Business needs-information security, Computer Network Security

Assignment Help:

BUSINESS NEEDS

Information security performs four main functions for an organization.

1. Protects the ability of organization to function.
2. Enables safe operation of applications implemented on organization’s its IT systems.
3. Protects data which the organization collects and uses.
4. Safeguards technology assets in use at the organization

Both general management and IT management responsible for implementing information security which protects the organization’s ability to function. Information security is management issue and people issue both as they perceive it to be a technically complex task; actually implementing information security has much to do with management than with technology.

Each and every organization should address information security in the terms of business impact and cost instead of focusing on security as a technical problem.

Enabling the Safe Operation of Applications

Modern organization is required s to create an environment which safeguard applications by using the organization’s IT systems. Like operating system (Windows/Unix/Linux etc.,), electronic mail, and instant messaging (IM) applications. Management should continue to oversee infrastructure once in place—not defer to IT department.

Protecting Data that Organizations Collect and Use

Without data, an organization loses the record of transactions and ability to deliver value to customers. Both protecting data in motion and data at rest are significant aspects of information security.

 Safeguarding Technology Assets in Organizations

To perform effectively, organizations should posses secure infrastructure services based on size and scope of enterprise. For example, a small business can get by using an e- mail service provided by an ISP and augmented with the personal encryption tool. Additional security services may be required as organization expands. For instance, organizational growth could lead to the requirement of public key infrastructure (PKI), an integrated system of software, legal agreements and encryption methodologies which can be used to support entire information infrastructure of an organization. More robust solutions may be required to replace security programs the organization has outgrown.


Related Discussions:- Business needs-information security

Asymmetric encryption-cryptography, Asymmetric Encryption Asymmetric encr...

Asymmetric Encryption Asymmetric encryption method makes use of two different but related keys and either key can be used to encrypt or decrypt the message. This method is freque

Http protocol, Question (a) Name 3 popular electronic mail access prot...

Question (a) Name 3 popular electronic mail access protocols? (b) i. What is DNS? ii. Briefly, describe what it does and how it works? iii. Why does DNS use a dist

What is the benefit of adopting a password aging policy, QUESTION (a) H...

QUESTION (a) Hashing and salting is commonly used as password storage techniques for most applications. Describe how hashing and salting enable secure storage of password (b

What are the intermediate systems and how they work, Question: a) Expla...

Question: a) Explain what the following intermediate systems are and how they work? i. Repeater ii. Bridge b) A service is formally specified by a set of primitives (op

Describe header fields present in a udp segment, Question (a) In relati...

Question (a) In relation to a TCP segment structure, provide the fields responsible for: i. Connection Management ii. Flow Control iii. Error Control iv. Reliable, in-order

Legal, LEGAL, ETHICAL AND PROFESSIONAL ISSUES To minimize liabilities an...

LEGAL, ETHICAL AND PROFESSIONAL ISSUES To minimize liabilities and reduce risks, information security practitioner should: •    to understand current legal environment •    to s

Simplex data exchange, Simplex data exchange Simplex communication def...

Simplex data exchange Simplex communication defines to communication that happens in one direction only. Two definitions have made over time: a common definition, which is des

Threat identification-risk management, Threat Identification After ident...

Threat Identification After identifying and performing a primary classification of an organization’s information assets, the analysis phase moves onto an examination of threats

Identify possible controls-information security, Identify Possible Controls...

Identify Possible Controls For each threat and linked vulnerabilities which have residual risk, create primary list of control ideas. Residual risk is the risk which remains to

History, how did slavery influence life in the colonies

how did slavery influence life in the colonies

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd