Strategic Information Security Analysis and Program Development
VerifiedAdded on 2020/02/18
|15
|3735
|37
Report
AI Summary
This report analyzes the strategic information security of iPixel, a Singapore-based web development company. It identifies vulnerabilities in their current security system, including threats to business data, information security, and technical security. The report recommends a new security program with upgraded hardware and software, a dedicated cyber security team, and a system monitoring system. An implementation plan is outlined, including project initiation, execution phases (system analysis, technical upgrades, and risk management), and project completion with ISO 27001 implementation and employee training. The report emphasizes the importance of proactive cyber security measures to protect against evolving threats and ensure the confidentiality and integrity of iPixel's data and client information.
Running Head: STRATEGIC INFORMATION SECURITY
Strategic Information Security
Name of the Student
Name of the University
Strategic Information Security
Name of the Student
Name of the University
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1STRATEGIC INFORMATION SECURITY
Table of Contents
1.0 Introduction................................................................................................................................2
2.0 Development of Security Program............................................................................................3
2.1 Definition of Problem Statement...........................................................................................3
2.2 Current Security System at the Chosen Organization...........................................................4
2.3 Suggested Security Program..................................................................................................5
2.4 Implementation Plan..............................................................................................................6
2.5 Suggested ISO Security Standard..........................................................................................8
2.6 Threat Identification and Risk Management.........................................................................8
3.0 Conclusion.................................................................................................................................9
4.0 Recommendations....................................................................................................................10
References......................................................................................................................................12
Table of Contents
1.0 Introduction................................................................................................................................2
2.0 Development of Security Program............................................................................................3
2.1 Definition of Problem Statement...........................................................................................3
2.2 Current Security System at the Chosen Organization...........................................................4
2.3 Suggested Security Program..................................................................................................5
2.4 Implementation Plan..............................................................................................................6
2.5 Suggested ISO Security Standard..........................................................................................8
2.6 Threat Identification and Risk Management.........................................................................8
3.0 Conclusion.................................................................................................................................9
4.0 Recommendations....................................................................................................................10
References......................................................................................................................................12
2STRATEGIC INFORMATION SECURITY
1.0 Introduction
The chosen organization for this research is iPixel, which is a company involved in
website development, design and development of graphic designs. iPixel is one of the largest
web development companies in Singapore and is now looking to emphasize on the international
market. It has been partially successful in stretching their services over the international markets
and they have now developed a significant customer base outside of Singapore. This research
work is mainly based on the analysis of this particular company to find whether there are any
security issues and loopholes in the existing system. Since, the entirety of the work of iPixel is
hosted online i.e. the entire development and design processes are done on the virtual interface
using virtual and software driven tools and techniques, sufficient cyber security measures are
essential in ensuring the protection of different confidential data like the business strategies of
the company, transactional details, identities and personal information of the clients and others.
Moreover, with the rising number of reported issues of hacking worldwide, it is to be ensured
that the company has implemented sufficient cyber security measures to counter any types of
attacks. After the analysis of the existing security system at the company, a recommendation
system as well as the consequent project planning has been provided in this report. This project
plan is aimed at implementing a new information system that will address the security issues that
are currently faced by iPixel.
In this report, an analysis has been conducted on the existing information security system
of iPixel and a suitable security management plan and ISO plan have been suggested
accordingly.
1.0 Introduction
The chosen organization for this research is iPixel, which is a company involved in
website development, design and development of graphic designs. iPixel is one of the largest
web development companies in Singapore and is now looking to emphasize on the international
market. It has been partially successful in stretching their services over the international markets
and they have now developed a significant customer base outside of Singapore. This research
work is mainly based on the analysis of this particular company to find whether there are any
security issues and loopholes in the existing system. Since, the entirety of the work of iPixel is
hosted online i.e. the entire development and design processes are done on the virtual interface
using virtual and software driven tools and techniques, sufficient cyber security measures are
essential in ensuring the protection of different confidential data like the business strategies of
the company, transactional details, identities and personal information of the clients and others.
Moreover, with the rising number of reported issues of hacking worldwide, it is to be ensured
that the company has implemented sufficient cyber security measures to counter any types of
attacks. After the analysis of the existing security system at the company, a recommendation
system as well as the consequent project planning has been provided in this report. This project
plan is aimed at implementing a new information system that will address the security issues that
are currently faced by iPixel.
In this report, an analysis has been conducted on the existing information security system
of iPixel and a suitable security management plan and ISO plan have been suggested
accordingly.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3STRATEGIC INFORMATION SECURITY
2.0 Development of Security Program
2.1 Definition of Problem Statement
iPixel is a Singapore based organization that deals with development of websites, web
contents and graphic designs for clients around the world. Due to the range of their services, it is
necessary for them to have sufficient cyber security in order to protect confidential information,
client identity and personal details, business strategies and other critical data and information.
While analyzing their existing security system, a number of problems and loopholes have been
detected. These are listed as follows. However, before proceeding to the different categories of
the problems, it should be noted that the source of all these problems is the internet. The reasons
are described accordingly.
Business Security – iPixel provides web based solutions to the clients worldwide. Hence,
the range of the business area of the company spreads all over the world. As a result, the
company must have suitable business strategies and policies in order to provide such services.
Moreover, since the services include web based solutions and development, the entirety of their
services are hosted online in the virtual interface. Hence, their business security faces significant
challenges from the cyber security challenges (Feng, Siu and Zhang 2013). There are numerous
web development companies around the world and they might try to access iPixel’s business
strategies in order to gain competitive advantage. There may be some hackers as well, who may
try to access the business information and sell them to the rival companies for a very high value
of money. This is one critical problem iPixel faces and that must be addressed immediately in
order to protect all the business related data and information.
2.0 Development of Security Program
2.1 Definition of Problem Statement
iPixel is a Singapore based organization that deals with development of websites, web
contents and graphic designs for clients around the world. Due to the range of their services, it is
necessary for them to have sufficient cyber security in order to protect confidential information,
client identity and personal details, business strategies and other critical data and information.
While analyzing their existing security system, a number of problems and loopholes have been
detected. These are listed as follows. However, before proceeding to the different categories of
the problems, it should be noted that the source of all these problems is the internet. The reasons
are described accordingly.
Business Security – iPixel provides web based solutions to the clients worldwide. Hence,
the range of the business area of the company spreads all over the world. As a result, the
company must have suitable business strategies and policies in order to provide such services.
Moreover, since the services include web based solutions and development, the entirety of their
services are hosted online in the virtual interface. Hence, their business security faces significant
challenges from the cyber security challenges (Feng, Siu and Zhang 2013). There are numerous
web development companies around the world and they might try to access iPixel’s business
strategies in order to gain competitive advantage. There may be some hackers as well, who may
try to access the business information and sell them to the rival companies for a very high value
of money. This is one critical problem iPixel faces and that must be addressed immediately in
order to protect all the business related data and information.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4STRATEGIC INFORMATION SECURITY
Information Security – In addition to the business data, there are also other data and
information stored in the company’s cloud server. These data and information include shares of
the company owners, investment and loan details, sales records, detailed information of the
clients and employees, service history and others (Coronel and Morris 2016). iPixel uses basic
security firewall to protect these data and information from cyber security threats but at the
current technologically advanced world, this firewall is not sufficient to protect the data from the
attacks. The hackers are now able to create strong and malicious files that can even enter a
system without even getting detected by the firewalls. Hence, the information security issue must
be addressed immediately.
Technical Security – Technical security is another problem area that must be addressed
by iPixel in order to protect their business information and data. Technical security mainly refers
to the security of physical storage devices as well as the softwares used by the organization for
the web developments and solutions (Chang 2016). Most of the softwares used by the company
require installation of periodic updates, renewal of license and others. During these operations,
some malicious files may enter the system and result in disastrous consequences. Hence, this
issue also must be addressed immediately.
