My scenario takes place at a banking facility in a local town. I call it the Western bank of West Virginia. Protecting information uses the same principals as protecting your personal belongings. Would one leave their house unlocked when they left for a week’s vacation? You keep your personal belongings out of others reach by locking them up or hiding them in a safe place.
Computer security is important to an Information system to ensure the Confidentiality, Integrity, and availability is not compromised. There are many ways to secure a computer based information system. The most important way to secure the system is to physically secure it. When securing a system it is advantageous to use layers of defense. If the outermost layer …show more content…
Risk must be dealt with in various ways. The principal of least privilege is a principal that is used and it involves restricting access to only those that truly need it. User Account control (UAC) is a tool used in Microsoft to only allows software that is approved by an administrator to be installed on a local host computer. Securing a network requires that a risk assessment be completed. This will direct the administrator as to what needs to be done to secure the information and the system. Less vital or crucial data may not need as much protection as the types of data like account numbers, and trade secrets. You must follow the laws that govern you business. In a bank there may be data that can’t be disclosed to the public until it is reported. Insider trading is a type of unethical practice that is illegal. If your information is not protected from this type of disclosure it can lead to prosecution of your firm. Taking steps to keep confidentiality of information is extremely important. Corporate espionage is unethical behavior but it does still exist and happen. Security as a service is also an option. Companies offer services to customers the help with security. ADT2 is a company that specializes in security as a service. If your company decides to entrust their informational security needs to an outside source their trade secrets are also in the hands of the company that supplies the service. This is an option that will need to be evaluated before entering into using an outside source to secure your computer based information
Computer security is important to an Information system to ensure the Confidentiality, Integrity, and availability is not compromised. There are many ways to secure a computer based information system. The most important way to secure the system is to physically secure it. When securing a system it is advantageous to use layers of defense. If the outermost layer …show more content…
Risk must be dealt with in various ways. The principal of least privilege is a principal that is used and it involves restricting access to only those that truly need it. User Account control (UAC) is a tool used in Microsoft to only allows software that is approved by an administrator to be installed on a local host computer. Securing a network requires that a risk assessment be completed. This will direct the administrator as to what needs to be done to secure the information and the system. Less vital or crucial data may not need as much protection as the types of data like account numbers, and trade secrets. You must follow the laws that govern you business. In a bank there may be data that can’t be disclosed to the public until it is reported. Insider trading is a type of unethical practice that is illegal. If your information is not protected from this type of disclosure it can lead to prosecution of your firm. Taking steps to keep confidentiality of information is extremely important. Corporate espionage is unethical behavior but it does still exist and happen. Security as a service is also an option. Companies offer services to customers the help with security. ADT2 is a company that specializes in security as a service. If your company decides to entrust their informational security needs to an outside source their trade secrets are also in the hands of the company that supplies the service. This is an option that will need to be evaluated before entering into using an outside source to secure your computer based information