1. Physical security
Physical security is a critical aspect of any
enterprise’s overall security plan and one of the first
measures to undertake is ensuring fire-fighting
equipment is readily available in all areas.
The next step is to implement access controls that
stipulate where employees and maintenance
people can or cannot go, and the privileges they
require to access secured areas.
Processes to manage this include the use of
authentication techniques—such as biometric
sensors that read finger, hand and thumb prints,
retinal or iris scans, vascular scanning and facial
recognition—and authorisation techniques, such as
passwords smart cards.
2. Use of new
technologies
In an article written for Computerworld,
Mary Brandel identified the following
eight technologies and services that are
creating the greatest security concerns
for business.
Go to page 229 now and read the article
3. Cybercrime
As e-commerce continues to expand globally,
cybercrime is becoming a much larger problem
for businesses. Online criminals are skilled
computer experts who know how to manipulate
computers into providing them with information.
They use software programs known as
spyware to collect data—such as personal
details including names, phone numbers,
websites visited, online purchases made and
credit card information
4. Questions
How many of the following terms are you
familiar with?
•Computer virus
•Computer worm
•Trojan horse
Share your ideas with two or three
classmates and develop your own
definitions of these terms.
5. Identity theft
Identity theft occurs when someone uses
another person’s personal information without
permission to commit fraud. It is important for
employees to realise that this does not only
occur over the internet or via email. It could be
anyone: an employee, or a customer on the
phone or in the store.
Identity theft is not only growing, but processes
are becoming increasingly sophisticated, with
criminals using legitimate anonymisers, or web
servers, to conduct illegal activity.
6. Minimising security
risks
To minimise any risk to information,
organisations can implement a variety of
measures such as those that follow on
page 234 – have a read now.
7. As well as protecting their information
against criminal acts, organisations have
to be extremely vigilant in protecting
information from other disasters by
developing a comprehensive disaster
recovery plan.
This should consist of three parts:
prevention, preparation and recovery.
See text pages 236 to 237 for more
details.
8. Question
You have just enjoyed a week of skiing in the
snowfields, only to return home to find it—and
most of the town—destroyed by an unexpected
natural disaster.
Everything has been lost, including all of those
assignments that are due in the next few
weeks! Or has it?
What plans could you put in place to ensure
that you, and the town, recover as quickly as
possible from this disaster?