2.2 Current Security System at the Chosen Organization
Before the suggestion of a new security program, the current security system at iPixel has
been analyzed. According to the analysis, it has been found that iPixel is serious about the
security threats and has taken active initiatives to protect its server from the external threats. The
security measures taken by iPixel include security firewalls, antivirus softwares and others.
However, the main issue with this system is that all these measures are short term in nature and
will not be any long term solution (Rosemann and vom Brocke 2015). Again, these measures can
Information Security – In addition to the business data, there are also other data and
information stored in the company’s cloud server. These data and information include shares of
the company owners, investment and loan details, sales records, detailed information of the
clients and employees, service history and others (Coronel and Morris 2016). iPixel uses basic
security firewall to protect these data and information from cyber security threats but at the
current technologically advanced world, this firewall is not sufficient to protect the data from the
attacks. The hackers are now able to create strong and malicious files that can even enter a
system without even getting detected by the firewalls. Hence, the information security issue must
be addressed immediately.
Technical Security – Technical security is another problem area that must be addressed
by iPixel in order to protect their business information and data. Technical security mainly refers
to the security of physical storage devices as well as the softwares used by the organization for
the web developments and solutions (Chang 2016). Most of the softwares used by the company
require installation of periodic updates, renewal of license and others. During these operations,
some malicious files may enter the system and result in disastrous consequences. Hence, this
issue also must be addressed immediately.
2.2 Current Security System at the Chosen Organization
Before the suggestion of a new security program, the current security system at iPixel has
been analyzed. According to the analysis, it has been found that iPixel is serious about the
security threats and has taken active initiatives to protect its server from the external threats. The
security measures taken by iPixel include security firewalls, antivirus softwares and others.
However, the main issue with this system is that all these measures are short term in nature and
will not be any long term solution (Rosemann and vom Brocke 2015). Again, these measures can
5STRATEGIC INFORMATION SECURITY
only fix lower level and random unidentified activities and malwares. On the other hand, with
the massive development of information technology in the last 10 to 15 years, there has been a
significantly huge development in the hackers’ technology as well. Ten years back, the hacking
attempts could have been easily detected and blocked within a short period of time. However, the
hackers have developed their dark technology so much that nowadays, most of them enter into a
server undetected and when the server finally detects something is wrong, it is already mostly
damaged by the malware (Wager, Lee and Glaser 2017). iPixel should consider this seriously
and immediately take suitable steps. Currently, iPixel does not even follow any specific is ISO
guideline that helps organizations to build up their defenses against cyber security threats. iPixel
provides web based solutions and developments to the clients all over the world and hence, they
have a very long range of reach in different parts of the world. Owing to the rapid growth of the
organization, there may be growing interest of the rivals to bring down their business to maintain
their own market competitiveness. Hence, they may as well hire third party hackers to break into
the server of iPixel and leak their business data, statistics and strategies. Again, some anonymous
hackers may also try to inject ransomwares into the company server so that they can either block
secure information and ask for ransom or sell the stolen information to the rivals in exchange for
a huge sum of money (Saxton, Oh and Kishore 2013). Both of these are very likely to happen,
especially when the entirety of the service works of iPixel are hosted online, and when they
occur, the company will have to bear extremely serious consequences that can also lead to
shutting down of their business.
2.3 Suggested Security Program
Following the analysis, the following suggestions are provided for the development of
new security system for iPixel.
only fix lower level and random unidentified activities and malwares. On the other hand, with
the massive development of information technology in the last 10 to 15 years, there has been a
significantly huge development in the hackers’ technology as well. Ten years back, the hacking
attempts could have been easily detected and blocked within a short period of time. However, the
hackers have developed their dark technology so much that nowadays, most of them enter into a
server undetected and when the server finally detects something is wrong, it is already mostly
damaged by the malware (Wager, Lee and Glaser 2017). iPixel should consider this seriously
and immediately take suitable steps. Currently, iPixel does not even follow any specific is ISO
guideline that helps organizations to build up their defenses against cyber security threats. iPixel
provides web based solutions and developments to the clients all over the world and hence, they
have a very long range of reach in different parts of the world. Owing to the rapid growth of the
organization, there may be growing interest of the rivals to bring down their business to maintain
their own market competitiveness. Hence, they may as well hire third party hackers to break into
the server of iPixel and leak their business data, statistics and strategies. Again, some anonymous
hackers may also try to inject ransomwares into the company server so that they can either block
secure information and ask for ransom or sell the stolen information to the rivals in exchange for
a huge sum of money (Saxton, Oh and Kishore 2013). Both of these are very likely to happen,
especially when the entirety of the service works of iPixel are hosted online, and when they
occur, the company will have to bear extremely serious consequences that can also lead to
shutting down of their business.
2.3 Suggested Security Program
Following the analysis, the following suggestions are provided for the development of
new security system for iPixel.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6STRATEGIC INFORMATION SECURITY
I. Immediately upgrade all the existing systems with latest hardware configurations
and software versions.
II. Appoint a reliable and expert cyber security team who will be able to detect issues
with the existing system as well as find solutions to these issues immediately.
III. Install the latest softwares and cyber security defenses.
IV. Train the employees to realize the importance of these softwares and their roles in
ensuring these softwares are always active in all the systems inside the office
premises.
V. Develop a significant cyber security defense with the help of security personnel
and respective softwares.
VI. Install a system monitoring system that will provide regular updates regarding the
system condition.
2.4 Implementation Plan
In order to implement the new security system, an implementation plan is required. A
proposed implementation plan is as follows.
Project Initiation – The company should consider naming the implementation as a full-
fledged project so that every activity is conducted systematically within a specific timeline. For
that, the company needs to appoint a project team and prepare a suitable project plan.
Accordingly, the company needs to decide on a suitable budget that will be sufficient for
purchasing all necessary resources and softwares. This will be allocated to the project team and
they will use it to fulfill their duties in the project. After the project plan is completed, the project
will be gradually initiated.
I. Immediately upgrade all the existing systems with latest hardware configurations
and software versions.
II. Appoint a reliable and expert cyber security team who will be able to detect issues
with the existing system as well as find solutions to these issues immediately.
III. Install the latest softwares and cyber security defenses.
IV. Train the employees to realize the importance of these softwares and their roles in
ensuring these softwares are always active in all the systems inside the office
premises.
V. Develop a significant cyber security defense with the help of security personnel
and respective softwares.
VI. Install a system monitoring system that will provide regular updates regarding the
system condition.
2.4 Implementation Plan
In order to implement the new security system, an implementation plan is required. A
proposed implementation plan is as follows.
Project Initiation – The company should consider naming the implementation as a full-
fledged project so that every activity is conducted systematically within a specific timeline. For
that, the company needs to appoint a project team and prepare a suitable project plan.
Accordingly, the company needs to decide on a suitable budget that will be sufficient for
purchasing all necessary resources and softwares. This will be allocated to the project team and
they will use it to fulfill their duties in the project. After the project plan is completed, the project
will be gradually initiated.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7STRATEGIC INFORMATION SECURITY
Project Execution: Phase 1 – This is the first phase of project execution where the entire
system will be analyzed by the security implementation team. They will search for the flaws and
loopholes that are existing in the system and will suitable solutions for the problem. After that,
the team will use the budget allocated to them to buy necessary resources like hardwares and
softwares for the technical upgrade of the current system. It is to be ensured that the hardwares
purchased are of latest configurations and the softwares purchased are of the latest versions. The
team will install these systems to replace the new one. It is also recommended that the server
should changed with new and better internet connection (optical fiber is recommended).
Project Execution: Phase 2 – In this phase, the installation of the hardwares and
softwares should be complete and now, the team will check the running of the server and the
extent of external security threats it may face. After that, the team will install cyber security
softwares that will be useful in countering against external security threats including virus,
malwares and others. The team should ensure that the security software is as strong as possible
so that maximum amount of attacks can be easily countered.
Project Execution: Phase 3 – In the final phase of project execution, a risk analysis
needs to be conducted for suitable risk management measures. The risk assessment needs to
cover different sections of the project implementation including hardware risks, software risks,
external risks, cloud server risks and others. After all the possible risks are detected, suitable risk
management techniques need to be applied so that the risks do not occur during any time in the
future.
Project Completion – Before signing off the project as complete, the project manager
should evaluate the entire project by reading the project report document as well as getting visual
Project Execution: Phase 1 – This is the first phase of project execution where the entire
system will be analyzed by the security implementation team. They will search for the flaws and
loopholes that are existing in the system and will suitable solutions for the problem. After that,
the team will use the budget allocated to them to buy necessary resources like hardwares and
softwares for the technical upgrade of the current system. It is to be ensured that the hardwares
purchased are of latest configurations and the softwares purchased are of the latest versions. The
team will install these systems to replace the new one. It is also recommended that the server
should changed with new and better internet connection (optical fiber is recommended).
Project Execution: Phase 2 – In this phase, the installation of the hardwares and
softwares should be complete and now, the team will check the running of the server and the
extent of external security threats it may face. After that, the team will install cyber security
softwares that will be useful in countering against external security threats including virus,
malwares and others. The team should ensure that the security software is as strong as possible
so that maximum amount of attacks can be easily countered.
Project Execution: Phase 3 – In the final phase of project execution, a risk analysis
needs to be conducted for suitable risk management measures. The risk assessment needs to
cover different sections of the project implementation including hardware risks, software risks,
external risks, cloud server risks and others. After all the possible risks are detected, suitable risk
management techniques need to be applied so that the risks do not occur during any time in the
future.
Project Completion – Before signing off the project as complete, the project manager
should evaluate the entire project by reading the project report document as well as getting visual
8STRATEGIC INFORMATION SECURITY
working and demonstration of the system from the project team. After everything has been
finalized, the project manager should implement a specific ISO Security Standard that will need
to be followed throughout the course of business operations of the company. Moreover, some
training sessions will be provided to the company employees so that they learn the value of cyber
security and abide by all the rules and regulations set by the chosen ISO security standard.
2.5 Suggested ISO Security Standard
There are a number of ISO security standards that provide sets of rules and guidelines
regarding information security management systems. The ISO 27000 family mainly deals with
information technology and information systems. Hence, one of the standards from this family is
suitable for application in this particular company. After analysis of all the available standards,
the most suitable one is found to be ISO 270001 (also called ISO/IEC 27001) (Feng, Siu and
Zhang 2013.). This particular standard mainly deals with leadership, planning, support,
operations and performance evaluation guidelines. These are the main areas that the company
lacks and need to be addressed. Oral recommendation to the employees by the manager is not
sufficient and hence, implementation of the ISO standard is necessary.
2.6 Threat Identification and Risk Management
In addition to finding flaws in the system, identification of threats and subsequent risk
management are also necessary. The possible threats are identified as follows.
Hackers – Owing to the rapid growth of the organization, there may be growing interest
of the rivals to bring down their business to maintain their own market competitiveness. Hence,
they may as well hire third party hackers to break into the server of iPixel and leak their business
data, statistics and strategies. Again, some anonymous hackers may also try to inject
working and demonstration of the system from the project team. After everything has been
finalized, the project manager should implement a specific ISO Security Standard that will need
to be followed throughout the course of business operations of the company. Moreover, some
training sessions will be provided to the company employees so that they learn the value of cyber
security and abide by all the rules and regulations set by the chosen ISO security standard.
