TicTek Inc is a small company with about a hundred employees and one facility. The company sells home security electronics online. The devices are manufactured by a third party company and shipped to TicTek, whereupon they are warehoused until they are purchased through the company’s website. The warehouse staff prepares and ships customer orders in the same facility which houses the office staff and management. TicTek has a few major stockholders, but the majority of the company’s stock is owned by its executives and employees. Due to the online nature of the company’s business dealings, TicTek has placed a high priority on the security of network resources, including vendor data, customer data, high availability, and incident response. Mr. Tic, the CEO, has recently requested a security proposal from the IT department to formally put into place a comprehensive security plan to keep the company’s network secure.
Technical Security Aspects
In creating an effective security policy, it is important to identify what needs to be protected, and the likelihood of attack for each network device. The lifeblood of TicTek is its online sales; therefore it is vital to protect the company’s web servers and payment processing server, bearing in mind confidentiality, integrity, and availability. A vulnerability assessment will need to be conducted before and after technical security measure are in place for the purpose of identifying specific network vulnerabilities. According to Joseph Migga Kizza (2011), “Vulnerability assessment is a periodic process that works on a system to identify, track, and manage the repair of vulnerabilities on the system” (p.139). Thereafter, a vulnerability assessment will be scheduled every six months to ident...
... middle of paper ...
...t of management.
References
Cisco. (2006). How Does RADIUS Work. Retrieved March 29, 2014 from http://www.cisco.com/c/en/us/support/docs/security-vpn/remote-authentication-dial-user-service-radius/12433-32.html#intro
Kizza, J. (2011). Computer network security and cyber ethics. (3rd ed.). Jefferson: McFarland & Company Inc.
Massachusetts Institute of Technology. (n.d.). Viruses, Spyware, and Malware. Retrieved March 29, 2014 from http://ist.mit.edu/security/malware
Securities and Exchange Commission. (2003). SEC Interpretation: Electronic Storage of Broker-Dealer Records. Retrieved March 29, 2014 from http://www.sec.gov/rules/interp/34-47806.htm
SeverCheck.com. (n.d.). Best Practices for Data Center Infrastructure and Server Room Environmental Monitoring. Retrieved March 29, 2014 from http://www.serverscheck.com/sensors/temperature_best_practices.asp
Ethics of technology is one important aspect of ethics and is required to answer all the ethical questions which are specific to the technological age. Ethics of technology can also be defined as “Cyber-ethics”. The main reason for the existence of cyber-ethics is to examine the impact that cyber related crimes has for our social, legal and moral systems. Cyber ethics can also help us in calculating the social policies and laws that we frame with respect to issues...
During the process of analyzing an organizations effectiveness to manage cybersecurity risks, there are ranges of security policies that need to be implemented. A prime example of this concept is the cybersecurity policies developed for consulting firm Booz Allen Hamilton. The direct division formed to address the firm’s requirements within cyberspace is the Cyber Solution Network (CSN). The CSN division within Booz Allen Hamilton has a range of policies used to ensure the firm is protected against risk.
Grimes, R. (2005). Honeypots for windows. (1st ed., p. 424). New York, NY: Apress Publishing. Retrieved from http://www.apress.com/9781590593356
Consolidated Electronics Group Inc (CEG) is an industry leader in aviation parts. Recently there has been a spike in network attack activity, which is possibly linked to recent lay-offs and company restructuring. Two of the recent attacks appear to be breaches of the server which stores the plans for a prototype aviation switchboard of a revolutionary new design. Management has tasked the network administrator with creating an incident response plan that deals with incident investigation, incident prevention, and a communication plan.
Whitman, M., & Mattord, H. (2011). Reading & cases in information security: law & ethics. (2011 custom ed., p. 264). Boston, MA: Cengage Learning.
SecureTek Security system is such that the design and development of the architecture was initially good but technological advancements and security concerns calls for redesign. For example, the Data control section is placed next to the kitchen implying that unauthorized people from the kitchen can easily access the data centre. This can come at a high risk since the stored data is of great interest to the shareholders and tampering with it can result to immense losses to them and the entire firm. Similarly, the kitchen is placed near the CEO’s area and the Lab 1 where important researches for innovations takes place and this can pose a security risk since unauthorized people can gain access to...
Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what
There are three areas of cyber conflict that hackers choose to think are the ethical issues, but are the most problematic.
A diffuse group of people often called “hackers” has been characterised as unethical, irresponsible, and a serious danger to society for actions related to breaking into computer systems. In this essay I try to construct a picture of what is and includes a computer crime as well as a portray of hackers, their concerns, and the way in which hacking takes place. What I intend to argue is that, in their majority, hackers are learners and explorers who want to help rather than cause damage. Furthermore, my research also suggests that the general practice of hacking is a part of larger conflicts that we are experiencing at every level of society and business in an information age in which many people are not computer literate. These conflicts lie on the issue of whether information should be made publicly available or not (centralise or decentralise government) and on issues of law enforcement. Hackers have raised serious issues about values and practices in an information society.
McQuade, Samuel C. "research on cybercrime." Issues: Understanding Controversy and Society. ABC-CLIO, 2011. Web. 21 Jan. 2011
SANS: IT Code of Ethics. (2004, August 24). SANS: Computer Security Training, Network Security Research, InfoSec Resources. Retrieved July 3, 2010, from http://www.sans.org/security-resources/ethics.php
The agreement between the company and I was to advice the company management toward adopting the best network management plan and security plan. Through the study, I carried out in the firm I was required to evaluate the firm requirement in term of network planning and making sure that the firm has proper mechanism to secure its systems against malicious damage. Considering that, the management personnel have background in IT therefore; they required me to give an expert opinion on the best ways in which they can adopt the network management and the security plan. They required me to evaluate firm needs and what the IT world would offer the firm to enable them to lay down plans for the network and security in the firm.
In the early years of computers and computerized technology, computer engineers had to believe that their contribution to the development of computer technology would produce positive impacts on the people that would use it. During the infancy of computer technology, ethical issues concerning computer technology were almost nonexistent because computers back then were not as multifaceted as they are today. However, ethical issues relating to computer technology and cyber technology is undeniable in today’s society. Computer technology plays a crucial role in all aspects of our daily lives. Different forms of computer technology provide unique functionalities that allow people to perform daily activities effectively and efficiently. In modern society, we use computer and cyber technology to communicate with friends and family via social networking sites, participate in business transactions, and get current news. Different tasks require unique technological feature in computer technology to function properly. Although, unique technological features increase people’s proficiency in accomplishing various tasks, unique technological features in computer and cyber technology increase security vulnerabilities. In many cases, the security vulnerabilities in computer technology are exploited by cybercriminals to invade people’s privacy, and steal people’s identity. We know that computers have no moral compass; they cannot make moral decisions for themselves. Essentially, people make moral decisions that affect others positively or negatively depending on how they use computer technology. Some of the biggest ethical issues facing people in the computing environment include privacy concerns on the web and identity theft. Privacy concerns...
Harvey, Brian."Computer Hacking and Ethics." Ed. Paul Goodman, P.G. Electrical Engineering and Computer Sciences. U of California, Berkeley, n.d. Web. 25 Jan. 2014.
System design in a data center network provides the tools for addressing the challenges that occur with expansion of data center infrastructure. This includes support for the rapid growth of applications and their data and storage bandwidth, managing and modifying data storage requirements, optimize server-processing resources and access information