Ask a question from expert

Ask now

Assignment On Information Security (Docs)

13 Pages2309 Words96 Views
   

Added on  2020-10-22

Assignment On Information Security (Docs)

   Added on 2020-10-22

BookmarkShareRelated Documents
Information Security
Assignment On Information Security (Docs)_1
TABLE OF CONTENTSINTRODUCTION...........................................................................................................................1COMPANY OVERVIEW ..............................................................................................................1QUESTIONS ..................................................................................................................................1A. Strategic security policy .........................................................................................................1B. Potential security threats and vulnerabilities ..........................................................................3CONCLUSION ...............................................................................................................................5REFERENCES ...............................................................................................................................6
Assignment On Information Security (Docs)_2
INTRODUCTIONInformation security is defined the approach to secure the valuable information assets ofthe organisation and to sustain its confidentiality, integrity and availability. Almost everybusiness service provider uses database or other modes of managing information throughtechnology. Though this approach has improved the quality of work, feasibility and profitabilityby managing time and cost but it has experience several security threats (Peltier, 2016). Securityissues such as unauthorised access, data breach can cause huge losses to business and privacy ofthe individuals and organisation. This report will analyse the key security risks and themitigation strategies for Bunnings warehouses which is one of the leading household hardwarechain. It will also provide a strategic security plan for improving the security of organisationalinformation assets. COMPANY OVERVIEW For carrying out the analysis of significance and methods of information security in thisstudy an organisational review of Bunnings Warehouse is chosen. Recently the organisationexperienced a lot of negative criticism due to its failure to assure the privacy concerns. BunningsWarehouse is a retailer in hardware sector with its headquarter in Australia. The organisationalso provides its services in more than 250 locations. Since the organisation is retail store chainits potential stakeholders are local communities along with its employees and suppliers.Bunnings Warehouse is very successful in Australia and holds 20% market share in Australia.The information management and use of effective technologies plays critical role in sustainingperformance of the company. Organisation is a public company and thus its investors and shareholders are also its key stakeholders. QUESTIONS A. Strategic security policy For making the information system of Bunnings Warehouse very effective and securefrom the information security threats organisation must emphasis on developing strong securitypolicy. On the basis of nature of its stakeholders Bunnings Warehouse can use the followingstrategic security policy: 1
Assignment On Information Security (Docs)_3
Objective: The objective of this security policy is to assure that none of the sensitive businessinformation of the company is vulnerable to unauthorised access or security risk. It will helporganisation to maintain its goals of sustaining operational integrity, resource availability andconfidentiality. Scope: These security policies are applied to customers, staff members, suppliers as well aslocal vendors providing networking services to the organisation. Assets and their management: IT department of Bunnings Warehouse is responsible for the installation and up-gradation of all software's. The team will also perform and provide the access of specific webaddresses to the users, annual maintenance and asset allocations. Access control and password management: The organisation must monitor each and every activity of the employees. For highlysensitive information Bunnings Warehouse can use biometric security while for other strictpasswords must be used by all the users. Certain web links or websites can be related tophishing or other hacking events (Soomro, Shah and Ahmed, 2016). Such sites must berestricted for the usage from the network of the company. This access management will greatlyminimise the security threats from the external environment. Antivirus and threats management: It is the responsibility of the security management team to assure that all suitablemeasures are taken for managing the cyber and networking attacks. This can be achieved byusing the most advanced firewalls and antivirus systems. The encrypted devices can also bevery helpful for keeping the information safe from unauthorised hacking. The lack of thissecurity aspect can cause huge loss to the company's security goals. Security training: The information security can be improved to great extent if all end users are aware withthe security threats and policies. Thus, Bunnings Warehouse must provide training to all of itsemployees so that they can follow the safe practices. It will also minimise the events such ashacking which often occurs due to negligence of the end users. Internet usage policy: 2
Assignment On Information Security (Docs)_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Information Security Management: Risks, Prevention, and Frameworks
|11
|2362
|381

Information Governance and Cyber Security (Part 2)
|12
|3275
|90

Risk Assessment for Cyber Security Management - Desklib
|13
|3482
|205

Target Data Breach: Threats, Protections, and Legal/Ethical Issues
|8
|1725
|99

Information Security: The Royal Children's Hospital
|11
|3171
|107

Personal Privacy and Security: Threats, Solutions, and Ethical Conduct in IT Security Profession
|20
|1848
|225