BIS 320 WEEK 4 ASSIGNMENT, PROJECT DATA SECURITY PLAN
Project Data Security Plan
D's Devices thru WIX Stores employs multiple business information systems to secure corporate data and customer information. Although it
...
BIS 320 WEEK 4 ASSIGNMENT, PROJECT DATA SECURITY PLAN
Project Data Security Plan
D's Devices thru WIX Stores employs multiple business information systems to secure corporate data and customer information. Although its systems are safe and in compliance with federal regulations, WIX Stores faces numerous vulnerabilities which could, in turn, affect D's Devices local systems. Additionally, D's Devices must focus on controlling and deterring threats separate from those of WIX Stores. Vulnerability as a concept and as a process can be defined as an exploited weakness to gain access to data (Liu & Cheng, 2009, p. 15). While there is no single perfect system to protect all the information an organization needs to function, the data security plan will help establish norms for accessing and using information system resources.
Threats to security can occur either as internal, external or a combination of the two. It is widely known that internal staff is the biggest threat to IT security. Additionally, malicious cyber-attacks, social engineering, purposely downloaded malicious internet content, and information leakage can tear down a network from the inside. External threats include "eavesdropping, routing table overflow, routing cache poisoning, routing maintenance, data forwarding, wormhole, sinkhole, selfish nodes, external denial of service, spoofing, badmouthing, and flattering" (Ngoma, 2012). Small businesses, like D's Devices, are uniquely vulnerable to IT security breaches due to its less sophisticated intrusion detection and monitoring systems than those used by large enterprises. However, collaborating with WIX Stores advanced IT security, which provides a necessary external barrier and D's Devices own internal protection, will significantly reduce and limit threat potential to privacy and financial information of the company and its potential customers. D's Devices will implement its internal security plan through the use Symantec Antivirus and Firewall software installed on the server and all individual seats. Additionally, we will implement hardware controls such to "ensure that hardware is physically secured and [checked] for equipment malfunction" (Laudon & Laudon, 2015, p. 276, Table 8.4 General Controls). Once these controls are in place, it is up to sound judgment and awareness to help maintain our systems in good working order.
.......continued.....
[Show More]
