• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

Managing Information Technology Security isnt simply a technology issue, its a business issue. Discuss

Extracts from this document...

Introduction

The Internet Theresa Jn. Baptiste - St. Lucia Managing Information Technology Security isn't simply a technology issue, it's a business issue. Discuss In any given organization information technology generally refers to laptop and desktop computers, servers, routers, and switches that form a computer network, although information technology also includes fax machines, phone and voice mail systems, cellular phones, and other electronic systems. A growing reliance on computers to work and communicate have made the control of computer networks an important part of information security. Security days as just a technical or technology issue are done. It is becoming a central concern for leaders at the highest level of many organizations and governments, transcending national borders. Customers are demanding the highest security, as worries about privacy, the protection of personally identifiable information, and identity theft grow. Business partners, suppliers, and vendors are requiring it from one another, particularly when providing mutual network and information access. Networked efforts to steal competitive intelligence and engage in extortion are becoming more prevalent and widespread. Security breaches and data disclosure increasingly arise from criminal behavior motivated by financial gain. ...read more.

Middle

Most large organizations have their own local computer network, or intranet, that links their computers together to share resources and support the communications of employees and others with a legitimate need for access. Almost all of these networks are connected to the Internet and allow employees to go "online." Information technology security is controlling access to sensitive electronic information so only those with a legitimate need to access it are allowed to do so. This seemingly simple task has become a very complex process with systems that need to be continually updated and processes that need to constantly be reviewed. There are three main objectives for information technology security: confidentiality, integrity, and availability of data to the organization. Confidentiality is protecting access to sensitive data from those who don't have a legitimate need to use it. Integrity is ensuring that information is accurate and reliable and cannot be modified in unexpected ways. The availability of data ensures that it is readily available to those who need to use it (Feinman et. al., 1999). Information technology security is often the challenge of balancing the demands of users versus the need for data confidentiality and integrity. ...read more.

Conclusion

Security Polices can be written as a high-level to allow for broad interpretation, or at a low-level to provide specific guidance. A good security policy has a mixture of both, allowing for innovation in appropriate areas and providing numerous details in critical areas. A network security policy should be easy for all users to understand and adaptable to the needs of the organization, especially as security and vulnerability assessments reveal weaknesses that need to be corrected. To be effective, a policy must be communicated to all network users, consistently enforced, and strongly supported by the organization's leadership. On the other hand if the company's data is not protected and everybody has access to everything, ultimately it is the business that bears the consequences of a poorly secured system. It is difficult to say that a case of internal fraud or financial misstatement is a purely IT issue. However, such incidents are preventable through well defined permission structures allocated to appropriate business users. Since the business bears the risk it is logical that they should be fully engaged in the design of the solutions to prevent the occurrences of such risks. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our AS and A Level Management & Manipulation of Information section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related AS and A Level Management & Manipulation of Information essays

  1. Marked by a teacher

    Hardware and Network issues in e-commerce

    5 star(s)

    to gain access to the cooperate Local Area Network (LAN). Hackers who gain access to this remote PC can then access the corporate LAN from it and avoid all the security features installed on the corporate LAN designed to keep hackers out (Robson, 2000).

  2. Marked by a teacher

    The Internet is an important part of our everyday lives however it is not ...

    4 star(s)

    Gaining one's attention is an incredibly powerful thing to have. For news sites, blogs and search engines, it is vital to gain one's attention. The chances of someone leaving a website if they don't see anything that grabs their attention is very high.

  1. Designing a booking system for an Estate Agent.

    Examples of validations are input masks and range checks. Input masks helps by validating data in specific ways e.g. by date, post code and range checks will set a range of the range that the user can enter. All of the problems of what the current system cannot do such as double booking, lost of information, unorganised timetable system

  2. Standard Operating Procedures (Sop) recruitment policies and procedures.

    CERTIFICATION OF ELIGIBLES Employees shall be selected from among the highest available eligible on appropriate eligibility lists. Certification of Eligible is typed in proper format. The interview date should then be scheduled and the candidates notified accordingly. Rule of Five/Ten: For Rule of Five with one vacancy position, the first top five eligible candidates on the appropriate eligibility list(s)

  1. Beanie Project.

    o Also, I suppose you could say that Access was difficult to use in parts, it fits both sides because on the one hand if you've used any Microsoft products before (especially the Office suites) then you will have a basic knowledge of the way their program work, and therefore things are very easy to use.

  2. ICT Solutions for people with Special Needs.

    the Secretary of State for Health if they feel their Local Authority has not fulfilled its duty towards them. The help that the Local Authority is obliged to provide cover in many areas including practical help in the home and the workplace, radio and/or television and help to use the

  1. Introduction to Information Systems in Business

    A 'big bang' approach is not feasible, therefore a project-based approach is used. The output of the SISP is a series of development projects, which will either involve modifying existing systems or developing new systems (which are likely to have to interface or integrate with existing systems).

  2. The purpose of this document is to provide a design for an electronic payment ...

    Payment, Shopping Basket Payment PAY03 - R02 Users must be able to enter card details such as card number, expiry date, security code (CVS) Payment Payment PAY03 - R03 Users must be able to view the photos selected and the total cost of the photos being purchased.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work