be updated to the requirements of 21st century. The dependability organization on the vigil of participants has to be removed according to the recommendations in the essay. Department of education and early childhood development. The main purpose of the IT security policy of the Eduvic.organization is to ensure the safe use of the Department of Education and Early Childhood Development’s (DEECD's) Information, and also to ensure that Communications and Technology (ICT) systems is quite legal, ethical and is well consistent with the aims, values and objectives of DEECD. However the systems of security need to be boosted as per recommendations in the essay. The University of Wollongong UWO is responsible for appropriate use of IT and services in support of teaching, research and administrative services. The following broader review and suggested recommendations are made in respect of UWO IT systems. Internet technology has revolutionized the world of communication, information, entertainment, services and E-business The world has virtually become a global village. This is all because of the existence, spread and development of Internet through out the world irrespective of continents, nationalities and religions. It can be said that Internet is the single unifying element in the world. The security policy of the university needs revision. SANS SANS (Organization), Acceptable Use Policy is quite effective and has some preferable margins over the others as far as utility of their IT for projects training is concerned. But according to this organization their security purely depends on vigilance by all participants and has always to be updated to the requirements of 21st century. Following is suggested the proper course of action for their training program IT security. The following check list helps out the situation in an effective manner. As far as the computer hardware compatibility list (HCL) is concerned the peripherals must be compatible with the operating systems. The HCL may be centrally controlled and user driven. An official HCL should be available on the website of the operating system. The Linux operating system provides the best HCLs (http://www.linuxquestions.org/hcl). Microsoft windows provide the HCL access to average users also due to their market dominance (http://www.microsoft.com/whdc/hcl/) Service packs update However network security policies aim at the protection of network and related accessible resources from unauthorized users. The administrators ensure the continuous monitoring and effective implementation of the security measures. In order to have a checklist in mind for fool proof security stem in the networking an example of defense of a house from thieves can help. The network attached storage helps the interconnected PCs from hacking and viruses. In this way the attacks at entry level are prevented when the alerts go through the whole network. The computer host security network is not dependable as the hackers can have access and can purchase the hosts rather more easily. Version Enhancement The net work security checklist includes the authorization and authentication of the user, creation of firewall for filtering the allowed services to the user, provision of the intrusion prevention system, monitoring for suspected traffics, and denial of unauthorized service (Duane DeCapite, Cisco Press, and Sep. 8, 2006). Depending on the size of the users, software for Antivirus likes Norton or McAfee etc are used. The bigger businesses use the security analyzers in addition to firewalls. And physical security checks against viruses and security fencing. Therefore, it can be concluded that internet security policy largely depends on the compatibility of the computer hardware with the peripheral’s ability to respond and accommodate the network security features. In the absence of hardware compatibility with the security policy, a PC can not remain safe and secure from damages. The services packs have to remain updated and upgraded all the times to respond the new security requirements. The versions have to be enhanced to remain alive and fully defensive to the attacks of virus, and hackers etc. the security policy’s most immediate and permanent requirement is eternal vigilance. Some other suggestions include the issues with networks as given below. Single network The main reason why the differences in operating system interfaces between different networks like Novell NetWare, UNIX/Linux, and Windows is that this would allow them to work together in a single network are given as follows. Most benchmarks by NetWare during the period from mid 80s to early 1990s demonstrated performance of Network operating systems. (As extremely high at 5.1 to 10.1. ) This was a bigger advantage for the NetWare from standpoint of network services,( American chronicle CA Net news November 2008) Towards the end of the 1990s, when booming of Internet connectivity occurred, the Internet's TCP protocol dominated the LANs. Meanwhile Novell introduced TCP/IP support in NetWare v3.x and developed a new web server in the form of NetWare v4.x. With the