This document discusses securing information systems in the 21st century. It begins by defining what an information system is and explaining how important it is for companies to secure the sensitive data within their systems. It then discusses the different types of information systems businesses use. The document spends several paragraphs outlining various risks to information systems like computer viruses and unauthorized access. It emphasizes that securing an information system is a shared responsibility of all employees. Finally, it discusses the importance of developing a comprehensive security policy with physical, software, document, and personnel security layers to protect a company's information system from threats.
Artificial Intelligence - intersection with compliance. How AI principles work with compliance principles around data protection. AI and Compliance. AI - SYSC 13.7 - FCA Compliance. AI and regulation. AI and FCA regulation. AI and ICO regulation.
Running Head: Information System 1
Information system 12
Information System for Innovation in Organization
Student’s Name:
Institution Affiliation:
Date:
Table of Contents
Cover page 1
Table of contents 2
Introduction 3
What is information system 3
Types of information systems………………………………………………………………………………………………………….4
Effective Information system……………………………………………………………………………………………………………..6
Internal factors influencing IT/IS enabled innovation…………………………………………………………………………9
External factors influencing IT/IS enabled innovation………………………………………………………………………10
Conclusion…………………………………………………………………………………………………………………………………………11
Reference…………………………………………………………………………………………………………………………………………12
Information systems in organization
Introduction
In the 21st century, a business utilizing paper work and solely depending on face to face customer related transaction whether big or small, the business is as good as nonexistent. The world is at an era where every business activity has been automated, simplified and hastened. The explosion of technology in the business world has mediated innovation, increased sales and profit margins, greater competitiveness and improved customer relations at local and global levels. Businesses aimed at profit making and non-profit making organizations have all reaped greatly from information systems. However, adoption of information systems within organizations has not only yielded positive results but also negative impacts. This occurs mainly when adoption of an information system does not align with the business goals and objectives and where human resource is unwilling to embrace changes associated with information systems
What is Information System?
An information system can simply be described as a combination of input, processing and output components that work together to perform specific business operations. Data analysis, communication informed decision making and record keeping are some of business activities that are effectively performed by an information system (Zandbergen, 2018). Businesses and organizations have incorporated information systems to enhance their positions in the market and to facilitate decision making of significant issues regarding the business. An information system typically consists of hardware and software components that facilitate data collection and analysis for improved business management as far as sales, marketing and customer satisfaction is concerned (Zandbergen, 2018) and (Zwass, 2017)
Types of information systems
Different organizations have adopted information systems that best suits their business operations. There are basically fo.
Copyright Notice:
This presentation is prepared by Author for Perbanas Institute as a part of Author Lecture Series. It is to be used for educational and non-commercial purposes only and is not to be changed, altered, or used for any commercial endeavor without the express written permission from Author and/or Perbanas Institute. Appropriate legal action may be taken against any person, organization, or entity attempting to misrepresent, charge, or profit from the educational materials contained here.
Authors are allowed to use their own articles without seeking permission from any person, organization, or entity.
5 Applications of Data Science in FinTech: The Tech Behind the Booming FinTec...Kavika Roy
https://www.datatobiz.com/blog/data-science-in-fintech/
Data Science has played a significant role in transforming thefinance and banking industry by completely changing the ways in which they previously operated. Life has been made easier for the banking officials as well as the customers. FinTech: a new term coined for the innovation and technology methods aiming to transform traditional methods of finance with data science forming one of its integral components.
Whenever you use your credit card, Amazon Pay, PayPal, or PayTm to make an online payment, the commerce company/seller and your bank, both utilize FinTech to make a successful transaction. With time FinTech has changed almost and every aspect of financial services, which includes investments, insurance, payments, cryptocurrencies, and much more. Fintech companies are heavily dependent on the insights offered by machine learning, artificial intelligence, and predictive analytics to function properly.
5Importance of IS-Related Solution in the Busi.docxtroutmanboris
5
Importance of IS-Related
Solution
in the Business World
Name: Gideon Aryertey
MGMT221
Stasia Biggs
Embry Riddle Aeronautical University
09/13/2018
Abstract
Information Systems have tremendously transformed the business world. The rapid technological evolvement has played a fundamental role in this through the invention of various software which have made numerous operations especially processing simplest and accurate. Companies have exploited the capacities of the information systems and ended gaining maximum profits. The importance of IS emanates from the data processed for the company to produce information utilized to manage their various operations (Brodersen & Lim, 2000). There are ways of increasing the effectiveness of the IS like adding extra data or using the available in a different way. Information Systems can be used for various purposes in an organization such as communication, making decisions, keeping records, and operations management. Information Systems solutions can be used in communication to gather and distribute the information. This ensures efficient flow of information. It is also used to support decisions making which ensures the outcomes are better and all the prerequisite information has been delivered. For instance Decision Support System is highly used in such cases to support this essential process. Electronic Record Management is used to ensure that all the organizations records are secure and free from damage. Cases of loss are also minimized through use of ERM (Sprague, 1986). This project will tackle five IS-related solutions which are used often in companies. They are Decision Support System, Electronic Records Management, Cloud Computing, Transaction Processing System and Database Management System (Ali & Vasilakos, 2015). The above mentioned solutions have highly benefitted companies and we expect more to be unveiled due to technological advancement.
Introduction
Information system (IS) can be described as organization of the system used in obtaining, organizing, storing as well as communication of data. Additionally, it can involve all the network that organizations on individual uses in collecting, filtering, processing, creating and distributing data. Therefore, through interaction, they are capable of producing data. It has main focus on the internal organization instead of external environment of an organization. For an organization to have a successful business, it will have to process all the information as well as statistics. In this regard, there are various organizations that have suffered data problems. Therefore, IS’s are important in ensuring that the organization can be able to gain optimum maximum benefits in the business. This is carried out through processing all the data in the organization so that the company can be able to produce data that is important in running its business. Effectiveness of the business can only be ensured through producing more informati.
Running head Key Factors in Computer Information Systems1Ke.docxwlynn1
Running head: Key Factors in Computer Information Systems
1
Key Factors in Computer Information Systems
2
Does Management Plays A Key Factor in Computer Information System Field?
Keenen L. Rush
Savannah State University
Business Research (BUSA 2185 02)
Dr. Lundy
February 6, 2019
Abstract
This paper purpose is to give key factors on why it is important to have management throughout the Computer Information System field. There has been reports that fortune 500 companies believe management is not a key factor pertaining to computer information systems. People believe in this field that management is to controlling over people and don’t allow the workers to finish their objective. As I reviewed companies that are stricter on management versus others the ones that are strict are usually more successful and last longer. This study is to answer one question does management really plays a key factor in the CIS world. Overall this study should help you realize management should be mandatory throughout this field and should always be implemented in any company.
What does Computer Information System consist of?
What are some roles of Management in Computer Information Systems?
Do companies find Computer Information Systems necessary for their company?
Keywords: Controlling, Strict, Successful, Computer Information Systems
Does Management Plays A Key Factor in Computer Information System Field?
Many people wonder what Computer Information Systems is and how companies implement it within their business. Questions have been constantly asked what the purpose of management within the CIS department of a company is. Godfrey B (2018) felt that storing, managing, documenting, analyzing, and visualizing geographic data were some of the main components of CIS. Every company in the world functions with an Information System department without one a company can not be successful. Management in CIS provides wide-ranging and reactive property management services for the entire CIS portfolio, as well as third-party contracts. CIS is also devoted to constructing lasting tenant relations by employing open-minded community managers.
Many experts have study that management is one of the biggest components in the computer information system field. There have been companies who try to disregard having management in their cis department because of the cost. Cis perform remote troubleshooting including power check, physical connection review and power cycling to restart hardware and this doesn’t come cheap. Studies have shown fortune 500 companies spends millions on IT equipment for multiple reasons. First reason to keep up with data and also collect data on sales, customers, competitors, marketing strategies and so much more. Another reason is everything you can think of is run through a computer within a company whether it’s the company Wi-Fi, Website, E-mail, Phones, which are all things you need for a company to be successful.
One deficiency within my studies is.
Artificial Intelligence - intersection with compliance. How AI principles work with compliance principles around data protection. AI and Compliance. AI - SYSC 13.7 - FCA Compliance. AI and regulation. AI and FCA regulation. AI and ICO regulation.
Running Head: Information System 1
Information system 12
Information System for Innovation in Organization
Student’s Name:
Institution Affiliation:
Date:
Table of Contents
Cover page 1
Table of contents 2
Introduction 3
What is information system 3
Types of information systems………………………………………………………………………………………………………….4
Effective Information system……………………………………………………………………………………………………………..6
Internal factors influencing IT/IS enabled innovation…………………………………………………………………………9
External factors influencing IT/IS enabled innovation………………………………………………………………………10
Conclusion…………………………………………………………………………………………………………………………………………11
Reference…………………………………………………………………………………………………………………………………………12
Information systems in organization
Introduction
In the 21st century, a business utilizing paper work and solely depending on face to face customer related transaction whether big or small, the business is as good as nonexistent. The world is at an era where every business activity has been automated, simplified and hastened. The explosion of technology in the business world has mediated innovation, increased sales and profit margins, greater competitiveness and improved customer relations at local and global levels. Businesses aimed at profit making and non-profit making organizations have all reaped greatly from information systems. However, adoption of information systems within organizations has not only yielded positive results but also negative impacts. This occurs mainly when adoption of an information system does not align with the business goals and objectives and where human resource is unwilling to embrace changes associated with information systems
What is Information System?
An information system can simply be described as a combination of input, processing and output components that work together to perform specific business operations. Data analysis, communication informed decision making and record keeping are some of business activities that are effectively performed by an information system (Zandbergen, 2018). Businesses and organizations have incorporated information systems to enhance their positions in the market and to facilitate decision making of significant issues regarding the business. An information system typically consists of hardware and software components that facilitate data collection and analysis for improved business management as far as sales, marketing and customer satisfaction is concerned (Zandbergen, 2018) and (Zwass, 2017)
Types of information systems
Different organizations have adopted information systems that best suits their business operations. There are basically fo.
Copyright Notice:
This presentation is prepared by Author for Perbanas Institute as a part of Author Lecture Series. It is to be used for educational and non-commercial purposes only and is not to be changed, altered, or used for any commercial endeavor without the express written permission from Author and/or Perbanas Institute. Appropriate legal action may be taken against any person, organization, or entity attempting to misrepresent, charge, or profit from the educational materials contained here.
Authors are allowed to use their own articles without seeking permission from any person, organization, or entity.
5 Applications of Data Science in FinTech: The Tech Behind the Booming FinTec...Kavika Roy
https://www.datatobiz.com/blog/data-science-in-fintech/
Data Science has played a significant role in transforming thefinance and banking industry by completely changing the ways in which they previously operated. Life has been made easier for the banking officials as well as the customers. FinTech: a new term coined for the innovation and technology methods aiming to transform traditional methods of finance with data science forming one of its integral components.
Whenever you use your credit card, Amazon Pay, PayPal, or PayTm to make an online payment, the commerce company/seller and your bank, both utilize FinTech to make a successful transaction. With time FinTech has changed almost and every aspect of financial services, which includes investments, insurance, payments, cryptocurrencies, and much more. Fintech companies are heavily dependent on the insights offered by machine learning, artificial intelligence, and predictive analytics to function properly.
5Importance of IS-Related Solution in the Busi.docxtroutmanboris
5
Importance of IS-Related
Solution
in the Business World
Name: Gideon Aryertey
MGMT221
Stasia Biggs
Embry Riddle Aeronautical University
09/13/2018
Abstract
Information Systems have tremendously transformed the business world. The rapid technological evolvement has played a fundamental role in this through the invention of various software which have made numerous operations especially processing simplest and accurate. Companies have exploited the capacities of the information systems and ended gaining maximum profits. The importance of IS emanates from the data processed for the company to produce information utilized to manage their various operations (Brodersen & Lim, 2000). There are ways of increasing the effectiveness of the IS like adding extra data or using the available in a different way. Information Systems can be used for various purposes in an organization such as communication, making decisions, keeping records, and operations management. Information Systems solutions can be used in communication to gather and distribute the information. This ensures efficient flow of information. It is also used to support decisions making which ensures the outcomes are better and all the prerequisite information has been delivered. For instance Decision Support System is highly used in such cases to support this essential process. Electronic Record Management is used to ensure that all the organizations records are secure and free from damage. Cases of loss are also minimized through use of ERM (Sprague, 1986). This project will tackle five IS-related solutions which are used often in companies. They are Decision Support System, Electronic Records Management, Cloud Computing, Transaction Processing System and Database Management System (Ali & Vasilakos, 2015). The above mentioned solutions have highly benefitted companies and we expect more to be unveiled due to technological advancement.
Introduction
Information system (IS) can be described as organization of the system used in obtaining, organizing, storing as well as communication of data. Additionally, it can involve all the network that organizations on individual uses in collecting, filtering, processing, creating and distributing data. Therefore, through interaction, they are capable of producing data. It has main focus on the internal organization instead of external environment of an organization. For an organization to have a successful business, it will have to process all the information as well as statistics. In this regard, there are various organizations that have suffered data problems. Therefore, IS’s are important in ensuring that the organization can be able to gain optimum maximum benefits in the business. This is carried out through processing all the data in the organization so that the company can be able to produce data that is important in running its business. Effectiveness of the business can only be ensured through producing more informati.
Running head Key Factors in Computer Information Systems1Ke.docxwlynn1
Running head: Key Factors in Computer Information Systems
1
Key Factors in Computer Information Systems
2
Does Management Plays A Key Factor in Computer Information System Field?
Keenen L. Rush
Savannah State University
Business Research (BUSA 2185 02)
Dr. Lundy
February 6, 2019
Abstract
This paper purpose is to give key factors on why it is important to have management throughout the Computer Information System field. There has been reports that fortune 500 companies believe management is not a key factor pertaining to computer information systems. People believe in this field that management is to controlling over people and don’t allow the workers to finish their objective. As I reviewed companies that are stricter on management versus others the ones that are strict are usually more successful and last longer. This study is to answer one question does management really plays a key factor in the CIS world. Overall this study should help you realize management should be mandatory throughout this field and should always be implemented in any company.
What does Computer Information System consist of?
What are some roles of Management in Computer Information Systems?
Do companies find Computer Information Systems necessary for their company?
Keywords: Controlling, Strict, Successful, Computer Information Systems
Does Management Plays A Key Factor in Computer Information System Field?
Many people wonder what Computer Information Systems is and how companies implement it within their business. Questions have been constantly asked what the purpose of management within the CIS department of a company is. Godfrey B (2018) felt that storing, managing, documenting, analyzing, and visualizing geographic data were some of the main components of CIS. Every company in the world functions with an Information System department without one a company can not be successful. Management in CIS provides wide-ranging and reactive property management services for the entire CIS portfolio, as well as third-party contracts. CIS is also devoted to constructing lasting tenant relations by employing open-minded community managers.
Many experts have study that management is one of the biggest components in the computer information system field. There have been companies who try to disregard having management in their cis department because of the cost. Cis perform remote troubleshooting including power check, physical connection review and power cycling to restart hardware and this doesn’t come cheap. Studies have shown fortune 500 companies spends millions on IT equipment for multiple reasons. First reason to keep up with data and also collect data on sales, customers, competitors, marketing strategies and so much more. Another reason is everything you can think of is run through a computer within a company whether it’s the company Wi-Fi, Website, E-mail, Phones, which are all things you need for a company to be successful.
One deficiency within my studies is.
1. The Century of Information Technology
Christian Means
Professor Ramaswamy Srinivasan
Computer Ethics
May 2, 2009
Securing Information Systems in the 21st Century
My academic research on the topic of “Information Systems” has leaded me to
understand that it is logical and ethical for any particular company to secure their
information system in the 21st century. Every company or business organization must
control what goes into their electronic systems and what they allow to flow out of them.
If a company is negligent about the sensitive data that their information system holds,
there will be severe consequences for the financial operations of that business.
What is an Information System?
An information system is a well organized computer system within a business
organization that collects stores and manipulates data in such a brilliant way that once the
information from the system is retrieved by the user, it can be used for making important
decisions that affect the growth of many businesses. An information system has many
other properties, such as a large storage capacity, and a faster and much easier approach
for its users. An information system gives a company the ability to place large amounts
of information into it and a massive amount of raw facts to live in. An information
system can hold thousands and sometimes, even millions of files of information at one
time.(Smith, Martin). For example: An information system is used at a bank institution to
record and organize the account records of the general public. Also, they are used at
various hospitals and clinics to record and organize the account records of hundreds of
patients. An information system provides a faster and much easier approach for our
society. Many centuries ago, the society did not have a computerized information
system to help them with all the data that they needed to run their businesses. They had
to run their businesses with mechanical typewriters and dozens of typed papers in their
file cabinets. These papers could become unorganized, lost and easily stolen. Also, if a
fire was started in their company buildings, it could burn up their records in a matter of
seconds and there would be no way of replacing them. Business men and women in the
21st century can now rely on and become confident upon information systems that allow
them to store and process their data much more efficiently and effectively.
What Types of Information Systems are There?
There are many different types of information systems that businesses in the 21st
century use in order to operate their companies. These information systems are the
following: Transaction Processing Systems, Management Information Systems, and
Decision Support Systems. Like with any type of technology in this world, information
systems have become not only easy to work with, but also unique by the way each kind
2. The Century of Information Technology
of information system performs a different type of task in our century’s workforce. (e.g.
schools, hospitals, law firms, police stations, etc.). Every company must decide what type
of information system is right for them, or what information system will help them with
their work endeavors.
A Transaction Processing System is used to process standard transactions
between a company and their customers. These information systems are used for
calculating the summation of bills to customers and sending them invoices, such as when
their bills are due. Also, these systems are used by companies to calculate the amount of
monies due to staff members according to their hours worked for the company for that
week. Transaction Processing Systems are very valuable assets to a company because
they allow a company to keep records of what inventory they have and it gives them the
information of when they should order more. A Management Information System
(MIS) is a type of information system that takes the information from the Transaction
Processing System and uses its data to build research information for the management of
a business to analyze. The information that this particular system offers to managers
allows them to make good decisions on what products in a business are profitable and
what products are leaning downhill.
A Decision Support System is an information system that is much like a
Management Information System. It gives managers information about their company
and helps them to make better decisions that they might be uncertain about. The
difference is that a Management Information System only gives basic reports about the
company, but a Decision Support Systems gives the manager’s options and choices about
the business that they may choice to follow. All of these different types of information
systems are great for a business, but if the company does not secure them, they can
become corrupted and cause the company to lose more than can be gained.
How Do You Secure An Information System?
I. Equal Responsibility
In order to secure a company’s information system, a company must understand
who is responsible for securing it. No one likes responsibility, but it is the only way for
a person or any type of company to be successful in life and in business. In a business
organization, everyone that works there is responsible for securing the company’s
information system, from the CIO or CEO to the mail clerk. No employee should be left
out and everyone that works for the company should be held accountable. The leaders
of the company should set the example or organizational culture for the rest of the staff
members. As they notice how the management considers the importance of their
information system, the rest of the company will follow his/ her example.
II. Identification of Assets
3. The Century of Information Technology
In order to secure a company’s information system, a company must analyze and
identify all their possible assets. This decision allows a company to set a division on
what particular items in the company are items they need to secure. If a company
decides to place barriers and boundaries around items that need no security, that company
is wasting their financial dollars on useless materials. (Smith, Martin). Once a
company perceives that their information system is one of their assets, they will
understand the importance of securing it.
III. Value for the Information System
In order to secure a company’s information system, a company must learn to
value and appreciate their system. If they don’t appreciate it, they will abuse it and act
like kids do who do not appreciate their gifts from their parents. A person who drives
drunk does not appreciate their life, so they drive anyway. A college student does not
study for their final exams because they do not appreciate their education, and what it can
do for them in the future. Likewise, companies that do not value and appreciate their
information system will not be willing to secure it either.
IV. Producing Qualities of Good Information
In order to secure a company’s information system, a company must understand
how to protect the qualities of good information. Information has three qualities within
an information system that must be protected. These qualities are the following:
integrity, continuity, and confidentially. (Smith, Martin). The level of integrity an
information system must have is very important because a company does not need a
computer that lies to them and gives them invalid information. The information the
computer gives must be always accurate and never altered in any way. The level of
continuity an information system must have is very important because a company needs a
computer that can give an output of information when they need it. A company does not
want an information system that only gives old suggestions and ideas and never gives
updated one. The level of confidentially an information system must have is very
important to a company. It can also be important to the general public because no one
wants their credit card number or social security number in the hands of a vicious black
hacker. An information system should be programmed to only show information to
users with authorized privileges and never to unwanted guests.
V. Acknowledging Threats & Risks
In order to secure a company’s information system, a company must acknowledge
all the possible risks that could affect a company, and break down their information
system.(Fites, Philip E.). Companies who secure their information systems know
exactly how to build them right and manage it right. Good systems are good for a
4. The Century of Information Technology
business and bad ones are expensive and can cause a company to lose a lot of money.
Bad systems can cost about 1-10% of a company’s gross income. Even thought
information systems are great investments to possess, they can become like “a pain in
one’s side or a thorn in one’s hand.” Many of these risks that can break down the
information system arrive because of bad decisions of management. The article “Some
ad hoc information system issues in South Africa for the New Millennium and suggestions
as how to deal with them” defines four specific risks that employers and employees need
to be cautious about while working on their task. The first risk occurs when an
information system is not designed properly or not intended for its user. When an
information system is not built for its users, this can make the users mad and very
frustrated at the system. For example: customers at an outside automated teller machine
(ATM) find out that they can not withdraw their hard-worked money or check their
current balances because the machine is not designed for that type of functionality. It is
only designed to take their money and not give it back. That would make any bank user
mad, and some users might ever try to break the machine. To stop this risk from
happening and to secure the information system, a company must create systems that are
tailored for the user. The second risk occurs when the users of the information system
lack training about the usability of the system. Employees and workers at a business can
not do their part in securing the information system if they are not properly trained to do
it. After they have been trained by qualified staff leaders, then they should not have any
type of excuses of why they did not secure it. The third risk occurs when a company is
impatient concerning buying the latest software and hardware for their information
system. They buy and set up their information systems without allowing the system to
be tested thoroughly in advance. (Heerden, Joh Van). When they rush and place the
latest systems into their businesses to work for them, they soon discover that their system
is infected with a virus. This leads me to write about the last risk. The last risk occurs
when a company allows unauthorized users to freely walk around their company and
touch their computers. When unauthorized user, like black hackers invade your
information system, they can leave with a company a virus that could shut down an entire
company.(Hadow). Many of these viruses are sent to companies through emails, thumb
drives and compact disc. Every company should carry in a safe place a back-up of their
system’s software and information to protect them from these nasty computerized “bugs.”
---Computer Bugs: A Terrible Risk---
Insects and small bugs can be a very big problem to a person who is allergic to
them. This world that we live in is full of them. An information system, just like the
world, can be attacked by small bugs or computer programs called “computer viruses.”
