Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!

Telecommunication And Network System Of ABCD University Add in library

249 Download11 Pages 2,657 Words

Question:

Describe about the Importance of Information Security, the laws and regulations of information security and Compliance, system audit controls of ABCD University?
 
 

Answer:

Introduction

ABCD University is a 21st century college which has advanced technological infrastructure. The organization has an impressive collection of multimedia and computing resources. The university has total 19000 staff and students who use 3000 computers on a regular basis. The university provides maximum resources to the students like computer laboratories, server connection and also various learning facilities. Along with these all the resident students use the university network for their work purpose. Thus the university tries to benefit all the staff and students from their advanced network system. The firm wants to further improve their network system and implement security strategies. For this reason the university has hired a policy maker who would make the students understand the importance of network security and would increase the security system of the entire network connection of the university. He would train both the staff and students in how to maintain security of their own network. Thus this would make the University network more protected and secure to work with.

Importance of Information Security

According to Ronald Reagan “The oxygen of modern age is Information. It is the most powerful tool one can have.”(West, 2008). Every organization including universities must have Information Security-Management System (ISMS). It is one of the most important components of a place which deals with many computers and network server (Microsoft, 2005). All the data present in the IT systems of a University is extremely valuable. It helps in storing and processing information. Thus information security is very essential. The importance of information security is as follows:

  • Confidentiality: All the data in the IT system can only access and viewed by the authorized person only. No third party can view the secured information of an individual.

  • Integrity: It maintains integrity of the data and can be relied upon accurately and is processed correctly. All the data and information is properly securely stored within the system (Doherty & Fulford, 2006).

  • Availability: Even with the strict security system all the data can be accessed whenever it is needed.

  • Reducing the Risk: Information security reduces the risk of leaking or hacking any kind of data and information from the IT system.

  • Unique Accessibility: Information security allows only a single user to access the data that is uniquely protected by the individuals own password.

Thus Information Security is extremely essential to keep an individual’s personal data secured. In universities there are many students who are doing their research or project using ABCD’s network system so no data or information can be allowed to leak out. According to Network Security Guidelines persons who extract data from different networks can face punishment from the court of law (Siponen, 2001).

Thus information security should be the primary focus of ABCD University so that all the students can make optimum usage of the universities network system.

 

Assets Classification and Control

Every organization and universities has many types of assets. And in the 21st century all the record and data about the various assets are stored in the ABCD’s universities server. It is through this network that the organization controls and classifies its assets and properties. Billions of dollars of assets and their details are stored in the universities server. All the record since the beginning of the university and all the details of the students are incorporated inside the server of the university.

Thus to protect all these, information security is extremely essential for the university. Information security prevents a third party from viewing and accessing those confidential data about the universities assets.

Classification of Information

Information security helps to classify information according to security basis. The security system protects the entire data and server of the university but it has priority according to importance basis. For example all the record and details of each and every single student and staff is considered to be high priority. For this reason only a single user is given the liberty to access it. While library information is of medium priority and thus it is accessible to both the student and the librarian. Similarly the university has many medium priority data and information which is accessible to only few people. However for example a certain University club has data and information about its events is of least priority. Here the information security system allows all the members or students to access the club’s data and other event information.

The Network System of ABCD University

ABCD uses 3000 computers and even has its own network system for the benefit of the students and the staff. It has voice and data network systems with high network security. It has UNIX hosts and also fileservers which support many upgraded applications.

For high security purposes and for optimum use of the computing laboratories the university even has a technical support team. The technical support team is always present inside the campus and offers support to all the students. They even have a help desk with expert technicians who fixes all the software and hardware problems faced by the staff and students. If any malfunction took place or any kind of security problem the technicians would be immediately informed and they would help the students and staff to solve it.

