Key factors are:
(1) Policy: which deals with info security policies in place,
(2) Education: which deals with education of users on security related issues,
(3) Technology: which covers the technology used to implement security measures
(4) Confidentiality: confidentiality of info/data
(5) Integrity: addresses measures in place to ensure data integrity
(6) Availability: to ensure authorized users access to information in usable format
(7) Storage: issues dealing with data storage
(8) Processing: issues that cover the processing and handling of data
(9) Transmission: covers issues related to factors that influence transmission of data
These nine influencing factors can be modeled as a 3-dimensional cube as
…show more content…
When we consider the relationship among the three
dimensions represented by the axes shown.we have a 3 x 3 x 3
cube with 27 cells, where each cell represents an area of intersection among
the three dimensions that must be addressed.
In Exercise 1 you determine how you would address the different factors that impact
the security and protection of data/information pertaining to this class (such as student
information, student homework submissions, student discussion posts etc.) by
In the final phase, there were four metrics are difficult for me to understand includes the brand and market penetration, the share of requirements and the customer profitability. I could not confirm which data was represented the “Total Population” and I still confused about the meaning of share of requirements. Additionally, I have been unable to determine whether the last two columns of data (Category spending and Subcategory spending) in the dataset were used to calculate the Share of requirements formula. In my mind, the ‘80:20 rule’ usually refers to the 80% profits came from the 20% of customers, nevertheless, 20% of the customers would generate above 100% profits based on the analysis of “whale curve” (Čermák, 2015).
What is a dependency? Now that you have identified your critical IT assets, what are the dependency relationships between these assets?
determined that the three primary risks the company faces in protecting the data are as follows:
I feel like the three items from my list that best define digital life is smartphones. social media and google. Most people today have smartphones that they use to access social media anywhere and anytime. Google is perhaps one of the most used search engines available.
Other security elements are in reference to data recovery, database administration, handling a breach in security and administrative security policies such as access procedure, employee transfer and excessive user access. As I assume the role of the chief security officer, database designer, database administrator, and chief applications designer this project is very important to the armed services and the Virgin Islands National Guard as we strive to provide global security.
1. What are some of the emerging IT security technologies that should be considered in solving the Problem related to the case?
1.3 Explain the purpose of legal and organisational requirements for the security and confidentiality of information
2. How we handle the information and what security procedures are in line to protect against the misuse of information.
20. What are the three categories of information security controls? How is each used to reduce risk for the organization?
12. Why is a methodology important in the implementation of information security? How does a methodology improve the process?
Information security professional’s job is to deploy the right safeguards, evaluating risks against critical assets and to mitigate those threats and vulnerabilities. Management can ensure their company’s assets, such as data, remain intact by finding the latest technology and implementing the right policies. Risk management focuses on analyzing risk and mitigating actions to reduce that risk. Successful implementation of security safeguards depends on the knowledge and experience of information security staff. This paper addresses the methods and fundamentals on how to systematically conduct risk assessments on the security risks of information systems.
Security and Reliability are huge issues when we go through the readings, throughout the module we’ve seen countless examples of how reliability can go wrong, and how we aren’t so secure in cyberspace either. In a world where there are reports of hackers exploiting security systems and stealing personal data at even the most sensitive and important computer systems, it’s said that with the “proliferation of hacker tools” the computer systems we have today are less secure than the one’s we had ten years ago. (Garfinkel, 2012) My organization will be holding sensitive private user data such as credit card numbers and personal identifiable information like first and last names, email addresses, dates of birth, and so on. My organization will have to ensure that this data is secure from hackers and is on encrypted servers. We must also ensure the transmission of data when putting in financial information to purchase items is encrypted, to ensure that the data cannot be intercepted via local networks or cookies. Security of the user’s data is paramount, any breach of trust can lead to a loss of trust between the user and the organization, resulting in financial loss. Another issue the organization will have to deal with is ensuring employees do not have improper access to personal data, that disgruntled employees cannot leak or access information once they’ve been fired, and that employees are competent in security measures to ensure human error isn’t a reason for a data breach.
This case study is a practical application of all of the knowledge you have acquired from your courses in the networking curriculum over the past two years. It will allow you to demonstrate both your knowledge and experience in networking both academically and hands-on. It will also allow you to draw on what you have learned as you worked your way through the online Microsoft IT Academy Security course. It is intended to be used as first a mid-term examination and then will also be continued as your end of class project and final exam. It presents a thorough review of concepts and applications presented in courses you have taken while at JSRCC. To complete this case study, read the scenario below and
The objective of this assignment is to develop security policy for information resources of the ABCD University with major emphasis on compliance with the current laws and regulations, integrity and confidentiality of information, and reduced risks to potential threats.
Identifying threats and risks as well as understanding each helps improve a user’s chances of keeping information secure. After identifying the risks, there are four ways to deal with them; avoidance, acceptance, mitigation, and transfer. Another way to minimize