MGMT6013 Managing Information System | Security Policy
Added on 2022-01-27
14 Pages4311 Words36 Views
INFORMATION SECURITY POLICY
1
Managing information system
1
Managing information system
INFORMATION SECURITY POLICY
2
Executive summary
Security of information is a very serious problem in this modern generation and
most the consumers use internet connectivity to share data due to which the issue of
security threats increases. In the last five years the information and technology changed
the way of communication and Xero used advanced communication networks to transfer
data from one place to another. The main problem faced by this organization is security
and privacy issue due to which their employees are facing data breach and malware attack.
The main objective of this report is to develop security policies for Xero to address the
potential threats and vulnerabilities related to computer networks. Xero is a New Zealand
company that provide information technology services to their customers and also provide
software as a service. There are many security threats occur in an information system, for
example, malware attack, denial of service attack, sniffer, and computer viruses and many
more which will be discussed in this report. With the help of this report, readers can
increase their knowledge in the sector of information security. Xero should adopt security
tools and processes, for example, encryption, firewall, and cryptography and robust
technique by using this method they can avoid the issue of data breach and cyber-attacks.
2
Executive summary
Security of information is a very serious problem in this modern generation and
most the consumers use internet connectivity to share data due to which the issue of
security threats increases. In the last five years the information and technology changed
the way of communication and Xero used advanced communication networks to transfer
data from one place to another. The main problem faced by this organization is security
and privacy issue due to which their employees are facing data breach and malware attack.
The main objective of this report is to develop security policies for Xero to address the
potential threats and vulnerabilities related to computer networks. Xero is a New Zealand
company that provide information technology services to their customers and also provide
software as a service. There are many security threats occur in an information system, for
example, malware attack, denial of service attack, sniffer, and computer viruses and many
more which will be discussed in this report. With the help of this report, readers can
increase their knowledge in the sector of information security. Xero should adopt security
tools and processes, for example, encryption, firewall, and cryptography and robust
technique by using this method they can avoid the issue of data breach and cyber-attacks.
INFORMATION SECURITY POLICY
3
Table of Contents
Executive summary.....................................................................................................................................2
Introduction.................................................................................................................................................4
Overview of Xero.........................................................................................................................................4
Information security policies for Xero.........................................................................................................4
Upgrade security system.........................................................................................................................6
Operating security devices......................................................................................................................6
Password management system...............................................................................................................6
E-mail and messages security..................................................................................................................7
Upgrade the encryption approach...........................................................................................................7
Use of a digital certification.....................................................................................................................7
Authentication process............................................................................................................................7
Limited login attempts.............................................................................................................................8
Fraud protection software.......................................................................................................................8
Security threats and risk associated with Xero............................................................................................8
Unauthorized access................................................................................................................................8
Computer viruses....................................................................................................................................9
Denial of service attack............................................................................................................................9
Malicious attack.......................................................................................................................................9
Sniffers.....................................................................................................................................................9
Mitigation or recommendation.................................................................................................................10
Conclusion.................................................................................................................................................10
References.................................................................................................................................................12
3
Table of Contents
Executive summary.....................................................................................................................................2
Introduction.................................................................................................................................................4
Overview of Xero.........................................................................................................................................4
Information security policies for Xero.........................................................................................................4
Upgrade security system.........................................................................................................................6
Operating security devices......................................................................................................................6
Password management system...............................................................................................................6
E-mail and messages security..................................................................................................................7
Upgrade the encryption approach...........................................................................................................7
Use of a digital certification.....................................................................................................................7
Authentication process............................................................................................................................7
Limited login attempts.............................................................................................................................8
Fraud protection software.......................................................................................................................8
Security threats and risk associated with Xero............................................................................................8
Unauthorized access................................................................................................................................8
Computer viruses....................................................................................................................................9
Denial of service attack............................................................................................................................9
Malicious attack.......................................................................................................................................9
Sniffers.....................................................................................................................................................9
Mitigation or recommendation.................................................................................................................10
Conclusion.................................................................................................................................................10
References.................................................................................................................................................12
INFORMATION SECURITY POLICY
4
Introduction
Information security policy is defined as a set of policies which is used by an
organization to secure and private their data or information. The security of information is
one of the crucial problems in this modern generation and most of organizations are facing
the issue of cyber-attack. It is observed that the rate of cyber-crimes is growing very fast
and lack of security is a big problem that increases such kind of threats. The main objective
of this report is to develop information security policies for Xero organization and analysis
the risk associated with this organization. Xero is a software development organization that
provides information and technology services to their consumers but this company is
facing various cyber-threats such as malware attack, denial of service attack and many
more. This report is producing security policies that address the threats and vulnerabilities
faced by Xero organization and also describing the various kinds of cyber security threats.
Overview of Xero
It is a New Zealand public organization which offers cloud-based services to small
and medium companies. Xero organization has many offices in Australia, United State, and
the U.K. and South Africa and this is listed on the Australian securities exchange. The
products of this organization are completely based on software as a service and the main
headquarter of Xero is placed in New Zealand. In the year 2016, it opened their first Asia
office in Singapore and it provides accounting software products to their consumers and
most of the small business sectors use this accounting software to improve the efficiency of
the business. The main problem faced by this organization is that they are not able to
handle malware and DDOS attack due to which they lost their personal information's. In
the year 2017, this hacker attacked this organization and they produced 1 Tb traffic signals
and transferred on their computer networks. Due to which around 15 minutes their
websites went to down and consumers did not access their accounts. To avoid such kind of
problems Xero organizations require modern security tools and technologies and they can
develop security policies to handle security threats.
Information security policies for Xero
Information security policy is a set of rules and regulation enacted by a company to
ensure that their employees and workers use authentic servers and networks and it also
helps to address the security-related issues (Bulgurcu, Cavusoglu, & Benbasat, 2010). Xero
is a kind of IT organization that provides communicates with numbers of consumers in
every hour for which they require to secure the data or information. To avoid the issue of a
data breach this report will develop security policies and strategies and this section will
identify the methods to improve the security of data.
4
Introduction
Information security policy is defined as a set of policies which is used by an
organization to secure and private their data or information. The security of information is
one of the crucial problems in this modern generation and most of organizations are facing
the issue of cyber-attack. It is observed that the rate of cyber-crimes is growing very fast
and lack of security is a big problem that increases such kind of threats. The main objective
of this report is to develop information security policies for Xero organization and analysis
the risk associated with this organization. Xero is a software development organization that
provides information and technology services to their consumers but this company is
facing various cyber-threats such as malware attack, denial of service attack and many
more. This report is producing security policies that address the threats and vulnerabilities
faced by Xero organization and also describing the various kinds of cyber security threats.
Overview of Xero
It is a New Zealand public organization which offers cloud-based services to small
and medium companies. Xero organization has many offices in Australia, United State, and
the U.K. and South Africa and this is listed on the Australian securities exchange. The
products of this organization are completely based on software as a service and the main
headquarter of Xero is placed in New Zealand. In the year 2016, it opened their first Asia
office in Singapore and it provides accounting software products to their consumers and
most of the small business sectors use this accounting software to improve the efficiency of
the business. The main problem faced by this organization is that they are not able to
handle malware and DDOS attack due to which they lost their personal information's. In
the year 2017, this hacker attacked this organization and they produced 1 Tb traffic signals
and transferred on their computer networks. Due to which around 15 minutes their
websites went to down and consumers did not access their accounts. To avoid such kind of
problems Xero organizations require modern security tools and technologies and they can
develop security policies to handle security threats.
Information security policies for Xero
Information security policy is a set of rules and regulation enacted by a company to
ensure that their employees and workers use authentic servers and networks and it also
helps to address the security-related issues (Bulgurcu, Cavusoglu, & Benbasat, 2010). Xero
is a kind of IT organization that provides communicates with numbers of consumers in
every hour for which they require to secure the data or information. To avoid the issue of a
data breach this report will develop security policies and strategies and this section will
identify the methods to improve the security of data.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Developing Information Security Policies for Xerolg...
|14
|4396
|167
IS Security and Risk Management Assignment PDFlg...
|10
|3410
|84
Cyber Security and IT Infrastructure: Challenges and Solutionslg...
|4
|723
|396
(Solved) Cyber security challenges Assignmentlg...
|8
|2715
|216
Cyber Security: BYOD Risk Assessment, Certificate-based Authentication, and Anti-phishing Guidelinelg...
|9
|2240
|285
Demonstration of a Cyber Security Threat: Ransomwarelg...
|19
|815
|500