Thursday, June 6, 2019

Security Requirements & Possible Risks Essay Example for Free

Security Requirements Possible Risks EssayHuffman Trucking, an established trucking comp any since 1936, has recently pass the implementation of a new Benefits Elections dodging to assist management in tracking and reporting the benefits of both union and non-union employees. A database governance forget be utilized to store critical data such as employee information, along with the benefit package of their choosing. Storing such information requires necessary pledge sum of moneys to be in place to delay the total protection of the data within. The risks associated with storing critical information must also be totally addressed so Huffman Trucking empennage develop effective action plans to prevent potential threats from harming the organization. Regardless of the storage method when handling critical information, credential measures must be implemented to in effect protect the data, as rise as the company as focalises from potential threats such as theft or litiga tion.Security RequirementsWhen it comes to effectively protecting company data, any organization has the great responsibility to identify as well as implement security policies, values, strategies, processes, procedures, and best practices to fully ensure data protection, as well as ensure that organizational goals and objectives argon continu eachy being met (Reiner, 2008). The information that will be stored within the Huffman Trucking database will include employee names, social security numbers, birthdates, etc. The loss of such data can ultimately not only harm the employee, but the organization as a whole. In an sweat to reduce and/or eliminate such risks, security requirements for the Benefits Elections System should include firewall security, encryption, and password protection and substitution.Firewall security is an absolute necessary security requirement to effectively protect the database from malicious attacks such as hackers. Firewall security refers to a network de vice that will block certain types of network traffic, forming a barricade mingled with a trusted and an untrusted network ( dingle, 2013). The purpose of this security measure is to prevent the spread of computer attacks by blocking vex to information from unofficial sources. Due to the amount of sensitive data that will be stored within the musical arrangement, it is recommended that the firewalls should be configured to support the default-deny policy, in which the allowed network services are listed, and everything else is denied (Dell, 2013).The use of encryption will also enhance the security of the information that will be stored within the Benefits Elections System. Encryption is a simple security measure that will distort the information contained within an employee file so that it can be viewed only by the authorized users who have the proper encryption central to decipher it. Much like firewall security, it will block unauthorized users from accessing confidential i nformation by making the data impossible to view.news protection and renewal are crucial security measures that must be enforced by Huffman Trucking to ensure the protection of data stored within the Benefits Elections System. Authorized users should protect their passwords at all costs unprotected passwords leave critical data vulnerable to access by unauthorized users. Recommendations to ensure a password is protected include * Password length A password should always be at least eight characters long.* Complexity Make a password as interlocking as possible by using a variety of letters, numbers, symbols and punctuations. The more complex the password, the better protected it is. * Variation Change a password at least every three months, if not more. * Variety Use different passwords for different accounts. Never use the same password for everything. * Confidentiality Never share or write down a password. Writing down or sharing a password leaves critical data vulnerable in ways that nearly people can never imagine.The ability of an organization to renew passwords frequently is a significant step towards enhanced data protection (Brown, 2010). To enhance the authorization of password renewal, system users should not have the ability to use previous passwords when renewing the current ones. Implementing password renewal on the Benefits Elections System will ensure security measures are continually enforced, especially in the event that if an unauthorized user were to gain access to the system, the password would only be good for a specific length of time before it will be changed. Possible RisksRisk is a term that most people, as well as organizations, are familiar with. Risk can be defined as the probability of any possible threat turning into a disaster, which is why significant measures are often taken to reduce and/or eliminate such possibilities. By utilizing a SWOT analysis (Strengths, Weaknesses, Opportunities, and Threats), Huffman Trucking can eff ectively determine the vulnerabilities associated with implementing a Benefits Elections System, and develop action plans to correct the vulnerabilities to prevent the risks from becoming reality. Several risks are often associated with the implementation of a new system, however, the main risks that must be considered by Huffman Trucking include database corruption, human error, and hacking and other malicious attacks.Database corruption is likely the most common cause of data loss within an information system (Mulvey, 2006). Database corruption damages the database and impairs functionality. Memory errors, network errors, power glitches, PC crashing when the database is open are all examples of incidences that can lead to database corruption. Data corruption is unfortunately essential however, there are several practices that can be done to avoid such a threat. These practices include, but are not limited to * Ensuring the network is set up properly.* Running Scandisk and Defrag often to ensure hard disk functionality. * Refraining from using databases during thunderstorms to avoid power glitches. * Ensuring the database is implemented correctly, and is ready to be utilized by all system users.Human error is perhaps one of the biggest threats that can lead to data corruption. It is important to keep in mind that the greater the number of system users of the Benefits Elections System, the more chances there are for crucial information to be leaked or mishandled. Taking the proper precautions to safeguard the data (this should include a thorough reproduction after system implementation) to ensure the information is appropriately handled at all times is vital to the well-being of both the employees, as well as the organization. attached the amount of sensitive information that will be stored within the Benefits Elections System, it is obvious that Huffman Trucking must be aware that cyber-criminals will try to gain access to such data should it be left unprot ected. Breaking into information systems for malicious intent is something that has made security what it is today thorough and inflexible.Hackers are smart like a shot they can make use of a number of tools and techniques to grant them access to information, which can have damaging effects on the victim(s). The possibilities of what a cyber-criminal will do once he or she has access to sensitive information are endless however, one thing is for sure the victim(s) could virtually lose everything. Without the proper security measures that were previously mentioned in place, the Benefits Elections System will be vulnerable to hackers and other malicious attacks.Thoroughly examining the potential risks with the implementation of any information system will allow an organization to effectively develop action plans and enforce the necessary security measures required to reduce and/or eliminate such risks. A thorough and effective risk analysis will demonstrate how firewall security, enc ryption, and password protection can reduce the risks of database corruption and malicious attacks. Like any information system, the Benefits Elections System will prove to be vulnerable to potential threats if not protected at all costs.ReferencesBrown, T. (2010). Protecting Organizations Most Critical Data with Privileged Password Management. New York, NY Auerbach Publications . Dell. (2013). Retrieved from http//www.secureworks.com/resources/articles/other_articles/firewall-security/ Mulvey, A. (2006). QA Database Corruption. Retrieved from

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.