This essay has been submitted by a student. This is not an example of the work written by professional essay writers.
Business

Information system security is used to protect individual or business confidential information

This essay is written by:

Louis PHD Verified writer

Finished papers: 5822

4.75

Proficient in:

Psychology, English, Economics, Sociology, Management, and Nursing

You can get writing help to write an essay on these topics
100% plagiarism-free

Hire This Writer

Information system security is used to protect individual or business confidential information

Information system security is used to protect individual or business confidential information. The information in an organization is set aside to be accessed by authorized personnel only. The current information security practices include allowing the employees to undergo full learning on information security management hence can protect business information and avoid unnecessary information. Also, some companies set up IS strategies to prevent internal destruction unknowingly.as a result, the managers find it significant for the businesses to evaluate and implement training materials for information security. In this research paper, we will discuss different factors that cause data information breaches and the steps to be considered before the implementation of IS in an organization.

The research uses both primary and secondary data. For primary data collection, letters and emails were sent requesting different information security management from various companies to give an appointment to discuss data security in their organizations. A good percentage responded and had a face-to-face interview. More than half of the managers accepted that their data leaks and they only understand after customers complain indicating the major problem as the hacking of systems and receiving customers information leading to frauds and theft cases. After the conversation, management agreed to their respective employees and customers to be interviewed through questionnaires. The questionnaire used a sample randomly selected and the representation did great towards the completion of the questionnaire which entailed both open-ended and closed-ended questions. For secondary data collection, the information was adopted from journal articles, reviews, and academic books to interpret, synthesize and describe primary sources. Just to mention a few; the journal of crime by computer by Charles Scribner’s Sons, journal of crime and delinquency by IGreen, journal of organizational behavior, a Review of Culture in Information Systems Research: Toward a Theory of Information Technology Culture Conflict from MIS Quarterly, and a book of policy Enforcement in the workplace, computer, and security,

The data collection process initiates the practical part of the research. The researcher is set to be open-minded, risk-taker and can influence the target sample to give their views on the questionnaire. Challenges are expected on the way as some members of the sample may not be genuine. The researcher at times face rejection and the research may be forced to terminate. Commitment and expenses are also expectations on the way. Traveling costs, printing and time value of money are the main challenges. The following is a draft of the list of sample questionnaire questions.

  • How do you protect personal data?

Password … Pin … Fingerprint… Other (specify)

  • Do you have any back-up plan to protect your data?

Yes …, Which……. No…

  • Do you expose your secret security data to anyone?

Yes …, Who……. No… Why…..

  • Do you follow the data security policies?

Yes … No … I don’t know…

  • What would you suggest towards the improvement of information security system

……………………………………………………………………………………………….

 

 

 

After collecting and compiling the face to face interview answers and also the Monkey Questionnaire, I was able to analyze the data and obtain some information. From the information, some of the factors that cause data breaches in information system and security are; malicious software, weak or even stolen passwords, malicious insiders, identifications application vulnerabilities, insider error, social engineering, physical attacks and giving many permissions. The above factors causing data breaches in information systems and security are mainly obtained from the answers obtained from questioners given to companies and also people who use information systems and security.

Malware is a short name for malicious software, mainly encompasses viruses and most of the harmful programs used by computer hackers. The program’s software is loaded unintentionally thus giving contact to sensitive confidential data. Therefore the hacker adventures the system and all the other connected systems. Whenever accessing any site from the internet it is safe to avoid sites that don’t seem to what one wants or sites that open emails that one suspects their origin, these are the common forms hackers use to spread malware.

From the data obtained, most people use simple passwords like their date of birth of their favorite colors as their passwords. Using such credentials has opened a way for hackers to guess their passwords thus get access to their information. Weak or stolen passwords are a popular cause of breaching data that make freebooters hackers to steal data. The best solution to avoid weak and stolen passwords is one never to share their password to anyone no matter how close they are and also use complex passwords that are not easy to guess. Insider threat also known as a malicious insider is another factor identified from the data that caused data to be breached in information systems and security. The threat to an organization mostly comes from people within the organization like recent or former employees, those given contracts or even business associates that obtained the information of the organization concerning security practices. Acting quickly whenever one suspects of a problem and covering everything using a process and a procedure that is backed up with training is a good way to avoid insider threats. It is also an important one for one to know who one is dealing with the organization.

Another factor that causes computer breaches according to the information obtained especially from face to face interviews is identification application vulnerabilities. Vulnerabilities can lead to the compromise of the confidential message and also involves the method of realizing weaknesses and recording them to record in the targeted surroundings. Poorly implemented or planned structures give hackers a chance to exploit the software applications hence altering the functioning of the system. Keeping computer hardware and software covered and up to date is a solution to overcoming this problem. Insider error is another factor identified that caused data bleaching. The error is as a result of someone in the organization misuses authorized access negatively. The misuse caused by dealers, associates and people who have given contracts harms the critical information in the organization.

Social engineering and giving too much permission are another factor that is used by hackers to breach data. From the questioners, the people said that the hacker convinces them people claiming that he will seek data for you. Organizations that give too much permission are a way of allowing hackers to access their information system.

Information system security refers to the processes and methodologies which involve storing the data confidential, integrity and ensuring availability. Different steps are involved in implementing data security in an organization. These steps include:

STEP 1; guarding the administrative support and objective setting, resources to be used by the organization and the budget allocation are determined in this step.

at this level, the annual update is done since it is an iterative process. The data security system processes are executed by the top managers and reflect the organization and its needs.

STEP 2: Definition of system scope

The organization chooses the confidential measures and the requirements put in place that directly affects it. the organization should come up with strategies of coming up with security ways of ensuring their pieces of information are not tampered with by unauthorized personnel.

STEP 3; Risk analyzing and assets evaluation in this level, information description, and processing of assets is done. the assets involved in the processing includes servers, hardware network infrastructures, and clouding

STEP 4; Definition of data security systems

Since the executive support is secured and the objectives have been set the remaining security information data is defined and the measures to secure information in an organization are performed.

STEP 5: Building and training competencies in the organization

this step, the training of the organization personnel is done to ensure the competence of the workers. This is done to ensure that the employees provide the total security of information of an organization. The security implementation is extended o the auditors, top managers, administration and all workers concerning the organization information.

STEP 6: monitoring and maintaining systems

at this point, the system is deployed and the maintaining is ensured. close monitoring of the data and also safety is done for the organizational information.

STEP 7:audit certification

The certifications involve completing the document on auditing that is conducted by the system management body. After this completion, the organization is issued with the certificate.

 

In conclusion, there are remarkable factors that contributed to data breaches and companies should be aware of them so that they are able to deal with any problem in information system security. The organizations should take as many precautions as possible when allowing people to access their software system for them to avoid hacking in the organization systems. It’s evident that there are benefits to the organizations that are data breaches free. Some of the benefits include an increase in the number of customers due to the great security, hence the customers can trust the company, also it allows the management to control the financial information which changes regularly in the business hence hard to keep track of financing information. I will recommend that organizations to be renewing their passwords regularly to avoid access to their systems by hackers. Companies can also change and update their system software as much as they can to avoid hackers and other workers who worked for them from accessing their current information in the systems.

  Remember! This is just a sample.

Save time and get your custom paper from our expert writers

 Get started in just 3 minutes
 Sit back relax and leave the writing to us
 Sources and citations are provided
 100% Plagiarism free
error: Content is protected !!
×
Hi, my name is Jenn 👋

In case you can’t find a sample example, our professional writers are ready to help you with writing your own paper. All you need to do is fill out a short form and submit an order

Check Out the Form
Need Help?
Dont be shy to ask