To help prepare for the upcoming installation of computers in the dormitory buil

Question

To help prepare for the upcoming installation of computers in the dormitory buildings, the university president has asked you to provide more information on the importance of information security and the possible information in need of protection. The president has requested a document of 3–5 pages that includes the following information:

The importance of information security

What information needs protection

Types of threats that may be encountered and associated countermeasures

Description of one item of security hardware, and one piece of security software that can be used to secure organizational computer systems

An explanation regarding security related guidelines for access control and identity management

Explanation / Answer

Hi,

The information acts like a core for any organization. It is vital for any organization to maintain the confidentiality and integrity of the data. The information security performs important functions for an organization which is enables the safe operation of application implemented on the organization’s Information Technology (IT) systems, protect the data the organizations collects and use, safeguards the technology assets in use at the organization and lastly is protect the organization’s ability to function.

Information security is required due to below reasons-
1. The information security also enables the safe operation of application implemented on the organization’s Information Technology (IT) systems. This is because to protect the data, the organization will applied or install the appropriate software that will secure the data such as antivirus and others protected applications. So, information security is very important in an organization to protect the applications that implemented in organizations and protect the data store in computer as well. Besides protect the data, the application installed also need to be protect because it can contribute to information lost or damages.

2. Information security will protect the data the organization collects and used. If the information is left unprotected, the information can be accessed by anyone. If the information falls into the wrong hands, it can destroy lives, dropping business and can also be used to do harm. Information security programs will ensure that appropriate information is protected both business and legal requirements by taken steps to protect the organizations data. In addition, taken steps to protect organizations information is a matter of maintaining privacy and will help prevent identity theft.

3. This is especially important in a business environment increasingly interconnected, in which information is now exposed to a growing number and a wider variety of threats and vulnerabilities. Cause damage such as malicious code, computer hacking, and denial of service attacks have become more common, more ambitious, and more sophisticated. So, by implemented the information security in an organization, it can protect the technology assets in use at the organization.

Kinds of Information that need protection-
1. Personally Identifiable Information (PII) – Data that could potentially identify a specific individual. Any information that can be used to distinguish one person from another or when cross-referenced with other data sources could re-identify the previously anonymous person. Sensitive PII is information when disclosed, could result in harm to the individual whose privacy has been breached. Sensitive PII should therefore be encrypted in transit and when data is at rest.
Sensitive PII includes:
Biometric Information
Medical Information
License Number

2. Intellectual Property (IP) – Intellectual property (IP) generally refers to creations of the mind. In business, IP specifically calls out to sales and marketing plans, new product plans, notes associated with patentable inventions, customer and supplier information etc.
Types of Intellectual Property Rights
Patents
Copyright

3. Financial – Financial information is any information that can be unlawfully obtained during the offering or delivery of a financial product/service or processing of a purchase. The economic loss can be great when financial information combined with non-sensitive and /or sensitive PII leaks occur.
Types of Financial Information
Credit Cards
ACH Numbers
Bank Account Information

Types of IT Threats-

1. Viruses:
A computer program developed intentionally to corrupt the files, applications, data, etc. of a computer. It gets back door entry without the knowledge of the user, and exploits the system mercilessly.
Prevention:
Beware of downloading applications, files (mp3, mp4, gif, etc) from the sites and also from the attachments of the e-mails.
Need to regularly scanning the system also keep updating the virus scanning tools/software.

2. Phishing Threats:
Phishing means, when any website impersonates itself as a trustworthy and well established brand most probably to steal the information as well as money by misleading the online users. DNS farming attack, another type of phishing attack corrupts the DNS server because of which the client is automatically transferred to an imposter website.
Prevention:
1. Install updated version of antivirus tool.
2. Do not click blindly on the hyperlinks appearing in the e-mail that came from the unknown sources.

Security Hardware-
Some of the secure network navigators like Secure Global Solutions’ Network Navigator

Security Software-
Some of the anti-virus softwares and Firewalls fall under this category.

Related Questions

Navigate

• Browse (All)
• Browse T
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.