StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Securing and Protecting Information - Coursework Example

Cite this document
Summary
The paper "Securing and Protecting Information" focuses on the discussion of various issues that are involved in securing and protecting information. With the increased use of information technology locally and globally, there has been an increased sharing of information among individual users and firms…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93% of users find it useful
Securing and Protecting Information
Read Text Preview

Extract of sample "Securing and Protecting Information"

Running head: securing and protecting information 16th January Introduction With the increased use of information technology locally and globally, there has been an increased sharing of information among individual users and firms. As a result, information security, which entails the practice of defending information from unauthorized parties, has been a major issue among the organizations. Securing of networks is a process that has continuously been applied by individual and firms. Within the network, vast and evolving collection of threats has been noted to compromise and exploit the weaknesses of organizations. For example, worms and viruses are able to propagate through sharing of networks and e-mails. Another major issue that is being experienced in networks is the phishing attacks that try to lure the users to provide personal information such as credit cards information and bank account details. In any organization be it in the hospitality or business industry, data security is fundamental. New and existing organizations should regularly undertake data security review in order to ensure that data is safe from any loss. The three predominant principles of information protection are confidentiality, integrity and availability. This paper seeks to discuss various issues that are involved in securing and protecting information. Defining classified information One of the main challenges that face a number of firms even before securing the classified information is classification of the information. It is vital to note that despite the importance of the information in the organization, all the information cannot be treated in the same way. Organizations should maintain a sustainable and clear policy of information classification. Some of the major issues that should be included in the policy include identifying the individual who assign the original classification once the data is created, the person responsible to storing the data, and the process for declassifying information among other duties (Pipkin, 2000). Notably, the role of information classification should be limited to Information Technology department but all the managers concerned should be involved. This is based on the fact that information that seems to be vital to a manager for example in the marketing department may not be important to a manager in the maintenance department. This implies that individuals or department that understands the importance of the information should be fully involved in the classification. Information handling policy and methods of maintaining data cannot therefore be overlooked to avoid making the software and hardware less effective. Protecting classified data In an organization, there is major information that should only be accessed by authorized individuals and which should be stored on the internal network only. These include financial projections, information regarding upcoming marketing activities, data touching on employee’s compensation, and source codes for the applications being developed by the firm among others. As a result, there is need for managers to ensure that such information is secured. First, they should ensure that there is restriction in accessing the information through the use of directory rights and permissions. Sensitive and classified data should be locked down thus ensuring that only those who have the need to use that information can access it. Similarly, not everyone in an organization who needs that stored information can have full access. There is need to ensure that some individuals are given the permission by the concerned managers to avoid jeopardizing the organization’s operations. It is worth to note that despite the security that an organization on its information, data can leave the network for example by being copied onto a USB flash drive, sent by email or by being downloaded. Such information should therefore be encrypted. Additional protection of encrypting the information benefits an organization in the sense that unauthorized parties are not able to view the information or to access the data. In the contemporary times, the demand for laptops has gone high. This has resulted to increased cases of stolen or lost laptops. This has resulted to increased security compromises leading to adoption of full disk encryption tools by organizations as a way of guaranteeing maximum security of their data. Apart from restricting information accessibility, firms can use other tool to monitor and protect classified data from inadvertent leakage from the networks. These tools can be in the form of software and hardware, and as the need for more protection becomes stiff, more tools are being developed. In the side of software, firms like Tenable Security, a US based network security, established the Nessus Vulnerability Scanner. The role of the scanner is to detect important data and information that is unprotected in the network an aspect that makes it to be accessible by any one. Thorough the subscription of the Nessus Direct Feed, the users are in a position to establish ways to deal with the information that can be compromised. Notable software that can be used by organizations is Windows Rights Management Services (RMS). Though this solution, clear and specific rights to the data notwithstanding the destination of the information. For example, RMS can be applied to regulate the ability of individuals not only to forward sensitive data, but also to print it. Similarly, in a case where a worker stores the information in a portable media and takes it to some other places, the organization can limit his or her access to the information by the use of RMS thus ensuring that the worker does not access the information. Security for devices One of the major causes of information leakage either though the managers or employees offices is lack of security of the devices they use during their activities. The first method of securing their devices is through the use of security software. This can be done installing firewall, anti-virus software and anti-spyware software. This should be followed by setting their own preferences thus ensuring that protections are updated. The second security issue is to avoid phishing emails. It is recommended that employees should not open download programs from unknown sources (Tony, 2007). In this way, they avoid providing passwords and other corporate information to a spyware or to the computer virus. It is vital for employees and managers to be wise about Wi-Fi. Before the parties send information in an area with public wireless network for instance library, hotel, and coffee shop among others, it is vital to identify whether the information will under protection. In the modern times, individuals and firms have turned to using laptops to transact financial transactions. In this case, individuals should not use automatic login feature that saves their passwords and names and once they are through with their devices, the users should log off. In this way, it will be difficult for a thief to obtain the internal information in case the laptop is stolen. Conclusion Based on the above discussion, it is clear that security and protection of information cannot be overlooked if any firm aims at retaining its competitiveness. During their duties, employees and managers should be guided by the policies of confidentiality, integrity and availability. Before coming up with ways of securing the classified information, organizations should establish the roles and individuals who are involved in information classification depending on the importance of the information to the managers. Some of the notable methods of securing classified information that firms should adopt includes use of directory rights and permissions, encrypting the information, Nessus Vulnerability Scanner, and Windows Rights Management Services. Within the working areas or while outside, managers and employees should ensure maximum security of their devices and information. This involves use of security software, avoiding phishing emails, being wise about Wi-Fi and using passwords. Such security measures will close any loophole that the unauthorized parties and competitors can use to access corporate information. References Pipkin, D. (2000). Information security: Protecting the global enterprise. New York: Hewlett-Packard Company. Tony, B. (2007). Securing Sensitive Information: Protecting Your Network Against Information Leakage. Available from http://technet.microsoft.com/en-us/library/cc512673.aspx Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Securing and Protecting Information Coursework Example | Topics and Well Written Essays - 1250 words, n.d.)
Securing and Protecting Information Coursework Example | Topics and Well Written Essays - 1250 words. https://studentshare.org/information-technology/1856448-securing-and-protecting-information
(Securing and Protecting Information Coursework Example | Topics and Well Written Essays - 1250 Words)
Securing and Protecting Information Coursework Example | Topics and Well Written Essays - 1250 Words. https://studentshare.org/information-technology/1856448-securing-and-protecting-information.
“Securing and Protecting Information Coursework Example | Topics and Well Written Essays - 1250 Words”. https://studentshare.org/information-technology/1856448-securing-and-protecting-information.
  • Cited: 0 times

CHECK THESE SAMPLES OF Securing and Protecting Information

Secure Computer Systems

"Improving data protection reduces risks associated with breaches and will enhance confidence in the government's ability to protect citizens' privacy and personal information, while simultaneously enabling greater efficiency in the delivery of e government services.... "Improving data protection reduces risks associated with breaches and will enhance confidence in the government's ability to protect citizens' privacy and personal information, while simultaneously enabling greater efficiency in the delivery of e government services....
2 Pages (500 words) Essay

Conflict and Ethical Issues

After getting an intelligence lead the agency starts hunting for more information.... At this crucial moment do we expect that the agency will come out with public pronouncements detailing the kind of intelligence input the agency has got, and the kind of information the agency requires to further pursue the matter Things are done in a hush-hush manner, so that the conspiring parties don't realize that their plans are being sniffed.... After getting an intelligence lead the agency starts hunting for more information....
2 Pages (500 words) Essay

Balancing Effectiveness vs Efficiency within the Business

In order for companies to regain the capital they invested it becomes necessary that they identify opportunities that would deliver returns… The challenge is basically to embrace the available opportunities while at the same time ensure that the company operates within the preset operational margins with minimal costs....
12 Pages (3000 words) Essay

What works in Security laws (Summary)

The laws protect companies from exposing all information on the company before its public offering (LaPorta, Lopez-de-Silanes & Shleifer, 2004).... According to LaPorta, Lopez-de-Silanes & Shleifer (2004) security laws are aimed at protecting both the organization and the shareholders....
1 Pages (250 words) Essay

Security Threats and Defenses

Consequently, every company is at a… The employees will not only learn about the importance of protecting information but will also familiarize themselves with laws and policies which strongly prohibit sharing of confidential information such as Security Threats and Defenses Need for security measures.... Protecting confidential informationThe employees will not only learn about the importance of protecting information but will also familiarize themselves with laws and policies which strongly prohibit sharing of confidential information such as passwords to computers....
1 Pages (250 words) Essay

Server Malware Protection Policy

Many companies have had their data corrupted, and some have even lost their confidential information.... The scanning of the files will aid in protecting the computer from being attacked by the viruses that may lead to the loss of data.... It is thus significant for a company to develop a server malware protection… The thesis of this paper is to look at ways of dealing with the various forms of malware that corrupt data. Malware refers to a malicious software that is designed to infiltrate, do wrong or unwanted Examples of such malware are Viruses, Worms, Trojan horses, Spyware, and Rogue security software....
4 Pages (1000 words) Assignment

Protecting Information Resources

A highly discouraged protecting information Resources Two examples of a computer crime or fraud include infiltrating computer system and inserting a virus or other pollutant into a computer network.... ourthly, shredding documents with one's personal information or numbers is a critical and safe way of disposing it.... One hinders identity thieves from getting personal information from one's trash by shredding document such as preapproved cards, checks, bank declarations, and deposit slips....
1 Pages (250 words) Assignment

Ethical, Legal, and Professional Issues in Computing

hellip; Safeguarding critical information in an organization involves securing it and keeping it in the right hands with the aid of information technology tools and by following important data protection protocols or policies.... Changes in communication and storing information also raised a number of issues regarding the security and protection of organizational information assets.... Achieving a secure platform for storing information (with security and privacy) has become more difficult due to various tools used and actions carried out by the miscreants including hacking....
5 Pages (1250 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us