Guide on IT Security Awareness
Given that service sectors are growing faster than industrial industries, data and information possessed by an organization are regarded as important assets. In order to secure firm information, it is crucial to be able to recognize and manage system risks and vulnerabilities. High level expressions of organizational beliefs, goals, and objectives as well as the broad strategies for achieving them in relation to the safeguarding of corporate assets are referred to as security policies. On the other hand, organizations that have some kind of regulatory authority over certain professions and businesses are referred to as regulatory organizations. Among them are NIST, AEAA, NRC, etc. Potential risks to organization security include loss of data, corruption of data and having incompetent IT staff while potential threats include viruses, malicious software and theft from employees. The Software Development Life Cycle currently incorporates security in S-SDLC (Secure Software Development Life Cycle) to enable developers build more protected software and report security compliance while minimizing costs of development. Organizations are seen to fear adopting the cloud due to privacy issues, security issues and high bandwidth costs. Four methods to secure information assets include: Use of Strong passwords, encryption of information, installation of intrusion detection systems to alert owners about the information, and use of biometric systems to avoid unauthorized access.
Elements of a security policy include: purpose of the policy, scope, information security objectives, authority and access control policy, data classification, data support and operations etc. Encryption works by using a complex algorithm called a cipher to turn normalized data (plaintext) into a series of seemingly random characters (ciphertext) that is unreadable by those without a special key to decrypt it.
Some important certifications to have in security include: CompTIA Security+, Certified Ethical Hacker, and Certified Information Security Manager.
References
Merkow, M., & Briethaupt, J. (2014).Information security: Principles and practices(2nd ed.). Pearson Education.
How Does Encryption Work, and Is It Really Safe?. (2017).MakeUseOf. Retrieved 3 June 2017, from http://www.makeuseof.com/tag/encryption-care/
Key Elements of an Information Security Policy. (2017).InfoSec Resources. Retrieved 3 June 2017, from http://resources.infosecinstitute.com/key-elements-information-security-policy/#gref
Peltier, T. (2004).Information security policies and procedures(1st ed.). Boca Raton, FL: Auerbach Publications.
Rivard, F., Harb, G., & Meret, P. (2009).Transverse Information Systems(1st ed.). Hoboken: John Wiley & Sons.
Academic levels
Skills
Paper formats
Urgency types
Assignment types
Prices that are easy on your wallet
Our experts are ready to do an excellent job starting at $14.99 per page
We at GrabMyEssay.com
work according to the General Data Protection Regulation (GDPR), which means you have the control over your personal data. All payment transactions go through a secure online payment system, thus your Billing information is not stored, saved or available to the Company in any way. Additionally, we guarantee confidentiality and anonymity all throughout your cooperation with our Company.