Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!

Business Driven Information System Add in library

25 Download5 Pages 1,232 Words

Questions:

1. What are information security policies and information security plans and how are they related?

2. What is the acceptable use policy and under what conditions does it apply?

3. What types of security should a bank implement and what affects would it have? What major types of attacks should a company expect?

4. What are three ways to prevent identity theft mentioned in the text?

5. Define the three primary information security areas (with examples) and discuss situations in which are they needed. In what ways do the different types of hackers and viruses affect these security areas and information security plans and policies?
 
 

Answers:

Introduction

This assignment shows how technology impacting the world of business and how does it support the business initiatives (Kessler, 2012). Information systems address support to all discipline whether it is manufacturing, operations management, marketing, sales, human resources or finance and accounting (Doherty and Fulford, 2006). The mutual goals that are related to projects of information technology are improvement in productivity, reduction in cost, improvement in consumer satisfaction thereby increasing loyalty, etc (Haag, Baltzan and Phillips, 2006).

1. Information security policies and plans and how they are accepted

The security policies are instructions from management which indicates the predetermined set of actions or a process to handle a situation or an issue. Information security plan or ISP is intended to safeguard the resources which are critical and informational from extensive business stability, reduction of risk and increasing return on the investments. When the security codes are in correct hands and all information and data is privately maintained only than the organization will accept the policies.

2. Acceptable use policy and application conditions

The acceptable use policy (AUP) is the policy which the user has to be in the agreement in order to get the access to the internet or the network. A contractual condition called Nonrepudiation is maintained to ensure that the participants of the e-business don’t deny their online activity (Reed, 2007). This is a clause that is contained in the AUP. The business organizations require their employees to give their signature on the acceptable policy to gain the internet access. When they sign on ISP than each of the customer is given an AUP that states that they have agreed to follow the conditions.
The conditions can be:

  • Nobody should use the internet to violate the law
  • Nobody should break the security of the user or any network

3. Security implementation in banks and the types of attacks they may face

Bank is a financial institution where monetary transaction is high which in turn increases the risk. Following can be the security that a bank can implement and the affects of it:

  • Drive better risk assessment: The banks should implement a strategy where they can secure their online relationships with their customers which will address the current requirements and can help them adapt to meet the challenges of tomorrow.

  • Adopt strong authentication standards: The present day threats require a strong authentication than passwords and username. So they have to change it every alternate time so that they do not face serious security issues like mishandling of data, etc.

  • Explore advanced authentication techniques: Banks should explore new and advanced techniques like dynamic device authenticity, mobile based transaction, etc. to find different.

The company should expect that there will be online mishandling of data where the security may be breached by any of the member of the organization. Other issues can virus attack, malware, Trojan horse, worm and IP attacks.

 

4. Three ways to prevent identity theft

 The three ways to prevent the identity theft are:

  • Deter- First deter the identity thieves by securing the information (Harold and Thenmozhi, 2014).
  • Detect- Secondly, detect the activities which are suspicious by monitoring the financial accounts and also the billing statements.
  • Defend- Finally defend the suspect that the banks have seen, the victim of the identity theft.

In case of HP, Chairperson Patricia C. Dunn stepped down because of manipulating data by using unethical methods of information security system of the organization.

5. Three primary information security areas and different types of hackers and viruses affect these security plans and policies

Key security areas are:

  • Application layer security
  • Network layer security
  • Ethical security

Application layer security measure is taken to prevent gaps in security policy. (Messner, 2007) Network layer security measure is taken to protect the physical interface between the network hardware and host computer (Dacey, 2003). Finally the ethical layer security measures are taken to see which sources are disrupting the network by hacking into it (Hacking Exposed (TM) Web 2.0: Web 2.0 security secrets and solutions, 2008). Viruses are programs that affect the users by duplicating themselves and attacking the files in the computers. Worms are self-generated programs that spread in the computer but only affect when the user opens the link or a particular file (Web services security, 2003).

