Information Security | Task Report
A study guide and source of reference for Security Managers on the Security Institute Certificate in Security Management.
11 Pages2699 Words24 Views
Added on 2022-09-07
Information Security | Task Report
A study guide and source of reference for Security Managers on the Security Institute Certificate in Security Management.
Added on 2022-09-07
ShareRelated Documents
INFORMATION SECURITY 0
Information security
Information security
INFORMATION SECURITY 1
Task 1
Types of information
It is examined that information can be divided into major three categories
which are described below:
Oral/audible information
It is a part of the information that contains mobile or telephone
conversations over the public switched telephone network. It is determined
that oral information is a kind of computer-based information that includes
telephonic conversations among consumers. As a telephonic system is
mainly critical to the infrastructure of the company, the larger security
controls are linked with a computing network that can be applied in the
communication systems (Safa, Von Solms, and Furnell, 2016).
Printed information
Soomro, Shah, and Ahmed, (2016) examined that printed information covers
detail which is printed whether on paper and other material. It is also called
a hard copy used to distinguish it from computer-based data. In general, the
privacy problems relative to such material will be applicable to the legible
format shown on the computing shade.
Computer-based information
It is observed that computer-based information is processed and recorded
on any electronic automatic data processing network in the standalone
mode. Such kind of information systems contains the computing software
which runs networking and telecommunication functions. It is found that
the application software that manipulates the information is mainly
recorded electronically for usage by computerized devices (McCormac, et
al., 2017).
Task 1
Types of information
It is examined that information can be divided into major three categories
which are described below:
Oral/audible information
It is a part of the information that contains mobile or telephone
conversations over the public switched telephone network. It is determined
that oral information is a kind of computer-based information that includes
telephonic conversations among consumers. As a telephonic system is
mainly critical to the infrastructure of the company, the larger security
controls are linked with a computing network that can be applied in the
communication systems (Safa, Von Solms, and Furnell, 2016).
Printed information
Soomro, Shah, and Ahmed, (2016) examined that printed information covers
detail which is printed whether on paper and other material. It is also called
a hard copy used to distinguish it from computer-based data. In general, the
privacy problems relative to such material will be applicable to the legible
format shown on the computing shade.
Computer-based information
It is observed that computer-based information is processed and recorded
on any electronic automatic data processing network in the standalone
mode. Such kind of information systems contains the computing software
which runs networking and telecommunication functions. It is found that
the application software that manipulates the information is mainly
recorded electronically for usage by computerized devices (McCormac, et
al., 2017).
INFORMATION SECURITY 2
Points that need to be included in security policy
It is argued that security is a key problem faced by the companies and most
of the hackers produce unauthorized access that leads cyber-attacks. It is
suggested that companies should include training and education programs
in the security policy that can help to enhance understanding of security
threats in the employees. The developed policy should indicate the
commitment of higher management in order to fulfill the requirements of all
interested parties. The ISO standard should focus on the privacy of data
while developing policies and perform a security evaluation model for
protecting data against cyber-crimes (Sharma, Sharma, and Srivastva,
2017). It is recommended that companies should include firewalls and
encryption-related techniques where management can protect data and
reduce unauthorized access and malware signals effectively.
It is argued that the employees use third party networks and servers in the
computing networks that lead security issues. For handling such issues
companies should include policy related to the authentic server and aware
employees to use only secured servers. Moreover, the involvement of
security models and backup plans including cloud computing is significant
for enhancing the privacy of sensitive data and reducing unwanted signals
(Katrandzhiev, Hristozov, and Milenkov, 2019). The company should
establish a framework that contains complete detail about security risks,
risk factors that lead to data breach issues and prevention techniques.
Moreover, the management should focus on the risk factors and implement
security techniques such as biometric authentication, anti-phishing
technique, password-based system and so on. Therefore, all these points
should be included while developing security policies and ISO standards
that may help in the protection of data against hackers.
Baseline protection
Baseline protection is a kind of methodology that is mainly used to
determine and evaluate computer security measures in the companies. The
Points that need to be included in security policy
It is argued that security is a key problem faced by the companies and most
of the hackers produce unauthorized access that leads cyber-attacks. It is
suggested that companies should include training and education programs
in the security policy that can help to enhance understanding of security
threats in the employees. The developed policy should indicate the
commitment of higher management in order to fulfill the requirements of all
interested parties. The ISO standard should focus on the privacy of data
while developing policies and perform a security evaluation model for
protecting data against cyber-crimes (Sharma, Sharma, and Srivastva,
2017). It is recommended that companies should include firewalls and
encryption-related techniques where management can protect data and
reduce unauthorized access and malware signals effectively.
It is argued that the employees use third party networks and servers in the
computing networks that lead security issues. For handling such issues
companies should include policy related to the authentic server and aware
employees to use only secured servers. Moreover, the involvement of
security models and backup plans including cloud computing is significant
for enhancing the privacy of sensitive data and reducing unwanted signals
(Katrandzhiev, Hristozov, and Milenkov, 2019). The company should
establish a framework that contains complete detail about security risks,
risk factors that lead to data breach issues and prevention techniques.
Moreover, the management should focus on the risk factors and implement
security techniques such as biometric authentication, anti-phishing
technique, password-based system and so on. Therefore, all these points
should be included while developing security policies and ISO standards
that may help in the protection of data against hackers.
Baseline protection
Baseline protection is a kind of methodology that is mainly used to
determine and evaluate computer security measures in the companies. The
INFORMATION SECURITY 3
key significance of this process is to enhance the security of private data in
the business communities. It is examined that the term baseline protection
signifies standard security measures for information technology systems
used in the various context of businesses. Kusyanti and Sari, (2017) argued
that baseline protection includes standard security safeguards, aids for
various IT configurations and implementation processes. It is observed that
IT baseline protection is capable of aware consumers about security risks
and help companies to manage and address security threats effectively.
Baseline protection indicates numerous standard security measures as they
are referred to in the information technology schemes.
The major purpose of baseline protection is to satisfy normal protection
requirements and may serve as the basis for information systems. With the
help of baseline protection, it is possible to develop and implement
information security concepts effectively and economically. It is observed
that the enhanced protection may use secure networks and techniques in
the field of countermeasures where the companies can resolve security risks
and protect data from hackers (De, et al., 2015). Manage unauthorized
access is an effective countermeasure that can be used along with the
security evaluation. For example, Amazon uses a security model and
cryptography techniques for detecting unwanted signals and protecting
data against cyber-crimes effectively. The implementation of multiple
countermeasures may impact on the cost of security measures. For
example, developing and implementing a biometric system and security
framework in the organization require numerous hardware and networks
that are more expensive. Therefore, it is stated that the implementation of
baseline protection is beneficial for the companies to lead the privacy of
data.
key significance of this process is to enhance the security of private data in
the business communities. It is examined that the term baseline protection
signifies standard security measures for information technology systems
used in the various context of businesses. Kusyanti and Sari, (2017) argued
that baseline protection includes standard security safeguards, aids for
various IT configurations and implementation processes. It is observed that
IT baseline protection is capable of aware consumers about security risks
and help companies to manage and address security threats effectively.
Baseline protection indicates numerous standard security measures as they
are referred to in the information technology schemes.
The major purpose of baseline protection is to satisfy normal protection
requirements and may serve as the basis for information systems. With the
help of baseline protection, it is possible to develop and implement
information security concepts effectively and economically. It is observed
that the enhanced protection may use secure networks and techniques in
the field of countermeasures where the companies can resolve security risks
and protect data from hackers (De, et al., 2015). Manage unauthorized
access is an effective countermeasure that can be used along with the
security evaluation. For example, Amazon uses a security model and
cryptography techniques for detecting unwanted signals and protecting
data against cyber-crimes effectively. The implementation of multiple
countermeasures may impact on the cost of security measures. For
example, developing and implementing a biometric system and security
framework in the organization require numerous hardware and networks
that are more expensive. Therefore, it is stated that the implementation of
baseline protection is beneficial for the companies to lead the privacy of
data.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Cyber Defense in Web Based Attacks Report 2022lg...
|4
|728
|16
Assignment on Securing Enterprise Infrastructurelg...
|6
|1354
|16
Implementation of Different Firewall Technologies: Advantages and Disadvantageslg...
|6
|2344
|50
Cyber security Attacks | Assessment 1lg...
|7
|1374
|30
Assignment on Cyber Defense in Web Based Attackslg...
|7
|1418
|22
Ransomware & Malwarelg...
|5
|581
|276