StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Safe and Secure: Security Management - Essay Example

Cite this document
Summary
This essay "Safe and Secure: Security Management" discusses the value of information that refers to the difference that exists between the value of the project with information and the value of the project without information, coupled with the cost incurred in the acquisition of the information…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER97.9% of users find it useful
Safe and Secure: Security Management
Read Text Preview

Extract of sample "Safe and Secure: Security Management"

Information will be considered useful and valuable if it contributes effectively towards good decision-making and provides the data support that is required.

Hence valuing information would basically require that an assessment is made about the usefulness of the information that is being used in carrying out the project, especially in the context of the expenses that are made in acquiring the information. In a study that was conducted to examine data resource management (DRM), in the context of distributed processing, four variables were investigated – namely, intersite data dependence, the centralization of  IS decisions, the concentration of these IS resources, and DRM related autonomy (Jain et al, 1998).  All of these aspects may be seen to impact upon the cost-effectiveness of the process of information acquisition that would be an aid in carrying out a project and provide an idea of whether they would be considered useful in enhancing the project value.

The results of this investigation (Jain et al, 1998), showed that organizations with the right combination of these four variables were more likely to have higher levels of success in the management of their data resources and in extracting the maximum benefit from the information.  In the context of ensuring data availability, Dineley (2007) points out that human error is one of the most often cited reasons why information available from data sources is not fully capitalized upon, and this factor is ranked right after software failures which are also an often cited cause for failure to extract the full value of information.

Hence valuing information involves an assessment of costs of extracting useful information from the glut of information available and the degree to which it is able to contribute to project management and ensure savings in costs.

The use of social skills and human interaction in order to gain access to information is a characteristic feature of social engineering. Since the protection measures have become increasingly stringent, such as for example, passwords that may be hard to crack, these hackers are resorting instead to trickery to persuade insiders to reveal the passwords. Gross (2007) points out how IRS employees were recently a target of these hackers. Over 60% of the employees changed their passwords when they received calls from people who posed as help desk workers.

In Grant’s study, the measures that were recommended in a report prepared by the Treasury Inspector General for Tax Administration office included enhancing security awareness among employees (Grant 2007). The incorporation of internal social engineering tests and providing awareness training to employees were the measures that were recommended for the IRS to follow in order to prevent such security lapses. The one sure way to effectively prevent social engineering attacks is to beware of anyone soliciting information, whether by phone, visits, or emails, about confidential organizational or financial matters.

Any kind of personal, financial, or confidential company information should not, as a rule, be provided to any individual/s seeking such information unless their authorization to obtain such information is conclusively established.  In the case of the IRS employees, as mentioned above, employees were aware that they were not to disclose passwords but did not realize that changing their passwords could also compromise the information that was to be protected (Grant, 2007). Hence, social engineering attacks can only be prevented by exercising the utmost caution and rigidly adhering to the rule that no information of any kind is to be disclosed to any individuals unless their authorization to possess such information is established.

  1. Multi-layered security is a recent concept that has been developing together with recent technological changes, such as the emergence of open communication protocols and the development of open-source software. As a result, the existing interoperability among IP networks is also being extended to cover other areas such as security, so that a combination of both electronic and physical measures has led to the development of security at different levels. As Gips pointed out by Gips (2005), safety and security are natural allies, hence when these departments work together within an organization, it can enhance internal security by providing both physical and technological security.

In terms of improving the security of data, this could include measures such as introducing multi-level passwords or using passwords together with encrypted systems and virtual networks. The secure systems provide a layer of protection that is reinforced through the additional security measure of passwords, and these could sometimes be passwords at two different stages of access to materials. In this way, even if the security at one level is breached, it would still not be adequate to gain access to unauthorized information.

Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Q5 Essay Example | Topics and Well Written Essays - 750 words, n.d.)
Q5 Essay Example | Topics and Well Written Essays - 750 words. https://studentshare.org/miscellaneous/1724623-q5
(Q5 Essay Example | Topics and Well Written Essays - 750 Words)
Q5 Essay Example | Topics and Well Written Essays - 750 Words. https://studentshare.org/miscellaneous/1724623-q5.
“Q5 Essay Example | Topics and Well Written Essays - 750 Words”. https://studentshare.org/miscellaneous/1724623-q5.
  • Cited: 0 times

CHECK THESE SAMPLES OF Safe and Secure: Security Management

Network Security Risk Assessment

The necessity of the company assets is revealed by their role in helping the company to make its supply chain management business possible.... The human capital also includes the management of the company which is engaged in making important decisions for the success of the company's coordination of warehousing, distribution, staging, transportation in additional to the relationship with the wholesaler, Value Added Resellers and customers.... These include the clients, staff, management, suppliers and distributors (Dalanhese, 2007)....
9 Pages (2250 words) Term Paper

Importance of Information Security in E-Commerce

A safe and secure e-commerce system not only allows easy and effective transaction between the vendor and the service provider but also adds to the goodwill and reputation of the company for being cautious about securing its clients' information and data.... The impact of Security on E-Commerce on the management of organizations It is important to understand that security is not only about technology.... The security of e-commerce activities ultimately reflects through proper decision making and management of the organization....
12 Pages (3000 words) Essay

Network Security and Different Ways to Secure Networks

This research will begin with the statement that network security can be defined as the protocols and security measures were taken in order to secure and protect the data in the existing network so that unauthorized access to the data can be prevented.... hellip; In order to understand the concept of network security, the core issues related to it needs to be analyzed.... The security of the data, at the most basic level, is authenticated by the users or the network administrators who assign a password and an ID to the respective network so that the security of the network is kept intact The researcher states that assigning a password and an ID to a network is often called one-factor authentication while the two-factor authentication has often been identified when the account or network is secured by a security-token for e....
9 Pages (2250 words) Essay

Systems Management and Security for Wal-Mart Business

10 Pages (2500 words) Coursework

Computer Security or Ethical Issue

This research paper "Computer security or Ethical Issue" shows that due to the amazing efficiency of a computer system, every business feels the need to utilize computer technology inside the business infrastructure to enhance its operational performance.... Therefore, computer system security is considered to be a vital aspect of any organization.... Furthermore, web-based technology and digital companies make it simple to collect, incorporate, and share business information, offering new fears regarding the suitable usage of customer details, the safety of individual confidentiality, as well as the security of the intellectual property of the organization (Armor2net Software Ltd....
9 Pages (2250 words) Research Paper

Corporate Security Management

This research paper "Corporate security management" presents the basic security needs for Well-Health Inc.... This research will also suggest mitigation procedures and measures that can be incorporated to handle and manage corporate security management.... along with other security issues and dangers.... hellip; Computer security is the process of protecting a computer system and data stored in it from being damaged or accessed by unauthorized persons....
7 Pages (1750 words) Research Paper

Network Security Control

Network security is one of the most highly debated topics in the present day world.... Network security has many dimensions.... Network security has become a very essential part of each and every network present on this planet- be it the Internet which we use or the LANs (Local Area Networks) and MANs (Metro Area Networks).... As more and more networks are being introduced every single day, the implementation of network security has become very important....
6 Pages (1500 words) Essay

Discussion question

Information security management handbook (6th ed.... The term information security which is even recognized as InfoSec is used to refer to the attainment of balance between securitization of an organizations information assets and the requirement to continue operating the business without hindrances (Whitman, 2011, p.... The safe keeping of hardware even includes security of computers where information Computer security vs.... Information security Computer security vs....
1 Pages (250 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us