The Help With Assignment Blog is intended to provide with tips and tricks to students so that they are able to do better at school and college. The Blog is associated with HelpWithAssignment.com (HwA), a leading provider of online tuitions in University subjects.

Showing posts with label Information Security assignment help. Show all posts
Showing posts with label Information Security assignment help. Show all posts

Saturday, October 8, 2011

Information Security Principles: An understanding

A general definition of security is to being in the state of security – to be free from any kind of danger. In other words, security is protection against adversaries – from those who would harm, intentionally or otherwise. Today, we can observe the concept of security in almost every place. The most common forms of security is a unilayered or unifaceted system. But in case of organizations or the nation as such, resort to a multilayered system.

Some of the most common forms of securities that can be found in many organizations include

  • Physical security
  • Personnel security
  • Operations security
  • Communications security
  • Network security
  • Information security

Of the above forms of securities, information security is one of the major concerns today. Information security as defined by the Committee on National Security Systems, defines information security as the protection of information and its critical elements, including the systems and hardware that use, store and transmit that information.

Here the importance of information must be acknowledged. Information is one of the most valued assets today. It is because of the characteristics it possesses. Some of the characteristics that information possesses include availability, accuracy, authenticity, confidentiality, integrity, utility, possession, etc. Information Security Principles are framed by every organization. These Information Security Principles give out security protocols for securing information.

Information needs to be protected from unauthorized access. Information leakage can be dangerous for many organizations. Sometimes, information relating to the internal affairs of an organization are leaked. Such information may include the decision to implement a new type of cost cutting system, the financial information of the organization, the list of customers and their financial information, research and development information, information regarding a new product line, etc. Loosing such information can prove to be very costly for an organization. In case of government, key and strategic information is of utmost importance. Sometimes, information about national security can be at stake. Such information can include the list of weapons, testing of new weapons, key and strategic places where weapons are stored, etc.

All these kinds of information must be protected. This calls for information security approaches which can be implemented. This will include

Bottom-Up Approach: A Bottom-Up approach is the best suited approach for implementing a very good security system. One of the biggest advantages of this system is that the system or the network administrators who are using this system will implement a security system at the grassroot level. This can enhance the information security of the concern. The administrators who possess in-depth knowledge of the system will implement a right security system which would be apt for the organization in terms of their level of operations. In a way, they can help in customizing the security system.

Top-Down Approach: In this approach, the higher management of the organization will issue policy, procedures and processes to implement the type of security in the organization. This type of information security will have its own advantages. The top level management will consult experts before implementing any such system. Experts in the field can forecast future contingencies and will help in preparing for enhanced security procedures which will stop infiltrators from not only entering into the systems now, but also in the future. This will also mean that the information security will be constantly monitored and improvements in the same will be undertaken on a regular basis.

For further details on IT Security, visit our websites at http://www.helpwithassignment.com/IT_Security_Assignment_Help and http://www.helpwiththesis.com

Posted by at 3:01 AM 0 comments
Labels: , , ,

Wednesday, August 31, 2011

The Concept of Information Security Principles Management

Information Security Principles and Management is one of the three communities of interest functioning in most organizations. As a part of the management team, the Information Security Principles and Management operates like all other management units by using the common characteristics of leadership and management. In Information Security the goals and objectives differ from those of IT and general management communities in that they are focused on the secure operations of the organization. Because the Information Security principles and management is charged with taking responsibilities for a specialized program, certain characteristics of its management are unique to this community interest.

The extended characteristics of information security are known as the P5 planning, Policy, programs, protection, people and project management.

  • Planning: Planning in Information Security management is an extension of the basic planning model. Included in the Information Security planning model are activities necessary to support the design, creation and implementation security strategies with in the IT planning environment.
  • Policy: The set of organizational guidelines that have certain behavior within organization is called policy. There are 3 general categories of policy in Information Security. Enterprise information security policy (EISP); Issue Specific Security policy (ISSP); System Specific Policy (SysSp)
  • Programs: Programs are operations of Information Security that are specially managed as separate entities. A security education training awareness program is one such entity. SETA program provides critical information to employees to either improve their current level security knowledge.
  • Protection: this protection function is executed via through set of risk management activities, risk assessment control, as well as protection, mechanism, technologies and tools. Each of these mechanisms represents some aspect of specific controls in the overall information security plan.
  • People: People are the most critical link in the information Security program. It is imperative that managers steadily recognize the crucial role that people play in the Information Security program.
  • Project management: The final component of application of thorough project management discipline to all elements of the information security program. Project management involves identifying and controlling the resources applied to the project as well as, measuring progress and adjusting the process as progress is made toward the goal.

For more details you can visit our website at http://www.helpwithassignment.com/IT_Security_Assignment_Help and http://www.helpwiththesis.com

Posted by at 3:28 AM 0 comments
Labels: , ,
Subscribe to: Comments (Atom)