Information Security Program Components for FuturePlus Charity

Verified

Added on 2022/12/21

AI Summary

This report outlines the essential Information Security (InfoSec) components for FuturePlus, a newly established charity organization. The report focuses on four key areas: Application Security, which emphasizes securing applications from threats and implementing security policies; Risk Management, which highlights the importance of a risk management framework for data security and overall organizational success; Identity and Access Management, which addresses the need for robust access control policies to protect sensitive data; and Network Security, which stresses the importance of securing the network with firewalls and IDS systems to protect information assets. The report references relevant sources to support the recommendations for each component, ensuring a comprehensive approach to information security for FuturePlus. This assessment provides a practical guide to establishing a secure environment for the organization's operations, data, and donor information.

Information Security
Task
Student name

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1. Application Security
An organization has used many applications to manage various works of their business and other
processes. It is necessary to secure all those processes from various types of threats. In addition, all the
process must require a security policy and software for the security of applications. In addition, all the
applications must secure from outsiders of the network (Hyman, 2017).
2. Risk Management
A company should manage their risks using a proper framework or security frameworks. It
provides many benefits to the company, such as data security, reputation, financial, and many others. In
addition, there are many advantages of risk management, such as growth, success, and reparation.
Moreover, data breach can create many technical and non-technical issues in a company
(iso27001security.com, 2019).
3. Identity and access management
There should be some policies for identity and access control, as many organizations have
various types of data, which are sensitive and important from financial point of view. Therefore, it is
necessary to provide security to the access systems of a company. Access control policy can be used in a
company to reduce risks of the company (Krzyzanowski , 2019).
4. Network Security
Network is an information asset of a company. Therefore, it is necessary to secure the whole
network of a company using firewalls and IDS systems. Moreover, many information assets have
connected with the network, such as personal computer systems, routers, switches, and data centres.
Therefore, it is highly recommended for a company to secure their network using Virtual private
network or many other methods (Dosal, 2018).

References
Dosal, E. (2018). 5 Common Network Security Problems and Solutions. Retrieved March 12, 2019, from
https://www.compuquip.com/blog/5-common-network-security-problems-and-solutions
Hyman, J. (2017). 10 Key Elements of Any Data Security Policy to Safeguard Your Company. Retrieved
March 12, 2019, from https://www.workforce.com/2017/05/03/10-key-elements-data-security-
policy-safeguard-company/
iso27001security.com. (2019). Information risk managemnet. Retrieved March 9, 2019, from
http://www.iso27001security.com/html/risk_mgmt.html
Krzyzanowski , P. (2019). Access Control. Retrieved May 2, 2019, from
https://www.cs.rutgers.edu/~pxk/419/notes/access.html