Discuss about the IS Security and Risk Management for TechnologyOne.
The TechnologyOne is one of the most advanced and the well-known organisation in the Australia which is providing software and the Information security support to the staffs and the customers. The information system of the organisation is used extensively in its business and internal operations infrastructure. The information system of the organization includes database server where various secure information and data like employee data, customer data and personal information, business strategies, analytics reports and others. The data is used by the organisation for the purpose of the analysis and hence trying providing better experience to the stakeholders.
This report is used to analyze the main threats and the risks that are associated with the organisation information security standards and how the organisation over comes the same. Further, the report also focuses on common network vulnerabilities and how the organisation can use different network settings and devices to ensure proper network security. Information about the redundancy and fault tolerance, and approaches that the organisation can use for elimination the error from the system of the organisation. Information about the network security devices that can help the organisation in managing and migrating any of the risk is discussed in the paper further. Additionally, various types of the threats and the types of the malware that can affect the normal working of the organisation are also discussed in the report.
Malware is a type of malicious software that is hostile for the computer system, which includes the computer viruses, Trojan horses, ransom wares, spywares and others. Malware is the sort form or the umbrella term f-or the malicious software. Malwares have the ability to infect an entire information system and cause serious damage to the data and files contained inside the server. Malware are the types of the programs that is designed in such a way that it can block the users of a system or a server from accessing the system or copy files from the system without the approval from thee users or inject some malicious files that may harm the system (Saeed, Selamat and Abuagoub 2013). Some of the common types of the malwares that can harm any of the systems in the organisation are
A network is defined as a system that is commonly used to connect various computers and peripheral devices using the internet services. The connections are not only from the computers but also from the printers, or the fax machines among the others (Ahmed and Kanhere 2013). Some of the very common network devises that are used by the organisation for the purpose of the daily work are
Windows Servers are the most powerful versions of desktop OS & are designed to handle corporate networking, Internet Hosting, Databases, and Enterprise-Scale Messaging more efficiently. Windows Server 2012 is the latest version of Windows Server, formerly codenamed as Windows Server 8. Windows Server improvise overall upgrades in cloud computing & Cloud Storage Infrastructure. In addition to this, it should be noted that the widows server 2012 is a dedicated server and also the server performs various services such as hosting the web the services. Dedicated Server is a server hosting service exclusively owned by a single owner. Window Dedicated Server is the server operating system owned and released by Microsoft, the original owners of Windows operating system. Window Dedicated server supports Microsoft web development tools as no other server can support. Web development tools like Front page or Visual Interdev. are supported only by a Window server. Window dedicated server supports Microsoft share point services that is very important for sharing communication and information. Share point is an information sharing platform developed by Microsoft that can only be run on a Window dedicated server with a Window operating system. Hence the web services provided by the Windows Server 2012 are very reliable and the availability of the web services are also provided by these servers. Hence, the organizations should keep in mind that the servers are maintained properly and the services are updated regularly. This would keep up with the reliability and the availability of the servers. The organizations should also ensure that the data of the servers are backed up regularly and also data restore policies are well defined and the staffs should be well aware of the policies that would keep up with the reliability of the servers.
The Microsoft exchange server is a software that is developed by the Microsoft for the purpose of exchanging mails, and calendaring servers. The servers requires the original Microsoft platforms for running the software (Elfassy2013 ). The exchange servers are the proprietary protocols commonly known as theMessaging Application Programming Interface or the MAPI. Although the servers also supports the Post office Protocol or POP, Internet Messaging Access Protocol or the IMAP and also the SMTP protocols. Some of the security measures that the organisations can take in order to ensure proper confidentiality and the integrity for the staff emails are:
The webservers and the web mails have strong security checks yet there sometimes are some of the major problems that comes up with the servers. Some of the major problems that the webmail and the server faces are provided below and the threats are prioritized according to their impact:
Fault tolerance: It is the property of a system that enables it to function normally even if some of the components of the system have failed. The faults can be categorised in three different forms such as the Transient faults, intermittent faults, Permanent fault (Technologies CSNT)s. In first two types of the faults, the systems work under extreme pressure and with low quality and in the case of the permanent faults the fault is potential and the system stops working.
Redundancy: This is one of the major faults in the server, the fault is that a single piece of information is expressed many times (Mirafzal, 2014). This may happen due to many reason like the system errors in reading, human faults and most importantly the malwares that duplicated the data. The redundancy errors must be reduced for maintaining normal system operations.
The approaches that may help in the process of the reducing the faults, redundancy and increase the fault tolerance is the process of the fault avoidance and fault removal and the Time redundancy.
