The discussion board must follow the formatting guidelines in The Publication Manual of the American Psychological Association (2010), (6th ed., 7th printing). One to two references. Information...

1 answer below »
Discussion topics 250 words for each question with 1/2 references.


The discussion board must follow the formatting guidelines in The Publication Manual of the American Psychological Association (2010), (6th ed., 7th printing). One to two references. Information security 1. Wk 1 - A goal of the IS security specialist is to "associate [security] risks with problems related to technology and human beings." What does this statement mean? 2. Wk 2 - Why are security policies important to an organization? Why is it important to have policies, procedures, and regulations written down? 3. Wk 3 - Imagine that the class is an IT Start-Up selling custom-designed t-shirts, hat, and sweatshirts. We have been tasked with designing a network for the company and management demands a completely secure network. It is decided to base the new system on a theoretical model. Which of the confidentiality and integrity models would you choose, and why? 4. Wk 4 - What kinds of systems might be valuable targets in information warfare? Discuss this as a group and create a prioritized list of targets. Describe the kinds of damage that could result if these systems were attacked. 5. Wk 5 - Suppose you are a security manager at a medium-sized company. Several people on the staff are reluctant to follow the company’s rules regarding the use of passwords. For example, these users may post their passwords in a conspicuous place, routinely use easily guessed passwords, or resist changing their passwords on a regular basis. How would you win such workers over to the notion that passwords must be used correctly? For the moment, set aside the premise that such users might be automatically shut out of the system for failing to use passwords in the prescribed manner. Approach the issue as though you must convince these users that the password system is in their best interest. 6. Wk 6 - Throughout this chapter, you have seen that the U.S. government prefers to keep cryptographic technologies secret for as long as possible. Why is this true? Do you think it’s proper for the government to restrict the export of cryptographic technology or to keep the nature of its own coding systems secret from the public? Discuss these questions as a class and be prepared to support your arguments. 7. Wk 7 - Every day, millions of corporate workers download files and email attachments, not knowing whether they could contain malware (such as viruses or Trojan horses). This happens even with appropriate use policies and warnings from administrators. How would you enforce such rules, without limiting the usability of workers’ systems? Integrated Business Processes 8. 7320 Wk 1 - ‘Please watch ‘Work-flow Process Automation in McDonald's Kitchen the video https://www.youtube.com/watch?v=bMhLL5Kks-E and answer or comment on the following questions: a) Identify and describe 3 processes in which you see the workers engaged. b) How does the configuration of the facility and equipment you see support these processes and align with them? c) Comment on how the processes, facility and equipment support efficiency, quality and standardization at McDonald’s. 9. 7320 wk 2 - Please watch ‘Business Transformation – What’s more important?’ the video ‘https://www.youtube.com/watch?v=BT8l087Dl9I’ and answer or comment on the following questions: a. How difficult do you think it is to identify the top few factors that matter in a business or business process transformation?  How would you go about identifying them? b. How would you go about changing mindset and behavior of employees so that change is accepted and will be successful?  What are some of the things you would do and why?
discussion-topics-sec-6010-2ghbqfd3.docx
Answered Same DayMar 05, 2021

Answer To: The discussion board must follow the formatting guidelines in The Publication Manual of the American...

Sunabh answered on Mar 09 2021
149 Votes
Final_51617_Post 1.docxRunning Head: MANAGEMENT        1
MANAGEMENT        4
INFORMATION SECURITY AND INTEGRATED BUSINESS PROCESSES (POST 1)
Table of Contents
Information Security    3
1. Week 1: A goal of the IS security specialist is to "associate [security] risks with problems related to technology and human beings." What does this statement mean?    3
Reference    4
Information Security
1. Week 1: A goal of the IS security specialist is to "associate [security] risks with problems related to technology and human beings." What does this statement mean?
Information technology (IT) has been growing with an exponential rate and its inclusion in almost every aspect of business not only makes business processes efficient but also they raise security issues. This is majorly because considering the growing number of users, business and devices, exposure towards the stored information or data increases. Therefore, risks associated with data breach or privacy breach increased. It would be essential to consider that ultimately human will be operating the technology, which may use in such illegal activities; therefore, information security (IS) specialist identifies the risks associated with the technology and the individual using it.
As the involvement of cloud computing has increased, business reliance on technology has increased simultaneously; therefore IS expert are the guardians that prevents data breaching or unauthorized access (Hyseni, Cico, Luma, Selimi & Shemsedini, 2018). IS security specialist are in charge of developing as well as implementing the new or existing security measures in their organization. Further, IS specialists also analyze the existing security procedures in order to identify the flaws or lags, through which breaching might be possible. They convey this information to higher authorities or upper management in order to ensure them regarding the potential measures.
IS security experts has he duty to design the security systems in such a way that they actually justify the meaning of ‘secure environment’. In other words, blocking third party access from organization’s data. Moreover, mastering of this art would be essential for the IS security expert in order to ensure that the system is secure enough as well as usable for its users.
Reference
Hyseni, D., Cico, B., Luma, A., Selimi, B., & Shemsedini, E. (2018). Different methods of distribution data in the cloud—Controlled by IT security specialist. In 2018 7th Mediterranean Conference on Embedded Computing (MECO), 1-5 Retrieved from https://www.researchgate.net/profile/Dhurate_Hyseni/publication/326280780_Different_methods_of_distribution_data_in_the_cloud_-_Controlled_by_IT_security_specialist/links/5e246e9c458515ba2094ae2d/Different-methods-of-distribution-data-in-the-cloud-Controlled-by-IT-security-specialist.pdf
    
