SBM4304: IS Security and Risk Management Report - Apple Analysis
VerifiedAdded on 2023/06/08
|14
|3456
|94
Report
AI Summary
This report provides an in-depth analysis of IS security and risk management, focusing on the case of Apple. It begins by outlining the objectives and identifying information system assets within Apple. The report then delves into the working mechanism of ransomware, a significant threat to organizations, and suggests tools like training, AVG decryption tools, and Avast anti-ransomware tools for mitigation. It also discusses threats against network routers and switches, detailing how attackers exploit these vulnerabilities. The report further explores strategies to ensure the reliability and availability of web services, including the use of a running database and database column adjustments. Additionally, the report addresses the importance of confidentiality and integrity of staff emails, proposing strategies such as staff training, access control mechanisms, and the use of effective anti-virus tools. The report also covers various types of malware, including ransomware, phishing, spoofing, and whaling, and their related security issues. Finally, it outlines approaches to improve server availability, such as eliminating single points of failure and implementing geographic redundancy, along with the use of log records to monitor activities and enhance security.
Running head: IS Security and Risk Management 1
IS Security and Risk Management
Name of Student
Name of Institution
Name of Course
Date of Submission
IS Security and Risk Management
Name of Student
Name of Institution
Name of Course
Date of Submission
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
IS Security and risk management 2
1.0 Introduction
The rising complexity of business operations in organizations requires equally effective
measures and mitigations strategies. Managing the efficient flow of processes within an
organization calls for the incorporation of constructive management strategies which plays a
crucial role in ensuring that errors are minimized and a good return on investment registered. The
incorporation of information technology in business operations has led to the emergence of
technology aided business processes. Most organizations have since introduced the use of
information systems in a bid to increase the efficiency levels of its operations. This is because
information systems are vital in increasing convenience levels by producing good and accurate
results within a short period of time at relatively affordable costs. Despite the advantages that
come with the use of information systems in organizations, there are a number of shortcomings
that accompany the use of information systems in business operations. The rise of cyber crime
and the increasing number of technology experts has consistently placed organizational data at
risk of intrusion. This paper focuses outlines some of the challenges associated with the use of
information systems in business operations (Ashforth and Kreiner, 2010). The report also
outlines a number of mitigation strategies which can be implemented in these organizations in
order to enhance long lasting resolutions. The report is given with reference to Apple, one of the
leading multinational technology companies.
1.0 Introduction
The rising complexity of business operations in organizations requires equally effective
measures and mitigations strategies. Managing the efficient flow of processes within an
organization calls for the incorporation of constructive management strategies which plays a
crucial role in ensuring that errors are minimized and a good return on investment registered. The
incorporation of information technology in business operations has led to the emergence of
technology aided business processes. Most organizations have since introduced the use of
information systems in a bid to increase the efficiency levels of its operations. This is because
information systems are vital in increasing convenience levels by producing good and accurate
results within a short period of time at relatively affordable costs. Despite the advantages that
come with the use of information systems in organizations, there are a number of shortcomings
that accompany the use of information systems in business operations. The rise of cyber crime
and the increasing number of technology experts has consistently placed organizational data at
risk of intrusion. This paper focuses outlines some of the challenges associated with the use of
information systems in business operations (Ashforth and Kreiner, 2010). The report also
outlines a number of mitigation strategies which can be implemented in these organizations in
order to enhance long lasting resolutions. The report is given with reference to Apple, one of the
leading multinational technology companies.
IS Security and risk management 3
1.1 Objectives
The report seeks to address the following objectives:
To identify the various Information system assets within Apple Company as an
organization that uses IS to moderate operations.
To outline the possible threats that places the organization at risk of losing its data
through intrusion of the information systems.
To identify the possible mitigation strategies which can be implemented by the
organization to minimize the threats and risks while enhancing the security of the
systems.
2.0 Ransomware
This threat serves as one of the leading vices in the area of cybercrime. Ransomware is
the type of virus that attacks the systems of an organization hence hindering the users from
accessing their own files (Arai, 2010). In this case, the user is required to offer a ransom in order
to be allowed to open their files. The mechanism here entails the malicious access of an
organization’s crucial files by unauthorized parties. Once the criminal has control over the files,
the ask for ransom before allowing access.
2.1 Working Mechanism
Ransomware often get into an organization’s system through phishing emails which may
contain malicious attachments and scam. Accessing and opening these mails allows the malware
to access and encrypt the organization’s files. The other possible entry point is through drive-by
downloading. This happens when one visits an infected cite where the malware downloads and
1.1 Objectives
The report seeks to address the following objectives:
To identify the various Information system assets within Apple Company as an
organization that uses IS to moderate operations.
To outline the possible threats that places the organization at risk of losing its data
through intrusion of the information systems.
To identify the possible mitigation strategies which can be implemented by the
organization to minimize the threats and risks while enhancing the security of the
systems.
2.0 Ransomware
This threat serves as one of the leading vices in the area of cybercrime. Ransomware is
the type of virus that attacks the systems of an organization hence hindering the users from
accessing their own files (Arai, 2010). In this case, the user is required to offer a ransom in order
to be allowed to open their files. The mechanism here entails the malicious access of an
organization’s crucial files by unauthorized parties. Once the criminal has control over the files,
the ask for ransom before allowing access.
2.1 Working Mechanism
Ransomware often get into an organization’s system through phishing emails which may
contain malicious attachments and scam. Accessing and opening these mails allows the malware
to access and encrypt the organization’s files. The other possible entry point is through drive-by
downloading. This happens when one visits an infected cite where the malware downloads and
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
IS Security and risk management 4
installs itself without the knowledge of the user. Other entry methods include the social media as
well as instant messaging applications.
3.0 Tools for tackling ransomware
3.1 Training
A common tool is proper education and increase of awareness among the company workers on
the threats associated with ransomware. Apple can conduct adequate training and exposure may
play a crucial role in stopping the workers from accessing cites and engaging in activities that
may make the organization vulnerable (Bettig, 2010).
3.2 AVGs ransomware decryption tools
The second approach involves the use of decryption tools for instance AVGs ransomware tools.
This software is helpful especially after attack as it helps to decrypt and there set the affected
files free from the malware.
3.3 Avast anti-ransomware tools
This tool is helpful in preventing the organization from invasions by malicious software.
The antivirus resolves the risk by detecting and blocking the ransomware before they are
unknowingly downloaded and installed into an organization’s system. The increasing use of
social media platforms also increases an organization’s risk of invasion. It would therefore be
important for Apple to install the most effective tools which would be helpful not only in
detecting and blocking the entry of the virus but also by decrypting and removing the ones that
are already installed (Burk and Mark, 2009).
installs itself without the knowledge of the user. Other entry methods include the social media as
well as instant messaging applications.
3.0 Tools for tackling ransomware
3.1 Training
A common tool is proper education and increase of awareness among the company workers on
the threats associated with ransomware. Apple can conduct adequate training and exposure may
play a crucial role in stopping the workers from accessing cites and engaging in activities that
may make the organization vulnerable (Bettig, 2010).
3.2 AVGs ransomware decryption tools
The second approach involves the use of decryption tools for instance AVGs ransomware tools.
This software is helpful especially after attack as it helps to decrypt and there set the affected
files free from the malware.
3.3 Avast anti-ransomware tools
This tool is helpful in preventing the organization from invasions by malicious software.
The antivirus resolves the risk by detecting and blocking the ransomware before they are
unknowingly downloaded and installed into an organization’s system. The increasing use of
social media platforms also increases an organization’s risk of invasion. It would therefore be
important for Apple to install the most effective tools which would be helpful not only in
detecting and blocking the entry of the virus but also by decrypting and removing the ones that
are already installed (Burk and Mark, 2009).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
IS Security and risk management 5
4.0 Threats against network routers and switches
At Apple Company International, there are routers and switches which are configured to
respond to Simple Service Delivery Protocols over the internet. Many attackers take advantage
of these routers by creating high traffic, usually more than what would be the case using the
original bandwidth. Once they interfere with the system, the attacker then use DDoS to send the
malware to a third bird computer. In this strategy, the attacker sends requests which contain a
spoofed Internet Protocol address to a third party computer (Dubin, 2009). The computer then
sends responses to the spoofed address instead of the originally intended destination. The
spoofed address is usually that of the intended victim which is Apple in this case. The third party
computer can therefore be used to transfer the malicious software into the system of the intended
victim. At the same time, there are technology regulated switches within organization mostly
operated by computers which contain specific encryptions fitting the purposes. Since the systems
depend on computer generated instructions, there is constant access to the internet especially
when there is need for updating. The malware can be downloaded into the system files in this
process thereby compromising the original codes. Research indicates that through the routers and
switches, the attackers launch less powerful attacks. However, the impacts that come with these
attacks may end up aggravating hence the need for the right mitigation strategies.
4.0 Threats against network routers and switches
At Apple Company International, there are routers and switches which are configured to
respond to Simple Service Delivery Protocols over the internet. Many attackers take advantage
of these routers by creating high traffic, usually more than what would be the case using the
original bandwidth. Once they interfere with the system, the attacker then use DDoS to send the
malware to a third bird computer. In this strategy, the attacker sends requests which contain a
spoofed Internet Protocol address to a third party computer (Dubin, 2009). The computer then
sends responses to the spoofed address instead of the originally intended destination. The
spoofed address is usually that of the intended victim which is Apple in this case. The third party
computer can therefore be used to transfer the malicious software into the system of the intended
victim. At the same time, there are technology regulated switches within organization mostly
operated by computers which contain specific encryptions fitting the purposes. Since the systems
depend on computer generated instructions, there is constant access to the internet especially
when there is need for updating. The malware can be downloaded into the system files in this
process thereby compromising the original codes. Research indicates that through the routers and
switches, the attackers launch less powerful attacks. However, the impacts that come with these
attacks may end up aggravating hence the need for the right mitigation strategies.
IS Security and risk management 6
5.0 Ensuring reliability and availability of web service
Reliability of a web service involves the tendency of a web service to remain effective in
serving the interests of the users. This therefore implies that the interface ought to be user
friendly and its access should not be accompanied by infections from malicious software. To
enhance a reliable web service, Apple Int. needs to develop a platform in which the users obtain
high levels of satisfaction with minimal errors. On the other hand, web service availability
implies the web uses should be in a position to speedily access the contents of the web services.
This indicates that for Apple to achieve effective web service availability, accessing the platform
should not be hindered heavy traffic. Apple Company being an international organization has a
huge number of users who depend on its web service. The service ought to involve an efficient
interface where users take the shortest time to gain access and obtain the required information
about the company (Goldstein and Reese, 2010).
The overview above describes reliability and availabity of a web service based on the
ease and speed with which the interface can be accessed. However, a web service is considered
reliable when the individuals who access it are not at risk of infection from malicious software.
In order to enhance the reliability and availability of its web service, the organization needs to
install a running database. This approach involves configuring a reliable messaging service
which ensures that the connection and interaction strictly remains between the server and the
client. This prevents invasion from third parties hence minimizing any associated risks when it
comes to accessing these sites. At the same time, web service availability can be enhanced by
changing the width or database columns. This is because the nature of bandwidths used in
designing a web service has a special influence on ease of access. Adequate data base columns
minimize congestion which in turn improves convenience (Greenhalgh and Rogers, 2010).
5.0 Ensuring reliability and availability of web service
Reliability of a web service involves the tendency of a web service to remain effective in
serving the interests of the users. This therefore implies that the interface ought to be user
friendly and its access should not be accompanied by infections from malicious software. To
enhance a reliable web service, Apple Int. needs to develop a platform in which the users obtain
high levels of satisfaction with minimal errors. On the other hand, web service availability
implies the web uses should be in a position to speedily access the contents of the web services.
This indicates that for Apple to achieve effective web service availability, accessing the platform
should not be hindered heavy traffic. Apple Company being an international organization has a
huge number of users who depend on its web service. The service ought to involve an efficient
interface where users take the shortest time to gain access and obtain the required information
about the company (Goldstein and Reese, 2010).
The overview above describes reliability and availabity of a web service based on the
ease and speed with which the interface can be accessed. However, a web service is considered
reliable when the individuals who access it are not at risk of infection from malicious software.
In order to enhance the reliability and availability of its web service, the organization needs to
install a running database. This approach involves configuring a reliable messaging service
which ensures that the connection and interaction strictly remains between the server and the
client. This prevents invasion from third parties hence minimizing any associated risks when it
comes to accessing these sites. At the same time, web service availability can be enhanced by
changing the width or database columns. This is because the nature of bandwidths used in
designing a web service has a special influence on ease of access. Adequate data base columns
minimize congestion which in turn improves convenience (Greenhalgh and Rogers, 2010).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
IS Security and risk management 7
6.0 Confidentiality and Integrity of Staff email
There are a number of strategies which the organization can install to ensure that the
confidential and integrity of staff email is maintained at all times. To begin with, there is need
for staff training on security awareness. This approach enables the staff to engage in email
interactions that involve the least risk of infection. Secondly, the organization should implement
and maintain access control mechanisms through effective password and resource management.
This ensures that each staff member has absolute access to their logging details (Johnason,
2010). These details must never be shared with any other individual as this leads to a breach in
the privacy requirements.
The organization also needs to establish dependable identification and authentication
methods. This can be achieved by having the details of the staff members stored in a database
and only retrieved in occasions when authentication is required and absolutely at the request of
the user. The last strategy that can be put in place to enhance confidentiality of staff emails is by
installing and using effective devices which are free from infection by any unwanted software.
For instance, when the sending of emails is done be don through a computer device, the
organization needs to install the right anti-virus tools which are vital in shielding the staff and
other device users from attacks and related risks (Klerck, 2009). In a nut shell, it is the core
mandate of the organization to protect its users by installing systems which have proven
effectiveness in eliminating the threats associated with sending and receiving emails.
7.0 Types of malware and security issues related to email and Webserver
Ransomware: Cyber criminals use malicious attachment to lure email users into downloading
and installing malware into their systems. The malware then attacks and affects files within the
6.0 Confidentiality and Integrity of Staff email
There are a number of strategies which the organization can install to ensure that the
confidential and integrity of staff email is maintained at all times. To begin with, there is need
for staff training on security awareness. This approach enables the staff to engage in email
interactions that involve the least risk of infection. Secondly, the organization should implement
and maintain access control mechanisms through effective password and resource management.
This ensures that each staff member has absolute access to their logging details (Johnason,
2010). These details must never be shared with any other individual as this leads to a breach in
the privacy requirements.
The organization also needs to establish dependable identification and authentication
methods. This can be achieved by having the details of the staff members stored in a database
and only retrieved in occasions when authentication is required and absolutely at the request of
the user. The last strategy that can be put in place to enhance confidentiality of staff emails is by
installing and using effective devices which are free from infection by any unwanted software.
For instance, when the sending of emails is done be don through a computer device, the
organization needs to install the right anti-virus tools which are vital in shielding the staff and
other device users from attacks and related risks (Klerck, 2009). In a nut shell, it is the core
mandate of the organization to protect its users by installing systems which have proven
effectiveness in eliminating the threats associated with sending and receiving emails.
7.0 Types of malware and security issues related to email and Webserver
Ransomware: Cyber criminals use malicious attachment to lure email users into downloading
and installing malware into their systems. The malware then attacks and affects files within the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
IS Security and risk management 8
system leading to security issues within the organization. This type of malware encrypts files
before demanding fees to enhance restoration.
Phishing: This involves the use of malicious and majorly psychological manipulations to lure
victims into issuing crucial information about them which the criminals then use for malicious
purposes.
Spoofing: In this case, hackers use addresses which are very similar to the legitimate ones hence
deceive their victims into using them. This form of malware invasion occurs mainly because
email lack effective address authentication mechanism
Whaling: This is a cyber criminal strategy which is mainly aimed at invading big companies. The
type of system invasion is also referred to as business email compromise. The attacker sends an
email to an individual within the organization giving instructions that are capable of effecting a
transaction. The various types of malware have been arranged in order of increasing priority
which implies that whaling poses the biggest security threat to business organizations. In
addition to losing grip of crucial information, the organization incurs losses in large amounts as a
result of business email compromise (Schechter, 2010).
8.0 Approaches to improve server availability
There are various approaches which can be used to enhance server availability. In this
case, we highlight two of these. The first approach involves eliminating single points of failure.
This strategy involves identifying the specific areas within the system which hinder its effective
performance. These points of failure are then eliminated and replaced with more efficient ones.
The diagram below indicates a simplified system with each component strategically placed. This
structure makes it easy to identify and hence eliminate the points of weakness.
system leading to security issues within the organization. This type of malware encrypts files
before demanding fees to enhance restoration.
Phishing: This involves the use of malicious and majorly psychological manipulations to lure
victims into issuing crucial information about them which the criminals then use for malicious
purposes.
Spoofing: In this case, hackers use addresses which are very similar to the legitimate ones hence
deceive their victims into using them. This form of malware invasion occurs mainly because
email lack effective address authentication mechanism
Whaling: This is a cyber criminal strategy which is mainly aimed at invading big companies. The
type of system invasion is also referred to as business email compromise. The attacker sends an
email to an individual within the organization giving instructions that are capable of effecting a
transaction. The various types of malware have been arranged in order of increasing priority
which implies that whaling poses the biggest security threat to business organizations. In
addition to losing grip of crucial information, the organization incurs losses in large amounts as a
result of business email compromise (Schechter, 2010).
8.0 Approaches to improve server availability
There are various approaches which can be used to enhance server availability. In this
case, we highlight two of these. The first approach involves eliminating single points of failure.
This strategy involves identifying the specific areas within the system which hinder its effective
performance. These points of failure are then eliminated and replaced with more efficient ones.
The diagram below indicates a simplified system with each component strategically placed. This
structure makes it easy to identify and hence eliminate the points of weakness.
IS Security and risk management 9
The second approach involves implementing geographic redundancy. In this strategy, the
organization can enhance the availability of the web service by hosting its application in two
different geographical areas. To enhance high performance, the application ought to be hosted at
a position that is geographically close to the end users and consumers. This method does not only
provide an effective alternative in case a link fails but also contributes in the general
improvement in the performance of the system.
9.0 Use of log records
As a strategy for enhancing the performance of web and email servers, an organization
may use the approach of log records to monitor past activities and hence not the areas that
require the necessary adjustment. Log records are obtained when the application is configured to
record activities within a given time base. These logs are then stored in retrievable databases
The second approach involves implementing geographic redundancy. In this strategy, the
organization can enhance the availability of the web service by hosting its application in two
different geographical areas. To enhance high performance, the application ought to be hosted at
a position that is geographically close to the end users and consumers. This method does not only
provide an effective alternative in case a link fails but also contributes in the general
improvement in the performance of the system.
9.0 Use of log records
As a strategy for enhancing the performance of web and email servers, an organization
may use the approach of log records to monitor past activities and hence not the areas that
require the necessary adjustment. Log records are obtained when the application is configured to
record activities within a given time base. These logs are then stored in retrievable databases
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
IS Security and risk management 10
hence can be user at a later level especially during analysis. Log records play a crucial role in
helping the organization to identify the specific points of weakness which are some of the causes
of server problems.
Audit log reports are crucial in enhancing analysis and monitoring. As a mitigation
strategy to ensure reliability of web and email servers, noting the points of weakness ought to be
followed by constant updating of the system (Schechter, 2010). In order to effectively achieve
this, it is vital to perform the necessary system audits which go a long way in helping an
organization to note the specific components of the system that may require adjustment of
overhaul. Audit log reports offer important facts which when retrieved and analyzed places the
organization in a better position to effectively manage the issues related to its information system
security.
10.0 Impact of human factors on IS related security risk and management
Information systems generally involve operations that revolve around people within an
organization and its surrounding. This there reveals that there are a number of human factors
which have either a direct or indirect impact on management of information systems, security
issues and related risks.
To begin with, the confidentiality of data and crucial information about an organization
majorly depends on the integrity of the people with the organization. Authentication and security
mechanism require that individuals ought to treat confidential information with the right
sensitivity. This prevents attackers from gaining access into the system. If there is a traitor within
an organization who as well has crucial data regarding the information systems then the security
of such systems become threatened (Klerck, 2009).
hence can be user at a later level especially during analysis. Log records play a crucial role in
helping the organization to identify the specific points of weakness which are some of the causes
of server problems.
Audit log reports are crucial in enhancing analysis and monitoring. As a mitigation
strategy to ensure reliability of web and email servers, noting the points of weakness ought to be
followed by constant updating of the system (Schechter, 2010). In order to effectively achieve
this, it is vital to perform the necessary system audits which go a long way in helping an
organization to note the specific components of the system that may require adjustment of
overhaul. Audit log reports offer important facts which when retrieved and analyzed places the
organization in a better position to effectively manage the issues related to its information system
security.
10.0 Impact of human factors on IS related security risk and management
Information systems generally involve operations that revolve around people within an
organization and its surrounding. This there reveals that there are a number of human factors
which have either a direct or indirect impact on management of information systems, security
issues and related risks.
To begin with, the confidentiality of data and crucial information about an organization
majorly depends on the integrity of the people with the organization. Authentication and security
mechanism require that individuals ought to treat confidential information with the right
sensitivity. This prevents attackers from gaining access into the system. If there is a traitor within
an organization who as well has crucial data regarding the information systems then the security
of such systems become threatened (Klerck, 2009).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
IS Security and risk management 11
Secondly, the number of people using a particular interface influences the level to which
the system’s security can be maintained. A system accessed by many individuals may often be
prone to attacks especially in cases where the established measures are not as effective as
required. In addition to enhance system availability, there is need for effective management
strategies which ensure that the number of individuals using a system at a given time is properly
controlled through valid security measures (Klerck, 2009).
Lastly, the success of risk and system security management depends on the willingness of
people especially workers within an organization to embrace the organization’s stated security
policies and regulations. The policies are only effective when each stakeholder remains
commitment and supportive to their implementation. In a nut shell, individual and corporate
behaviors among people within an organization have a special way of influencing the extent to
which risk management strategies shall be achieved.
11.0 Proposed Network security devices
To enhance system security, there is need to have the most effective security devices which do
not only prevent invasion by malware but also undo the ones that have been accidentally
installed into the system (Dubin, 2009). The following are the proposed security devices:
Firewalls: These are applications which are installed into the system to regulate the sites and
addresses which can be accessed or responded to by the user. Firewalls are crucial in blocking
the intrusion of malicious software into a system.
Antivirus scanning device: This devices is essential in the detection of unwanted software
through scanning, the devices is able to identify the files and applications whose inclusion into
Secondly, the number of people using a particular interface influences the level to which
the system’s security can be maintained. A system accessed by many individuals may often be
prone to attacks especially in cases where the established measures are not as effective as
required. In addition to enhance system availability, there is need for effective management
strategies which ensure that the number of individuals using a system at a given time is properly
controlled through valid security measures (Klerck, 2009).
Lastly, the success of risk and system security management depends on the willingness of
people especially workers within an organization to embrace the organization’s stated security
policies and regulations. The policies are only effective when each stakeholder remains
commitment and supportive to their implementation. In a nut shell, individual and corporate
behaviors among people within an organization have a special way of influencing the extent to
which risk management strategies shall be achieved.
11.0 Proposed Network security devices
To enhance system security, there is need to have the most effective security devices which do
not only prevent invasion by malware but also undo the ones that have been accidentally
installed into the system (Dubin, 2009). The following are the proposed security devices:
Firewalls: These are applications which are installed into the system to regulate the sites and
addresses which can be accessed or responded to by the user. Firewalls are crucial in blocking
the intrusion of malicious software into a system.
Antivirus scanning device: This devices is essential in the detection of unwanted software
through scanning, the devices is able to identify the files and applications whose inclusion into
IS Security and risk management 12
the system may threaten the security. The device doesn’t only identify the malware but also
blocks their entry hence securing the email and web servers.
Penetration testing device: This device is used to gain access to the system peripherals to aid in
detecting the system problems and their possible causes. Once the anomaly has been identified,
the organization can then establish the effective mitigation strategies aimed at enhancing system
performance.
Vulnerability assessment appliance: The device works on the same principle as the penetrating
devices. Through scanning, the device is able to point out the prevalent system issues before
delivering the necessary counter strategy.
Intrusion detector: This device identifies the applications and elements whose interaction with
the system may pose security threats. Intrusion detectors are helpful in identifying the malicious
attachments usually sent through emails with the core intention of hacking a system.
12.0 Conclusion
System security is a crucial requirement in successful management. This is because a
secure system has a central influence on the flow of other processes within the organization.
Identifying the various aspects which compromise system security is a step in the right direction.
Apart from highlighting the information system security issues, the report also details the various
mitigation strategies which can be implemented to obtain long lasting solutions. The details of
the report would therefore be important for a manager seeking to enhance the performance of
their systems by minimizing the related security threats.
Recommendations
the system may threaten the security. The device doesn’t only identify the malware but also
blocks their entry hence securing the email and web servers.
Penetration testing device: This device is used to gain access to the system peripherals to aid in
detecting the system problems and their possible causes. Once the anomaly has been identified,
the organization can then establish the effective mitigation strategies aimed at enhancing system
performance.
Vulnerability assessment appliance: The device works on the same principle as the penetrating
devices. Through scanning, the device is able to point out the prevalent system issues before
delivering the necessary counter strategy.
Intrusion detector: This device identifies the applications and elements whose interaction with
the system may pose security threats. Intrusion detectors are helpful in identifying the malicious
attachments usually sent through emails with the core intention of hacking a system.
12.0 Conclusion
System security is a crucial requirement in successful management. This is because a
secure system has a central influence on the flow of other processes within the organization.
Identifying the various aspects which compromise system security is a step in the right direction.
Apart from highlighting the information system security issues, the report also details the various
mitigation strategies which can be implemented to obtain long lasting solutions. The details of
the report would therefore be important for a manager seeking to enhance the performance of
their systems by minimizing the related security threats.
Recommendations
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 14
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.