With billions of users with private
information of both individuals and corporations, how can all of the valuable
data be protected? In what ways can the data be compromised? If you are a
manager or business owner, system vulnerability is a real issue that could
bring your business down overnight.
Security refers to the policies,
procedures, and technical measures used to prevent unauthorized access,
alteration, theft, or physical damage to information systems. Controls are
methods, policies, and organizational procedures that ensure the safety of the
organization’s assets; the accuracy and reliability of its records; and
operational adherence to management standards. (Laudon 293). Security is so
important for a company to make their priority because it would be like someone
leaving their credit card or purse sitting in the front seat of their car with
the windows down and doors unlocked; it’s putting you in a compromising
position.
Networks are vulnerable at any
access point and are open to programs such as malware, Trojan horse, computer
viruses, and worms. A hacker is an individual who intends to gain unauthorized
access to a computer system. (Laudon 298). The hacking community refers to
someone as a “cracker” if they are a hacker with criminal intent. Terms such as
cyber vandalism have been created to describe the malicious and criminal
activity that hackers do on the Internet. They might destroy websites or an
entire company’s network as well as steal valuable data. Hackers try to hide
their identities through spoofing or using different e-mail addresses or IP
addresses.
For managers in business, it’s
important to do a risk assessment before investing enormous amounts of money in
security and controls to determine where the majority of the money should be
allocated depending on potential threats and risks. Once the risks have been
determined, the company will need to create a security policy and acceptable
use policy (AUP) for all users within the company to understand how to use the
assets. Identity management is used to enhance security and identify users and
their security levels. Businesses can use various types of protection against
vulnerability such as firewalls, intrusion detection systems, antivirus and
antispyware software, unified threat management systems, etc.
With
any business, it’s important to plan for disaster recovery or emergency
preparedness. It’s also vital to incorporate IT recovery within the master
plans because most of the company’s today use so much IT technology and even a
few hours with the network being down or destruction of IT assets could be
detrimental to a company’s every day business processes, also called business
continuity planning.
Auditing
is also important to test and evaluate the information systems security and
controls on a regular basis. It’s also vital to test the systems to its limits
and the disaster recovery plans to help the company improve overall processes.
The safety and security of your company depends on the protection you invest
in.
Source: Laudon, Kenneth C. &
Jane P. Laudon. Management Information
Systems: Managing the Digital Firm 12th ed. Pearson Hall, 2010.
No comments:
Post a Comment