COIT20263 Information Security Management Report: OZ Dispatch Analysis

Verified

Added on 2023/01/16

AI Summary

This report provides a comprehensive analysis of information security management for OZ Dispatch, a company operating online services. It delves into the legal issues associated with mishandling information, including intellectual property rights, misuse of data, and violation of privacy. The report also outlines the ethical considerations for delivery staff, emphasizing honesty, professionalism, trust-building, effective leadership, and quality offerings. Furthermore, it details the measures OZ Dispatch should implement to protect its staff and operations, such as data encryption, application firewalls, DMZ, and strong passwords. The report also highlights essential components for the company's operational program, including information backup, remote data movement, and data lifecycle management. Finally, it covers aspects that subcontractors need to follow, emphasizing understanding project scope, meeting deadlines, and adhering to ethical standards. The report concludes by underscoring the importance of data security in enhancing business operations and the need to comply with relevant data protection laws and regulations.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: INFORMATION SECURITY MANAGEMENT
Information Security Management: OZ Dispatch Company
Name of the Student:
Name of the University:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1INFORMATION SECURITY MANAGEMENT
Table of Contents
Introduction......................................................................................................................................2
1. Legal issues related to mishandling information.........................................................................2
2. Ethics in InfoSec to be followed by the delivery staffs...............................................................3
3. The measures that OZ Dispatch needs to prevent their staff members.......................................4
4. The components required to be included in the program of OZ Dispatch..................................5
5. Aspects to be followed as a sub contractor of OZ Dispatch........................................................5
Conclusion.......................................................................................................................................6
References........................................................................................................................................7

2INFORMATION SECURITY MANAGEMENT
Introduction
This report depicts the importance and crucial necessity of using professional data
protection mechanisms to restrict the numbers of users and allow only the authenticated users to
access and use information while required. Regardless of type and size of businesses the
companies should adopt proper security aspects to operate their business successfully (Alsayed
and Bilgrami 2017). The company nominated for this report is OZ Dispatch. This company
operates online services for collecting and shipping orders while needed.
The legal issues related to the mishandling of confidential information are elaborated in
this report. Apart from that, while delivering ordered products the ethics in information security
(InfoSec) that are to be followed by the delivery staffs are also illustrated in this report. In
addition to this, the measures that OZ Dispatch require to prevent their staff members along with
the components required to be included in the operational program of the company are also
elaborated in this report. Besides this, some aspects are also there generally used by the sub
contractors are also illustrated in this report.
1. Legal issues related to mishandling information
Intellectual property rights: One of the leading legal issues that is associated to the
functional and operational activities of OZ Dispatch is intellectual property hacking, unwanted
data sharing.
Misuse of data: Another legal challenge will arise if any data gets hacked by the external
attackers and misused by them as well (Thomas, Burmeister and Low 2018). It is much crucial

3INFORMATION SECURITY MANAGEMENT
for the leading associates to ensure that none of the information are hacked or misused by the
hijackers.
Violation of privacy: The users data would be violated if the data storage facilities for
the organization and the data of the user are not secured efficiently. Hence access rights are to
reserved for the users to handle their own data and update any type of latest information on the
system.
2. Ethics in InfoSec to be followed by the delivery staffs
OZ Dispatch has planned to operate their business throughout NSW, Australia and
Parramatta by delivering their service to the consumers. The company sub contracted to design
and develop a new network operation of their company to deliver error free services to their
consumer (SK and Thippeswamy 2018). The consumers will be able to search for their desired
products and services through mobile app and websites. The ethical measures to be followed by
the staffs are as follows:
Ethical behavior: The assigned sub contractors, employees and other company
associates should follow the below ethics while decision making. Honesty and professionalism
are the main behavior must possess by each of the associate.
Building trust: The executive must ensure that all the employees and consumers and
having trust between each other (Fagade and Tryfonas 2017).
Effective leadership: All working heads of OZ Dispatch should possess professional
leadership qualities to motivate the rest of the members.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4INFORMATION SECURITY MANAGEMENT
Quality offering: Product quality is a major aspect that attracts new consumers and
retains existing customers. This ethical behavior will improve company revenue and operational
structures.
3. The measures that OZ Dispatch needs to prevent their staff members
In order to protect the service operating and processing by OZ Dispatch the measures
those are to be considered are elaborated in the below section:
Data encryption: Data encryption is one of the most widely used protection mechanism
that helps to protect the confidential (personal and financial) employee and client information. It
converts plain text into cipher text through encoding the information. It protects the data server
and as a result no unauthorized users are allowed to access information from the server while
required (Hernández, Baquero and Gil 2018). In this process a shared key is used by both the
sender and receiver, using shared key only the authorized users would be able to access
information from the server. The symmetric key cipher uses the similar secret key to encrypt as
well as decrypt message or file.
Application firewall: This need to be used by OZ Dispatch to enhance the standard
firewall program, through providing firewall services up to the application layer. The
applications performed by application firewall include application execution, data handling
malicious code blocking etc (Hettiarachchi and Wickramasinghe 2016.). The company requires
using both network based and host based application firewall to scan, monitor specific
applications. It also helps to monitor the incoming and outgoing traffic those are initiated by the
service and applications.

