Developing a Security Plan – Term Paper Example

Download full paperFile format: .doc, available for editing

The paper "Developing a Security Plan" is a wonderful example of a term paper on information technology.   Information security is the safeguarding of information and information systems. This is done to ensure that only authorized people get to access such information or use it. Moreover, it protects such information from any tampering or damages. Many organizations irrespective of their size gather and store vast volumes of information that is confidential only to them. The information could be regarding the organization’ s employees, clients, research, products, or fiscal operations. Most of this information is normally gathered, processed, and stored in computers and conveyed through networks to other computers (Masahiro & Zheng, 1999).

Incase such important information landed into the wrong hands, the business could collapse, lawsuits, stealing, or bankruptcy in an organization. Thus, information security is necessary to prevent all this. Some areas requiring information security include network security, business stability planning, record security, and information systems auditing. Physical holdings at risk Physical holdings at risk include the organization buildings and room outlay which could be photographed by some people who may want to know something about such an organization.

Again, other physical holdings at risk include the computers and other USB devices which normally store sensitive information regarding the organization. This equipment could be stolen and hence this data concerning such an organization could be lost and eventually land into the wrong hands. The offices are also at risk since they normally have important information in the form of hardcopy. This could be in files and papers that are filed. Thus, if the offices are broken into, it is very easy to access information that belongs to someone else or is absolutely confidential to selected few within the organization.

Landing on such documents on the wrong hands will consequently lead to a breach of very confidential information (Timothy, 2006). Human holdings at risk This includes the information regarding the organization’ s employees which could be known by for example the human resources department. Again, some employees within the organization could also be aware of confidential information regarding the organization. This information is at risk since such people could opt to disclose this information to parties who are not authorized.

Another human holding at risk is employees’ passwords and private information which could be investigated secretly by privy employees (Harris, 2005). Electronic holdings at risk The electronic holdings at risk include the confidential emails sent within the organization, the organization’ s network system, and all the organization’ s information stored in the computers. The organization’ s programs are also at risk. Some people could track others' email passwords to access their emails hence tracking important information maybe they are not authorized to know. Still, some people could hack the organization’ s system and get to know what the organization employees do.

The data also in the USB’ s, flash disks, and CD-ROMs could be at risk of being accessed illegally. This is most likely to happen since such data storage devices are portable hence easy to steal without notice. Thus the organization is at risk of losing such data.

References

Bekenstein, J.D. (2003). Information in the holographic universe. Cambridge: Scientific American Press.

Harris, S. (2005). All-in-one CISSP Exam Guide, Third Edition, California: McGraw Hill

Masahiro M. & Zheng, Y. (1999). Information security: Second International Workshop. Malaysia: Springer.

Michael, A. (2004). Caloyannides, Privacy protection, and computer forensics. Sydney: Artech House.

Shari, L. P. (2003). Security in computing. New York: Prentice-Hall PTR.

Timothy, P. L. (2006). Information security: design, implementation, measurement, and compliance Information technology. London: CRC Press.

Thomas, R. P. (2002). Information security policies, procedures, and standards: guidelines for effective information security management. London: CRC Press,

Vanstone, S. A. (1997). Handbook of applied cryptography; CRC Press series on discrete mathematics and its applications. London: CRC Press.

Download full paperFile format: .doc, available for editing
Contact Us