The laws and regulations of information security

During the early 2000s and also late 1990s many laws were established regarding the privacy and security of information of organizations. This was successful due to the involvement of large company like Enron (Wixom & Todd, 2005).The main focus of all the information security laws and regulations is to protect the integrity, availability and confidentiality of all the information that might have an impact on the stakeholders of an organization (Solms, 2004). The laws regarding information security has certain goals like:

  • Implementation and establishment of controls
  • Maintain, assess and protect compliance issues
  • Identification and remediation of the deviations and vulnerabilities
  • Providing reports that could prove an organization’s compliance

Thus all the laws governing the information security of an organization have the same goal of protect one’s information which he does not want to share. The information security of ABCD University will abide by all the rules and regulations so that all the staff and students can make optimum use of the university’s network and server.

 

Training of the students and staff

The information security installed in the ABCD University is extremely user friendly. But it requires a little guidance so the technicians arranged a training program for all the staff and students. The program was of 3 hour duration where all the students participated. The following things were taught and showed during the training session:

  • The students were first told about the importance and necessity of information security.
  • UniTech was the organization that provided all the latest information security software for the University.
  • The students were made familiar with the software that was installed in every single computer.
  • If they faced any difficulty they were provided with the help desk number.
  • For more security the students could individually approach their local technicians who would upgrade their IT system.
  • Every student and staff was given a unique ID code which would help them to login with the information security system where they could give their own password.

Thus from the training program the students were shown a demo of the information security. They were also warned about the violation of the information security protocols. The entire program was a successful event.

Access and Cryptographic Control

Information is one of the most important assets of an organization. The information security helps to protect all the data and record of a University or a firm. It uses various software to protect the infiltration of a third party from viewing the data and also prevents various viruses from corrupting the files. Information security contains high level antivirus (Kagan, 2007). The two basic functions of information security are as follows:

Access Control

Access Control determines and ensures the proper user who is allowed to view or access the information. It does not allow any other person to view the record and data. It controls the servers, mobile devices, mainframes, operating systems, and network services, desktop and also the laptops are monitored by the access control software (Vroom & Solms, 2004). No third party can bypass the security systems provided by the access control. All the data and information is available to only the authorized person and he has unique password to access any data.

Cryptographic Control

Cryptography is considered to be a science which uses complex mathematics including logical designing methods. Strong encryptions are required to hide data and information about an organization (Mogull, 2005). Information security has such strong and protected encryption that allows the valuable information of the University to remain hidden. At present there are many hackers who can even hack and retrieve data and information from highly secured encryptions. The cryptographic control of information security prevents such things from happening.

Thus both access control and cryptographic control is an essential part of information security. The security system installed by ABCD University has both the facilities and thus the students can use the learning resources of the university without any problem.

Compliance, system audit controls of ABCD University

Auditing of an organization is extremely necessary. It maintains and checks the security of the firm and also maintains the risk management of the company (Petter, Straub & Rai, 2007). Thus ABCD University must make a thorough auditing of the entire system of the university. The university must undergo auditing because of the following reasons:

  • To check the security system and information security of the university.
  • The auditing checks the security policies of the universities and finds the drawbacks in it.
  • It helps to manage the risks of the University.
  • The entire auditing of the University follows compliance audit.

Thus from the above we can see that ABCD University require a good and thorough auditing. Thus it helps to maintain the security measures of the university and also the various securities polices of ABCD University. Information security also helps to control the environmental security of the university. The university after the auditing installed various information security software by UniTech so that both the students and the staff could receive the optimum benefit of the computing laboratories and the learning resources.

 

Conclusions

Thus from the above detailed analysis of ABCD University it is evident that information security plays a major role in the privacy of the company. The following things have been derived from the above study:

  • Information security is one of the essential parts of the university which would protect its assets and detailed data.

  • Information security also has access and cryptographic control over the entire system of the organization.

  • Training is required for the students and staff so that they can understand the information security system and can operate it easily.

  • Information security has many rules and regulations which must be followed by the university.

  • Anybody who fails to abide by the security protocols will be punished in the court of law.

