Security: Protecting Information Systems and Data
Added on 2023-04-05
14 Pages2209 Words498 Views
Running Head: Security 0
Security
Individual task
Student name
Security
Individual task
Student name
Security 1
Answer 1:
Information Security Management System (ISMS) is necessary to secure an Information System.
Different issues arise in security of Information System. Therefore, it is necessary to secure
Information System form different types of security risks. ISO 27001 is an international standard
to secure organizations from many types of security issues because of vulnerabilities of system
(iso27001security.com, 2019).
Highlander Computing Solutions Limited is an IT company, which is provides solutions to
different clients for their security related to data (highlanderuk.com, 2019). It is a common thing
in present world that organization follows security standards to manage different things as well
as protect from huge risks to the organization. It is necessary to establish security policy to avoid
risks to information assets of the organization.
Highlander Computing Solutions Limited is having ISO 27001 certification to secure their
different resources. Information System (IS) of any organization is a backbone of that
organization. Therefore, there should be proper security policy to avoid risks, and if any risk
occurred in the system then there is a solution for that particular risk ( Giandomenico & Groot,
2018).
Highlander Computing Solutions Limited is having responsibility of different client’s data and
security of their products and services from cyber-attacks. Physical security is necessary to
Information System because of many security reasons. Information Systems is having different
devices for connectivity and data transfer. Therefore, there should be high and tight security
maintained by the organization (pressbooks.com, 2019).
Some security rules are here:
1. No one can enter without permission
2. Access level should be there for security purposes
3. Proper damage recovery
4. Internal and external people take entry with all the procedure
In below figure a process of ISMS system implementation is shows.
Answer 1:
Information Security Management System (ISMS) is necessary to secure an Information System.
Different issues arise in security of Information System. Therefore, it is necessary to secure
Information System form different types of security risks. ISO 27001 is an international standard
to secure organizations from many types of security issues because of vulnerabilities of system
(iso27001security.com, 2019).
Highlander Computing Solutions Limited is an IT company, which is provides solutions to
different clients for their security related to data (highlanderuk.com, 2019). It is a common thing
in present world that organization follows security standards to manage different things as well
as protect from huge risks to the organization. It is necessary to establish security policy to avoid
risks to information assets of the organization.
Highlander Computing Solutions Limited is having ISO 27001 certification to secure their
different resources. Information System (IS) of any organization is a backbone of that
organization. Therefore, there should be proper security policy to avoid risks, and if any risk
occurred in the system then there is a solution for that particular risk ( Giandomenico & Groot,
2018).
Highlander Computing Solutions Limited is having responsibility of different client’s data and
security of their products and services from cyber-attacks. Physical security is necessary to
Information System because of many security reasons. Information Systems is having different
devices for connectivity and data transfer. Therefore, there should be high and tight security
maintained by the organization (pressbooks.com, 2019).
Some security rules are here:
1. No one can enter without permission
2. Access level should be there for security purposes
3. Proper damage recovery
4. Internal and external people take entry with all the procedure
In below figure a process of ISMS system implementation is shows.
Security 2
Source: (ins2outs.com, 2019)
Source: (ins2outs.com, 2019)
Security 3
Answer 2:
Physical attacks are common in the information. However, physical attacks are also damage the
business of an organization. Backup data is necessary to business continuity. Therefore, it is
necessary to provide full physical protection to the information system as well as backup
services. There are few types of physical attacks and their solutions (DCSL, 2018).
Theft
The loss of important hardware, software, or data can have significant effects on an
organization’s effectiveness .Theft can be divided into three basic categories: physical theft, data
theft, and identity theft (NCSC, 2019).
Hardware is an important part of an information system. Therefore, it is require a high security
system that protect IS from unauthorized access. It is compulsory to create lock system to all the
hardware parts of an Information System. Damages of hardware can make significant effects on
effectiveness of an organization.
Criminals can theft the hardware, such as hard disk, RAM, processor, any many other things of a
computer system, because of their small size and high cost. Physical theft results in the loss of
data stored on the hard drives of information system. Because of physical theft, organization can
face loss of confidentiality and reliability of users. Therefore, it is necessary to secure physical
devices through wall and locks in a building. Server is always in custody of human being as well
as mechanical locks (risk.net, 2018).
Accidents
Accidents are major issues in front of organization and their information system. It has
happened, because of human errors. Ignorance of the security can convert into accidents most of
time. Therefore, it is necessary to secure the premises of information system’s hardware. It is
necessary to have a security channel to enter in the premises. Without purpose no one can entry
in that premises. It can avoid accidents and provide more security to the system ( Giandomenico
& Groot, 2018).
Answer 2:
Physical attacks are common in the information. However, physical attacks are also damage the
business of an organization. Backup data is necessary to business continuity. Therefore, it is
necessary to provide full physical protection to the information system as well as backup
services. There are few types of physical attacks and their solutions (DCSL, 2018).
Theft
The loss of important hardware, software, or data can have significant effects on an
organization’s effectiveness .Theft can be divided into three basic categories: physical theft, data
theft, and identity theft (NCSC, 2019).
Hardware is an important part of an information system. Therefore, it is require a high security
system that protect IS from unauthorized access. It is compulsory to create lock system to all the
hardware parts of an Information System. Damages of hardware can make significant effects on
effectiveness of an organization.
Criminals can theft the hardware, such as hard disk, RAM, processor, any many other things of a
computer system, because of their small size and high cost. Physical theft results in the loss of
data stored on the hard drives of information system. Because of physical theft, organization can
face loss of confidentiality and reliability of users. Therefore, it is necessary to secure physical
devices through wall and locks in a building. Server is always in custody of human being as well
as mechanical locks (risk.net, 2018).
Accidents
Accidents are major issues in front of organization and their information system. It has
happened, because of human errors. Ignorance of the security can convert into accidents most of
time. Therefore, it is necessary to secure the premises of information system’s hardware. It is
necessary to have a security channel to enter in the premises. Without purpose no one can entry
in that premises. It can avoid accidents and provide more security to the system ( Giandomenico
& Groot, 2018).
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Information Systems Risk Management - PDFlg...
|8
|2075
|102
ISO/IEC 27001 Cybersecurity Framework for Riot Games, Inc. 1.lg...
|2
|406
|70
Cyber Security – Challenges and Solutionslg...
|13
|3663
|313
Cybersecurity. task. Student name. Solution: one. Cyberlg...
|3
|326
|72
Risk Assessment on Network Infrastructure of CONVXYZlg...
|27
|3351
|91
IT Audit Report for Telecommunication Industrylg...
|13
|2808
|107