Security
Added on 2022-12-29
14 Pages4078 Words1 Views
|
|
|
Security
Table of Contents
INTRODUCTION...........................................................................................................................1
MAIN BODY...................................................................................................................................1
Task 1.....................................................................................................................................1
Types of security risks to organization.........................................................................1
Organizational security procedures...............................................................................2
Task 2.....................................................................................................................................3
Impact to IT security of incorrect configuration...........................................................3
Benefits to implement network-monitoring systems....................................................4
Task 3.....................................................................................................................................5
Risk assessment procedures..........................................................................................5
ISO 31000 risk management methodology...................................................................6
Data protection processes and regulations....................................................................7
Impacts to organisational security.................................................................................8
Task 4.....................................................................................................................................9
Designing and implementing security policy for an organisation................................9
Components of an organisational disaster recovery plan............................................10
CONCLUSION..............................................................................................................................10
References:.....................................................................................................................................12
INTRODUCTION...........................................................................................................................1
MAIN BODY...................................................................................................................................1
Task 1.....................................................................................................................................1
Types of security risks to organization.........................................................................1
Organizational security procedures...............................................................................2
Task 2.....................................................................................................................................3
Impact to IT security of incorrect configuration...........................................................3
Benefits to implement network-monitoring systems....................................................4
Task 3.....................................................................................................................................5
Risk assessment procedures..........................................................................................5
ISO 31000 risk management methodology...................................................................6
Data protection processes and regulations....................................................................7
Impacts to organisational security.................................................................................8
Task 4.....................................................................................................................................9
Designing and implementing security policy for an organisation................................9
Components of an organisational disaster recovery plan............................................10
CONCLUSION..............................................................................................................................10
References:.....................................................................................................................................12
INTRODUCTION
Information technology is defined as the framework which consist technical equipments
and services to the world. Equipments includes all the hardware devices and services which
generally involves software which provides convenience and easiness to the human activity.
Security is a major concept of the information technology because machines and systems often
requires security to work properly without any business or personal losses like leaking of
information, damage to the hardware and software devices and many more. Therefore, studying
about security in information technology is necessary for better operations in an organization
(Aldawood and Skinner, 2019). Hence, the following discussions are made on various types of
security risks associated with an organization, organizational security procedures, impact of
incorrect configuration, benefits to implement network monitoring systems, various risk
assessment procedures, data protection, impacts to organizational security, designing and
implementing security policy for an organization and components of organizational disaster
recovery plan with proper findings and conclusion.
MAIN BODY
Task 1
Types of security risks to organization
Spam
There are business mails which are most of spam which means that they are not of use or can
harm the system if they are opened by anyone. It consists various frauds and misconducts
which can easily destroy the system and it's data which can be important or confidential.
Therefore, it is one of the type of security risk.
Viruses
There are various viruses which affects the system's data and even can destroy the normal
working of the systems by corrupting it's operating systems and other major losses. There
are various types of viruses which attacks different fields of systems and different manner.
Therefore, it is an another type of security risk associated with IT.
Malware
1
Information technology is defined as the framework which consist technical equipments
and services to the world. Equipments includes all the hardware devices and services which
generally involves software which provides convenience and easiness to the human activity.
Security is a major concept of the information technology because machines and systems often
requires security to work properly without any business or personal losses like leaking of
information, damage to the hardware and software devices and many more. Therefore, studying
about security in information technology is necessary for better operations in an organization
(Aldawood and Skinner, 2019). Hence, the following discussions are made on various types of
security risks associated with an organization, organizational security procedures, impact of
incorrect configuration, benefits to implement network monitoring systems, various risk
assessment procedures, data protection, impacts to organizational security, designing and
implementing security policy for an organization and components of organizational disaster
recovery plan with proper findings and conclusion.
MAIN BODY
Task 1
Types of security risks to organization
Spam
There are business mails which are most of spam which means that they are not of use or can
harm the system if they are opened by anyone. It consists various frauds and misconducts
which can easily destroy the system and it's data which can be important or confidential.
Therefore, it is one of the type of security risk.
Viruses
There are various viruses which affects the system's data and even can destroy the normal
working of the systems by corrupting it's operating systems and other major losses. There
are various types of viruses which attacks different fields of systems and different manner.
Therefore, it is an another type of security risk associated with IT.
Malware
1
It is a type of software which is especially designed and developed to destroy or damage the
computer systems to it's extent. It consist trojan, worms, spyware and many more. These are
attacked through internet sources by visiting unknown or unauthorised sites. Therefore, it is
considered as the type of security risk to IT (Alshare, Lane and Lane, 2018).
Network monitoring
It consists servers which are connected to the systems and which are responsible to manage all its
client’s activities. It mainly monitors network throughout various other systems which are
connected to it. This can be insecure because data travels around the network which
sometimes can be private otherwise public and anyone can use or misuse such data. This has
proven a major loss to the business and can affect the business negatively. Therefore, it can
create the risk to the IT security.
Other risks
Unauthorized use of a system without damage to data, Unauthorized removal or copying of data
or code from a system, Damage to or destruction of physical system assets and environment,
Damage to or destruction of data or code inside or outside the system and naturally
occurring risks.
Organizational security procedures
Administrative procedures
This procedure includes various other forms like acceptable use procedures, general use and
ownership, security and proprietary information and unacceptable use. These are the forms
in which company works and implement accordingly as per their needs and requirements.
Therefore, such procedures are managed by the top level management of an organization.
Technical procedures
This procedure includes various other forms like information sensitivity, public information,
sensitive information, transmission encryption methodology, website access to high risk
information, remote access, database storage sensitive information, password procedures
and many more. These are the forms in which company works and implement accordingly
as per their needs and requirements. Therefore, such procedures are managed by the IT
employees of an organization.
2
computer systems to it's extent. It consist trojan, worms, spyware and many more. These are
attacked through internet sources by visiting unknown or unauthorised sites. Therefore, it is
considered as the type of security risk to IT (Alshare, Lane and Lane, 2018).
Network monitoring
It consists servers which are connected to the systems and which are responsible to manage all its
client’s activities. It mainly monitors network throughout various other systems which are
connected to it. This can be insecure because data travels around the network which
sometimes can be private otherwise public and anyone can use or misuse such data. This has
proven a major loss to the business and can affect the business negatively. Therefore, it can
create the risk to the IT security.
Other risks
Unauthorized use of a system without damage to data, Unauthorized removal or copying of data
or code from a system, Damage to or destruction of physical system assets and environment,
Damage to or destruction of data or code inside or outside the system and naturally
occurring risks.
Organizational security procedures
Administrative procedures
This procedure includes various other forms like acceptable use procedures, general use and
ownership, security and proprietary information and unacceptable use. These are the forms
in which company works and implement accordingly as per their needs and requirements.
Therefore, such procedures are managed by the top level management of an organization.
Technical procedures
This procedure includes various other forms like information sensitivity, public information,
sensitive information, transmission encryption methodology, website access to high risk
information, remote access, database storage sensitive information, password procedures
and many more. These are the forms in which company works and implement accordingly
as per their needs and requirements. Therefore, such procedures are managed by the IT
employees of an organization.
2
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents