Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
Infrastructure and Security
Relationship Between Infrastructure and Security
Data is the most valuable asset for a data collection and analysis company. Therefore, the security of this data should of utmost importance to the company. The context of data determines its overall value. Information Technology for any company is valued based on its ability to present, store, analyze, manage, and protect the data in order to support the operations of the company. Data might have different value based on the type of data, but all data should be kept safe at all times. The value of data is placed depending on the usability of the said data. While any data can be said to be valuable, corrupted or incomplete data would not be valuable to any company (Chou & Sengupta, 2008). Therefore, there is need to ensure and guarantee the safety of data. The infrastructure that is put in place should be aimed at capturing, storing, and securing the data in its entirety. This means that the data should be verified to determine its correctness and when stored there should be systems in place to ensure that its storage is not interfered with in any way. Storage systems should also have backups to ensure that data is always secure and available even if one of the storages fails. Data transmission should be secure to ensure that transmitted data is secure and there is no possibility of the data being accessed when in transmission. The infrastructure that is used for the transmission of the data is what will determine how secure that data is during transmission. There should be strong controls in place to guarantee the safety of data at all time. The nodes that are being used to transmit the data should also be securely set up. This means that the nodes should have adequate security measures in place to safeguard the data before transmission. Nodes should also be setup up properly to ensure that they are secure.
Rationale for The Logical and Physical Topographical Layout of The Planned Network
A logical layout shows the logical aspects of the network. This will include logical networks, the assigned IP addresses for various hosts and devices, routing tables and other items. In the logical diagram’s details regarding actual interfaces and physical cables are not required and they are mostly excluded. A physical layout shows the physical location of devices and the connections between the devices participating on the network. These diagrams depict workstations with small computer icons, servers with full tower cases, rectangular boxes are used to depict switches and other similar devices. The diagrams or layouts are vital for security, troubleshooting, and management reasons. when troubleshooting it is easy to look at...…for restoring affected data to its original state.
Availability of data is guaranteed by maintaining all hardware. There should be routine hardware check and any hardware issues detected should be acted upon immediately. There should be a clean operating systems environment to eliminate software conflicts. The organization should be current with all system upgrades required in order to seal any vulnerabilities. Availability is also guaranteed by ensuring that there is adequate bandwidth. This will ensure that there are no bottlenecks when employees are trying to access files on the server. Bandwidth will also ensure that traffic is properly routed and there are no delays experienced.
Ethical aspects related to employee behavior, contractors, password usage, and access to networked resources and information
Employees and contractors should at all times be trained to do what is right with the information they have access to. There should be no sharing of passwords, and access to information should not be given to unauthorized persons or co-workers. The policy will layout the undesired things for the employees and those for the contractors. Contractors will be required to present their credentials before they can be allowed to access the organization's offices. They are also required to only undertake their work and they should not share any information that they come across in the performance of their duty with any other person.
References
Chou, D., & Sengupta, S. (2008). Infrastructure and security Practical guide to clinical computing systems (pp. 37-78). Amsterdam, Netherlands: Elsevier.
Huy, H., & Ahn, G.-J. (2015). Virtualizing and Utilizing Network Security Functions for Securing Software Defined Infrastructure. Paper presented at the Looking Beyond the Internet Workshops.
Ibrahim, A. S., Hamlyn-Harris, J., & Grundy, J. (2016). Emerging security challenges of cloud virtual infrastructure. arXiv preprint arXiv:1612.09059.
To offer an information security awareness training curriculum framework to promote consistency across government (15). Security awareness is needed to ensure the overall security of the information infrastructure. Security awareness programs is the can help organizations communicate their security information policies, as well as tips for users, to help keep systems secure, and the practices the entire organization should be utilizing. However, as Kolb and Abdullah reiterate, "security awareness is not
Also, it goes without saying that anyone hired in an important position like this one should have a wealth of experience and knowledge pertaining to information technology and information security (Slater, p. 2). The broad spectrum of activities a CSO must engage in Author Tyler Justin Speed explains that while it security staff can be counted on for the most part to protect stored digital data, unless the chief of
They need to know what their responsibilities are not only as individuals but also as team members and corporate employees. David cites an excerpt from a corporate security document that illustrates his point: "A security policy serves many functions. It is a central document that describes in detail acceptable network activity and penalties for misuse. A security policy also provides a forum for identifying and clarifying security goals and
This researcher rejects the existence of online communities because computer mediated group discussions cannot possibly meet this definition. Weinreich's view is that anyone with even a basic knowledge of sociology understands that information exchange in no way constitutes a community. For a cyber-place with an associated computer mediated group to be labeled as a virtual settlement it is necessary for it to meet a minimum set of conditions. These are:
Microsoft proposes six steps to enable proper reactive management of security risks which include: protecting safety and life, containing and assessing the damage, determining the cause of and repairing damage, reviewing risk response and updating procedures in the hopes of preventing risk in the future (Microsoft, 2004). A proactive approach is much more advantageous however as it enables corporations to prevent threats or minimize risks before negative occurrences happen within an
Even though there is always some form of a risk involved in the coding technique together with the deployment methods of a website, some technologies such as PHP and MySQL form some of the worst aggravators of online website security. The loopholes that exists in the use of these technologies results in some of the worst hack attacks and security breaches ever experienced in the field of web design. The