2.5 Suggested ISO Security Standard
There are a number of ISO security standards that provide sets of rules and guidelines
regarding information security management systems. The ISO 27000 family mainly deals with
information technology and information systems. Hence, one of the standards from this family is
suitable for application in this particular company. After analysis of all the available standards,
the most suitable one is found to be ISO 270001 (also called ISO/IEC 27001) (Feng, Siu and
Zhang 2013.). This particular standard mainly deals with leadership, planning, support,
operations and performance evaluation guidelines. These are the main areas that the company
lacks and need to be addressed. Oral recommendation to the employees by the manager is not
sufficient and hence, implementation of the ISO standard is necessary.
2.6 Threat Identification and Risk Management
In addition to finding flaws in the system, identification of threats and subsequent risk
management are also necessary. The possible threats are identified as follows.
Hackers – Owing to the rapid growth of the organization, there may be growing interest
of the rivals to bring down their business to maintain their own market competitiveness. Hence,
they may as well hire third party hackers to break into the server of iPixel and leak their business
data, statistics and strategies. Again, some anonymous hackers may also try to inject
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9STRATEGIC INFORMATION SECURITY
ransomwares into the company server so that they can either block secure information and ask
for ransom or sell the stolen information to the rivals in exchange for a huge sum of money.
Malwares – Malwares are faulty file extensions that are either broken parts of faulty files
or are intentionally created to infect and destroy a particular system or even a server. These
malwares can also be created inside the system due to some failed discard of a particular file.
While some malwares can easily be detected, some others are detected very late when the system
is already damaged.
Accordingly, suitable risk management plans are necessary to counter these identified
threats as these can have serious consequences on the system as well as the server. Furthermore,
they will also have serious impact on the business of the company. Hence, as a risk management
plan, the company will need to install cyber security softwares that will be useful in countering
against external security threats including virus, malwares and others. The company should
ensure that the security software is as strong as possible so that maximum amount of attacks can
be easily countered.
3.0 Conclusion
In this report, an analysis has been conducted on the existing information security system
of iPixel and a suitable security management plan and ISO plan have been suggested
accordingly. Based on the analysis of the existing system at iPixel, it has been found that there
are a lot of loopholes and issues with the system. When iPixel was first setup, a cyber security
system was implemented that was not upgraded any further till now. On the other hand, over the
years, the hackers have continuously upgraded themselves. Hence, the existing cyber security
system will not be sufficient if the existing system continuous to run without any upgrades and
ransomwares into the company server so that they can either block secure information and ask
for ransom or sell the stolen information to the rivals in exchange for a huge sum of money.
Malwares – Malwares are faulty file extensions that are either broken parts of faulty files
or are intentionally created to infect and destroy a particular system or even a server. These
malwares can also be created inside the system due to some failed discard of a particular file.
While some malwares can easily be detected, some others are detected very late when the system
is already damaged.
Accordingly, suitable risk management plans are necessary to counter these identified
threats as these can have serious consequences on the system as well as the server. Furthermore,
they will also have serious impact on the business of the company. Hence, as a risk management
plan, the company will need to install cyber security softwares that will be useful in countering
against external security threats including virus, malwares and others. The company should
ensure that the security software is as strong as possible so that maximum amount of attacks can
be easily countered.
3.0 Conclusion
In this report, an analysis has been conducted on the existing information security system
of iPixel and a suitable security management plan and ISO plan have been suggested
accordingly. Based on the analysis of the existing system at iPixel, it has been found that there
are a lot of loopholes and issues with the system. When iPixel was first setup, a cyber security
system was implemented that was not upgraded any further till now. On the other hand, over the
years, the hackers have continuously upgraded themselves. Hence, the existing cyber security
system will not be sufficient if the existing system continuous to run without any upgrades and
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10STRATEGIC INFORMATION SECURITY
changes. With the flourishing of the business of iPixel, the company continues to increase the
customer base and at the same time continuous to ignore the necessity for implementing
sufficient cyber security measures to protect all the confidential files, documents, information
and details. Another main issue that has been identified from the analysis is that the company
does not follow any specific ISO standards. ISO standards have been created to provide suitable
and helpful guidelines for different aspects of business. However, as the company does not
follow any, the officials also have no idea regarding cyber security guidelines and instructions.
