This essay has been submitted by a student. This is not an example of the work written by professional essay writers.
Uncategorized

INFORMATION TECHNOLOGY SECURITY

This essay is written by:

Louis PHD Verified writer

Finished papers: 5822

4.75

Proficient in:

Psychology, English, Economics, Sociology, Management, and Nursing

You can get writing help to write an essay on these topics
100% plagiarism-free

Hire This Writer

INFORMATION TECHNOLOGY SECURITY

Maintaining a good reputation in an organization is a fundamental principle for the success of the firm. Notably, it takes relatively a long time to build and maintain, but ruining one’s reputation takes less than five minutes. It is essential for most business organizations such as institutions and has a vast scope applied universally. The underlying principle of information security in an organization is that,  policies and procedures must be put in place to govern how information or data can be accessed. These policies help determine who is unauthorized to access, use, disclose, disrupt, modify, peruse, inspect, or record any information from their database. It is, therefore, the task of an IT director to put in place plans to prevent security breach. This can be achieved by employing the concept of Triple A i.e. authenticate, authorize and account ( Satarova ,2007).

The AAA works together authentication is typically a way to identify a user by enabling the user to enter a valid username and password to gain entry. To access a portal, each user must have a unique set of credentials and they must match in order to access the internet (Ferguson, 2010). Failure to do so, the authentication fails and accessing the internet is denied. The director of IT is tasked with enforcement of system policies that determines the activity types, resources and qualities to give permission to user’s access when authenticated (IJC, 2017)

Authorization occurs when the user’s credential matched in the system. An authorized user gains access to different types of activities or any consent for any action in the network system. It is determined based on varied restrictions such as physical location, multiple access by same identity and time of day. The IT director is mandated to restrict any user access when the above cases are not followed to ensure security of information is not breeched.

Finally, accounting for what people do in a system is important. The users should only access what they are allowed to and not gaining access to information they should not. It involves auditing of the actions of individuals to make sure they meet the set threshold of the company’s information.

In conclusion, the Information Technology director should ensure that the AAA framework is established in any business organizations so that any access to a network system is first authenticated, authorized and accounted for before any entry into the system is allowed in order to avoid security breech. This in turn, will ensure that the reputation of the company and its members is maintained.

 

 

REFERENCES

Sattarova F. Y. and Tao-hoon K. (2007). IT Security Review: Privacy, Access, Control, Assurance and Security, International Journal of Multimedia and Ubiquitous Engineering vol 2.

Ferguson, N., Schneier, B., Kohno, T. (2010). Crypography Engineering: Design Principles and Practical Application. Wiley Publishing.

International Journal of Computer (IJC) (2010). Vol 24

 

 

 

  Remember! This is just a sample.

Save time and get your custom paper from our expert writers

 Get started in just 3 minutes
 Sit back relax and leave the writing to us
 Sources and citations are provided
 100% Plagiarism free
error: Content is protected !!
×
Hi, my name is Jenn 👋

In case you can’t find a sample example, our professional writers are ready to help you with writing your own paper. All you need to do is fill out a short form and submit an order

Check Out the Form
Need Help?
Dont be shy to ask