Login Signup
Verified Document

IT Plan As The World Continues To Essay

Related Topics:
Computer Viruses Pharmacy Unix Security Breach
Open Document Cite Document

IT Plan As the world continues to evolve with technology and technological advances, certain problems arise that requires precise and involved management of these advances. The purpose of this essay is to examine the importance of information security systems and how they demonstrate their importance in the commercial world. To do this, this essay will be presented from the viewpoint of an Information Security Officer (ISO) who has been tasked to identify the inherent risks associated with a business operation and to establish physical and logical access control methods that will help minimize those risks. A scenario has been created to help explain this process where a pharmacy and its accompanying information systems scheme are presented to give an example of how this may be done.

In order to accomplish this task, this report will first identify the physical vulnerabilities that are given in the directed scenario before identifying the logical vulnerabilities and threats that require an ISO's consideration. Next, the potential impacts of all of these threats will be presented in order to formulate a solid solution to the problem. The logical threats and vulnerabilities will also be discussed in terms of their full impact on the situation. This report will then move into a mindset that attempts to thwart and lessen these threats as controls are introduced to help mitigate each risk presented.

Background Scenario

This particular scenario revolves around a pharmacy store and their associated information and computing systems that are being utilized by the leadership at this store. As the ISO for this organization, it is my responsibility to ensure that these systems are safe, secure and, most importantly, fall within the larger strategic concept of the firm. The pharmacy itself contains several important details that will help shape and define the controls that will eventually be implemented.

The pharmacy is a standard square store with some unique features. The front entrance of the store, leading from a larger mall, is where most of the interaction with customers begins. There are three windows in this store that have personal computers to assist the customers and their purchases. The back room has a unused caged area, drug inventory and an office with the information systems components. In this architecture, these components consist of a firewall system, a server domain controller, a file server and another computer. The system runs on a TI line to communicate between machines and elsewhere. There is also a rear entrance to this shop that is used for employees only.

Ultimately, the ISO is responsible for ensuring that this system operates fluidly and efficiently. This requires having knowledge and understanding of the users of the system, the hardware, software, operating system and network administration. Only when all of these prerogatives are matched with an accompanying plan, will this pharmacy be safe to operate within. .

Potential Physical Vulnerabilities

The physical layout of the store provides the best information on how to identify physical threats to the pharmacy store. The most obvious of these factors can be understood by the location of the most important items of the system. In this particular instance, there are some glaring problems with the physical security of this pharmacy.

The main components of the network, the firewall, server and controllers are all located within an unsecured office location. Any individual wishing to invade the physical space of this system would be relieved to know that there is very limited physical security associated with the network itself. The back door's location also denotes this risk as well.

The physical constructs of this system is not taking into consideration one of the biggest threats to security, the employees themselves. Prince (2009) explained that "Employees with malicious intent have always been the biggest threat to an organization. " Hiring practices are never perfect and the human condition will always surprise, so it is important to defend against this threat even if it is not obvious.

Any employee to the pharmacy has direct access to all of the drug inventory, but more importantly the computer systems as well. . Theft of equipment or vital data can have a large and significant effect on any organization. Theft of important equipment within the firm, such as cables, routers or even computers can have a big affect. For example, if someone were to take a vital piece of equipment, it could cause the whole system within the organization to completely shut down, or could even open up holes for security breaches to occur. Employees are most familiar with their employer's computers and applications, including...

The downsizing of organizations in both the public and private sectors has created a group of individuals with organizational knowledge,
Potential Logical Vulnerabilities

Logical vulnerabilities are much more prevalent in this case than the physical weaknesses. Most of the important information and data is stored on these computer systems and the risks appear to be great. The information contained is both confidential and valuable, making the security of this information an incredibly important task.

The first item to tackle in this case is viruses. Vernon (2012) explained "In terms of sheer frequency, the top spot on the list of security threats must go to viruses. According to a DTI survey, 72% of all companies received infected e-mails or files last year and for larger companies this rose to 83%." Computer viruses come in many different forms, much like real viruses and further dissection of this threat is necessary in order to truly understand it. There are many threats that could cause a great amount of damage to an IT system; these threats include aspects such as: Worms, Malware, Viruses, Trojan Horse and many more.

Worms are malicious programs that make copies of themselves over and over, on the local drive, network, email, or Internet. A Trojan horse may actually appear to be a useful application, which is why so many unsuspecting people download them. A Trojan horse might be disguised as a program intended to rid a computer of viruses, yet actually be used to infect the system instead. Spyware is a program that secretly records our actions on a computer. They can be used for legitimate purposes, however the majority of spyware is malicious and dangerous. Its aim is to capture passwords, banking credentials and credit card details.

Potential Impact of Vulnerabilities and Threats

Once again, the internal threat is most significant when dealing with the potential impacts of the physical vulnerabilities of this system. The user is the most important aspect of this system because they will have the most exposure to the system Every day the employees who are responsible for handling customers requests and navigating the computer system put themselves front and center into the eye of this dangerous storm. Problems with the system must be kept at a minimum, otherwise as the ISO, the employees will be forever asking questions demonstrating the ineffectiveness of the plan.

The end-users will always be in close proximity to the hardware, and will consistently be using the software to help customers. Most of these people will not have much technological knowledge, outside of the training they would receive from me the ISO. People are more important than the technology and this must always be kept in mind as things may continue to evolve and change. People themselves will make or break this system, and the technology is useless until a proper purpose can be applied to it in order to make things work.

Potential Impact of Threats in The Network

What is exactly at risk for the pharmacy? The potential that the cumulative risks presents is very large and overwhelming. The entire organization is at risk once it places so much emphasis on the information systems it uses to command and control the organization. Recognizing these threats can be accomplished by applying some common sense and a vigilant attitude towards keeping things clean and safe.

As the ISO it is important to realize what exactly needs to be protected and why. In addition to understanding these priorities, education of others is also important as well to limit these type of threats. Backup systems and storage options are also at risk as well. It is very important to work closely with the leadership of the organization to determine what exactly is the most important information and determine the overall strategic outlay for the entire organization.

The National Institute of Standards and Technology presented the most comprehensive take on the threats posed to information systems. In their handbook on computer security it stated "computer systems are vulnerable to many threats that can inflict various types of damage resulting in significant losses. This damage can range from errors harming database integrity to fires destroying entire computer centers. Losses can stem, for example, from the actions of supposedly trusted employees defrauding a system, from outside hackers, or from careless data entry clerks."

Some of the threats are more obvious than others. It is apparent that the customer account information is most important. If this data is hacked, valuable and sensitive information about medical histories and finances…

Continue Reading...
Sources used in this document:
References

Jackson, W. (2013). New strategy for IT security: Focus on the systems not the threat. GCN, 2 May 2013. Retrieved from http://gcn.com/articles/2013/05/02/it-security-strategy-focus- on-systems-not-threats.aspx

The National Institute of Standards and Technology (2013). Special Publication 800-12: An Introduction to Computer Security: The NIST Handbook. Updated 25 Jan 2013. Retrieved from http://csrc.nist.gov/publications/nistpubs/800-12/800-12- html/index.html

Prince, K. (2009). Top 9 IT Security Threats. Sarbanes-Oxley Compliance Journal, 24 March, 2009. Retrieved from http://www.s-ox.com/dsp_getFeaturesDetails.cfm?CID=2461

Vernon, M. (2012). Top Five Threats. Computer Weekly, 21 Sep, 2012. Retrieved from http://www.computerweekly.com/feature/Top-five-threats
Cite this Document:
Copy Bibliography Citation

Related Documents

Essay
Executive Business Program As the World Continues
Words: 588 Length: 2 Document Type: Term Paper

Executive Business Program As the world continues to globalize, education becomes more important than ever before. There was a time when experience and a high school diploma could get someone a position, and with years of dedication and experience they would advance without ever furthering their education. Those days are gone for good. In today's world, higher education is the key to being able to define and achieve one's professional

Read More
Essay
World War I Journal Exercise
Words: 2142 Length: 6 Document Type: Term Paper

Lesson 6 Journal Entry # 9 of 13 Journal Exercise 6.4B: Responding to Literature Modern British Poetry Lesson 6 Journal Entry # 10 of 13 Journal Exercise 6.5A: Responding to Literature The poem was written in 1919, which is immediately after the First World War. I think that Yeats is, on one hand, enthusiastic about the end of the world and the coming of a new era. On the other hand, I think he is

Read More
Essay
Africa the World's Forgotten Stepchild
Words: 2671 Length: 10 Document Type: Term Paper

World Trade issues are an important issue to the plight of Africa as well. Providing a more level playing field for Africa to get into the game will set the wheels in motion for improvement and allow Africa to begin reaping some of the benefits of the world trade agreements. That money can be funneled back into the development of the continent thereby reducing the need for outside funding. Debt cancellation

Read More
Essay
Global Management Strategy Of Disney World
Words: 2501 Length: 9 Document Type: Essay

Essay Topic Examples 1. Adapting to Cultural Diversity: Disney's Global Park Strategies     This essay would explore how Disney World tailors its management strategies to accommodate diverse cultural preferences and practices across its international parks. It would involve an in-depth look at how the company navigates cultural nuances, adjusts its entertainment offerings, and trains its staff to effectively manage a global brand while maintaining local relevance. 2. The Expansion of the Disney Brand: Success

Read More
Essay
World's Economy Continues to Struggle It Has
Words: 1598 Length: 6 Document Type: Research Paper

world's economy continues to struggle it has become fashionable in some political circles to advocate the adoption of a type of tax described as a carbon tax as a method of minimizing spiraling government costs. Use of the word, "carbon," is somewhat misleading. The broad meaning of the carbon tax term is to define a tax that is designed to not only raise revenue but also change the behavior

Read More
Essay
Marshall Plan and the Post
Words: 6775 Length: 20 Document Type: Research Paper

Thus, paramount American interests were to be presented as being really the interests of the Europeans themselves. It would be a situation wherein America was simply helping along people who were, at present, unable to adequately help themselves. The concept had much in common with the goals of many charity or self-help organizations - people grow and are transformed by learning to help themselves. They are given assistance so as

Read More

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now