5INFORMATION SECURITY MANAGEMENT
DMZ and strong password: The demilitarized zone of the network is needed to be
secured from the external attackers. In order to stop external hackers from hijacking confidential
data strong password needs to be incorporated.
4. The components required to be included in the program of OZ Dispatch
Once they place their orders it will be processed and shipped to the respective client.
However, in orders to process the order deliver system successful the components those are to be
incorporated by the company are as follows:
Information backup: In order to keep the confidential financial and personal
information of both employees and consumers safeguarding data is very important (Awan et al.
2017). OZ dispatch needs to safeguard their data through making their offline copies paralelly
with the online copied so that if any data gets hacked can be easily retrieved.
Remote movement of data: While data moves from primary location to other storage
that times the company requires improving their system and building facilities. Two of the most
common techniques used in this mechanism are remote copy and replications (Mushtaq et al.
2017). Professional usage of this component is also much crucial.
Data lifecycle management: This process helps to automate movement of critical data to
offline and online storage. The crucial perspectives of this technique helps placing data as a a
final state of read only storage.
Information lifecycle management: This comprehensive strategy helps valuing,
cataloguing and protect information assets from the hackers. These decisions are all driven by
information content requires policies for taking account the context of the data.

6INFORMATION SECURITY MANAGEMENT
5. Aspects to be followed as a sub contractor of OZ Dispatch
The sub contractor requires understanding the problem statement and scope of the work
at the initial phase. Then the sub contractors should direct their associated towards its goal and
objectives (Pereira, Barreto and Amaral 2017). The sub contractor needs to ensure that the
project will be completed within the assigned timeline and budget measuring all security aspects
and data protection mechanism. The contractors should ensure that the entire working
distribution centre requires following the ethical components.
Conclusion
From the overall discussion it can be concluded that, data security is referred to as one of
the most paramount aspect that helps to improve the business operational and functional
activities. In order to strengthen the individual’s security (in terms of personal and financial
information) the general personal data protection law and regulations are to be followed by the
organizational authority. The data protection directives implemented and promoted in the year of
2016 are required to be followed by the OZ Dispatch. These legal actions are again promoted or
improved in the year of 2018. Higher level data protection will simplify the approach of data
access with right data transferability and personal data processing techniques as well. The
company associates must have the ability to detect right and wrong set of actions to be taken.
The way through which ethical approaches, operational components, prevention measures and
data handling approaches help OZ Dispatch to operate the business are also illustrated in this
report.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7INFORMATION SECURITY MANAGEMENT
References
Alsayed, A. and Bilgrami, A., 2017. E-banking security: internet hacking, phishing attacks,
analysis and prevention of fraudulent activities. Int. J. Emerg. Technol. Adv. Eng, 7(1), p.110.
Awan, J.H., Memon, S., Pathan, S.M., Usman, M., Khan, R.A., Abbasi, S., Noonari, A.Q. and
Hussain, Z., 2017. A user friendly security framework for the protection of confidential
information. Int. J. Comput. Sci. Netw. Secur, 17(04), pp.215-223.
Fagade, T. and Tryfonas, T., 2017. Hacking a Bridge: An Exploratory Study of Compliance-
based Information Security Management in Banking Organization. In Proceedings of the 21st
World Multi-Conference on Systemics, Cybernetics and Informatics (WMSCI 2017) (Vol. 2, pp.
94-99).
Hernández, M., Baquero, L. and Gil, C., 2018. Ethical Hacking on Mobile Devices:
Considerations and practical uses. International Journal of Applied Engineering
Research, 13(23), pp.16637-16647.
Hettiarachchi, S. and Wickramasinghe, S., 2016. Study to Identify Threats to Information
Systems in Organizations and Possible Countermeasures through Policy Decisions and
Awareness Programs to Ensure the Information Security.
HR, P.K. and Chiplunkar, N.N., 2017. Strengthen the Security of Confidential Information Using
Cryptographic Techniques. International Journal of Applied Engineering Research, 12(16),
pp.5631-5636. SENANAYAKE, T. and FERNANDO, S., 2018. Information Security Education:
Watching your steps in cyberspace. The Online Journal of Science and Technology-April, 8(2).

8INFORMATION SECURITY MANAGEMENT
Joshi, C. and Singh, U.K., 2016. Security testing and assessment of vulnerability scanners in
quest of current information security landscape. International Journal of Computer
Applications, 145(2), pp.1-7.
Mushtaq, M.O., Shahzad, F., Tariq, M.O., Riaz, M. and Majeed, B., 2017. An efficient
framework for information security in cloud computing using auditing algorithm shell
(AAS). arXiv preprint arXiv:1702.07140.
Pereira, T., Barreto, L. and Amaral, A., 2017. Network and information security challenges
within Industry 4.0 paradigm. Procedia Manufacturing, 13, pp.1253-1260.
Singhal, H. and Kar, A.K., 2015, August. Information security concerns in digital services:
literature review and a multi-stakeholder approach. In 2015 International Conference on
Advances in Computing, Communications and Informatics (ICACCI) (pp. 901-906). IEEE.
SK, A. and Thippeswamy, K., 2018. A Brief Information of Ethical Hacking. In 3rd National
Conference on Image Processing, Computing, Communication, Networking and Data
Analytics (p. 495).
Thomas, G., Burmeister, O. and Low, G., 2018. Issues of Implied Trust in Ethical
Hacking. ORBIT Journal, 2(1).