Download file to see previous pages...
Based on the nature of the information, we can classify information into two board categories; private and public. Public information are open to anybody since it may not cause any harm to the public and hence it is not necessary to protect it whereas private information are intended for a specific group of people and hence it should be protected from unauthorized use. Private information can be manipulated, modified or misused in many ways for personal gains and such manipulations may cause immense problems to others and hence it is necessary to protect it from unauthorized use.
Most of the current organizations store their information on computers. Staff details, client lists, salaries, bank account details, marketing and sales information etc are currently stored in the computers. If this volatile or sensitive information come in the hands of the competitors, an organization may suffer a lot. So, most of the organizations are currently spend enormous amount of money for information security. This paper briefly analyses the necessity of information security in modern organizations.
Computers, peripherals and networks are essential equipments in modern organizations for the communication and data/information storing purposes. No organization can survive in the current world without using computers and internet. But the major disadvantage in using computers for storing information is the possibility of leakage confidential information. There are people who accepted hacking as their main revenue source and they are capable of breaking the firewalls created for the protection of the information stored in a computer. It is easy for a hacker to break the firewalls and plant viruses inside a computer apart from taking out all the information he or she wants.
Earlier information security solutions mainly focused on preventing the external threats. But currently organizations realized that internal threat is as important as the
...Download file to see next pagesRead More
amming Security Considerations 5 Denial of Service 5 Confidential Information 5 Injection and Inclusion 6 Accessibility and Extensibility 6 Input Validation 6 Mutability 6 Serialization and Deserialization 7 Access Control 7 AJAX Programming and Security Issues 7 Ajax security Considerations 8 Ajax Security Support 10 Information Security implications while using Java and AJAX 12 Conclusion 14 Introduction At the present, modern technology based systems and applications are playing a very important role in all the walks of life.
Information is a main asset for any institution and measures to ensure security of assets is of key importance. A well implemented information security governance framework should direct and control security policies that are implemented at all levels of decision making Table of Contents 1.
the process of protection information is called Information Security. With the advancement in the technology the companies are storing information at database much more than before. This information is highly confidential and needed to be protected with better security system to prevent public viewing.
A lower number of breaches: 57 was reported in 2009. These are some of the pitfalls of the increased dependency and adoption of information technology by the higher education institutions. The over reliance on information technology presents great threats to private and confidential data besides the possible damages to the physical properties such as the computer systems and applications.
The board of director must hold a meeting in which all managers will present opinion. Involvement of the department will be necessary and crucial because each department needs security. Security breach can occur in any department, and managers and employees in each department should comply with the security policies and procedures.
With the increasing advent of technology in the operational sector, it has become quite vital for every business to implement adequate measures that would facilitate to stop unauthorized access to the data stored in the organizations database. However, several industries are categorized under the IT sector such as computer hardware/software, internet, telecom and e-commerce.
The objective data demonstrates a couple of points quite clearly. First, as noted by Angus, the organizations that decide to implement the strictest types of security are often much less secure than companies with more balanced approaches to security; he refers to this as a U curve in which a certain level of complexity generates too many costs and complications (2005).
Many public and private sector information systems have failed to meet the desired security standards and protocols defined by IT compliance rules and regulations. The information systems are exposed to widespread risks, threats and vulnerabilities that can adversely