StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Fundamentals of Information Systems Security - Term Paper Example

Cite this document
Summary
The author of this term paper "Fundamentals of Information Systems Security" states that information security aims at protecting information from unbiased or unauthorized use, it also protects information from being dislocated or used in a manner that will make it accessible to an authorized user…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER91.7% of users find it useful
Fundamentals of Information Systems Security
Read Text Preview

Extract of sample "Fundamentals of Information Systems Security"

INFORMATION SECURITIES + Submitted Information Securities Information security aims at protecting information from unbiased or unauthorized use, it also protects information from being dislocated or used in a manner that will make it accessible to an authorized user. Information security is divided into two a) Computer security –it is also referred to information technology (IT) security. This is where technology is protected from crime such as unauthorized use. Technology in this context means many businesses require computer security therefore many IT specialists are located almost everywhere due to the growing need of computer security. Cyber attacks are rampant nowadays therefore the IT specialists are required to keep this information as protected as possible as the crimes may breach critical information especially in the government or private sectors (Kanade & Dorizi 2012, 21). b) Information assurance- disasters such as earthquakes, flooding, fire, computer server malfunction, theft of any part of the computer structure such as the CPU are prone to occurring. This creates the need to protect such data. Information assurance ensures that these data is not lost and can be retrieved anytime such vulgarizes occur. It specialists also handle these cases as most information is contained in the computers. A back up system ensures information assurance. In much chain business, military centers, government centers or institutions information is stored in one system that transmits it to other systems connected to it through a network system. Incase something happens to the mother system the information may be at risk of being lost and major losses or leak of critical information may be leaked and used against the organization/institution or may even ruin a reputable name. This therefore calls for information security across connected network to protect information from being hacked. History of Information Security Julius Caesar has been accredited to the invention of information security as he came up with techniques that could ensure internal information was not leaked to unwanted person. Procedural handling controls were put in place where he marked sensitive information and used codes to represent the information he wanted to pass. Trusted people who were guarded by heavy security then transported it. Later there was the invention of post offices in many countries where critical information could be sent via the post office. It became a more trusted way to send letters and parcels that contained vital information by government and private individuals. In 1889, the Parliament of the United Kingdom passed an act of legislature to thwart the revelation of official documents and information and created offences for disclosure of information (the official secrets act 18899(52 and 53 vict.c. 52). This was done to manage information according to its sensitivity. Data that are more sensitive had a more secure way of handling it. A multi-tier system of classification was used to rely vital information during the First World War. Coded information was used for communication from different fronts to know the progress of the war or the actions to be taken. Use of encoded information was now more sophisticated as machines were now used to scramble and unscrambled the coded information. There was then evolvement of esoteric range of markings. This indicated who could handle the information, where they could be stored, who could store them and the procedure of releasing the information. Destruction of information was also not to be done haphazardly, there was a procedure on how it was to be done and who was to do it. 21st century saw the rise of electronic systems of information and telecommunications. Electronic data was used in businesses where internet connected data between computers. The growth of electronic system came with growth of internet crime. This with other factors such as use of internet to plan activities such as robberies, terrorism etc led to the need of coming up with a system or a way to protect vital information stored in the electronic systems. Therefore use of information security came to rise and information technology specialists handle this work. The core principles of information securities are confidentiality, integrity and availability. The Importance of Information Security Businesses, institutions such as schools and banking, governments, private organizations and military store crucial information such as information about employees, salary information, business plans, financial results, among other vital information. This data is kept in the computer system and uses internet to convey it. Internet hacking has been very rampant and vital information has been lost in this way. Unauthorized access of information has also been experienced and this has led to collapse of firms (Avoine & Junod 2007, 01). In the case of Plunder properties a Confidential, available and integrity-centered security system is required. The Information security will be used in a. Protecting information- information from Plunder properties to connected networks of daughter companies such as Plunder padz, Beatle towers, Gentrify projects and the upcoming block in Manchester will require good form of information which requires to be protected. b. Protecting information breach – this occurs where information is not well protected and therefore compromised. This can lead to loss of vital information that was stored in the system or alteration of the information to suite the compromiser’s target. E.g. one can alternate a security file to get away with a crime or a banking file to escape to repay a loan or a revenue authority file to escape the taxman. This can occur in Plunder properties and freeze the operations and investment of the company and a lot of people can lose employment c. To improve efficiency- a department’s productivity can improve by ensuring a strong backup system. This can be done by using a backup system to store vital information and the backup system to be located in a secure place, local software and desktops to be stored with a strong antivirus, ensuring there are secure procedures to be