Introduction to security and personnel, Computer Network Security

Assignment Help:

INTRODUCTION TO SECURITY AND PERSONNEL

When implementing information security, there are several human resource issues that should be addressed. They are

•    Positioning and naming
•    Staffing
•    By valuating impact of information security across the role in IT function
•    By integrating solid information security concepts into persons practices

Employees feel threatened when organization is creating or enhancing overall information security program.

 Positioning and Staffing the Security Function

Security function can be placed within the following:

- IT function
- Administrative services function
- Insurance and risk management function
-Physical security function
- Legal department

Organizations balance requirements of enforcement with the requirement for education, training, awareness, and customer service.

Staffing the Information Security Function

Selecting personnel is based on several criteria, including supply and demand. Many professionals enter security market by gaining experience, skills, and credentials. Presently information security industry is in period of high demand.


 Credentials of Information Security Professionals

Many organizations seek recognizable certifications where most of the existing certifications are new and not fully understood by hiring organizations. Certifications include: TICSA; Security+; CISSP and SSCP; CISA and CISM; GIAC; SCP; IISFA’s Certified Information Forensics Investigator.

Cost of Being Certified

Better certifications can be much expensive even experienced professionals find it difficult to take an exam without preparation. Many candidates teach themselves through trade press books; others prefer structure of formal training.

Advice for Information Security Professionals

Always keep in mind that business before technology. Technology offers elegant solutions for some problems, but increases difficulties for others. Never lose the sight of target: protection. Be heard and not seen. Be more skillful than you let on; know more than you say. Speak to users, not at them. Know that is education can never be completed.


 Separation of Duties and Collusion

Separation of duties --control used to reduce the chance of individual violating information security; stipulates completion of significant task requires at least two people. Figure given below depicts how to prevent collusion.

Collusion – dishonest workers conspiring to commit unauthorized task.

Two-man control – The two individuals review and approve work of each other before the task is categorized as finished.

Job rotation – Employees know each others’ job skills.

 

 

                       2353_INTRODUCTION TO SECURITY AND PERSONNEL.png


Related Discussions:- Introduction to security and personnel

Plain-text using play-fair encryption, What is one-time pad for encryp...

What is one-time pad for encryption?  Describe how it offers both Confusion and Diffusion. Using the letter encoding discussed in class (along with one-time

Direct sequence modulation, Question 1 a) Provide three advantages of ...

Question 1 a) Provide three advantages of using optical fiber. b) Distinguish between "Direct Sequence Modulation" and "Frequency Hopping" c) Decribe the purpose of using "

Illustrate the label switching procedure in an mpls network, QUESTION ...

QUESTION a) Explain the terms traffic engineering, class-based queuing, shaping and grooming in an MPLS network. b) Using an example topology, illustrate the label swi

Does ssl protect against eavesdropping, QUESTION (a) Consider the follo...

QUESTION (a) Consider the following authentication options A. Using password B. Using pin and fingerprint Which option A or B provides stronger security and why? (b

Miss, You are an IT Security administrator in a banking organization. Your ...

You are an IT Security administrator in a banking organization. Your organization hired an outside IT firm to do a proof of Concept for new equipment which is a computer based syst

Fuckkkkk, Ask question #Minimum.. 100 words accepted#

Ask question #Minimum.. 100 words accepted#

Draw the full network diagram, Problem (a) Below is a capture of an E...

Problem (a) Below is a capture of an Ethernet II frame which contains an IPv4 packet and a TCP segment. The second screen capture is from the data portion of the frame.

Explain about security aware protocols, Q. Explain about Security aware pro...

Q. Explain about Security aware protocols? The security-Aware ad hoc Routing (SAR) protocol based on the security attributes integrated into the ad hoc route discovery provides

What is internet, The Internet is known as the set of networks connect...

The Internet is known as the set of networks connected by routers that are configured to pass traffic among any machine attached to any network in the set. By internet several

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd