Comprehensive Analysis of Security Policies at Birchalls Ltd Bookstore

Verified

Added on 2021/04/17

AI Summary

This report provides an analysis of the security policies implemented by Birchalls Ltd Bookstore, an old established bookstore facing modern cyber security challenges. The report examines the bookstore's IT security policies, focusing on the five key strategies of the cyber security framework: identify, protect, detect, respond, and recover. It details how Birchalls Ltd manages its system security, including user authentication, device restrictions, data access limitations, and backup/disaster recovery plans. The analysis assesses the effectiveness of these policies, highlighting the use of RSA encryption, network monitoring, and website access limitations. The report also discusses the importance of backup and disaster recovery policies for data protection and the role of IT experts in resolving system issues, drawing on relevant literature to support the analysis.

Running head: SECURITY POLICIES OF BIRCHALLS LTD BOOKSTORE
Security Policies of Birchalls Ltd Bookstore
Name of the Student
Name of the University

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

SECURITY POLICIES OF BIRCHALLS LTD BOOKSTORE1
Table of Contents
Organization Background:...............................................................................................................2
IT Security Policy:...........................................................................................................................2
Analysis:..........................................................................................................................................3
Bibliography:...................................................................................................................................4

SECURITY POLICIES OF BIRCHALLS LTD BOOKSTORE2
Organization Background:
Birchalls Ltd was founded by Samuel Tegg in 1844 and it is the oldest book store within
the entire Australia. The organization was the first to introduce the commercial notepads to the
Australian people in 1902.The organization is running its business online through the country
and in international markets. Though being an old and repeated publisher, in recent days the
organization is having issues with managing its business. The book store manages all the
operations done in national or international level from headquarter in Launceston, Tasmania. The
open internet connection to the system makes it vulnerable to cybercrime.
IT Security Policy:
The IT security policies of the organization is based on the five categories of the cyber
security framework strategies. The strategies are identify, recover, protect, respond and detect.
The book store has a number of users of its system and has made policies to make the system
safe from its internal and external users. The system also able to check the information provided
by the user is valid or not. The system does not allow two users have a single mobile number,
email address and few more information. Thus it enforces the policy of asking the users to create
different accounts individually (Kim, Yang & Park, 2014). The system does not allow any
internal users like admin or data entry operator or many others to use any external device to a
computer that is connected to the server directly. The book store has limited the access of the
data to the users to only the mandatory data to view. The system is also connected to the
backup/disaster recovery so that in case the data is lost it can be regained. The hardware firewall
and antivirus applications are installed in server and computers respectively. The security policy
of Birchalls Ltd is also strong in preventing the server attacks like DoS and SQL injection.

SECURITY POLICIES OF BIRCHALLS LTD BOOKSTORE3
Analysis:
The security policy of the Birchalls Ltd books store has been developed for its ICT
system with the purpose of making the system less vulnerable to local and physical attacks. The
books store make use of ‘open internet’ connection to receive and transmit data/information to
users and partners. In order to make the system secure to the threats of open internet connection,
the RSA encryption technique that the organization uses is very secure (Safa, Von Solms &
Furnell, 2016). The computers that are connected to the server directly are disabled to accept any
external device like pen drive, HDD and many more so that no one can inject a virus to the
system internally. This has made the system very strong from the inside. Along with it, the
network administrator constantly monitors the network operations and access. The policy of
removing access to various specific websites is a strong action against the system security. This
prevents the system to be affected by the viruses that are available over the internet.
The backup/restore policy is a huge advantage of the ICT system. The loss of data in the
system is not a rare fact (Sommestad et al., 2014). The errors in the system function or any other
minimal issue can make a data lose. This policy allows the system to get back the data that has
been lost easily. In case of a disaster that damages all the physical database disks, the disaster
recovery policy comes handy. This policy allows the book store to get back all the lost data
without any error.
The errors in the system is common thing as the system is continuously updated to be
competitive and some of the functions are possible to test without a real world environment (Mai
et al., 2017). This the security policy of post maintenance states that an IT expert will only
resolve the minimal issues occurring in the system.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

SECURITY POLICIES OF BIRCHALLS LTD BOOKSTORE4
Bibliography:
Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model
in organizations. Computers & Security, 56, 70-82.
Sommestad, T., Hallberg, J., Lundholm, K., & Bengtsson, J. (2014). Variables influencing
information security policy compliance: a systematic review of quantitative studies.
Information Management & Computer Security, 22(1), 42-75.
Kim, S. H., Yang, K. H., & Park, S. (2014). An integrative behavioral model of information
security policy compliance. The Scientific World Journal, 2014.
Mai, B., Parsons, T., Prybutok, V., & Namuduri, K. (2017). Neuroscience foundations for human
decision making in information security: a general framework and experiment design. In
Information Systems and Neuroscience (pp. 91-98). Springer, Cham.