logo

ITC596 - IT Risk Management - Case study of Aztek company

   

Added on  2020-03-04

18 Pages4571 Words103 Views
ITC596 - IT Risk Management - Case study of Aztek company_1
Aztek – Risk Assessment & ManagementExecutive SummaryAztek is an Australian company that provides its customers with the financial services and solutions.With the expansion of the number of customers and clients, the requirements that Aztek needs to fulfill isalso increasing at the same pace. To fulfill the increasing demand and maintain the expansion of theorganization, there are various recommendations that have been put forward by the senior officials atAztek. Out of the several different projects that have been proposed by the senior administration at Aztek,the one that has been selected for implementation is Bring Your Own Devices (BYOD). With this project,there are many risks that may emerge in the areas of information security, database security, networksecurity, device security and many others. The report covers the risk assessment of the risks associatedwith Aztek along with the financial review, security review and the risk register. The information of datasecurity has also been covered in the report. Findings and RecommendationsThe risks that have been identified and assessed for Aztek belong to the data and information risks alongwith the risks associated with the devices and the networks (Cioupdate, 2016). There are various countermeasures that have been recommended to put a check on all such risks andthreats. One of the basic measures that have been suggested is the advanced access control andauthentication. There are many access control mechanisms that have been created such as role basedaccess control, attribute based access control and many more. These access control mechanisms shall beapplied in Aztek so that the users that are privileged to access the information are provided with theaccess for the same. These access control schemes shall be made applicable on all the services and theapplications that are installed on the devices of the employees.There are also various measures that have been developed in the area of identity management andauthentication. These measures shall include multi-fold authentication with the use of mechanisms suchas One Time Passwords (OTPs) and biometric identification. The combination of these measures willmake sure that only the authorized users have the authentication and authorization to access theinformation. The use of the company tools and applications by the family members and the friends of theemployees will be avoided with this practice and control measure. There are numerous technical and logical advancements that have been coming up in the area of security.These advancements shall be utilized for the maintenance and protection of the security of all the assets ofthe organization. 2
ITC596 - IT Risk Management - Case study of Aztek company_2
Aztek – Risk Assessment & ManagementThere are advanced and automated tools that have been developed such as data analytics tools fordetecting the patterns and trends that are associated with the attacks. There are also tools for the detectionand prevention of the intruders. Also, there are automated tools for the monitoring and control of thenetwork activities and operations. It is necessary to maintain the logs as well for making sure that thesecurity of the services and applications is ensured. These logs will be captured automatically by thesetools which will then be analyzed by the analytics tools. There are tools that have been developed for the backing up of the data along with the recovery of thedata in case of an attack. Encryption of the information is another measure that shall be ensured so that the attackers do not succeedin making use of the data and information at any time. There are various algorithms that are present forthe encryption of information such as advanced encryption algorithm. These shall be used and appliedacross all the data and information sets. 3
ITC596 - IT Risk Management - Case study of Aztek company_3
Aztek – Risk Assessment & ManagementExecutive Summary.....................................................................................................................................2Introduction.................................................................................................................................................5Organization Description.........................................................................................................................5Project Overview.....................................................................................................................................5Financial Services Review...........................................................................................................................5Project Description from Financial Perspective.......................................................................................6Project Impact on Current Security Infrastructure.......................................................................................7Risk Assessment..........................................................................................................................................9Risk Management Process.......................................................................................................................9Risk Register.........................................................................................................................................10Data Security.............................................................................................................................................13Conclusion.................................................................................................................................................14References.................................................................................................................................................164
ITC596 - IT Risk Management - Case study of Aztek company_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Aztek: Risk Management & Assessment
|18
|4841
|31

Aztek Risk Management & Assessment
|18
|5082
|30

Aztek: IT Risk Management Bring Your Own Devices (BYOD)
|20
|5080
|285

Report on IT Risk Management for Aztek
|17
|4994
|31

Aztek IT Risk Assessment Case Study September 26 2017 Aztek Financial Services
|17
|5482
|245

Bring Your Own Device (BYOD) Project Description: Aztek Corporation
|20
|5312
|490