Corporate Mail

Corporate mail is a common term in an organization. Any formal interactions between the employees and the management or management to management are done through corporate mail. This is because these mails need a different approach from informal mails. It was recently seen that companies are firing employee who are not following the protocol of sending corporate mails. Now many organizations are hiring people who will monitor the mails send to the management which are corporate mails. Thus it means that we are not only the ones who are accessing the mails but there are people who are keeping an eye on our mails. There are many regulatory, financial and legal issues mentioned in the mails. The companies surveyed that there was email leak and breach of confidentiality.  So the companies put some policies which the employees should follow:

  • E-policies are laid down to have the knowledge about the legitimate users of the network.
  • Policies should be up to date; this helps the organization in ethical use of the policy.
  • The policies should describe the position of the company in regards to the purpose of the internet access.
  • The policies should balance with the ethical use of computer policy.
  • E-mail policies should define the legal grounds for reading e-mail and the procedure required before actions take place
  • Polices should state that employees should be careful at the time of mailing and making documents which are also available to others.

Corporate mail is vital for transmitting formal and important messages. A wrong use of corporate mail can hamper the working of the company. Policies are made for employees but if they don’t follow than they are putting themselves and also the company at risk.

 

References

Dacey, R. (2003). Information security. Washington, D.C.: U.S. General Accounting Office.

Doherty, N. and Fulford, H. (2006). Aligning the information security policy with the strategic information systems plan. Computers & Security, 25(1), pp.55-63.

Haag, S., Baltzan, P. and Phillips, A. (2006). Business driven technology. New York, N.Y.: McGraw-Hill/Irwin.

Hacking Exposed (TM) Web 2.0: Web 2.0 security secrets and solutions. (2008). Choice Reviews Online, 46(02), pp.46-0929-46-0929.

Harold, L. and Thenmozhi, M. (2014). The development and application of information system driven value creation in Indian financial services sector. IJBIS, 17(2), p.198.

Kessler, G. (2012). Information Security: New Threats or Familiar Problems?. Computer, 45(2), pp.59-65.

Messner, W. (2007). Justifying information system value: Development of a method for measuring customer advisory system effectiveness. Business Information Review, 24(2), pp.126-134.

Reed, B. (2007). Implementing Information Lifecycle Security (ILS)*. Information Systems Security, 16(3), pp.177-181.

Web services security. (2003). Computer Fraud & Security, 2003(3), pp.15-17.

OR

MyAssignmenthelp.com delivers assignment help to millions of students of USA. We have in-house teams of assignment writers who are experts on wide ranges of subjects. We have appointed teams of native writers who provide assignment help to students in New York City and all over the USA. They are skilled assignment writers who successfully cater to search terms like do my assignment in the USA

Most Downloaded Sample of Management

271 Download1 Pages 48 Words

Toulin Method Of Argumentation

You are required to write a researched argument essay that convinces persuades the reader of your position / stance. This is an academic, researched and referenced do...

Read More Tags: Australia Arlington Management Management University of New South Wales Management 
202 Download9 Pages 2,237 Words

Consumer Behavior Assignment

Executive Summary The purpose of this report is to elaborate the factors which are considered by individuals before selecting an occupation. Choosing an occupati...

Read More Tags: Australia Arlington Management Management University of New South Wales Management 
367 Download13 Pages 3,112 Words

Internet Marketing Plan For River Island

Introduction With the increase enhancement in the field of technology, it has been considered essential by the businesses to implement such technology in their b...

Read More Tags: Australia Arlington Management Management University of New South Wales Management 
325 Download9 Pages 2,203 Words

Strategic Role Of HR In Mergers & Acquisitions

Executive Summary In a merger & acquisition, role of an HR has emerged as a very critical function. At each stage of merger and acquisition process, HR plays a s...

Read More Tags: Australia Arlington Management Management University of New South Wales Management 
353 Download7 Pages 1,521 Words

Relationship Between Knowledge Management, Organization Learning And HRM

Introduction In this competitive business environment where every business organization is trying to attract the customers of each other, it becomes essential for ...

Read More Tags: Australia Arlington Management Management University of New South Wales Management 
Next
Free plagiarismFree plagiarism check online on mobile
Have any Query?