Final_51617_Post 2.docxRunning Head: MANAGEMENT        1
MANAGEMENT        2
INFORMATION SECURITY AND INTEGRATED BUSINESS PROCESSES (POST 2)
Table of Contents
Information Security    3
2. Week 2: Why are security policies important to an organization? Why is it important to have policies, procedures, and regulations written down?    3
Reference    4
Information Security
2. Week 2: Why are security policies important to an organization? Why is it important to have policies, procedures, and regulations written down?
Every organization persists in market in order to attain profit and build their market place as well as gain competitive advantage simultaneously. Therefore, in order to achieve all this, organizations have to collect, maintain and distribute huge amount of data related to monetary as well as non-monetary aspects. In order to preserve this data along with the protection of employee’s organizations may be required to develop security policies. Ransom wares and Malwares are becoming widespread at a much faster rate and they pose threat to the privacy of the organization as well as their data. Therefore, IT security policies provide protection to the organization from such threats (Safa, Von Solms & Furnell, 2016).
Policies and procedures reflect the expectation of an organization from its employees along with the consequences of not meeting the expectations. Mere development of security policies does not ensure complete security to the policy. Effective implementation of these policies may be required to in order to ensure IS security. These policies can also be considered as a potential road map, which employees can follow in order to determine the procedures. Further, there can be certain security checks and measures such as password change after few days, and provision of written policies as well as procedures facilitates a smooth process. Likewise, written form of policies and procedures eradicates any areas of confusion or level of access given to a certain employee. Likewise, a written format of policies also ensures the penalties, if the procedures may not be followed.
Reference
Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model in organizations. Computers & security, 56, 70-82. Retrieved from http://eprints.um.edu.my/15147/1/Information_security_policy_compliance_model_in_organizations.pdf
    
Final_51617_Post 3.docxRunning Head: MANAGEMENT        1
MANAGEMENT        2
INFORMATION SECURITY AND INTEGRATED BUSINESS PROCESSES (POST 3)
Table of Contents
Information Security    3
3. Week 3: Imagine that the class is an IT Start-Up selling custom-designed t-shirts, hat, and sweatshirts. We have been tasked with designing a network for the company and management demands a completely secure network. It is decided to base the new system on a theoretical model. Which of the confidentiality and integrity models would you choose, and why?    3
References    5
Information Security
3. Week 3: Imagine that the class is an IT Start-Up selling custom-designed t-shirts, hat, and sweatshirts. We have been tasked with designing a network for the company and management demands a completely secure network. It is decided to base the new system on a theoretical model. Which of the confidentiality and integrity models would you choose, and why?
It would be essential to consider that information security of a startup is an essential factor for their growth as well as success. This is majorly because of the fact that startups fails to realize the importance of information security as they consider them as a heavy investment, which initially startups may not have. However, innovative ideas are the backbone of a successful startup and it becomes one of the major information, which needs security.
Considering the current scenario, company itself demands a completely secure network. Therefore, I would suggest the inculcation of Bell-LaPadula model as a confidentiality model. This model provides controlled access to classified data. Entities within an information system may be divided into objects and subjects under this model. A subject at a given security level will not be able to read object at higher security levels. Likewise, higher-level subject will not be able to write any object at a lower security level (Cristia & Rossi, 2020). Therefore, the transfer and transition of information is highly conserved.
Likewise, I would like to suggest Clark-Wilson Model as an integrity model for the company. This model emphasizes upon following the notion of information integrity. Prevention of data corruption in a system is the major aspect followed under this model for maintenance of information integrity. Further, company could also inculcate certain security labels in order to define access to the objects through a restricted interface either model or transformation procedures (Buława & Kowalczyk, 2016).
References
Buława, P., & Kowalczyk, M. (2016). Application of the Clark-Wilson model for Business Intelligence System security improvement. Challenges of Modern Technology, 7(3). Retrieved from http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.baztech-7650e5b3-63f0-497b-b414-5a0ed66361f5/c/chmot73_03.pdf
Cristia, M., & Rossi, G. (2020). Automated Proof of Bell-LaPadula Security Properties. arXiv preprint arXiv:2001.10512. Retrieved from...
SOLUTION.PDF
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here
Have files?