Running head: ORGANIZATIONAL SECURITY 1
ORGANIZATIONAL SECURITY 7
CDU International College
MQP 008
Report on Security Issues in the Fugle Company
Marufa Binte Muztaba
Date: 22th April 2020
Student ID:S33821
Length: 1500 words (+/-100)
Introduction
When we consider every modern business, we find that none lacks security issues. This means that we need to look into how to come up with secure systems. Information security stands for prevention or the practice of preventing access of data by unauthorized user. The information does not need to be electrical for it to be secured, even physical information is put into consideration. The purpose of writing this paper is to talk about Fugle Company by describing its information system, outlining the main risks that the system might be exposed to and the ethical issues that need to be considered in order to maintain the security of information in Fugle, (Trend Micro, 2015). For this company to succeed, information security has to be up tight. This technological company has developed an application that you can pay using your fingerprint. A lot of attention has been drawn to it which has risen questions of how secure the application is, (Dooley, 2017). With the scheduled time for launching the application, the company experiences a lot of pressure because they do not want to launch it before considering all the security issues with their budget, and at the same time they do not have a lot of time. The security issues addressed here apply to the HRM, product development, accounting, and marketing information systems.
Information Systems and their Assets
There are four main key information systems in Fugle. When dealing with an information system, we basically mean the software that a company used to analyze and organize its data. It is used to convert raw data into information that can be understood and be used for effective decision making. There are key assets that each one of the four keys have been assigned to protect. We can define an asset as something that is useful for the company that brings profit to it. It is very important to know how to handle threats that are imposed to these assets because they can have a major impact on the future of the company and its viability. In fugle, the main responsibility of the market information system is to make sure that information in the company concerning marketing is not breached. The company’s major assets are its customer Intel and information concerning the asset. This is seen by when Dave is called and is told that there was an attempt of people hacking the data concerning the clients of the company, ( Lowry, Dinev, and Willison, 2017). This would mean that there is a confidentiality breach and the clients would not trust the company again. Also when journalists come to take a look at the product and they are given a controlled presentation it is because the product is still considered vulnerable to attacks. Information about the .
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Running head ORGANIZATIONAL SECURITY1ORGANIZATIONAL SECURITY.docx
1. Running head: ORGANIZATIONAL SECURITY 1
ORGANIZATIONAL SECURITY 7
CDU International College
MQP 008
Report on Security Issues in the Fugle Company
Marufa Binte Muztaba
Date: 22th April 2020
Student ID:S33821
Length: 1500 words (+/-100)
Introduction
When we consider every modern business, we find that none
lacks security issues. This means that we need to look into how
to come up with secure systems. Information security stands for
prevention or the practice of preventing access of data by
unauthorized user. The information does not need to be
electrical for it to be secured, even physical information is put
into consideration. The purpose of writing this paper is to talk
2. about Fugle Company by describing its information system,
outlining the main risks that the system might be exposed to and
the ethical issues that need to be considered in order to maintain
the security of information in Fugle, (Trend Micro, 2015). For
this company to succeed, information security has to be up
tight. This technological company has developed an application
that you can pay using your fingerprint. A lot of attention has
been drawn to it which has risen questions of how secure the
application is, (Dooley, 2017). With the scheduled time for
launching the application, the company experiences a lot of
pressure because they do not want to launch it before
considering all the security issues with their budget, and at the
same time they do not have a lot of time. The security issues
addressed here apply to the HRM, product development,
accounting, and marketing information systems.
Information Systems and their Assets
There are four main key information systems in Fugle. When
dealing with an information system, we basically mean the
software that a company used to analyze and organize its data.
It is used to convert raw data into information that can be
understood and be used for effective decision making. There are
key assets that each one of the four keys have been assigned to
protect. We can define an asset as something that is useful for
the company that brings profit to it. It is very important to know
how to handle threats that are imposed to these assets because
they can have a major impact on the future of the company and
its viability. In fugle, the main responsibility of the market
information system is to make sure that information in the
company concerning marketing is not breached. The company’s
major assets are its customer Intel and information concerning
the asset. This is seen by when Dave is called and is told that
there was an attempt of people hacking the data concerning the
clients of the company, ( Lowry, Dinev, and Willison, 2017).
This would mean that there is a confidentiality breach and the
clients would not trust the company again. Also when
journalists come to take a look at the product and they are given
3. a controlled presentation it is because the product is still
considered vulnerable to attacks. Information about the
company can be used against it to attack it and that is why he
refuses to let the journalist take word out about the product.
This is an asset to the company and if it is not well protected,
the company could move real fast from having everything set to
finding out that there is an imitation of the product out in the
market already and running. (Weller, 2007) states that the
biggest risk involved with these assets is the risk of accessing
all the information of the company’s customers that is in it. The
responsibly of the human resource information system in Fugle
is to make sure that there is no breach of information. Foxall
says the trends that threaten these assets include advanced
mobile internet, cloud technology, big data, adoption of the new
advanced technology and artificial intelligence. The
responsibility of the accounting system in Fugle is to prevent
fraud in the accounting management system. Its major assets
include its financial reports and records. Show that the risks
that these assets might face would be people giving
misappropriated assets and accounting records, (Bawaneh
2014). In fugle the main responsibility of the product
development information system it to make sure that they
protect the development process of the application. Its major
assets include the information concerning its development
basically. Threats, according to Forbes, might occur at any step
in the cycle of development. This means that testing for security
should be done in every single step from the beginning just to
be sure and safe.
Important Threats
We can define threats as anything that puts the company at a
risk of not succeeding or reaching its ultimate goal, (Jounin et
al. 2014) classifies them into four main dimensions. A threat
can be posed by accessing the emails that are targeting
customers. Very sensitive information is shared to customers
via email, and not only is it company sensitive but also
customer sensitive. Through email, clients share most their
4. details and expect that they have to be kept confidential by the
company. The HR information system is supposed to see to it
that this is ensured. Internal software devices making mistakes,
mobile devices that can actually access sensitive data. This is a
threat because if the device is out of the offices the information
will also be out. Also, another dimension of threat is AI bots.
They are known to collect data from existing clients which
means that if they can land in the hands of the wrong people
then the company can loose both existing and potential
customers. The last dimension is lack of control over access of
data, (Dhillon, Syed, and de Sá-Soares, 2017). This is actually
the biggest threat biggest it gives even the enemies of the
company access to the most sensitive information. Leaking
information to outsiders is giving them a chance to finish the
company. Every company’s information system is faced by
potential environmental threats like corruption or destruction of
information, fraud, disclosure and illegal usage. Nevertheless,
in other systems, there are other important types of threats. In
marketing information system, the most important threat to
consider is illegal use of information. This can be classified as
an external threat. A good example would be an attacker using
the normal company connection to attack the system that he
wants to. There are both internal and external threats in human
resources, (Foxall, 2018). Leaking of information like the
process of making a product is an example of an internal threat.
External threats, the ones that have been discussed above are
can be classified as human, environmental and technological
threats. An example from Fugle Company is when there was an
email that was targeting the customers of the company. In
accounting information the most important threat is disclosure
of information. This is an external threat. In fugle the perfect
example is if the company would have considered outsourcing a
third party to check the vulnerabilities, (Zhang, 2019). This
would have given them access to important information and
accounting reports. For product development, the threats are
theft and corruption of information which are both internal and
5. external threats. An example is when the reporters can to fugle
and Dave could not show them everything.
Legal and Ethical Implications
Fugle was fully compliant to legal requirements according to
the Australian laws. This means that the company has security
control in all its information and is protected from any kind of
malicious acts. Also, it means that legally, it has all the covers
that it needs and is operation under the Australian policy. The
laws include the privacy act, the crimes act and the interception
and access act among others according to, (Srinivas 2015).
Also, fugal has ethical reasons as to why it protects its
information. These are according to, (Computer Ethics Institute
1992) which state that a person is not allowed to snoop around,
a person should not steal using a computer, you should not bare
false witness with the help of a computer and you should not
imitate or even use a software that you have neither acquired
legally nor made yourself.
Conclusion
According to the discussion above we can deduce that
information security is mainly used for prevention from using
that data, disruption is, disclosing it to other people,
destruction, inspection, modification and recording of data that
is encrypted. Information system is used to convert raw data
into information that can be understood and be used for
effective decision making. There are key assets that each one of
the four keys have been assigned to protect. They include the
market information system which make sure that information in
the company concerning marketing is not breached, the human
resource information system, the accounting system whose
responsibility is to prevent fraud in the accounting management
system and the product development information system that
makes sure that they protect the development process of the
application. Every company’s information system is faced by
potential environmental threats like corruption or destruction of
information, fraud, disclosure and illegal usage. Nevertheless,
in other systems, there are other important types of threats.
6. There are both internal and external threats in human resources.
Leaking of information like the process of making a product is
an example of an internal threat. External threats on the other
hand can be classified as human, environmental and
technological threats.
REFERENCES
Bawaneh, 2014. Information Security for Organizations
andAccounting Information SystemsA Jordan Banking Sector
Case. Retrieved from:
http://www.irmbrjournal.com/papers/1405506805.pdf
Srinivas, S., White, N., Schoenmakers, M., van Reijswoud, V.,
Koopman, M., Zielinski, C., Mugarura, C., Assa, R. and Harish,
S., 2015. Checklist for the development of portals for
international development. Knowledge Management for
Development Journal, 14(1), pp.83-94. Retrieved from:
https://www.km4djournal.org/index.php/km4dj/article/view/384
Dhillon, G., Syed, R. and de Sá-Soares, F., 2017. Information
security concerns in IT outsourcing: Identifying (in) congruence
between clients and vendors. Information & Management, 54(4),
pp.452-464. Retrieved from:
https://www.sciencedirect.com/science/article/pii/S0378720616
302166
Dooley, D.A., 2017. Customizable computerized accounting
information system and methods of processing and securely
exchanging accounting data. U.S. Patent Application
15/371,169. Retreievd from:
https://patents.google.com/patent/US20170085538A1/en
Foxall, 2018. Five basic HR data security threats in 2018.
Retrieved from: https://www.hrmsworld.com/hr-data-security-
threats.html
Lowry, P.B., Dinev, T. and Willison, R., 2017. Why security
and privacy research lies at the centre of the information
systems (IS) artefact: Proposing a bold research agenda.
European Journal of Information Systems, 26(6), pp.546-563.
Retrieved from:
7. https://www.tandfonline.com/doi/abs/10.1057/s41303-017-0066-
x
Jounin, R., Rhine, E., Myhra, M., Sullivan, R. and Kruse, C.S.,
2014. Cyber threats to health information systems: A systematic
review. Technology and Health Care, 24(1), pp.1-9. Retreievd
from: https://content.iospress.com/articles/technology-and-
health-care/thc1102Weller, J., 2017. The Definitive Guide to
Marketing Information Management & Systems. Retrieved from:
https://www.smartsheet.com/marketing-information
Trend Micro, 2015. Targeted attack. The Game. Retrieved from:
http://targetedattacks.trendmicro.com/
Zhang, Y., 2019, April. Security Risk of Network Accounting
Information System and Its Precaution. In 3rd International
Conference on Mechatronics Engineering and Information
Technology (ICMEIT 2019). Atlantis Press. Retrieved from:
https://www.atlantis-press.com/proceedings/icmeit-19/55917207
CDU International College
MQP 008
Report on Security Issues in the Fugle Company
Name:
Date: 10th April 2020
Student ID:
Length: 1500 words (+/-100)
(Submit in Learnline under Assessments – Assignment 2 - View
Assignment – Add Content – Insert local file).
Introduction (approx. 200 words)
Security issues are present in every modern business.
Information security is defined as … ( , ). This report
introduces Fugle, describes its information systems, identifies
8. the threats to these systems and summarises the legal and
ethical issues involved in maintaining information security at
Fugle. Information security is critical to Fugle’s success.
Fugle Company is a technology company which has developed a
new product for … The product has attracted a lot of attention
but there are questions about its security. There is much
pressure to launch the product on time, and there is only a
limited budget available for security. This report outlines the
security issues that apply to the Marketing, Human Resources,
Accounting and Product Development information systems.
Information Systems and their Assets
Fugle has four key information systems. An information system
can be defined as …( ). Each of these systems have key assets
to protect. An asset is defined as … ( ). Threats towards the
assets contained in any of these systems could have a major
impact on the future viability of the whole company.
The Marketing Information System for Fugle is responsible
for… Its major assets include… According to Weller (2017) a
big risk to these assets is…
The Human Resource Information System for Fugle is
responsible for… Its major assets include… According to Foxall
(2018) these assets are under threats because of five trends
happening in businesses…
The Accounting Information System for Fugle is responsible
for… Its major assets include… According to Bawaneh (2014)
the key risk to these assets comes from …
The Product Development Information System for Fugle is
responsible for… Its major assets include… According to
Forbes Technology Council (2018) threats can occur at any time
in the product development cycle. This means …
Important Threats
Threats can be defined as … (). They have been classified by
Jounin et al. (2014) into five dimensions. The first dimension is
9. …
All the information systems have potential environmental
threats such as … However, some other types of threats are
more important to specific systems.
Illegal use of information is the most important threat for the
Marketing Information System. This is an external… … An
example of misuse of information would be …
Human Resources faces both external and internal threats. An
internal threat could be the accidental leaking of information
such as… On the other hand, external threats come from those
listed by Foxall (2018) These can be classified as …The most
likely threat example of these threats in Fugle would be…
As already mentioned the most important threat in the
Accounting information system is… This is a … threat. An
example in Fugle would be…
Product Development threats involve corruption or theft of
information. These can be classified as … and… .An example in
Fugle would be… According to
Legal and Ethical Implications
Specific Australian laws make Fugle responsible to keep good
information security controls. Srinivas (2015) summarises these
laws….
There are also ethical reasons for Fugle to protect its
information. The key ethical commandments from Computer
Ethics Institute (1992) include the commandments… These are
important for Fugle because…
Conclusion
The discussion above shows that…
References
Jouini, M, Ben Arfa Rabai, L & Ben Aissa, A 2014,
‘Classification of security threats in information systems,
Procedia Computer Science', 32, pp. 489-496,
https://www.sciencedirect.com/science/article/pii/S1877050914
10. 006528
Weller, J 2014, The definitive guide to marketing information
management & systems,
https://www.smartsheet.com/marketing-information.
Whitman, M & Mattord, H 2017, Principles of Information
Security, 7th edn., Cenage.