Data Security alludes to the assurance of private information that is entirely confined for outsider get to. Due to the extensive use of cloud computing and other virtual storage applications, the IT organizations are facing a number of cyber security challenges. These archives incorporate delicate duplicates of creative thoughts or applications, new marketable strategies, business comes about, use trackers, money related reports and others (Peltier, 2013). These are kept in the virtual stockpiling because of simple entry and operation. Nonetheless, utilization of virtual stockpiling media has numerous security dangers. Virtual capacity is to a great degree powerless against digital assaults and rupture of security (Yang et al., 2013). Outsiders and exploitative programmers dependably focus on the virtual stockpiling media. The vast majority of these assaults are through malwares or contaminated sends.
In this assignment, a literature review has been conducted based on the cyber security challenges faced by Australian IT companies over the course of their business operations.
The scope of the literature review includes the following.
The objectives of this literature review are as follows.
According to Siponen et al. (2014), Data Security is characterized as the assurance or security framework particularly intended for insurance of data put away or worked utilizing a PC framework. Utilizing a PC framework for operations and capacity makes the works of the client less demanding as they operations should be possible effectively and precisely inside a brief timeframe. Nevertheless, because of web associations, the archives and data are powerless against security dangers and digital assaults. Ifinedo (2012) said that exploitative programmers, outsider staff or even defiled programming patches or documents can make genuine harm the PC arrangement of the client. According to Von Solms and Van Niekerk (2013), The particular disapproved of programmers chiefly focus on the frameworks of business associations and other comparable areas for getting to basic and classified data and utilize them for payment or spilling purposes. Utilization of data security is important to keep these dangers and perils. On account of Australian business organizations, there are a few vulnerabilities and dangers in their capacity arrangement of business methodologies and essential records. Subsequently, the organization needs to utilize an improved data security framework keeping in mind the end goal to keep any undesirable exercises or unapproved access of their business procedures (Vacca 2012).
Taylor et al. (2014) said that there are a great deal of issues overall in regards to the data security and insurance of basic reports. There are numerous exploitative programmers and outsider work force that break into the business associations’ frameworks and concentrate private data and basic archives. Possibly they request recover consequently of the records or they release the documents to adversary associations or open, in this manner uncovering the business systems and secret information of the focused on association. Australian IT companies have chosen to put away all the data and information in their official cloud server without uncovering a solitary snippet of data in regards to the item. Notwithstanding, the customary customers and devotees of the organization are anxious to know some point by point data about the item. There is a plausibility that exploitative programmers will attempt to break data about the item. Moreover, some outsider individual may attempt to hole data and advertising systems of the organization. The conceivable related issues are as per the following:
Inside System Malwares – These malwares originate from inside the systems of the organizations due to unethical use of external storage devices and others. Inner framework malwares are made from tainted records or virtual products and they may totally close down the contaminated framework (Cezar et al. 2013). In the event that the frameworks of the organization close down due to malwares, the organization would lose enormous measure of data and basic records.
Outside Malwares – According to Hu et al. (2012), this type of malware is the most common type of cyber security challenge faced by IT organizations. These malwares for the most part go into framework from outside sources. For example, a few messages go to the framework with data about some preposterous offer and a site connect. The minute the client taps on the connection, the malignant infection associated with the connection goes into the framework taints it. Capable infections like Trojan horse can totally obliterate a framework alongside every other framework associated with a similar system. Now and again, there are infections that are made by some obscure personalities (Kolkowska and Dhillon 2013). They utilize the infections for hacking into different frameworks for the sole reason for pulverization. Once more, there are spywares that are utilized to screen the exercises done inside a framework.
Bundle Sniffers – Laszka et al. (2015) said that these are programming instruments that are for the most part utilized by associations to screen the interior exercises in their own particular frameworks and recognize malware exercises. In any case, there are some outsider associations that abuse these instruments for checking framework exercises of different associations. This is a sort of rupture of security that undermines to release private data of the business associations.
Unapproved Access – This is finished by programmers or outsider work force so as to get to data of an association without the learning of the organization specialist. This should likewise be possible by the inside workers of the organization (Ahmad et al. 2014). This episode happens when an ordinary representative gets to data of the organization that is confined and not considered worker get to. According to Lowry et al. (2015), spywares are widely used by some internal workers of the business organizations to access some confidential files that are otherwise not meant for regular access. There have been many situations where these unapproved gets to went unnoticed that at last created loss of numerous basic records of the organization. Nevertheless, because of utilization of framework cautions, many instances of unapproved get to have been gotten before any loss of archives or data.
Loss of Device – According to Baskerville et al. (2014), loss of device can also lead to significant implications regarding cyber security challenges. Whenever an employee of an organization loses a personal device like the laptop, some unethical personnel can use the information stored in the laptop for breaching the employee’s company’s server and steal confidential information from it. Hence, without suitable recovery measures, any employee of IT companies should be aware and protect his personal work device in order to stop the cyber security threats.
No Knowledge of Network Security among the Company Employees – It is found from the works of Posey et al. (2014) that sometimes, the representatives of the organization do not have adequate learning in regards to network security applications or what to do if there should arise an occurrence of a rupture of security assault. Because of this, the appropriate moves are not made in time, helping the assailants get to basic data effectively.
These are the primary security dangers that is confronted by Australian business organizations. Since these organizations’ operations are all in the virtual interface and got to through the web, they are more powerless against the assaults. What’s more, they give business chances to some chose customers just and henceforth, the opponent customers may focus on Australian IT companies’s frameworks to close down to stop business chances to their customers. Subsequently, a considerable measure of moral and dishonest issues are associated with the matter that must be managed independently keeping in mind the end goal to reduce every one of the dangers so that the organization can proceed with its operations effortlessly and adequately.
There are a few solutions for solving the above discussed issues. These are as per the following:
Secure Closed Network System with Restricted Access – According Tamjidyamcholo et al. (2013), the existing IT setups in Australian IT organizations need a complete overhaul. This is needed in order to remove all the poorly upgraded IT devices and install the latest available technical upgrades (Chen and Zhao 2012). Moreover, in order to protect the upgraded technical setups, a closed and secure network server is necessary. The access to this server will have to be strictly restricted so that no unauthorized access is ever allowed (Lee et al. 2013). Spywares are widely used by some internal workers of the business organizations to access some confidential files that are otherwise not meant for regular access. There have been many situations where these unapproved gets to went unnoticed that at last created loss of numerous basic records of the organization. Nevertheless, because of utilization of framework cautions, many instances of unapproved get to have been gotten before any loss of archives or data. By strictly restricting the access to the close network server, these types of threats can be significantly eliminated from the IT infrastructures of the Australian business organizations.
Isolate Networks for Separate Levels of Data – This is another answer for counteracting unapproved access of confidential reports. According to Posey et al. (2014), this will be possible to use isolated sub-networks within the same network server. The sub-networks should not be connected to each other and should be categorized according to different levels of data (based on their importance). The sub-networks can be divided based on scales of 1, 2 and 3 and different levels of employees of the organization can access these sub-networks based on their power and position in the organizational hierarchy. Every one of these systems will be associated with one normal system server that will not permit movement to access with a different system then onto the next (Baskerville et al., 2014). This can be a viable procedure to avert unapproved get to. By following this process, the system admin will be able to monitor over all the sub-networks and identify any issues or unethical activities inside the company’s server.
IP Verification and Locator System – Chen and Zhao (2012) said that IP address locator system can also be used to identify or counter cyber security challenges. IP verification softwares can be used to store all the IP addresses of all the computers used inside the organization. In case of cyber security threats, these softwares can detect the origin IP address and match it with the stored IP addresses inside the database. If it does not match, it will deduce that the origin of the threat is external and suitable countermeasures can be taken accordingly.
Solid Encryptions and Restrictions – According to the works of Posey et al. (2014), use of strong encryptions and access restrictions is necessary in order to counter cyber security challenges. It is evident that the external malwares for the most part go into framework from outside sources using unauthorized access into the server. Due to absence of strong encryptions, these are almost easy for the malwares and attackers. The minute an employee taps on the unauthorized website link, the malignant infection associated with the connection goes into the framework taints it. Capable infections like Trojan horse can totally obliterate a framework alongside every other framework associated with a similar system (Vacca 2012). Hence, strong encryptions and access restriction are extremely necessary for the Australian IT organizations.
Segregated Cloud Server – This should be possible by detaching the distributed storage server utilized by the organization totally from whatever other system. The disengaged cloud framework will then be gotten to from just the organization’s frameworks (Peltier 2013). Notwithstanding, inner security dangers can’t be kept away from by this procedure.
Change in Employee Guidelines Policy – The main source of internal cyber attacks is the BYOD (Bring Your Own Device) policy practices by a large number of Australian IT organizations. According to this policy, during urgent cases, the employees are allowed bring their own computing devices at work and use them for performing their duties. However, these devices may contain malwares and once, the employee connects this device to the server, the malware infects the whole server. Hence, employee guidelines policy must be revised and BYOD policy must be restricted to as much as possible.