Hence, an analysis of the existing security system at the company has been conducted in order to
identify the exact areas of weakness the company bears. Accordingly, a recommendation system
as well as the consequent project planning has been developed and proposed in the course of this
report. This project plan has been developed in order to prepare an implementation plan for a
new information system that will address the security issues that are currently faced by iPixel.
4.0 Recommendations
As per the analysis of the current situation at the organization, the following
recommendations can be suggested.
System Upgrade – It is strongly recommended that the company must immediately
upgrade all the existing systems with latest hardware configurations and software versions. The
company should consider starting an entire project so that every implementation plan is
conducted systematically within a specific timeline. Accordingly, the company needs to decide
on a suitable budget that will be sufficient for purchasing all necessary resources and softwares.
Accordingly, they should develop a significant cyber security defense with the help of security
personnel and respective softwares.
changes. With the flourishing of the business of iPixel, the company continues to increase the
customer base and at the same time continuous to ignore the necessity for implementing
sufficient cyber security measures to protect all the confidential files, documents, information
and details. Another main issue that has been identified from the analysis is that the company
does not follow any specific ISO standards. ISO standards have been created to provide suitable
and helpful guidelines for different aspects of business. However, as the company does not
follow any, the officials also have no idea regarding cyber security guidelines and instructions.
Hence, an analysis of the existing security system at the company has been conducted in order to
identify the exact areas of weakness the company bears. Accordingly, a recommendation system
as well as the consequent project planning has been developed and proposed in the course of this
report. This project plan has been developed in order to prepare an implementation plan for a
new information system that will address the security issues that are currently faced by iPixel.
4.0 Recommendations
As per the analysis of the current situation at the organization, the following
recommendations can be suggested.
System Upgrade – It is strongly recommended that the company must immediately
upgrade all the existing systems with latest hardware configurations and software versions. The
company should consider starting an entire project so that every implementation plan is
conducted systematically within a specific timeline. Accordingly, the company needs to decide
on a suitable budget that will be sufficient for purchasing all necessary resources and softwares.
Accordingly, they should develop a significant cyber security defense with the help of security
personnel and respective softwares.
11STRATEGIC INFORMATION SECURITY
Appointment of Security Specialists – The security measures taken by iPixel include
security firewalls, antivirus softwares and others. However, the main issue with this system is
that all there are no long term solutions available and the company banks on short term solutions
only. Again, these measures can only fix simple lower level and random unidentified activities
and malwares. Hence, it is recommended that the company should appoint a reliable and expert
cyber security team who will be able to detect issues with the existing system as well as find
solutions to these issues immediately. The security team will also need to install the latest
softwares and cyber security defenses. Installation of a system monitoring system will provide
regular updates regarding the system condition.
Employee Training – The company must train the employees to realize the importance of
these softwares and their roles in ensuring these softwares are always active in all the systems
inside the office premises.
Appointment of Security Specialists – The security measures taken by iPixel include
security firewalls, antivirus softwares and others. However, the main issue with this system is
that all there are no long term solutions available and the company banks on short term solutions
only. Again, these measures can only fix simple lower level and random unidentified activities
and malwares. Hence, it is recommended that the company should appoint a reliable and expert
cyber security team who will be able to detect issues with the existing system as well as find
solutions to these issues immediately. The security team will also need to install the latest
softwares and cyber security defenses. Installation of a system monitoring system will provide
regular updates regarding the system condition.
Employee Training – The company must train the employees to realize the importance of
these softwares and their roles in ensuring these softwares are always active in all the systems
inside the office premises.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 15
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.