Types of Security Risks to Organizations
Added on 2022-12-29
6 Pages1610 Words29 Views
|
|
|
Security
Types of security risks to organization
Spam
There are business mails which are most of spam which means that they are not of use or can harm the system if they are opened by anyone. It consists
various frauds and misconducts which can easily destroy the system and it's data which can be important or confidential. Therefore, it is one of the type of
security risk.
Viruses
There are various viruses which affects the system's data and even can destroy the normal working of the systems by corrupting it's operating systems and
other major losses. There are various types of viruses which attacks different fields of systems and different manner. Therefore, it is an another type of
security risk associated with IT.
Malware
It is a type of software which is especially designed and developed to destroy or damage the computer systems to it's extent. It consist trojan, worms,
spyware and many more. These are attacked through internet sources by visiting unknown or unauthorised sites. Therefore, it is considered as the type of
security risk to IT (Alshare, Lane and Lane, 2018).
Network monitoring
It consist servers which are connected to the systems and which are responsible to manage all it's clients activities. It mainly monitors network throughout
various other systems which are connected to it. This can be insecure because data travels around the network which sometimes can be private otherwise
public and anyone can use or misuse such data. This has proven a major loss to the business and can affect the business negatively. Therefore it can create
the risk to the IT security.
Other risks
Unauthorized use of a system without damage to data, Unauthorized removal or copying of data or code from a system, Damage to or
destruction of physical system assets and environment, Damage to or destruction of data or code inside or outside the system and naturally
occurring risks.
Spam
There are business mails which are most of spam which means that they are not of use or can harm the system if they are opened by anyone. It consists
various frauds and misconducts which can easily destroy the system and it's data which can be important or confidential. Therefore, it is one of the type of
security risk.
Viruses
There are various viruses which affects the system's data and even can destroy the normal working of the systems by corrupting it's operating systems and
other major losses. There are various types of viruses which attacks different fields of systems and different manner. Therefore, it is an another type of
security risk associated with IT.
Malware
It is a type of software which is especially designed and developed to destroy or damage the computer systems to it's extent. It consist trojan, worms,
spyware and many more. These are attacked through internet sources by visiting unknown or unauthorised sites. Therefore, it is considered as the type of
security risk to IT (Alshare, Lane and Lane, 2018).
Network monitoring
It consist servers which are connected to the systems and which are responsible to manage all it's clients activities. It mainly monitors network throughout
various other systems which are connected to it. This can be insecure because data travels around the network which sometimes can be private otherwise
public and anyone can use or misuse such data. This has proven a major loss to the business and can affect the business negatively. Therefore it can create
the risk to the IT security.
Other risks
Unauthorized use of a system without damage to data, Unauthorized removal or copying of data or code from a system, Damage to or
destruction of physical system assets and environment, Damage to or destruction of data or code inside or outside the system and naturally
occurring risks.
Organizational security procedures
Administrative procedures
This procedure includes various other forms like acceptable use procedures, general use and ownership, security and proprietary information and unacceptable use. These are the forms in which company
works and implement accordingly as per their needs and requirements. Therefore, such procedures are managed by the top level management of an organization.
Technical procedures
This procedure includes various other forms like information sensitivity, public information, sensitive information, transmission encryption methodology, website access to high risk information, remote
access, database storage sensitive information, password procedures and many more. These are the forms in which company works and implement accordingly as per their needs and requirements. Therefore,
such procedures are managed by the IT employees of an organization.
Anti-virus procedures
This procedure assist the company in maintaining the system secure by downloading or installing the anti virus software in the systems which are responsible to fight with viruses that can damage the
systems drastically.
Server procedures
This procedure includes various other forms like ownership and responsibilities, general configuration guidelines and monitoring. These are the forms in which company works and implement accordingly as
per their needs and requirements. Therefore, such procedures are managed by the central department of an organization (Easttom, 2019)(Haqaf and Koyuncu, 2018).
Router procedures
This procedure includes various other forms like wireless communication procedures and encryption and authentication. These are the forms in which company works and implement accordingly as per their
needs and requirements. Therefore, such procedures are managed by the networking department of an organization.
Physical procedures
This procedure includes various other forms like storage and compliance information. Therefore, such procedures are managed by the database handling department of an organization.
Others procedures
Initiate, plan, execute, monitor and control information security activities across the organization, in an effort to successfully achieve organizational security objectives, roles and
responsibilities for information security and need to consider: data, network, systems, operational impact of security breaches, web systems and wireless systems.
Administrative procedures
This procedure includes various other forms like acceptable use procedures, general use and ownership, security and proprietary information and unacceptable use. These are the forms in which company
works and implement accordingly as per their needs and requirements. Therefore, such procedures are managed by the top level management of an organization.
Technical procedures
This procedure includes various other forms like information sensitivity, public information, sensitive information, transmission encryption methodology, website access to high risk information, remote
access, database storage sensitive information, password procedures and many more. These are the forms in which company works and implement accordingly as per their needs and requirements. Therefore,
such procedures are managed by the IT employees of an organization.
Anti-virus procedures
This procedure assist the company in maintaining the system secure by downloading or installing the anti virus software in the systems which are responsible to fight with viruses that can damage the
systems drastically.
Server procedures
This procedure includes various other forms like ownership and responsibilities, general configuration guidelines and monitoring. These are the forms in which company works and implement accordingly as
per their needs and requirements. Therefore, such procedures are managed by the central department of an organization (Easttom, 2019)(Haqaf and Koyuncu, 2018).
Router procedures
This procedure includes various other forms like wireless communication procedures and encryption and authentication. These are the forms in which company works and implement accordingly as per their
needs and requirements. Therefore, such procedures are managed by the networking department of an organization.
Physical procedures
This procedure includes various other forms like storage and compliance information. Therefore, such procedures are managed by the database handling department of an organization.
Others procedures
Initiate, plan, execute, monitor and control information security activities across the organization, in an effort to successfully achieve organizational security objectives, roles and
responsibilities for information security and need to consider: data, network, systems, operational impact of security breaches, web systems and wireless systems.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents