Friday, December 6, 2019
IT Security and Technology Landscape Samples â⬠MyAssignmenthelp.com
Question: Discuss about the IT Security and Technology Landscape. Answer: Introduction The protection of data and information in the business organization is an integral part for the development of the organization in the market. The privacy of the data has shown many consequences in the organization. This report deals with various risks and security threats of the data and information in the organization. This report refers to three topics including IT security landscape, IT security models and controls and IT threat and risk assessment. This report outlines three topics in the IT risk management that helps in maintaining the privacy of the data and information. There are different techniques discussed in the report for managing the risks in the business organization. IT security and technology landscape The IT management in the organization have continuously enhancing the quality of the products and services in the market. The data and information in the company are maintained in the database of the company that helps in the progress of the company (Herath Herath, 2014). The use of the IoT has helped in maintaining the privacy of the data and information in the company. The companies prefer to have a cyber-insurance of their data and information that has helped in recovering the data in case of data loss. The security protocols involved in the databases server of the company are helping in maintaining the privacy of the company. On the other hand, Rieke et al., (2012) argued that the loss of the data and information cannot be recovered totally as there is a huge data breach during the cyber-attacks. Therefore, the IT risk assessment has been focusing on the reducing the threats of the cyber-attacks in the company. The IT risk management has also been focusing in the process of retr ieving the lost data and information in the company. IT security models and access controls Different types of access control models of the IT has been mentioned below: Role Based Access control The Role based access control (RBAC) model contains all the roles for permitting different types of tasks to the users in the organization. This model was developed for maintaining the administration of the company and handle the administrative challenges of the organization (Jaferian et al., 2014). There are various types of discussion roles are played in the DAC model that help in proper decision-making process of the company. This hierarchical model helps in reviewing each step in the decision-making process. The IT risks are properly analyzed in the RBAC model that helps in minimizing the cyber-attacks in the company (Kimwele, 2014). On the other hand, Rieke et al., (2012) argued that this model is unable to control the cyber-attacks as the model has no updating in the recent world. Therefore, various types viruses and malwares present in the server. This model has also recurring the process of securing the server of the data and information. The hierarchical order has put forwar d an opportunity for enriching the performance of model in market. IT security threat and risk assessment There are various IT risks and threats prevailing in the data and information of the company. These risks and security threats are mentioned below: Human Non-Human Hackers Theft (electronically and physically) Non-technical staff (financial/accounting) Accidental Inadequately trained IT staff Backup operators Technicians, Electricians Floods Lightning strikes Plumbing Viruses Fire Electrical Air (dust) Heat control Table 1: List of Risks These risks are arising in the normal conditions in the organization. Therefore, these risks are properly maintained in the companies for protecting their data and information (Angst et al., 2017). The risk assessment policies are developed in the organization for analyzing these risks in the company and find a proper solution for them (Vacca, 2012). Therefore, the risk assessment process helps in identification of the risks and developing strategies for mitigating it. There are three levels in the risks including high-level, medium-level and low-level (Bojanc, Jerman-BlaÃ
¾i?, 2013). These categorization of risks helps in identification of the strategies for minimizing the risks and security threats in the organization. The vulnerability of security threats helps in maintaining a proper risk assessment process in the organization. These processes has helped in analyzing proper strategies. The use of the firewalls and anti-virus software have helped in providing security to the IP address of the computer and the server of the company (Peltier, 2016). The database of the company in the server has been protected by using the firewalls and anti-viruses. The firewalls helps in restricting the unauthorized users and malwares from entering the server of the organization (Ackermann, 2012). A proper risk management in the organization has able to develop strategies that helps in minimizing the risks and security threats in the organization. The tracking system of the company has enhanced that helps in the maintaining the risks and security threats j the company. The hackers continues to attack the database server of the canny and tries to breach into the data and information. Therefore, the firewall help in restricting the hackers to breach into the cloud server. Conclusion It can be concluded that risks and security threats are prevailing in the companies. The security threats and risks in the management has gained a pivotal role in the organization. The RBAC model has helped in hierarchical approach of the risk assessment process in the organization. The three different topics in the IT security has able to analyses the vulnerabilities of the IT risks and security issues in the organization. The use of different models and theories in the risk assessment have helped in maintaining a positive approach for reducing the risks and data loss from the server of the company. Therefore, the need of the IT security in the organization is important for the success of the company in the market. References Ackermann, T. (2012). IT security risk management: perceived IT security risks in the context of Cloud Computing. Springer Science Business Media. Angst, C. M., Block, E. S., DArcy, J., Kelley, K. (2017). When do IT security investments matter? Accounting for the influence of institutional factors in the context of healthcare data breaches.MIS Quarterly. Bojanc, R., Jerman-BlaÃ
¾i?, B. (2013). A quantitative model for information-security risk management. Engineering Management Journal, 25(2), 25-37. Herath, H. S., Herath, T. C. (2014). IT security auditing: A performance evaluation decision model.Decision Support Systems,57, 54-63. Jaferian, P., Hawkey, K., Sotirakopoulos, A., Velez-Rojas, M., Beznosov, K. (2014). Heuristics for evaluating IT security management tools. HumanComputer Interaction, 29(4), 311-350. Kimwele, M. W. (2014). Information technology (IT) security in small and medium enterprises (SMEs). InInformation Systems for Small and Medium-sized Enterprises(pp. 47-64). Springer Berlin Heidelberg. Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for effective information security management. CRC Press. Rieke, R., Coppolino, L., Hutchison, A., Prieto, E., Gaber, C. (2012, October). Security and Reliability Requirements for Advanced Security Event Management. In MMM-ACNS (pp. 171-180).
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.