Other than the system errors there are many human factors that leads to many of the error in the information systems. Human may do errors which may in turn harm the machines and rise to many other problems. The humans have designed the entire systems of the organisation, but the same humans are sometimes the reasons for the error (Egwutuoha et al. 2013). On the other hand in the process of the risk management, human factors plays an important role. Some techniques that helps in the process of the risk management are the avoidance, this is one of the best technique by which the risks can be managed and the humans plays an important role in this techniques. Other than this one of the other major technique that is useful is the loss prevention and the loss reduction (Norouzizadeh et al. 2016). IF there are chances of any loss, then human can assume that the risk can happen and avoid the same. In the process of the loss reduction, if any loss is induced the in the human factor can help lot in the process of the loss prevention.
In computer science the log files are the records that are kept by the operating system for each and every event that is occurring in the systems. In case of the web servers and the emails servers the log files can be very much useful in terms of the security monitoring. The logs are recorded whenever any of the event takes place in the servers, if there is any false or misuse of the servers from the same can be traced out from the logs of the servers (Dubrova 2013). This can be one of the major security factor as if any one tries to do something wrong in the servers may be caught easily. Other than this, the log files are encrypted files and cannot be accessed from the outside and only the system admins can see and trace the files.
The audit log reports displays the audit log events that are generated at the servers, domains by the administrators. The audit reports are used for the for the purpose of the making the system servers more accurate (Vicente 2013). The results of the audits are used for the purpose of testing the systems.
Five major security devices that can be used by the organisation for eliminating risk related to the web servers are;
The organisation can eradicate the Microsoft server 2007 and install the latest Microsoft servers that have been introduced by the organisation. Also the organisation must update the operating system of the machines. The organisation can use the help of the cloud servers in order to get the maximum of the modern technology.
Conclusion:
Thus concluding the topic, it can be said that the organisation can use the help of the modern generation for the purpose of updating the systems in order to give the best information system assistance to the users. Adopting the modern technology this will also help the organisation is attracting more and more customers. The organisation needs to set up proper server settings so that any kind of the risk can be avoided by the systems. The organisation also needs propernetwork updated devices for the purpose of advancing the security of in the organisation.
References
Ahmed, S. and Kanhere, S.S., 2013. HUBCODE: hub?based forwarding using network coding in delay tolerant networks. Wireless Communications and Mobile Computing, 13(9), pp.828-846.
Bakla, A., Çekiç, A. and Köksal, O., 2013. Web-based surveys in educational research. International Journal of Academic Research, 5(1), pp.5-13.
Dubrova, E., 2013. Fault-tolerant design (pp. 55-65). Berlin: Springer.
Egwutuoha, I.P., Levy, D., Selic, B. and Chen, S., 2013. A survey of fault tolerance mechanisms and checkpoint/restart implementations for high performance computing systems. The Journal of Supercomputing, 65(3), pp.1302-1326.
Elfassy, D., 2013. Mastering Microsoft Exchange Server 2013. John Wiley & Sons.
Kim, D. and Kim, S., 2015. Design of quantification model for ransom ware prevent. World Journal of Engineering and Technology, 3(03), p.203.
Koh, E.B., Oh, J. and Im, C., 2014. A study on security threats and dynamic access control technology for BYOD, smart-work environment. In Proceedings of the International MultiConference of Engineers and Computer Scientists (Vol. 2, pp. 1-6).
Mirafzal, B., 2014. Survey of fault-tolerance techniques for three-phase voltage source inverters. IEEE Transactions on Industrial Electronics, 61(10), pp.5192-5202.
Mistry, R. and Misner, S., 2014. Introducing Microsoft SQL Server 2014. Microsoft Press.
NorouzizadehDezfouli, F., Dehghantanha, A., Eterovic-Soric, B. and Choo, K.K.R., 2016. Investigating Social Networking applications on smartphones detecting Facebook, Twitter, LinkedIn and Google+ artefacts on Android and iOS platforms. Australian journal of forensic sciences, 48(4), pp.469-488.
Proctor, R.W. and Van Zandt, T., 2018. Human factors in simple and complex systems. CRC press.
Saeed, I.A., Selamat, A. and Abuagoub, A.M., 2013. A survey on malware and malware detection systems. International Journal of Computer Applications, 67(16).
Sharma, A.K. and Yadav, R., 2015, April. Spam mails filtering using different classifiers with feature selection and reduction technique. In Communication Systems and Network Technologies (CSNT), 2015 Fifth International Conference on (pp. 1089-1093). IEEE.
Snehi, J. and Dhir, R., 2013. Web client and web server approaches to prevent xss attacks. International Journal of Computers & Technology, 4(2b1), pp.345-352.
Tan, S., Li, X. and Dong, Q., 2016. TrustR: An integrated router security framework for protecting computer networks. IEEE Communications Letters, 20(2), pp.376-379.
Thakur, A., 2015. Open source firewall implementation: replacing traditional firewall with open source.
Vicente, K.J., 2013. The human factor: Revolutionizing the way people live with technology. Routledge.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download