• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

Managing Information Technology Security isnt simply a technology issue, its a business issue. Discuss

Extracts from this document...

Introduction

The Internet Theresa Jn. Baptiste - St. Lucia Managing Information Technology Security isn't simply a technology issue, it's a business issue. Discuss In any given organization information technology generally refers to laptop and desktop computers, servers, routers, and switches that form a computer network, although information technology also includes fax machines, phone and voice mail systems, cellular phones, and other electronic systems. A growing reliance on computers to work and communicate have made the control of computer networks an important part of information security. Security days as just a technical or technology issue are done. It is becoming a central concern for leaders at the highest level of many organizations and governments, transcending national borders. Customers are demanding the highest security, as worries about privacy, the protection of personally identifiable information, and identity theft grow. Business partners, suppliers, and vendors are requiring it from one another, particularly when providing mutual network and information access. Networked efforts to steal competitive intelligence and engage in extortion are becoming more prevalent and widespread. Security breaches and data disclosure increasingly arise from criminal behavior motivated by financial gain. ...read more.

Middle

Most large organizations have their own local computer network, or intranet, that links their computers together to share resources and support the communications of employees and others with a legitimate need for access. Almost all of these networks are connected to the Internet and allow employees to go "online." Information technology security is controlling access to sensitive electronic information so only those with a legitimate need to access it are allowed to do so. This seemingly simple task has become a very complex process with systems that need to be continually updated and processes that need to constantly be reviewed. There are three main objectives for information technology security: confidentiality, integrity, and availability of data to the organization. Confidentiality is protecting access to sensitive data from those who don't have a legitimate need to use it. Integrity is ensuring that information is accurate and reliable and cannot be modified in unexpected ways. The availability of data ensures that it is readily available to those who need to use it (Feinman et. al., 1999). Information technology security is often the challenge of balancing the demands of users versus the need for data confidentiality and integrity. ...read more.

Conclusion

Security Polices can be written as a high-level to allow for broad interpretation, or at a low-level to provide specific guidance. A good security policy has a mixture of both, allowing for innovation in appropriate areas and providing numerous details in critical areas. A network security policy should be easy for all users to understand and adaptable to the needs of the organization, especially as security and vulnerability assessments reveal weaknesses that need to be corrected. To be effective, a policy must be communicated to all network users, consistently enforced, and strongly supported by the organization's leadership. On the other hand if the company's data is not protected and everybody has access to everything, ultimately it is the business that bears the consequences of a poorly secured system. It is difficult to say that a case of internal fraud or financial misstatement is a purely IT issue. However, such incidents are preventable through well defined permission structures allocated to appropriate business users. Since the business bears the risk it is logical that they should be fully engaged in the design of the solutions to prevent the occurrences of such risks. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our AS and A Level Management & Manipulation of Information section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related AS and A Level Management & Manipulation of Information essays

  1. Marked by a teacher

    Hardware and Network issues in e-commerce

    5 star(s)

    to gain access to the cooperate Local Area Network (LAN). Hackers who gain access to this remote PC can then access the corporate LAN from it and avoid all the security features installed on the corporate LAN designed to keep hackers out (Robson, 2000).

  2. Marked by a teacher

    The Internet is an important part of our everyday lives however it is not ...

    4 star(s)

    Gaining one's attention is an incredibly powerful thing to have. For news sites, blogs and search engines, it is vital to gain one's attention. The chances of someone leaving a website if they don't see anything that grabs their attention is very high.

  1. Standard Operating Procedures (Sop) recruitment policies and procedures.

    CERTIFICATION OF ELIGIBLES Employees shall be selected from among the highest available eligible on appropriate eligibility lists. Certification of Eligible is typed in proper format. The interview date should then be scheduled and the candidates notified accordingly. Rule of Five/Ten: For Rule of Five with one vacancy position, the first top five eligible candidates on the appropriate eligibility list(s)

  2. ICT Solutions for people with Special Needs.

    * Businesses should approach to ensuring equality of opportunity and the benefits of diversity are understood by all employees * All those involved in recruitment, selection or assessment of colleagues or job applicants are given appropriate training in equality and diversity policy.

  1. Designing a booking system for an Estate Agent.

    they could type information and mouse so they can control any other input or output devices. Another hardware which they use is a digital camera which allows them to take pictures of their products and upload it into their website.

  2. Video World Database as ICT project.

    Overdue This macro tells the end user if a person has not brought their video back on time. If the condition of the date being a day after the date of return is valid, then a text box shall appear saying the customer owes a video.

  1. ICT Security Report

    To try and over come this potential problem a back up needs to be kept at an alternative location, somewhere where both sites could not be affected by the same disaster at the same time. As this would enable the safety of the data even thought one of the system has be hit.

  2. Object-Oriented DBMSs - Standards

    Smalltalk evolved through several versions to become Smalltalk 80, which set a president for other OO languages, such as C, C++, and more recently Java. (see appendix 1 for OO History). Other new OO languages are coming to the fore and are mainly conforming to informal standards, thus making them

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work