Information Security at Cincom Systems: Analysis of IT Threats

As recognized by leading research and consulting firms with knowledgeable, skilled management, advanced state-of-the-art IT affords extraordinary opportunities for greater efficiencies, cost reduction, higher productivity, customer satisfaction, and profitability. Sophisticated IT applications realize their full potential with highly specialized technical knowledge and management skills readily available only in smaller firms focused primarily or exclusively on such applications. Through State of the art IT Security Management (ITSM) processes such as threat management, auditing, encryption and customer education will be used to prevent misuse and/or abuse of Finman’s IT resources or services.

The purpose of this paper is to explore and assess computer security as it relates to Aircraft Solutions. Aircraft Solutions provides products and services to a range of companies that require highly specialized skills. Information is accessed by internal and external users via their Business

Many companies have several locations that are statewide as well as international. The threat to the company’s security policy is that much greater because of the company’s expansion; this has placed the company’s information at a higher level for security breaches. The company needs to stay up-to date with the latest technology to make sure the company information can be accessed to all of their locations efficiently. Organizations that have global operations have a harder time effectively securing their information. The Internet is one of the common ways that an international company uses to conduct business; because the company can use their website to post information.

Other security elements are in reference to data recovery, database administration, handling a breach in security and administrative security policies such as access procedure, employee transfer and excessive user access. As I assume the role of the chief security officer, database designer, database administrator, and chief applications designer this project is very important to the armed services and the Virgin Islands National Guard as we strive to provide global security.

Any enterprise has to pay special attention to computer security. Computer security is a field that is concerned with the control of risks related to computer use. A primary focus should be on the external threats to the computing environment. In enterprise with branches cross country, it is important to allow information from "trusted" external sources, and disallow intrusion from anonymous or non-trusted sources. In a secure system, the authorized users of that system are still

The CIA triad of confidentiality, integrity, and availability is at the heart of information security (Perrin, 2012). The pillars of the CIA Triad provide a significant foundation of security in an information system. The decisions and implementations of each of these pillars will impact the overall security posture. Pillars are incremental so an increase or decrease in implementation of a given pillar will have a cumulative effect.

An information security benchmark model (CIA) an acronym for information Confidentiality, Integrity and Availability can be used to evaluate the solution

As technology grows and information has become a critical asset companies currently are devoted their resource and money to protect their data as important as their finance and human resource assets.

While all of these technologies have enabled exciting changes and opportunities for businesses, they have also created a unique set of challenges for business managers. Chief among all concerns about technology is the issue of information security. It seems to be almost a weekly occurrence to see a news article about yet another breach of security and loss of sensitive data. Many people will remember high profile data breaches from companies such as T.J Maxx, Boston Market, Sports Authority, and OfficeMax. In the case of T.J. Maxx, a data breach resulted in the loss of more than 45 million credit and debit card numbers. In many of these incidents, the root cause is a lack of adequate security practices within the company. The same technologies that enable managers can also be used against them. Because of this, businesses must take appropriate steps to ensure their data remains secure and their communications remain

FITARA also requires additional attention placed on data and cyber security both during procurement, and throughout the lifecycle. This necessitates the assurance and integrity of products purchased, developed, and managed to maintain world class standards for security and data. Consequently, Chief Data Officers have become a new addition to the ‘C Suite’ within the Federal government as FITARA’s impact on data integrity and consolidation become more apparent.

“The cyber security landscape has changed in the past couple of years – and not for the better” (Steen, 2013). Banks are faced with attacks to retrieve customer account information, the military battles with attempts to obtain secrets. These attacks are not just committed by induvial hackers but entire countries. Data privacy rules differ from country to country. For example, Fisher, 2014 states individual search engine access is restricted in different ways depending on the country. China along with other countries restrict access to politically sensitive information, while the United States protects the free flow of information (Gonzalez-Padron, 2014). With companies relying more on technology such as cloud computing and virtual storage their level of vulnerability rises. IT personnel have the difficult task of protecting company data, this is why it is vital to have an ethical compliance program in place protect the organization from internal and external threats.

This is an analysis memorandum proposing the use of Microsoft Access databases within our Security Division’s infrastructure. Many security managers are relying heavily on the use of Microsoft Excel spreadsheets in order to keep track of their personnel, security violations, inspection programs and training. While spreadsheets are effective means for complex calculations they are also limited in that they basically fall short in showing the relational qualities of security data in relationship to particular fields and queries. Not only do they fall short in

The top level management had failed to realize that Information Security is not a technical issue but a business issue and that it starts right from the CEO (Basie von Solmsa, Rossouw von Solmsb, 2004). Information security stresses on three main points namely Confidentiality, Integrity and Availability (CIA) .

a significant amount of data security breaches are due to either employee oversight or poor business process. This presents a challenge for businesses as the solution to these problems will be far greater than simply deploying a secure content management system. Business processes will need to be examined, and probably re-engineered; personnel will need to be retrained, and a cultural change may be required within the organization. These alone are significant challenges for a business. A recent example of what is probably unintentional featured an Australian employment agency’s web site publishing “Confidential data including names, email addresses and passwords of clients” from its database on the public web site. An additional

Information security professional’s job is to deploy the right safeguards, evaluating risks against critical assets and to mitigate those threats and vulnerabilities. Management can ensure their company’s assets, such as data, remain intact by finding the latest technology and implementing the right policies. Risk management focuses on analyzing risk and mitigating actions to reduce that risk. Successful implementation of security safeguards depends on the knowledge and experience of information security staff. This paper addresses the methods and fundamentals on how to systematically conduct risk assessments on the security risks of information systems.