University Assignment: High-Assurance Computing Security Analysis

Verified

Added on 2022/08/28

AI Summary

This assignment delves into the critical aspects of high-assurance computing, emphasizing the importance of safeguarding organizations from various threats. It explores essential security measures, including physical security (addressing entry points and employee numbers), data security (restricting access, employing firewalls, and encrypting data), equipment security (preventing theft), and document security (secure storage and employee training). The assignment highlights the significance of employee training, specifically in data management and safe internet habits to mitigate risks like phishing and data breaches. References from various sources provide a foundation for understanding the discussed security protocols and their implementation.

Running head: TOPICS IN HIGH-ASSURANCE COMPUTING
TOPICS IN HIGH-ASSURANCE COMPUTING
Name of the Student
Name of the University
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1TOPICS IN HIGH-ASSURANCE COMPUTING
Discussions
Safeguarding the organization from data and physical threats can assist to reduce the risk
from physical violence and threats (Peltier, 2016). Any organization must know its security
needs so that they can secure the business from any kinds of risks. The business security
requirements of the Organizations consist of the following:
 Physical security: the physical location and the number of employees can speak about the
level of physical security that is required. A security evaluation that re-examines the
points of entry and the liabilities of security can provide a view on how much security is
needed. The measures physical security in the organization consists of bar coded locks of
doors, biometrics, systems of alarms and many more (Souag et al.,2016). The measures of
security should consist of internal and the external threats. The organization should make
sure that the employees those are authorized could enter the sensitive areas.
 Data Security: data security is very important for the organization. The primary means of
protecting data is by restricting access, passwords, authorizations of username-level and
many more. Another layer of safeguarding the data is by securing the systems that will
help to block malware, viruses, spam and intrusions. The defences of the system consist
of firewalls and anti viruses (Türpe, 2017). Additional security consists of encryption of
data during data transfer of storage.
 Equipment security: Securing the equipments can help to safeguard the company from
theft and in some of the cases loss of knowledge of property. Securing the equipments
those are valuable can be achieved through cables, locks and placement of equipments.
Key locks may be needed for several equipments such as printers.
 Document security: security of document is essential to secure corporate documents and
information of customers may be needed for protection of consumers and for legal

2TOPICS IN HIGH-ASSURANCE COMPUTING
concerns (Lins, Sousa & Rosa, 2018). The documents must be stored in a very secure
room that can only be accessed by authorized people of the organization. All the
important documents should be backed up and should be stored with encryption of
password. Instructions on the appropriate utilization and the storage of the documents
must be provided to any of the employees of the organization who accesses the
documents those are sensitive.
The employees must be trained about the security needs of the company, they should
know about several topics of security, and it would be of immense importance to the
company (He et al., 2019). The two topics of company that the employees should know in the
organization is the management of data and safe habits of internet. The management of data
is very important for the employees to know, as the data are important for the organization as
it consists of important information of clients. The employees should keep the back up of the
data so that if they are deleted accidentally, then they can get the data back. The employees
should have safe internet habits and they should be conversant with the attacks of phishing
and the other attacks (Anwar, He & Yuan, 2017). They should be conversant with the
breaches of data so that if any time data breach occurs then they can minimize the data
breach.

3TOPICS IN HIGH-ASSURANCE COMPUTING
References
Anwar, M., He, W., & Yuan, X. (2017, June). Cybersecurity Behavior Training for
Employees. In EdMedia+ Innovate Learning (pp. 1229-1232). Association for the
Advancement of Computing in Education (AACE).
He, W., Anwar, M., Ash, I., Li, L., Yuan, X., Xu, L., & Tian, X. (2019). Effects of Evidence-
Based Malware Cybersecurity Training on Employees.
Lins, F. A., Sousa, E. T., & Rosa, N. S. (2018). A survey on automation of security
requirements in service-based business processes. International Journal of Web
Engineering and Technology, 13(1), 3-29.
Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines
for effective information security management. Auerbach Publications.
Souag, A., Mazo, R., Salinesi, C., & Comyn-Wattiau, I. (2016). Reusable knowledge in
security requirements engineering: a systematic mapping study. Requirements
Engineering, 21(2), 251-283.
Türpe, S. (2017, September). The trouble with security requirements. In 2017 IEEE 25th
International Requirements Engineering Conference (RE) (pp. 122-133). IEEE.