StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Organizational Security - Essay Example

Cite this document
Summary
From this paper, it is clear that the IT technician is a very valuable member of staff. He is responsible for ensuring that all IT equipment function as expected. These include desktop machines, laptops, servers, projectors, switches, wireless access points, and LAN access ports…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.3% of users find it useful
Organizational Security
Read Text Preview

Extract of sample "Organizational Security"

 Organizational Security Asset ID Asset Name Description Asset Value Priority Threat Description Controls in Place ARO Uncertainty Risk Value Controls Needed Action Plan ID 1 IT Technician Handles all queries on the ground $5000 Critical If not available then the IT department cannot attend to user problems 0.7 0.05 2 Software Development Acquiring assets and equipment for the department $10000 High Failure leads to delays in implementation of projects and maintenance of systems 0.7 0.001 3 Microsoft Dynamics Used to manage institution’s procurement $20000 Critical If it fails, or malfunctions, institution cannot procure materials. 0.5 0.05 4 Network Switches Distribute network to various departments $300 Vital Short Circuits kill switch denying network access to peripherals 0.25 0.15 5 Finance database Keeps up to date information on students fees, procurement, projects $20000 Critical Failure of DB halts all financial activities 0.7 0.001 The values for the assets are obtained from the event logs available at the IT department. Some of the data is also available in the asset inventory. For instance, the number of failed network switches can be found in the section containing equipment meant for disposal. Risks the Institution Faces Absence of an IT Technician The IT technician is a very valuable member of staff. He is responsible for ensuring that all IT equipment function as expected. These include desktop machines, laptops, servers, projectors, switches, wireless access points, and LAN access ports. The technician is always on standby to respond to queries raised by users. In addition, the technician works with the system administrator, and IT manager, to install software, configure equipment, and implement any IT related project within the institution. The absence of the IT technician, perhaps due to sickness, death, resignation, or termination of employment, leaves a vacuum as far as his duties and responsibilities are concerned. As such, any tasks that require the technician’s input go unattended to, hence, resulting in failures within the departments that rely on IT services. In order to protect the institution from the risk of lacking an IT technician, the IT department should make sure that there are at least two technicians on duty at any one time (Azari, 2003). If the department does this, then it will be highly unlikely that it loses the services of both technicians. Even if one is unwell, fired, or is away attending to other business, the other technician will be there to handle the queries. The Failure of the Software Development Process The IT department is tasked with the duty of providing applications for the institution. These applications are used to manage some of the activities in the institution; they include student registration and release of exam results. The department can either choose to develop the software or buy it off the shelf. The processes involved in development and purchase of software are complex and can fail if not handled carefully. Some of the reasons that may cause failure are: i. The finances allocated for acquiring the software may not be sufficient. This happens when the department chooses to develop the software. There are instances where the department runs out of money and has to wait, for the next financial year, to receive additional funding. This creates delays or even leads to the termination of projects. ii. There is a high risk that software purchased from commercial vendors may fail to meet requirements. iii. Failure to adhere to recommended software development procedures. iv. Lack of cooperation from those targeted to use a software system. The university can carry out the following activities to ensure that it acquires quality software: i. Ascertain that designers get the precise requirements of the desired software, before making a decision on the appropriate option to take. ii. All the stakeholders should be included in the improvement process. This will inculcate a sense of ownership in them, hence; reduce the level of rejection by users. iii. Provide adequate capital to fund the advancement of new programs Microsoft Dynamics The institution uses Microsoft Dynamics NAV to manage its procurement activities. The software captures all procurement procedures and is, therefore, critical to the operation of the procurement department. However, there are incidences where the software failed to work as expected, sometimes producing false results or none at all. The department keeps a physical backup of its records, which it uses in case NAV fails. Manual operation is, however, slow and inefficient. Some of the problems that the software experiences can be rectified by keeping it up to date; using the latest version will ensure that the department has the most stable and secure tool to use. Procurement should also ensure that they train their staff on how to use the software effectively, as some of the threats come about due to human error. Network Switch Failure Network switches act as paths through which the department distributes network connections within the institution. They connect the terminals to the network router. Switches are, therefore, crucial in the sharing of information within, and outside, the institution. However, just like other electronic devices, switches experience technical and electrical issues. Any failures in switches lead to disconnections. These cost the institution a lot, especially if the switch serves a critical resource. Some of the causes of failures in switches include electrical faults, power blackouts, and loose cable connections. In order to reduce the risk of failure of switches, the IT department should ensure that it deploys high quality network switches that have inbuilt power management systems. This can be enhanced by installing stable power backup systems for the switches, just like it happens with desktop computers. In addition, cables should be firmly attached to the ports to reduce chances of disconnection (Servon, 2002). Finance Database Failure The finance database keeps records of the institution’s financial activities such as fee payment, staff salaries, and income generating activities. Its operation is, therefore, crucial to the running of the institution. The database has failed severally; this has been attributed to various factors such as software bugs, malicious, unauthorized access, and network failures. The IT department has established that most of the failures of the database can be attributed to malicious acts, mostly by staff and students who collude to change financial statements in their favor. The department should implement strict access algorithms that will ensure that it reduces unauthorized access. To do that the IT department needs to develop a two-layered access authentication platform that verifies the identity of the user before allowing any access to the database’s content (Quiqley, 2004). In addition, the database should be accessible only within the institution’s intranet, and from pre-determined IP-addresses. This will ensure that persons with unrecognized devices do not access the database, even if they attempt to do it within the institution’s network. This assignment brings out the heavy dependencies between the activities in institutions and information. Companies that have good communication strategies enjoy high outputs from their activities. This implies that reliable communication is key in the successful running of a company. References Azari, R. (2003). Current security management & ethical issues of information technology. Hershey, PA: IGI Global. Quiqley, M. (2004). Information security and ethics: Social and organizational issues. Moscow: Irm Pr. Servon, L. J. (2002). Bridging the digital divide: Technology, community, and public policy. Hoboken, NJ: Wiley-Blackwell. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Organizational Security Essay Example | Topics and Well Written Essays - 1250 words”, n.d.)
Organizational Security Essay Example | Topics and Well Written Essays - 1250 words. Retrieved from https://studentshare.org/information-technology/1460043-organizational-security
(Organizational Security Essay Example | Topics and Well Written Essays - 1250 Words)
Organizational Security Essay Example | Topics and Well Written Essays - 1250 Words. https://studentshare.org/information-technology/1460043-organizational-security.
“Organizational Security Essay Example | Topics and Well Written Essays - 1250 Words”, n.d. https://studentshare.org/information-technology/1460043-organizational-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF Organizational Security

Development of the Framework and Organizational Security Strategy for the St Johns Hospital

The paper "Development of the Framework and Organizational Security Strategy for the St Johns Hospital" discusses how it is possible to incorporate the client information security policy in the on the whole Organizational Security policy.... hellip; In general, Information security reviews along with fulfillment justification evaluations proffer an in-depth measurement of an association's safety policies, personnel, communications and events....
7 Pages (1750 words) Case Study

Security in an Organization

In the essay “security in an Organization” the author analyzes proper security as an inevitable requirement in an organization for the smooth running of its business without incurring chances of many risks.... Building security in an organization facilitates to protect important data.... Implementation of security mechanism avoids the chances of loss of information.... Even though it is difficult to implement security, it is an inevitable part of any organization....
2 Pages (500 words) Essay

Development of database security

The essay "Development of database security" presented various techniques for implementing security features in a database which can lead an organization to have a logically secured database.... The database security is concerned with the unauthorized access or misuse of the authorized user which leads to the leakage of personal or potential information.... A database is said to be a reliable data storage source if it does not compromise on confidentiality (data security), integrity (the correctness of data) and availability....
4 Pages (1000 words) Term Paper

Organizational Security Plan at Exxon Mobil Security

The author uses the concepts of organizational behavior and management are in designing an Organizational Security plan at Exxon Mobil Security.... In this regard, the concepts of organizational behavior and management are used in designing an Organizational Security plan at Exxon Mobil Security.... The design is consistent with organizational behavior and management theory and practices and includes organizational mission and code of ethics....
10 Pages (2500 words) Term Paper

Organizational Security in the Internet

The paper "Organizational Security in the Internet" tells that businesses face higher risks because of the use of technology required for better living.... Understanding what the threats are with the Internet and how it is linked to Organizational Security and finding different alternatives to begin to secure organizations required to use technology and the Internet will also provide better solutions for those linked to IT.... he first major types of threats seen from the Internet and Organizational Security come from the internal environment and how end-users use technology....
6 Pages (1500 words) Essay

Organizational Security Expansion

This paper 'Organizational Security Expansion" focuses on the fact that security is a central factor that determines a country's development and investments (Harwood, 2008).... Formation of security organizations has played a key role in ensuring peace and security in all aspects of life.... First, American people are seen as a major threat to peace and security in Africa and the Middle East, especially in Arab territories.... nbsp; security companies involve large capital investments and hence cannot take any risk in investing in unproductive markets....
6 Pages (1500 words) Essay

Organizational Security Plan

In the paper “Organizational Security Plan” the author looks at the proliferation of industrial espionage as well as the growth of terrorist networks across the globe.... The security procedures undertaken by an organization should be practical and address the firm's security concerns.... security adherence is necessitated by the fact that any threat facing the organization hinders the potential of achieving its objectives....
6 Pages (1500 words) Assignment

Impact of Data Security on Enterprise Information Security Planning

Data security also outlines and describes all the essential components of this program while elucidating on the roles that this element can play in achieving the desired Organizational Security.... Data Security versus Enterprise Information Security PlanningISPO (2016) hypotheses that the process of establishing a suitable Organizational Security plan occurs in different stages and requires appropriate utilization of organizational resources to achieve the desired outcomes....
13 Pages (3250 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us