All of these malicious programs are extremely bad and a company must prevent them
from entering their information system if they are prepared to secure it.
These computer viruses are the following: Trojan Horses, Sleepers, Trap Doors, Logic
Bombs, and Cancers. A “Trojan Horse” is a malicious computer program that loves
to take a company’s sensitive information and send it to other users over the Internet.
They hide in the background of their computer system and secretly give out the
company’s vital information. A “Sleeper” is another malicious computer program, like
5. The Century of Information Technology
the Trojan Horse, who sleeps for awhile and hides in the background of a company’s
system. But when they awake, all the company’s information is gone in a matter of
seconds. A “Trap Door” is a computer program that hackers use to hack through all the
security features of an information system. A “Logic Bomb” is a computer program that
hackers use to erase a company’s entire hard drive of the valuable memory that is stored
from within it. Lastly, a “Cancer” is a computer program that hackers will use to slowly
eat up a company’s information system.(Smith, Martin). These viruses can be a terrible
risk for a company and their information system. To prevent these viruses from entering a
company’s information system, they should use a combination of firewalls, proxy servers
and anti-virus software to arm their system against aggressive attacks from outsiders.
VII. Build a Security Policy
In order to secure a company’s information system, a company must develop a
well-organized security policy that defines all the values they have concerning securing
their information system. Through the use of a security policy, a company is able to
prevent exposures to outsiders, detect attempted threats to their information system, and
correct any of the causes of threats to their system.(Baskerville, Richard). When
designing a security policy a company’s information system, the designers of the policy
should never limit the methods of the policy to a single type of procedure. The world of
technology is ever-changing and forever increasing and the policies of a company’s
security should also be changing and increasing. Like a circular onion that has many
layers, a company’s security policy must have many layers of operations in order to
secure their information system. These four layers of defense are the following:
physical security, software security, document security, and personnel
security.(Smith, Martin).
Physical Security
Every security policy should have some type of physical security that protects a
company’s information system from within by securing their territory from without. In
medieval times, kings and queens built magnificent castles with large gates to keep their
vicious enemies from getting inside of their shiny palaces. Likewise, a company that
desires to secure their information system must have physical security to protect them
from their enemies such as hackers and unauthorized users of their system. The physical
elements that a company must protect are their personal computers, their equipment such
as printers, modems and hard drives, and their outside premises. Physical security
should be surrounded all over the business, from gates positioned around every company
building to smoke detectors positioned throughout their hallways and rooms.(Smith,
Martin). Even though physical security is needed to secure a company’s information
system, it is not enough security to stop an intruder from getting into their system. This
6. The Century of Information Technology
measurement of security policy only slows the intruder down.
Software Security
Every security policy should have some type of software security that gives
access only to authorized users of a company’s information system. This method of
security should be programmed into the computers of a company, allowing users to enter
the information system with their knowledge of a username and unique password. Every
authorized user should never communicate their password with others.(Smith, Martin).
They should keep their usernames personal and absolutely confidential. Their user name
and password is the key that unlocks the door to the company’s information system.
There is a special type of security software application called “Polivec Builder” that is
used by companies to protect their information systems from intruders. It allows
companies to build and create customized security policies and guidelines.(Address,
Mandy). There is also a special type of software application called “Identity Finder” that
brings up a company’s sensitive information and then deletes it for them after each usage.
(Brynko, Barbara). By having software security over a company’s information system,
a company will be able to know exactly who and what time a user of the system accessed
the system. Even though software security is needed to secure a company’s information,
software security can only help a company so much.
Document Security
Every security policy should have some type of document security in order to secure a
company’s information system. A company should be concerned with what they do
with their company documents because these documents contain sensitive information
that has been copied from out of their information system. These documents could be
the following: printer output, graphs, flowcharts, floppy disc, CD’s and company USB
devices. One way that hackers and malicious users invade an information system is by
reading a company’s documents. This allows them to get an understanding of how the
company’s information system operates. When they find out how a company’s system
operates, it gives them a better chance of taking a system down. All documents at a
company must be disposed of in an ethical fashion, such as paper shredding. There
should also be some kind of “desk policy” that informs each employee to keep their
business documents secured whenever they leave their offices.(Smith, Martin).
Personnel Security
The most important security measure in information system security is a
company’s personnel security. This is because the people who are responsible for
securing a company’s information system could be the same people who are tearing it
apart. A company should only hire employees who are honest and committed to
7. The Century of Information Technology
securing the system. If an employee is suspected of committing wrongful acts against
the company’s information system, try sending them on a two week vacation. The time
they spend away from the company will allow the actions they committed to surface to
the top. If an employee is caught pursuing wrongful actions against the company, they
should be disciplined in an ethical manner, such as demotion or termination.
Background checks should be investigated in advance before hiring a new associate to
the company. Information from the company’s system should only be seen by those
persons with security clearance. Every employee should be supervised by another
employee. Company projects should be done in groups, allowing each person in the
company to never be left unattended. According to the book, “Commonsense Computer
Security”, it states, “the greatest dangers to any system come from those who work from
with it.”
Case In Point--“Everyone Is a Target”
An article wrote by Barry Smith titled “Locking down a computer security” states
that “everyone is a potential target for a security breach.” In Gaitherburg, Maryland,
there was a company who was a victim to a security breach. In the first breach, a hacker
guessed an employee’s email password and sent messages to other employees asking
them for sensitive information about the company’s information system. In the second
breach, the hacker unleashed a worm virus to one of the city’s Internet servers, reeking
havoc on their information system. Companies all over the world have something very
important that they must learn to secure and that is their information system. They must
secure their information system because there are real threats and risks in this world that
will try to tear it apart. A company must strive to protect the qualities of the information
that they hold in their information system and follow a security policy that is ethical and
carries some type of practical use for their business organization.
Works Cited
Articles & Books:
1.)
Title: “Locking down a computer security”
Author: Barry Smith
Source: American City & County Oct 2001 vol 116 issue 15 p.14
EbscoHost Database: academic search complete in Ualr library
----------------------------------------------------
8. The Century of Information Technology
2.)
Title: Security police in a box
Author: Mandy Andress
Source: InfoWorld 10/22/2001, vol.23, issue 43 p.54
ebscoHost
Database: academic search complete in Ualr library
---------------------------------------------------
3.)
Title: Some ad hoc information system issues in South Africa for the new millennium and
suggestions as how to deal with them.
Authors: Dan Remenyi, Sam Lubbe, Joh Van Heerden
Source:Information technology for Development; 2000 Vol 9 issue 3-4 p.163
Ebscohost
Copyright: JohnWiley & Sons, Inc
Database: Academic Search complete
-----------------------------------------------------
4.)
Title: Data Security for Libraries:Prevent Problems, Don’t Detect Them.
Author: Katherine Hadow
ebscoHost
Source: Feliciter; 2009 Vol. 55 issue 2, p.50-52
5.)
Title: designing information systems security
Author: Baskerville, Richard.
Publisher: John Wiley & Son’s
Chichester
Editors: Richard Boland and Rudy Hirschheim
Copyright: 1988
----------------------------------------------------
6.)
Title: Security:By the Numbers
9. The Century of Information Technology
Author: Barbara Brynko
Source: Information Today; May 2008 vol. 25 issue 5 p.44
EbscoHost
----------------------------------------------------
7.)
Title: Control and Security of Computer Information Systems
Authors: Fites, Philip E.; Kratz, Martin P.J.; Brebner, Alan F.
Publisher: Computer Science Press, Inc.
Copyright: 1989
------------------------------------------------------
8.)
Smith, Martin R.
Ttile: CommonSense computer security:our practical guide to information protection. 2nd
edition
London
Publisher: McGraw-Hill Book Company
Copyright : 1993