Culture and Information Systems Security

Verified

Added on 2023/06/03

AI Summary

This report discusses the importance of information system security (ISS) in small and medium-sized enterprises (SAME) and proposes a methodology to establish a safe and secure working environment. The report covers ISS initiatives, possible threats, and solutions, including accidental data corruption, loss of intellectual property, theft of information from hackers and employees, web site defacement, and software piracy. The report concludes that SAME must adopt information system safety as a standard step in their routine work management process to create a safe work environment.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running Head: Information Security 0
Information Security
Culture and Information system security
(Student Details:)
10/12/2018

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Information Security 1
Contents
Culture and Information Systems Security................................................................................2
Introduction................................................................................................................................2
Developing professionally secure culture through information system security.......................2
Accidental data corruption.....................................................................................................3
Loss of intellectual property...................................................................................................3
Theft of information from hackers.........................................................................................3
Theft of information by employees........................................................................................3
Web site defacement..............................................................................................................3
Software piracy..........................................................................................................................4
Conclusion..................................................................................................................................4
References..................................................................................................................................5

Information Security 2
Culture and Information Systems Security
Introduction
The purpose of this report is to apply academic knowledge about Information systems
security (referred as ISS) for analysing as well as planning ISS solutions for a small
organization.
This report aims to assess and apply that academic knowledge acquired to establish a safe as
well as secure working environment in small and medium-sized enterprises (referred as
SAME). Our proposed methodology will help to introduce and examine an information
security model well-suited for SAME.
Developing professionally secure culture through information system
security
Small enterprises pay little attention to cyber criminals, security threats, hackers, and
malicious insiders’ threats to their information system. Further, SAME are required to have
proper ISS strategies due to inadequate resources (Legg et al., 2015).
Our proposed method includes four ISS initiatives as below:
 Developing of automatic tools to analyse methodology, knowledgebase and heuristics
 Developing a multi-stage ISS risk analysis method as well as decision heuristics
 Developing decision heuristics for firm’s costs quantification
 Developing and maintaining knowledge base of possibility estimates related to threat
classes
The most needed practices comprise providing system security for firm’s internet connection,
protecting information systems from destruction by spyware, viruses, and other malicious
codes, use and timely activate firewalls software over all business systems, reinforcing all
operating systems and applications. If the company control physical entree to computers as
well as its network components, and will make backup documents of vital business data or
information then the ISS can be achieved (The Economic Times, 2018).

Information Security 3
To implement secure information system, securing wireless access point and all networks is
essential. Many possible ISS threats and their possible solutions for SAME can be explained
as:
Accidental data corruption
Corruption is unavoidable, hence rather than adopting ways to lessen the chances of its
occurrence; all PC owners of the small organization who prices their data must assume that
anytime their data can go MIA (Smith, 2014).
Loss of intellectual property
To prevent this loss, physical as well as digital protection is mandatory in small
organizations. Whether it is the server or the fusty paper archive place, lock all of such places
where sensitive data is kept. Additionally, keep eye on who has the keys of these locks. One
alternative solution of this ISS problem can be use of passwords and restrict employee entree
to chief databases (Behr & Slater, 2017).
Theft of information from hackers
Following practices can establish a secure information system:
 Download software only from certified, legal and authorized websites
 Scan hard drives thoroughly before running them
 Avoid keeping casual and easy passwords
 Do not store or share login info
 Never click on randomly received email attachments (Wall, 2018)
Theft of information by employees
By supervising employees, control generation of cash receipts, conducting informal audits,
installing computer security measures and managing inventory properly can avoid this threat
to ISS (Wall, 2018).
Web site defacement
To address this problem, when defacement occurs company should have a backup copy.
Moreover, take help from a monitoring service from those companies that are having
expertise in the area, so that defacement can be detected on time and re-established swiftly to
shrink the incurred losses (Legg et al., 2015).

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Information Security 4
Software piracy
This issue can be addressed by the SAME with the actions include: create and dispense a
software policy statement to all of the employees of the organization and execute software
audits on routine basis. Thus, all SAME should train their employees for basic ISS principles,
as well as limit authority to install any kind of software over computer systems of the
organization.
Apart from these desired actions, there are some recommend actions to address ISS solutions,
which a small organization should adopt in order to secure their business. These
recommended actions include Email Security, Web Security, Safe Online Business,
Downloading genuine and licenced software, Secure web surfing and Safe handling of social
engineering (Yeh & Chang, 2007).
Conclusion
In conclusion, SAME must apparently define information system safety as a standard step in
their routine work Management process. For creating safe work environment, safety rules
must be adopted in the way company work and also in our way of life. Organization taking
critical steps to secure as well as protect their digital assets can considerably reduce ISS
threats. Moreover, by using proper policies and solutions in place, the theft of organization’s
data can be totally eliminated.

Information Security 5
References
Behr, & Slater, , 2017. How to protect intellectual property? 10 tips to keep IP safe. [Online]
Available at: https://www.csoonline.com/article/2138380/loss-prevention/how-to-protect-
intellectual-property-10-tips-to-keep-ip-safe.html [Accessed 12 October 2018].
Legg, S.J., Olsen, K.B., Laird, I.S. & Hasle, P., 2015. Managing safety in small and medium
enterprises. Safety Science, 71(Part C), pp.189-96.
Smith, , 2014. What is Data corruption and how to prevent it. [Online] Available at:
https://www.makeuseof.com/tag/data-corruption-prevent/ [Accessed 12 October 2018].
The Economic Times, 2018. 5 simple tips to keep your business secure from cyberattacks.
[Online] Available at:
https://economictimes.indiatimes.com/small-biz/security-tech/security/5-simple-tips-to-keep-
your-business-secure-from-cyberattacks/articleshow/64568063.cms [Accessed 12 October
2018].
Wall, E., 2018. Cyber security threats and provisions for SMEs. [Online] Available at:
https://www.itproportal.com/features/cyber-security-threats-and-provisions-for-smes/
[Accessed 12 October 2018].
Yeh, Q.J. & Chang, A.J.T., 2007. Threats and countermeasures for information system
security: A cross-industry study. Information & Management, 44(5), pp.480-91.