  • Information security provides a unique ID and password for every single student and staff so that only the authorized person can view the information or data stored the university server and network.

Thus it can be said that ABCD University must increase their information security and upgrade it so that both the students and staff can utilize the learning resources of the university to its optimum level.

Recommendations

After such a detailed study about the information security of ABCD University many points have come to light. Information security is extremely important for the university so that it can protect all its assets and have proper cryptographic control over the details of every student. The following are the recommendations that the university can add:

  • The university must upgrade the information security system on a monthly basis.
  • All the students must be aware of the importance of information security and students not using it must be penalized.
  • All the technicians must have detailed knowledge about the system so that they can assist whenever it is necessary.
 

Bibliography

  • (2005, December).Data Confidentiality. Retrieved May 16, 2012, from MSDN.

  • Mogull, R. (2005, August).Management Update: Use the Three Laws of Encryption to Properly Protect Data. Retrieved February 4, 2006, from Gartner.

  • (2001, November 26).Advanced Encryption Standard. Retrieved May 15, 2012, from NIST Computer Security Resource Center.

  • Olzak, T. (2006, February).Data Storage Security. Retrieved May 19, 2012, from Adventures in Security.

  • Zim, H. S. (1962).Codes and Secret Writing. Scholastic Book Services.

  • Mogull, R. (2005, August).Management Update: Use the Three Laws of Encryption to Properly Protect Data. Retrieved February 4, 2006, 

  • 2004 E-Crime Watch Survey Summary of Findings, Computer Emergency Response Team Coordination Center (CERT/CC).

  • Kankanhalli, H.-H. Teo, B.C.Y. Tan, K.-K. Wei (2003), An integrative study of information systems security effectiveness, International Journal of Information Management 23.

  • Karahanna, D.W. Straub, N.L. Chervany (1999), Information technology adoption across time: a cross-sectional comparison of pre-adoption and post-adoption beliefs, MIS Quarterly 23 (2).

  • G. Peace, D. Galletta, J. Thong (2003), Software piracy in the workplace: a model and empirical test, Journal of Management Information Systems 20 (1).

  • Doherty, N. F., and Fulford, H. 2006. “Aligning the Information Security Policy with the Strategic Information Systems Plan,” Computers and Security (25:1), pp. 55-63.

  • Dhillon, G., and Backhouse, J. 2001. “Current Directions in Information Security Research: Toward Socio-Organizational Perspectives,” Information Systems Journal (11:2), pp. 127-153.

  • Petter, S., Straub, D., and Rai, A. 2007. “Specifying Formative Constructs in Information Systems Research,” MIS Quarterly (31:4), pp. 623-656.

  • Siponen, M. T. 2001. “Five Dimensions of Information Security Awareness,” Computers and Society (31:2), pp. 24-29.

  • West, R. 2008. “The Psychology of Security,” Communications of the ACM (51:4), pp. 34-40.

  • Whitman, M. E. 2008. “Chapter 6: Security Policy: From Designto Maintenance,” in Information Security: Policy, Processes, and Practices, D. W. Straub, S. Goodman, and R. Baskerville (eds.), Armonk, NY: M. E. Sharpe, pp. 123-151.

  • Willison, R. 2006. “Understanding the Perpetration of Employee Computer Crime in the Organizational Context,” Information and Organization (16:4), pp. 304-324.

  • Vroom, R. von Solms (2004), towards information security behavioral compliance, Computers & Security 23 (3).

  • M. Stanton, K.R. Stam, P. Mastrangelo, J. Jolton (2005), Analysis of end user security behaviors, Computers & Security 24 (2).

  • V. Post, A. Kagan (2007), Evaluating information security tradeoffs: restricting access can interfere with user tasks, Computers & Security 26 (3).

  • v. Solms, B.v. Solms (2004), From policies to culture, Computers & Security 23.

  • G. Peace, D. Galletta, J. Thong (2003), Software piracy in the workplace: a model and empirical test, Journal of Management Information Systems 20 (1).

  • Dhillon, J. Backhouse (2001), Current directions in IS security research: towards socio organizational perspectives, Information Systems Journal 11.

  • Wixom, B. H., and Todd, P. A. 2005. “Theoretical Integration of User Satisfaction and Technology Acceptance,” Information Systems Research (16:1), pp. 85-102.

  • Venkatesh, S. Brown (2001), A longitudinal investigation of personal computers in homes: adoption determinants and emerging challenges, MIS Quarterly 25 (1).
 

References

  • Petter, S., Straub, D., and Rai, A. 2007. “Specifying Formative Constructs in Information Systems Research,” MIS Quarterly (31:4), pp. 623-656.

  • V. Post, A. Kagan (2007), Evaluating information security tradeoffs: restricting access can interfere with user tasks, Computers & Security 26 (3).

  • Wixom, B. H., and Todd, P. A. 2005. “Theoretical Integration of User Satisfaction and Technology Acceptance,” Information Systems Research (16:1), pp. 85-102.

  • Vroom, R. von Solms (2004), towards information security behavioral compliance, Computers & Security 23 (3).

  • Siponen, M. T. 2001. “Five Dimensions of Information Security Awareness,” Computers and Society (31:2), pp. 24-29.

  • West, R. 2008. “The Psychology of Security,” Communications of the ACM (51:4), pp. 34-40.

  • Mogull, R. (2005, August).Management Update: Use the Three Laws of Encryption to Properly Protect Data. Retrieved February 4, 2006, from Gartner.

  • Doherty, N. F., and Fulford, H. 2006. “Aligning the Information Security Policy with the Strategic Information Systems Plan,” Computers and Security (25:1), pp. 55-63.

  • (2005, December).Data Confidentiality. Retrieved May 16, 2012, from MSDN.

  • v. Solms, B.v. Solms (2004), From policies to culture, Computers & Security 23.
OR

MyAssignmenthelp.com has become one of the leading assignment help provider in New York City and Boston. We provide top class auditing assignment help. Not only auditing, but we also cover more than 100 subjects and our writers deal with all types of assignments with utmost expertise. To make writing process faster and accurate, we have segmented our assignment experts' teams as per their expertise on writing different types of assignments. We guaranteed that students who buy our assignment online get solutions worth their investment.

Most Downloaded Sample of Management

278 Download1 Pages 48 Words

Toulin Method Of Argumentation

You are required to write a researched argument essay that convinces persuades the reader of your position / stance. This is an academic, researched and referenced do...

Read More Tags: Australia Arlington Management Management University of New South Wales Management 
202 Download9 Pages 2,237 Words

Consumer Behavior Assignment

Executive Summary The purpose of this report is to elaborate the factors which are considered by individuals before selecting an occupation. Choosing an occupati...

Read More Tags: Australia Arlington Management Management University of New South Wales Management 
368 Download13 Pages 3,112 Words

Internet Marketing Plan For River Island

Introduction With the increase enhancement in the field of technology, it has been considered essential by the businesses to implement such technology in their b...

Read More Tags: Australia Arlington Management Management University of New South Wales Management 
328 Download9 Pages 2,203 Words

Strategic Role Of HR In Mergers & Acquisitions

Executive Summary In a merger & acquisition, role of an HR has emerged as a very critical function. At each stage of merger and acquisition process, HR plays a s...

Read More Tags: Australia Arlington Management Management University of New South Wales Management 
357 Download7 Pages 1,521 Words

Relationship Between Knowledge Management, Organization Learning And HRM

Introduction In this competitive business environment where every business organization is trying to attract the customers of each other, it becomes essential for ...

Read More Tags: Australia Arlington Management Management University of New South Wales Management 
Next
Free plagiarismFree plagiarism check online on mobile
Have any Query?