Secure Computer Security

Improved Essays
My scenario takes place at a banking facility in a local town. I call it the Western bank of West Virginia. Protecting information uses the same principals as protecting your personal belongings. Would one leave their house unlocked when they left for a week’s vacation? You keep your personal belongings out of others reach by locking them up or hiding them in a safe place.
Computer security is important to an Information system to ensure the Confidentiality, Integrity, and availability is not compromised. There are many ways to secure a computer based information system. The most important way to secure the system is to physically secure it. When securing a system it is advantageous to use layers of defense. If the outermost layer
…show more content…
Risk must be dealt with in various ways. The principal of least privilege is a principal that is used and it involves restricting access to only those that truly need it. User Account control (UAC) is a tool used in Microsoft to only allows software that is approved by an administrator to be installed on a local host computer. Securing a network requires that a risk assessment be completed. This will direct the administrator as to what needs to be done to secure the information and the system. Less vital or crucial data may not need as much protection as the types of data like account numbers, and trade secrets. You must follow the laws that govern you business. In a bank there may be data that can’t be disclosed to the public until it is reported. Insider trading is a type of unethical practice that is illegal. If your information is not protected from this type of disclosure it can lead to prosecution of your firm. Taking steps to keep confidentiality of information is extremely important. Corporate espionage is unethical behavior but it does still exist and happen. Security as a service is also an option. Companies offer services to customers the help with security. ADT2 is a company that specializes in security as a service. If your company decides to entrust their informational security needs to an outside source their trade secrets are also in the hands of the company that supplies the service. This is an option that will need to be evaluated before entering into using an outside source to secure your computer based information

Related Documents

  • Superior Essays

    As said earlier, some agencies providing security services are the same which plan robbery cases. They use the lack of privacy of individuals as a loop hole for their attacks. If privacy is ensured, such individuals will not find a way of attacking…

    • 1120 Words
    • 5 Pages
    Superior Essays
  • Improved Essays

    • Custom implementation of authorization and authentication schemes should not be implemented unless they are tested properly [ ]. • Back up policies such as Continuous Data Protection (CDP) should be implemented in order to avoid issues with data recovery in case of a sudden attack [96]. • Additionally, they should be aware if the virtual network infrastructure used by the cloud provider is secured and the various security procedures implemented to ensure the same [25]. Paper [] discusses security challenges in IaaS and discusses identity/access management and multifactor authentication techniques in Amazon Web Service (AWS) cloud. In case of PaaS and SaaS model cloud provider has a responsibility to provide good level of security .Following aspects related to security must be considered.…

    • 745 Words
    • 3 Pages
    Improved Essays
  • Great Essays

    Thus, provider is responsible for security only till the hypervisor and any other security issues above in the OS or application level should be handled by the customer. Thus, in IaaS the customers have greater control over the security policies implemented compared to other service models. However, this does not mean IaaS is not susceptible to security flaws. Some of sources of security flaws which are a cause for concern in IaaS are discussed…

    • 1432 Words
    • 6 Pages
    Great Essays
  • Improved Essays

    (Kim, D. & Solomon, Michael 2014, page 486). A vulnerability assessment is one of the steps for penetration testing. Without penetration testing, an organization will not know how vulnerable its network is, where its vulnerabilities lie within the network, and what types of damages these vulnerabilities could cause in the network. With penetrating testing you have companies hire a third party to find ways to exploit or explore their companies own security weaknesses, defenses and vulnerabilities. After the penetrating testing the third party can turn around advice the companies on ways to increase their security, by preventing the finding weaknesses, and eliminates those threats and…

    • 706 Words
    • 3 Pages
    Improved Essays
  • Improved Essays

    Port Scanning Policy

    • 729 Words
    • 3 Pages

    The scanning process requires prior approval by the owner or administrator of the system.  Approved LAN and Desktop Support and Network Services staff may conduct a port map to resolve a service problem, as a part of normal system operations and maintenance, or to enhance the security of systems.  The Companies Security Officers performs a port map or scan to monitor compliance with this policy to perform security assessments, or to investi-gate security incidents.  Approved companies support staff shall perform an unauthorized port scan on a system in cases where directed by authority persons. 3.…

    • 729 Words
    • 3 Pages
    Improved Essays
  • Superior Essays

    Does any individual have your secrets? Have you or has a few of your associates lost a secret just recently? If this has occurred, the cylinder of your lock has be replaced or rekeyed as quickly as possible. Security of the secrets is extremely vital since insurance does not cover break-ins dedicated with stolen keys. Make sure that you have a control of your house keys.…

    • 943 Words
    • 4 Pages
    Superior Essays
  • Improved Essays

    People that buy products or services online need to feel that their financial and personal information they have given to businesses is secure. Legal consequences of data privacy breaches: A company that stores personal data on their computers systems have a legal obligation to keep that data secure. If personal data is stolen during a cyber-attack and the company can be show to have been negligent in terms of keeping the personal data secure. Then the company could face prosecution under the Data Protection Act and receive a large fine. Malware With these the attacker can use malware to gain or change data malware is software specifically designed to gain access or damage a computer without the user from knowing there are various types of malware such:…

    • 1332 Words
    • 6 Pages
    Improved Essays
  • Improved Essays

    My main goal is to conduct a CIA Triad (Confidentiality, Integrity, and Availability) to the information system by providing and ensuring this is practiced by my employees. But before being able to manage these goals I would have to look deep into the company vulnerabilities and reduce any possible risk to an acceptable level. There are several decisions I can make upon the risk findings discover such as Risk Mitigation. In this process patches may be install to help reduce the risk or fix the problem that originated. With the standards, regulations, and policies implemented a guidebook will be form that will show the guidance to take if certain threats arise that can harm the company.…

    • 700 Words
    • 3 Pages
    Improved Essays
  • Superior Essays

    It will also analyze the change control process and identification needed for security for the specific business fields. Process to identify security needs and how it effects the foundation of the policy How can you possibly protect your IT infrastructure if you have no idea what you are protecting it against? That’s why it is important to identify the security needs and/or vulnerabilities thoroughly with a basic risk assessment. So a risk assessment is the process that should be completed first and it will help to identify the security needs. During this process you will be faced with some basic questions that will help to identify your security needs.…

    • 1045 Words
    • 4 Pages
    Superior Essays
  • Great Essays

    Risk Analysis Assignment

    • 1273 Words
    • 6 Pages

    They typically take which sequence of steps? The steps involved in risk analysis are; (1) identifying any potential risks, (2) assessing the risks the risks that are found, and (3) controlling threats to an organization 's IT infrastructure in hopes of lowering or eliminating security threats. Two factor authentication is another method for attempting to block unauthorized access to a system, network, or general sensitive information. Two factor authentication requires "something you know"; a password or PIN, and "something you have"; a card, dongle, cellphone, or other piece of hardware. Finally, it is possible to reduce an attacker 's chances by keeping systems up to date with items such as security patches and system software and hardware…

    • 1273 Words
    • 6 Pages
    Great Essays