followed and are strictly observed. CASE STUDY INFORMATION SECURITY BREACH TJX CLOTHING COMPANY Nearly 500,000 records that contained names of customers, licenses of drivers, and social security were compromised. Credit and debit cards, which were over 45 million, were also lost. This occurred due to breach of the protection of the wireless network that was used by the company. This exposed all the information that was stored and enabled it to be accessed and cause damages of over $100s of millions (Chakrabarti 2008, 98). Good Practices in Information Security Best practices in information security are vital in ensuring that data is not lost. These practices include; Policies should be created to ensure that protection of information is upheld with great integrity, confidentiality and availability. Staff should only access information that they require in the smooth running of their departments and role. More staffs should also be employed to back up this staff incase of a gap in any of the staff. A trusted IT administrator should be employed in every department and should be made liable to breach in information in the department. This will allow accountability in the part of flow of information. This person will be in charge of Backing up critical information Training staff of his department on good use of the IT system Segregation of duties Ensuring a competent primary and a backup personnel Document and log retention Creating an acceptable software Equipment and software removal Access of the systems/file Virus protection Proper design of controls Proper operating procedures Disaster planning and recovery Clear and complete job description DIFFICULTIES OF THE UNITED KINGDOM INFORMATION SYSTEM There are varieties of challenges faced by information technology systems in UK. They include Inside threat-, large organizations fear that their employees may leak data from their organizations. These require companies to know they are giving their information to. Companies need to be sure of the people they give their data to and know the manner in which the data they supply is protected. This calls for procedural, technical and legal views. An example is a former CIA contractor, Edward Snowden who is holed up in Russia and yet continues to leak crucial information. Cyber attacks- efforts are being made in many institutions to reduce cyber crime. This cyber attacks lead to loss of vital information and bring a lot of economic damage. Militaries are under threat of cyber attack that threat military operations and government protection over its citizens. It has become like another world war in government operations and business developments (Whiteman & Mattord 2012, 29). Social cites have also inhibited cyber security- many social sites act as training grounds for cyber crime. The tactics are then developed to work in other IT systems. This lead to data breach fatigue where users of data will not be able to adequately protect themselves from their internet being hacked. Attacks of Distributed denial of service (DDoS) have been rampant in the UK especially in 2013 and are at a risk of increasing. Internet of things increases threat to information security system- this is the interconnection of devices through the internet as shown. These systems are very vulnerable to attacks because of can use one device to create an attack on others. Retrieved from (Wisa, Kim & Lee 2008, 21) MAJOR INFORMATION SECURITY IN UNITED KINGDOM There are a number of legislations made to protect data in UK. These legislations are made by an act of parliament. They include The Data Protection (1998) The data protection principles- it states that “ it shall be the responsibility of a data controller to conform with the data security principles in relation to all personal data with respect to which he is the data controller (Kim & Solomon 2011, 30). Sensitive personal data-“in this act ‘sensitive individual data” means individual data consisting of information as to a. His physical or mental health or condition b. His political opinions c. His spiritual beliefs or other beliefs of a similar nature d. His sexual life e. The charge by him of any offence or f. The racial or tribal origin of the subject g. Whether he is a member of a trade union (within the meaning of a trade union and labor relations (consolidations) act 1992) Any proceedings for any form of offence committed or alleged to have been committed by him, the disposal of such proceedings of the sentence of any court in such proceedings. (Adapted from Data Protection Act 1998) There are also basic information security professional certificates one should have, they include I. The service routing certification program offered by Alcatel-lucent II. CISCO career certifications offered by CISCO systems III. Brocade certification and accreditation IV. Citrix certified administrator program offered by citrix system V. Cyberoam security certifications program offered by cyberoam VI. HP expertONE offered by Hewlett Packard VII. Dell certified systems expert program with associate and masters level offered by Dell VIII. Google apps certification program offered by GOOGLE (NATO Advanced Research Workshop On Complexity And Security 2008, 32) List of References KIM, D., & SOLOMON, M. (2011). Fundamentals of information systems security. Sudbury, MA, Jones & Bartlett Learning. NATO ADVANCED RESEARCH WORKSHOP ON COMPLEXITY AND SECURITY, RAMSDEN, J., & KERVALISHVILI, P. J. (2008). Complexity and security. Amsterdam, Netherlands, IOS Press. WISA 2007, KIM, S., YUNG, M., & LEE, H.-W. (2007). Information security applications: 8th international workshop, WISA 2007, Jeju Island, Korea, August 27-29, 2007 : revised selected papers. Berlin, Springer. Whitman, M. E., & Mattord, H. J. (2012). Principles of information security. Boston, MA: Course Technology. Avoine, G., Junod, P., & Oechslin, P. (2007). Computer system security: Basic concepts and solved exercises. Lausanne: EPFL Press. Chakrabarti, A. (2007). Grid computing security. Berlin: Springer. KANADE, S. G., PETROVSKA-DELACRÉTAZ, D., & DORIZZI, B. (2012). Enhancing information security and privacy by combining biometrics with cryptography. San Rafael, Calif, Morgan & Claypool. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Fundamentals of Information Systems Security Term Paper, n.d.)
Fundamentals of Information Systems Security Term Paper. Retrieved from https://studentshare.org/information-technology/1813923-information-technology
(Fundamentals of Information Systems Security Term Paper)
Fundamentals of Information Systems Security Term Paper. https://studentshare.org/information-technology/1813923-information-technology.
“Fundamentals of Information Systems Security Term Paper”, n.d. https://studentshare.org/information-technology/1813923-information-technology.
  • Cited: 0 times

CHECK THESE SAMPLES OF Fundamentals of Information Systems Security

Financial Regulation and Supervision

Moreover, the services will enable entry of information manually incase sales and purchases are done in physical retail outlets.... A reliable and first-rate efficient credit and debit card processing service enables individuals to accept payments anywhere, accept all payment forms, and access security and fraud protection.... Credit and debit card services consequently offer security protection through modern encryption utilities to give customers assurance and confidence when transacting and processing their personal credit and debit card information....
10 Pages (2500 words) Essay

Personally Identifiable Information (PII) : Ethical Implications

Some of the most commonly used data to identify individuals include; social security numbers, ID and driver numbers, date of birth, face recognition, biometrics, vehicles registration number, private phone numbers, home address, private e-mail address, among others.... For instance, every legal residence of the United States of America has a social security number used to identify him or her 1.... Personally Identifiable information (PII) – Ethical Implications Name: Institution Date: Personally Identifiable information (PII) - Ethical Implications Personal Identifiable information abbreviated as PII refers to the info that can be used to contact, locate or identify a single person....
3 Pages (750 words) Research Paper

Design Issues in the System (Security)

In a software system designing, the usability and security are two vital design objectives among many others include but not limited to the functionality, performance, robustness, and reliability.... It is vital to balance the usability and security among the various design objectives.... As per the given case study, the new system implemented in the restaurant has several issues related to the system security and user interface design.... The software application's security breach can be avoided by following another guideline for securing the software application by implementing security certificates for all the users (cashier / manager / administrator)....
5 Pages (1250 words) Essay

Attacks, Threats, and Vulnerabilities to the Organization

information systems security Name of Author Institutional Affiliation information systems security Technology is a blessing to mankind and is a requirement for the success of any business with any hopes of surviving the intense competition in the business world today.... Theft There has been theft of information systems in the recent past o the organization.... However, like all good things, information systems have a loophole too....
4 Pages (1000 words) Assignment

Physical Access Control and Logical Access Control

Fundamentals of Information Systems Security, Massachusetts: Jones & Bartlett Publishers2) Logical access, physical access (2012), RSA, Retrieved on June 27, 2012 from: http://www.... With respect to the computer information systems, the policies, processes and the technical controls that are involved are referred as the logical access controls.... he similarity of the two access controls lies in the fact that both are involved in attaining security, particularly within organizations either in terms of human access to different locations or different systems....
1 Pages (250 words) Essay

Intro to Mgt Syst

?Fundamentals of Information Systems Security.... Lucey (2005) notes that there is need to protect personal information such as financial data, medical records, political record,… I believe that it is important to protect personal information of a person because vulnerabilities of personal information have significantly increased Ethical Issues in information systems YourFirst YourLast Information or data privacy is an ethical issue in information systems that refer to the aspect of protecting an individual's personal information....
2 Pages (500 words) Assignment

Security Locking Devices

The author of this assignment entitled "security Locking Devices" comments on the difference of two locking devices for doors and windows and the means of generating power through alternative means to that of the existing modes of power generation.... nbsp;… While the first text is to do with the microcontrollers and processors that make up the security locking system, the second text is to do with the photovoltaic cells, Wind turbines and the CHP systems that make up the power generating capacity....
6 Pages (1500 words) Assignment

EBuy Control Station

The strength of the platform should be in terms of data security and the ability to serve big global traffic of customers at the same time.... hellip; The information system security is in two levels, and the cloud is used at both levels.... There is cloud security at the core and numerous encryptions in complex codes and robust passwords (Lucas, 2005).... The ideas will also help to detect and deter any violations of the laid-down security policies....
5 Pages (1250 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us