Conclusion:
In this report, the cyber security challenges of Australian business organizations have been discussed in detail. In any case, the standard customers and supporters of the organization are willing to know more about the cyber security issues in the Australian IT companies. There is a probability that untrustworthy programmers will attempt to break data about the item. Moreover, some outsider individual may attempt to break data and advertising procedures of the organization. Henceforth, the organization looks for master guidance and answers for these issues and other conceivable issues that may make their business close down totally. As a component of the activity arrange, a few arrangements have been given. These progressions incorporate use of system confinements and partition of the workplace system to various systems as indicated by various posts or levels of representatives. Additionally, utilization of a product that will empower the system administrator of Australian IT companies to screen which IP locations are being utilized for operations in the workplace systems and emphatically scrambled passwords are recommended. At last, utilization of a disengaged cloud server for capacity of basic records and business systems and changes in hierarchical arrangements viewing representative rules are proposed also.
For Australian business organizations, the fundamental issues have been recognized and a few security arrangements and activities can be prescribed for the insurance of secret data and business procedures. These are as per the following:
References:
Ahmad, A., Maynard, S. B., and Park, S. 2014. Information security strategies: towards an organizational multi-strategy perspective. Journal of Intelligent Manufacturing, 25(2), 357-370.
Baskerville, R., Spagnoletti, P., and Kim, J. 2014. Incident-centered information security: Managing a strategic balance between prevention and response. Information and management, 51(1), 138-151.
Cezar, A., Cavusoglu, H., and Raghunathan, S. 2013. Outsourcing information security: Contracting issues and security implications.Management Science, 60(3), 638-657.
Chen, D., and Zhao, H. 2012, March. Data security and privacy protection issues in cloud computing. In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference on (Vol. 1, pp. 647-651). IEEE.
Crossler, R. E., Johnston, A. C., Lowry, P. B., Hu, Q., Warkentin, M., and Baskerville, R. 2013. Future directions for behavioral information security research. computers and security, 32, 90-101.
Hu, Q., Dinev, T., Hart, P., and Cooke, D. 2012. Managing employee compliance with information security policies: the critical role of top management and organizational culture*. Decision Sciences, 43(4), 615-660.
Ifinedo, P. 2012. Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory. Computers and Security, 31(1), 83-95.
Kolkowska, E., and Dhillon, G. 2013. Organizational power and information security rule compliance. Computers and Security, 33, 3-11.
Laszka, A., Felegyhazi, M., and Buttyan, L. 2015. A survey of interdependent information security games. ACM Computing Surveys (CSUR), 47(2), 23.
Lee, C. H., Geng, X., and Raghunathan, S. 2013. Contracting information security in the presence of double moral hazard. Information Systems Research, 24(2), 295-311.
Lowry, P. B., Posey, C., Bennett, R. B. J., and Roberts, T. L. 2015. Leveraging fairness and reactance theories to deter reactive computer abuse following enhanced organisational information security policies: An empirical study of the influence of counterfactual reasoning and organisational trust.Information Systems Journal, 25(3), 193-273.
Peltier, T. R. 2013. Information security fundamentals. CRC Press.
Posey, C., Roberts, T. L., Lowry, P. B., and Hightower, R. T. 2014. Bridging the divide: a qualitative comparison of information security thought patterns between information security professionals and ordinary organizational insiders. Information and management, 51(5), 551-567.
Siponen, M., and Vance, A. 2014. Guidelines for improving the contextual relevance of field surveys: the case of information security policy violations.European Journal of Information Systems, 23(3), 289-305.
Siponen, M., Mahmood, M. A., and Pahnila, S. 2014. Employees’ adherence to information security policies: An exploratory field study. Information and management, 51(2), 217-224.
Tamjidyamcholo, A., Baba, M. S. B., Tamjid, H., and Gholipour, R. 2013. Information security–Professional perceptions of knowledge-sharing intention under self-efficacy, trust, reciprocity, and shared-language. Computers and Education, 68, 223-232.
Taylor, R. W., Fritsch, E. J., and Liederbach, J. 2014. Digital crime and digital terrorism. Prentice Hall Press.
Vacca, J. R. 2012. Computer and information security handbook. Newnes.
Von Solms, R., and Van Niekerk, J. 2013. From information security to cyber security. computers and security, 38, 97-102.
Yang, Y. P. O., Shieh, H. M., and Tzeng, G. H. 2013. A VIKOR technique based on DEMATEL and ANP for information security risk control assessment. Information Sciences, 232, 482-500.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download