Bead Bar Information Systems Technology

Essay by ladyheart143College, UndergraduateA+, December 2007

download word file, 2 pages 5.0

Downloaded 256 times

Bead Bar Information Systems Technology1.What are the company’s major information security threats?Poorly written software or improperly configured systems•The systems administrator made a mistake when setting it up leading to security problems.

•Improper configuration of these servers may leave severs open; meaning people outside the organization can use the server.

•Improper configuration of the e-mail server allows anyone to send e-mail, especially spam, through it.

•Improperly configured systems leave organizations vulnerable.

Computer viruses and worms•A computer virus is a self replicating program that loads onto a computer without the user’s knowledge.

•A worm is a virus that spreads itself over a computer network, most often the Internet.

•A single worm, called Love Bug traveled by e-mail can enter your computer and delete important files.

External Breaches•Unauthorized access of a computer from somebody outside an organization.

•The mass media usually uses these terms to people who perpetrate external breaches: Hackers, Crackers, and Script kiddies.

Internal breaches•Security violations which is knowingly performed by a person, or which is deliberately omitted.

•Bypasses or contravenes security policies, practices, or procedures established by the company.

2.Develop a security awareness training plan for employees and franchisees.

The Chief Information Officer (CIO) is the person that will develop a training plan for the company’s employees.

CIO needs to involve everyone in the company. This will help identify the company’s security threats and develops a security preparation plan to contest them.

Bead Bar was lacking security policies and procedures; therefore, the training plan must include:•All departments to worked together to develop a security plan.

•Incorporate technical, procedural, and educational approaches.

•The awareness of good technical solutions to all departments.

•Only the people who should have access to classify information are the only ones allow access to the information.

•Implementing a method for verifying that the franchise person...