Introduction to security and personnel, Computer Network Security

Assignment Help:

INTRODUCTION TO SECURITY AND PERSONNEL

When implementing information security, there are several human resource issues that should be addressed. They are

•    Positioning and naming
•    Staffing
•    By valuating impact of information security across the role in IT function
•    By integrating solid information security concepts into persons practices

Employees feel threatened when organization is creating or enhancing overall information security program.

 Positioning and Staffing the Security Function

Security function can be placed within the following:

- IT function
- Administrative services function
- Insurance and risk management function
-Physical security function
- Legal department

Organizations balance requirements of enforcement with the requirement for education, training, awareness, and customer service.

Staffing the Information Security Function

Selecting personnel is based on several criteria, including supply and demand. Many professionals enter security market by gaining experience, skills, and credentials. Presently information security industry is in period of high demand.


 Credentials of Information Security Professionals

Many organizations seek recognizable certifications where most of the existing certifications are new and not fully understood by hiring organizations. Certifications include: TICSA; Security+; CISSP and SSCP; CISA and CISM; GIAC; SCP; IISFA’s Certified Information Forensics Investigator.

Cost of Being Certified

Better certifications can be much expensive even experienced professionals find it difficult to take an exam without preparation. Many candidates teach themselves through trade press books; others prefer structure of formal training.

Advice for Information Security Professionals

Always keep in mind that business before technology. Technology offers elegant solutions for some problems, but increases difficulties for others. Never lose the sight of target: protection. Be heard and not seen. Be more skillful than you let on; know more than you say. Speak to users, not at them. Know that is education can never be completed.


 Separation of Duties and Collusion

Separation of duties --control used to reduce the chance of individual violating information security; stipulates completion of significant task requires at least two people. Figure given below depicts how to prevent collusion.

Collusion – dishonest workers conspiring to commit unauthorized task.

Two-man control – The two individuals review and approve work of each other before the task is categorized as finished.

Job rotation – Employees know each others’ job skills.

 

 

                       2353_INTRODUCTION TO SECURITY AND PERSONNEL.png


Related Discussions:- Introduction to security and personnel

Risk control strategies-, Risk Control Strategies Once the ranked vulner...

Risk Control Strategies Once the ranked vulnerability risk worksheet has created, they should choose one of following 4 strategies to control each risk: •Apply safeguards which

Calculate the total latency, Question (a) Inspect the following ifconfi...

Question (a) Inspect the following ifconfig output of an IPv6 interface: i. What is the hidden Hardware Address of the interface on Line #1? ii. What is the hidden subn

Ip datagram header format, IP DATAGRAM HEADER FORMAT:  It is given in...

IP DATAGRAM HEADER FORMAT:  It is given in the figure below:   In the table: VERS denotes the version of IP. H.LEN denotes the header length in units of

What is network virtual terminal, Network Virtual Terminal It is a set...

Network Virtual Terminal It is a set of principles describing a very simple virtual terminal interaction. The NVT is needed in the start of a Telnet session. Communication wit

Direct indexing, DIRECT INDEXING It is less usually known method. It i...

DIRECT INDEXING It is less usually known method. It is possible only is cases where protocols address are given from a compact range. In the diagram below an example of direct

Explain the dimension of service quality, Problem 1: Discuss how TWO of...

Problem 1: Discuss how TWO of the following gurus have contributed to the Quality Movement, highlighting the major points of their philosophies: (a) Edward Deming (b) Jose

Explain the concept behind digital signature, Question: a) Differenti...

Question: a) Differentiate between ‘Gross Settlement' and ‘Multilateral Net Settlement' providing suitable examples where necessary to support your answer. b) Differentia

Md Fayzul karim, How can I get help for Linux automotion configuration (...

How can I get help for Linux automotion configuration (Network, virtualization, security and Firewal etc) with bash scrip. What is the charge for.

Explain the term quality of service in networks, QUESTION (a) One of th...

QUESTION (a) One of the biggest drawbacks that GNS3 has is that it supports only the IOS images of routers. This means that users cannot emulate Cisco switches. Suggest two sol

What type of rfid tag is more appropriate for ws-pass, Consider the followi...

Consider the following case study: In order to avoid criticisms of their existing manned road-toll payment system on its private road, WS-Pass has decided to adopt an automated

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd