IT security implementation strategies and best practices

IT Security

A major challenging impacting employers, is having a comprehensive security plan that will safeguard the personal information of their clients and employees. While at the same time, it must be able to streamline the different administrative and technical functions. The result is that firms must develop and update their strategies to deal with the changing nature of the threats they are facing. To fully understand how they are able to achieve these objectives requires focusing on the data security coordinator, internal risks, external risks, external threats and data protection. Together, these elements will illustrate which factors are most important and the way an organization can mitigate them over the long-term. (Oz, 2009) (Sousa, 2014) (Veiga, 2007)

Data Security Coordinator

To be more effective, all firms must introduce a proactive approach that deals with possible challenges early and utilize their experiences to enable the organization to achieve critical objectives. While at the same time, they have to be capable of understanding and addressing key areas of resistance through a hybrid model. The implementation will focus on rolling out new solutions within a 6-month timeframe. During this time, employees will be provided with initial and continuing training. Testing will involve consultants testing the systems vulnerabilities. The service providers will work with this individual to understand what is most important to them and deal with these issues early. (Oz, 2009) (Sousa, 2014) (Veiga, 2007)

Internal Risks

Internally, there will be a series of checks and balances to prevent breaches from rouge employees. This means that the passwords will be changed every 60 days. There will be restricted access to the most sensitive information based upon a series of firewalls. The records will require entering three different user names and passwords to access them. Any unusual activities will be reported to data security coordinator. They will isolate and analyze the nature of the threats. Terminated employees will not have access to company platforms (via a suspension of their clearance). (Oz, 2009) (Sousa, 2014) (Veiga, 2007)

External Risks

To prevent breaches a series of firewalls will be interconnected. This will prevent hackers from accessing information by going through one security protocol. The data files will be encrypted when they are viewed and transmitted. At the same time, the IT strategy addresses authentication procedures through determining where the network is accessed and who it is. The controls will monitor who accesses various parts based upon varying levels of clearance. (Oz, 2009) (Sousa, 2014) (Veiga, 2007)

External Threats

Viruses, worms and Trojan horses have the potential to create major disruptions. This is because infected files could limit access to the data and enable hackers to steal it. Spyware and adware is when someone uploads a file onto the company's network. Zero hour attacks are seeking to exploit an unknown vulnerability. Denial of service attacks is flooding the firm's servers with traffic. To deal with these threats, outside consultants will work anonymously to determine which vulnerabilities are the biggest threats to the firm. This is when they can introduce solutions to counteract them. (Oz, 2009) (Sousa, 2014) (Veiga, 2007)

Data Protection