Information Technology IT Security Implementation Term Paper

Length: 10 pages Subject: Education - Computers Type: Term Paper Paper: #97423859 Related Topics: Information Technology, Security Breach, Computer Viruses, Security Principles
Excerpt from Term Paper :


IT Security Implementation

Provide a summary of the actual development of your project.

Because small corporations have to work under conditions of conflicting information technology in many instances, the requirement of maintaining these systems details entails far too many time-consuming processes that have to be carried out. This allows for the business to work in a logical order and promotes a more logical approach to the making of business decisions. The end result is organizational progress and consistent profitability. Thus, the lack of having an IT Security Policy Plan in place may keep the organization from reaching its organizational potential. This project's main objective and expected outcome entails designing a network security plan for implementation and then detailing the process of implementing the program. The purpose is to address the various aspects of having a written and enforceable technology security policy as well as describing an overview of the necessary components for an effective policy to remain functional. The intention is to provide enough detail for a reader of this policy to gain the necessary understanding of the underlying processes, methodologies, and procedures that would be needed to initiate the development for the small corporation's system -wide IT Security Policy.

When developing an IT Security Policy Plan, it is important to keep in mind that the 'defense in-depth' model which entails the company not being overly reliant on one single principal means for protection (or layer). Instead, this particular design will take into consideration the development of the security program that has the potential capability to provide multiple layers of defense in order to ensure a maximum level of protection for the organization's data and resources and will minimize the potential for data compromise. As is the expectation of any policy creator, the organization should keep in mind that an IT Security Policy Plan can only protect data from known or existing information compromising processes or other exploits. All organizations' network data and systems are potential targets for hazardous exploits, however, with an effective Information Technology Security Policy Plan, this implementation plan should enable the network administrator to effectively detect blatant or less obvious anomalies in the current or in future network traffic. Therefore, the organization will have the ability to take proper steps toward mitigation of the potential problem, i.e., implantation of this proactive vs. A reactive system.

This project proposal defines a viable IT Security Policy Plan for any small business network that has thirty computers or less with three or less servers and that has an operating range of services that include traffic from Web-based applications, e-mail, and an application database. The E-mail system for smaller organizations will require continual security upgrades based on risk factors the current lack of e-mail security will affect the overall system performance.

Include a precise description of your project.

This project entails delivering an IT Security Policy Plan that would serve to meet the company's most critical elemental needs. The policy has the objective of identifying all of the necessary detailed policies and procedures, rules and process methodologies that everyone who uses or accesses the organizational computer resources must adhere to which will ensure more reliable confidentiality, integrity, and availability of the organization's data and resources. The main advantage of this process will document an organization's security posture as well as describe and assign functions and responsibilities, grant authority to security professionals, and identify which incident and response processes and procedure needs to be followed.

It must be understood that all security-related decision's made or fail to be made determine how well and how secure or insecure the organizational network will be. The functionality of the organization's network will provide insights into how easy or difficult the network will be to use. Part of this implementation process will also take into consideration the organization's security objectives and goals. This will make effective use of the collection of all security tools so that administrators will check for any new restrictions to impose.

Security and ease of use are supposed to be inversely proportional. There will never be a 100% completely secure system. The underlying objective is to concentrate on reducing as much risk as possible while at the same time not bogging down system resources. Network security has the intimidating task of protecting all members of the organization from all potential threats. Consider the responsibility in organizations such as banks and financial institutions, insurance


Other companies that have to provide security services include utility and chemical companies and universities. Security takes on new meanings in each of these situations because of each industry's unique requirements.

Include an expanded discussion of your review of other work done in the area.

Network security for either internet or internal networked infrastructures has been required to deliver three main objectives seamlessly. The small business atmosphere requires that these basic security concepts, confidentiality, integrity, and availability all must be met. IT Security Policy Plans have historically allowed organizations to address these needs by clarifying processes of authentication, authorization, and nonrepudiation." Other networking plans may or may not address these needs because network security means different things to different organizations. For example, one administrator may consider illegal network access to be a stalled computer communication system process similar to those perpetrated on Yahoo a few years ago while another administrator may see the problem to mean the execution of a highly placed spy bot. In each case, the solution to the network security problem would entail a completely different solution based on the administrator's position.

It is critical to understand the significance of work in the area of network security. There have been instances of children at the high school level that were attaining poor overall grades still having the ability to gain unauthorized access to totally secured network infrastructures at the department of defense, the department of transportation and other highly secured environments. These kids know exactly how and what to do because these adolescents have literally grown up with this new networking technology. Kids today generally understand the underlying concepts of network security very well. Add the threat of more sophisticated network hackers and professional terrorists and the reality of whole foreign nation's who need some competitive advantage and the concept of computer criminals and network intruders take on new meanings. Administrators have to be aware of the plethora of techniques of breeching network security such as probes, scans, account compromise, root compromise, packet sniffers, denial of service attacks, exploitation of system trust, basic malicious code implementations, and the many other internet infrastructure attacks. Of course, the real threat to network security in the majority of cases is not some world class hacker, it is usually a typical employee that utilizes an unsecured password or forgets to log off in the evening. A viable and effective IT Security Policy Plan provides a network security engineer the proper tools to address all of these concerns and more. AMR Research has in the past relied on expert-level analysts that have the ability to evaluate trends in the market and therefore be able to offer guidance to organizations in need of VPN and SSL connections. Protecting the organizational intellectual property is a key organizational objective in the proper institution of this IT Security Policy Plans will be mission critical.

Include an expanded discussion of your Rationale and Systems Analysis for the project.

To expand on the Rationale and Systems Analysis, the focus will be in network setup. The underlying goal is to address as many system access points with the intent of securing these various points of security breaches. For example, a single node that may not even have any highly secure data on it directly can still be access point for the entire network and allow unauthorized access to the entire organization's mission critical information. The idea is to create a plan that will keep seemingly innocuous data points from compromising the computer system.

Every single node is an access point that can provide data such as hardware capabilities, software available, operating and network system configuration data, type of network connection and router points, system or individual phone numbers, and most important, access and authentication procedures currently in place. In the hands of a capable individual, this type of information can provide enough data to enable unauthorized individuals to obtain access to the more mission critical data, files and programs needed to secure the system. Even in fun, hackers have established games or contests with the sole intention of gaining system access information with techniques like trashcan diving or social engineering. It is unbelievable how often security information like passwords, access control files and keys, company or personnel data or whole detailed encryption algorithms. The key here is that no organization that utilizes open ended networking infrastructure or who utilizes the internet is immune to these types of networking security breakdowns.

Project Goals and Objectives:

Review the list…

Cite this Document:

"Information Technology IT Security Implementation" (2009, November 24) Retrieved June 26, 2022, from

"Information Technology IT Security Implementation" 24 November 2009. Web.26 June. 2022. <>

"Information Technology IT Security Implementation", 24 November 2009, Accessed.26 June. 2022,

Related Documents
Security Planning for Information Technology IT
Words: 2196 Length: 8 Pages Topic: Education - Computers Paper #: 89597011

IT Security Plan The technological advances that have been witnessed in the past twenty to thirty years, has placed a tremendous emphasis on data and information. Computers have changed the world in many facets and the ability to communicate and perform work have been greatly assisted by the digital age. Along with these new found powers, there exists also new found threats. The ability to protect these investments and resources of

Information Technology IT Acquisition Management
Words: 5944 Length: 14 Pages Topic: Education - Computers Paper #: 46513353

IT Acquisition Management for a new Video Shop Individual Project Activities Identification of a problem Organization: Component: Showtime Video Store Business Capture Group The problem is that there is no real information technology security measure employed in the video shop. There is very little awareness of the necessary IT security measures amongst the current management heads which is why they need an effective IT security plan and structure to implement to ensure there is no copyright infringement

Information Technology Change Management in Home Health
Words: 1391 Length: 5 Pages Topic: Business - Management Paper #: 68049573

Information Technology Change Management in Home Health Care I hope enjoyed time holidays. Now back work . In team task week, a topic weekly focus debate paper labor unions change process. There sufficient information argue sides. Let . See: The labor union change process difficult employees management; I labor union make process a bit easier parties. Implementing Information Technology Change in a Health Care Facility There is a shift from the traditional institutionalized

Information Technology Acts What Were the Advances
Words: 660 Length: 2 Pages Topic: Business - Advertising Paper #: 63225460

Information Technology Acts What were the advances in information technology that resulted in new ethical issues necessitating the creation of each act? One of the common challenges that most regulations will face is keeping up with the changes in the technology. As the law, is designed to provide everyone with some kind of protection against potential abuse. However, improvements in technology have transformed the way that everyone is living their daily lives.

Information Technology an Effective Project
Words: 1908 Length: 6 Pages Topic: Business - Management Paper #: 85343597

It is possible to avoid becoming a victim of such crimes through some basic precautionary methods. Firstly, it is essential to store or discard personal information in a careful manner. This means personal documents should not be left lying around or shared through internet. All personal information should be stored in a secure place. All sorts of old receipts, expired cards, bank statements and checks should be disposed of

Information Technology Aquarius Marketing Project
Words: 3970 Length: 12 Pages Topic: Business - Management Paper #: 3202159

Migrate off of any individualized content management systems and processes not integrated to a single portal platform for greater cost and time savings in administration. Olson (32) provides an excellent case study on how universities are making use of open source portal applications to alleviate redundant and often conflicting data in multiple portals on an IBM WebSphere platform Define and build out a portal development plan that encompasses all shared processes