combination of a higher RAM limit of about 16 MB, processor feature utilization of 80286, the NetWare volume size limit allowed reliable, most cost-effective server-basing local area networks on it, for the first time. The was a very important development to significantly improving the performance. This became a prime key to the success of Novel Netware for the other larger networks to build upon. Another hallmark difference of NetWare model 286 was that it was independent of any hardware, unlike other competing server systems. Novell servers were assembled on the assembling of any brand system in collaboration with. Novell then in late 1990s designed a simple compact client software DOS program which was supposed to allow connectivity to server and shared server hard drive. Then it ensured compatibility with all the existing DOS (Bastian’s, Rob; Sander van Vugt2006). Novell NetWare is still today used by many people around the world. Many organizations specially the educational institutions and public sector organizations including government agencies use the Novel Network for the qualities of inexpensiveness and reliability. It was only successfully competed by the Microsoft till late 1990s. Department of education and early childhood development. The main purpose of the IT security policy of the Eduvic.organization is to ensure the safe use of the Department of Education and Early Childhood Development’s (DEECD's) Information, and also to ensure that Communications and Technology (ICT) systems is quite legal, ethical and is well consistent with the aims, values and objectives of DEECD. The IT Department and ICT systems have to be properly and efficiently used. DEECD ICT systems are not to be used for any inappropriate activities for example, pornography, fraud, defamation, breach of copyright, unlawful discrimination or vilification, sexual harassment, stalking, illegal activity and privacy violations. In order to make it possible the following further suggestions can improve the system like interpolation, and observance of protocols. Interoperability issues The client is resonably supposed to receive a response within a reasonanle time period. The bottom line of this approach cotained in the standard protocol is ‘trust the network; in order to ensure this process the positive acnowledgements are automatically created by the server in case of having received the requests of the clients or the resending process is supposed to automatically continue. This is confidence building mechanism in the standard protocol. Interoperability is the capability of various networking systems, in order to communicate, on the basic protocols. Interpretability amongst various networking systems has always been an issue. There are various problems identified in regards to the interpretability between networks. Theses are as follows. Common access to file systems, common TCP /IP support, integration of DNS, interfacing between the directory services. Cross platform security is another biggest issue in the interoperability of the networking systems between novel networks, Linux and windows. Interpretability amongst various networking systems has always been an issue. There are various problems identified in regards to the interpretability between networks. Theses are as follows. Common access to file systems, common TCP /IP support, integration of DNS, interfacing between the directory services. Cross platform security is another biggest issue in the interoperability of the networking systems between novel networks, Linux and windows. Interpretability amongst various networking systems has always been an issue. There are various problems identified in regards to the interpretability between networks. Theses are as follows. Common access to file systems, common TCP /IP support, integration of DNS, interfacing between the directory services. Cross platform security is another biggest issue in the interoperability of the networking systems between novel networks, Linux and windows. Interpretability amongst various networking systems has always been an issue. There are various problems identified in regards to the interpretability between networks. Theses are as follows. Common access to file systems, common TCP /IP support, integration of DNS, interfacing between the directory services. Cross platform security is another biggest issue in the interoperability of the networking systems between novel networks, Linux and windows. Interoperability is the capability of various networking systems, in order to communicate, on the basic protocols. Interpretability amongst various networking systems has always been an issue. There are various problems identified in regards to the interpretability between networks. Theses are as follows. Common access to file systems, common TCP /IP support, integration of DNS, interfacing between the directory services. Cross platform security is another biggest issue in the interoperability of the networking systems between novel networks, Linux and windows. Interoperability is the capability of various networking systems, in order to communicate, on the basic protocols. Interpretability amongst various networking systems has always been an issue. There are various problems identified in regards to the interpretability between networks. Theses are as follows. Common access to file systems, common TCP /IP support, integration of DNS, interfacing between the directory services. Cross platform security is another biggest issue in the interoperability of the networking systems between novel networks, Linux and windows. Interoperability is the capability of various networking systems, in order to communicate, on the basic protocols. Interpretability amongst various networking systems has always been an issue. There are various problems identified in regards to the interpretability between networks. Theses are as follows. Common access to file systems, common TCP /IP support, integration of DNS, interfacing between the directory services. Cross platform security is another biggest issue in the interoperability of the networking systems between novel networks, Linux and windows. Interoperability is the capability of various networking systems, in order to communicate, on the basic protocols. Interpretability amongst various networking systems has always been an issue. There are various problems identified in regards to the interpretability between networks. Theses are as follows. Common access to file systems, common TCP /IP support, integration of DNS, interfacing between the directory services. Cross platform security is another biggest issue in the interoperability of the networking systems between novel networks, Linux and windowsThe IT managers have found the following solutions of interoperability issues in the networks. Top of Form TCP/IP Support -- Windows 2000 Server easily connects easily with the Internet and third-party networking on a broad range becomes possible. In order to manage the networks, Windows 2000 Server ensures the application of Domain Name System, Dynamic Host Configuration Protocol, BOOTP, and remote procedure call (RPC), the main feature of TCPs. File System – the data contained in the files of novel NetWare, Linux and windows are shared and accessed by the clients with in inter collaboration of Microsoft Network under NCP/ NFS protocols. Active Directory – provides the solutions of Internet name space concepts with attribute of XML files on a website. Protocols – TCP/ ICP protocols provide the solutions on the agreed basis of standards of inter operability of networks. Besides the DNS integration Active directory services, Acrobat Readers, cross plate form security and active collaboration on Internet messaging provides solutions for the interoperability issues. Interpolation Story of interpolation of Network Operating Systems is interesting but complex. Novel NetWare dedicated her server to the Auspex NFS server. And an other SCO UNIX Network server. NFS outpaced and outsmarted other services. This phenomenon did not leave any room for others but to work under a single system And UNIX Linux, Windows had to have to work in a single network. And that was have they been liable to interpolate with the Net ware server as a single (IT wire Australia October 2008). Network Operating System. At the same time Novell began to give leverage its directory service, called NDS, by the way of bringing they’re other products into the directory. NDS integrated the GroupWise e-mail system, and Novell released some special directory-enabled products like famous Border Manager and ZEN works. In 1996 Netware version 4.11by Novel Netware including many enhancements (Hughes, Jeffrey F.; Blair W. Thomas (2002). , made the operating systems easier to operate, install, more stable and faster. Another version basically designed by Novel Netware for networks of 25 namely Intranet Ware for Small Business that contained another limited version of NDS, tried to further simplify the administration of NDS. Despite the facts of technological edge by one OPS over the other, mostly different Noses don’t interpolate due to the sheer business reasons. Specific products, protocols or standards used for interoperating between NOSs (Harris Geoffrey L, 2008) 1- Request is sent by the client to the server. 2-request of the client is acknowledged by the server. 3-acknowledgedment is done by both parties i.e. sever and client requested data is acknowledged by the client 4- Again acknowledged by both parties. I.e. client and server. NCP standards protocol was mainly based on the premise that networks should perfectly work for all the business hours. The requests are contained in the sequence numbers so if the requests are not entertained or acknowledged then the same requests in the same sequence numbers are resent, in order to ensure the process of data transfer and the satisfaction of the client is guaranteed. The University of Wollongong with concluding suggestions UWO is responsible for appropriate use of IT and services in support of teaching, research and administrative services. The following broader review and suggested recommendations are made in respect of UWO IT systems. Internet technology has revolutionized the world of communication, information, entertainment, services and E-business. The world has virtually become a global village. This is all because of the existence, spread and development of Internet through out the world irrespective of continents, nationalities and religions. It can be said that Internet is the single unifying element in the world (Castles, M. 2001). Nothing else can match its access and utility for the people of the world. But there is also an undeniable fact that despite all advantages the Internet like other Mass Media has also disadvantages (Castles, M. 1996). If the advantages are many the disadvantages are also not lesser. Here we discuss a few of Internet advantages and disadvantages point by point and give a conclusion at the end (Nicholas, David and Rowland, Ian 1999). Communication: Internet has revolutionaries the communication systems all over the world at such faster rates that no other communication means could out-smart this facility. Without loosing a single moment on Internet people can send E-mails, do chatting and use telephony services through the Internet. This has become the most accessible, cheaper and easy way of communication. It is the same communication facility of Internet that has its own disadvantages. The terrorists and anti-social elements like hackers, virus spreaders and cyber criminals make use of the Internet communication systems to disrupt the peace, tranquility, precious hubs of information and economies of the world. Information; information exchange and storage is the biggest advantage of Internet. There is no denying the fact that Internet web portals and Web Sites have become the treasures of information for the knowledge seekers from all walks of life. Google, Yahoo and Mazola Fire fox etc have become unbeatable search engines of knowledge. There are scores of books and libraries available on the Internet. But it is a same hub of information on the Internet that is stolen and used for the disadvantage of the society by the cyber net criminals. This information is always at risk of Trojan horses, viruses and net fires. The spasm and pornographies coupled with violence and fearsome materials is also the big danger to this treasure of information. Entertainment, services and E-commerce; Internet has provided a single and unique opportunity for entertainment like online movies, music, u-tube information, national geographies. The medical prescription facilities, engineering designs, architecture simulations and unlimited services of E-commerce including shopping, banking, import export and online payments have given an unparallel Philip to the services and E-commerce through Internet (First Monday peer-reviewed journal on the Internet). But it also a hard fact that the entertainment carries horrible images, pornographies, images of violence, a free heaven for terrorists spreading their ideas and laundering their money and subverting the transactions of Internet traders. However, it can be concluded that Internet has both advantages and disadvantages (Jayashree Pakhare http://www.buzzle.com/articles/advantages-disadvantages-internet.html). It is up to the user that how the Internet is being used. There is an utmost necessity that network security protocols should be observed. References 1- http://www.uow.edu.au/its/policies/index.html 2- http://www.sans.org/resources/policies/#template 3- http://www.education.vic.gov.au/about/deptpolicies/default.htm 4-Jayashree Pakhare. http://www.buzzle.com/articles/advantages-disadvantages-internet.html 5-- Nicholas, David and Rowland, Ian. “The Internet: its impact and evaluation” Library and Information Commission Research Reports. 66 (1999): 65-68. QUESTIA. London City U. 13 Apr. 2009. 6- Internet history and related information, including information from many creators of the Internet. 7- First Monday peer-reviewed journal on the Internet. 8- Castles, M. 1996. Rise of the Network Society. 3 vols. Vol. 1. Cambridge, MA: Blackwell Publishers. 9- Castles, M. (2001), “Lessons from the History of Internet”, in “The Internet Galaxy”, Ch. 1, pp 9–35. Oxford Univ. Press. 10. Harris, Jeffrey L. (2005). Novell Open Enterprise Server Administrator's Handbook, NetWare Edition. Novell Press. ISBN 978-0-672-32748-3  11-American chronicle CA Net news November 2008 12- IT wire Australia October 2008 13-Bastiaansen, Rob; Sander van Vugt (2006). Novell Cluster Services for Linux and NetWare. Novell Press ISBN 978-0-672-32845-9  14-Hughes, Jeffrey F.; Blair W. Thomas (2002). Novell's Guide to NetWare 6 Networks. Wiley ISBN 978-0-7645-4876-5  15-Marcel Decker, New York, 1997 Security of the Internet (The Froehlich/Kent Encyclopedia of Telecommunications vol. 15., pp. 231-255.) ISBN 5648974 16-Duane DeCapite, Cisco Press, Sep. 8, 2006 Self-Defending Networks: The Next Generation of Network Security, ISBN 2334653 17-Charlie Kaufman | Radii Perl man | Mike Spikier, Prentice-Hall, 2002 Network Security: PRIVATE Communication in a PUBLIC World. ISBN 7865434. 18-http://www.microsoft.com/whdc/hcl 19-http://www.linuxquestions.org/hcl Bottom of Form Read More