Discuss About The Taxonomy Of Information Security Assessment?
The primary motive of every business organization is to grow, expand and earn more profits. The same is possible only when the customer base that is associated with the business is increased. In the case study, XYZ organization has been covered which is a Melbourne based company that works in the area of software. It is a small firm that began its business fifty months back. The company makes sure that the information and network based security attacks are checked and controlled and therefore, develops the solutions for the same. The mode of operations for the company is either the in-house development of the packages and applications or the customization of the same. The company currently operates with the clients from Australia and most of these clients are small to medium scale business owners and organizations.
The management of XYZ organization has now decided to expand and it would be essential to collaborate with new and more clients. The area of focus for the expansion would be the development and implementation of the online security packages and services. The company has decided to target the organizations from three categories and sectors as gambling, hospitality industry and pharmaceutical.
There are some of the quick changes and advancements that are taking place in the area of technology and security. The organizations in the current times and making use of a lot of information which is also transmitted, managed, processed and stored. Due to the involvement of numerous entities, the likelihood of security risks and attacks has gone up. There are newer and more severe security attacks that are taking place with increased frequency. There is a lot of work that is being done for the control of the same as well (Mohammed Salim, 2016).
The aim of this report is to cover the information/network security aspect for the organization by discussing the latest developments in this field and also highlighting some of the applications that are developed in this domain.
Data and information are composed of a lot many different elements. There are contents as well as properties that make up a particular information set and some of the viable properties include the confidentiality, privacy, availability and integrity of the information. Information Security is an amalgamation of various procedures and controls to safeguard the information which includes it content as well as the properties.
The risks and probable attacks to the security may take place through different mediums and agents. One of such mediums is the network and the measures that are taken to control the network based security risks, threats and attacks come under the domain of network security. A secure network makes sure that a majority of the threats to the information and data sets are avoided (Gnanasankaran, Natarajan, Alagarsamy & Iyakutti, 2013).
There are some of the quick changes and advancements that are taking place in the area of technology and security. The organizations in the current times and making use of a lot of information which is also transmitted, managed, processed and stored. Due to the involvement of numerous entities, the likelihood of security risks and attacks has gone up. There are newer and more severe security attacks that are taking place with increased frequency. There is a lot of work that is being done for the control of the same as well (Haider, Samdani, Ali & Kamran, 2016).
Some of the technologies that have been recently launched and have expanded at a rapid rate include Big Data and Business Intelligence tools. These technologies and tools are being applied in the area of information and network security for the development of enhanced applications. There is also a lot of work that is being done in the area of network based intrusion detection systems and cryptographic algorithms (Roozbahani & Azad, 2015).
Technology in the current times has so many different components that the focus of the maintenance of security of each of these components is usually not fulfilled by the users. It is due to this reason that the demand for integrated security applications has enhanced in the market. The use, deployment and maintenance of the application for the security of every single component are no longer possible.
Comodo Advanced Equipment is one such integrated security solution that allows and offers the overall security and may be used by the organization for its successful expansion (Strom, 2016).
The most powerful feature of the application is its platform that is extremely secure and makes sure that only the secure and non-objectionable files are provided with the access and the other ones are blocked for further checks. There may also be certain files and components that may be suspicious in nature and are handled separately. The application ensures overall system and information security and comes with a store protection from the various types of malware. The features such as use of SSL certificates, internet security and firewall are also integrated.
In the current times, it is not sufficient to mainly identify the threats and develop the prevention for the same. It is equally important to make use of the technology to work on the root cause of these threats. This tool makes use of Big Data and numerous Business Intelligence technologies to analyze the behavior of the threats. Also, the intruder activity is analyzed using advanced analytics so that the future occurrences may be avoided and the threat is removed right from its root.
The sets of benefits and the features that are offered with this application are high and some of the items are listed below.
There are also a few drawbacks that may be witnessed with this applications and it would be essential to have an idea of the same before acquiring the application.
The technocrats and researchers have developed many different measures and mechanisms to improve upon the security of the information and the networks. One of the most significant and useful attempt towards the same is the use of encryption.
Encryption is a mechanism in which the information and files are converted to their cipher of encrypted form. These contents can only be viewed with the aid of a security key which may be public, shared or private in nature. There are tools that have been developed for this purpose and one of the widely used tools is VeraCrypt. IDRIX is the creator of this open source tool that offers the ability to enable disk encryption in the system. The various forms of security risks and threats are prevented as a result (Fearn, 2017).
There are also a few drawbacks that may be witnessed with this applications and it would be essential to have an idea of the same before acquiring the application.
Malware attacks have a high frequency, high likelihood and a high impact of the security attack on the information, system, database and the network. There are different types of malware that can be created and launched which may have a corresponding impact. These malware are designed for specific reasons and therefore, the significance of the impact resulting out from these attacks can be high.
Bitdefender Antivirus Plus is an application that has been developed to put a control on the malware attacks and to also detect their presence (Pcmag, 2016).
The application has a wide set of features that is offers and there are also many advantages that come along with the application.
There are also a few drawbacks that may be witnessed with this applications and it would be essential to have an idea of the same before acquiring the application.
The expansion of an organization is composed of many different activities and phases. The above three applications that have been described may assist XYZ company to expand and easily execute the tasks of in-house application development and customization processes. The following focus points must be considered and remembered during the expansion activity.
A separate department shall also be set up for the areas of security along with monitoring and control of the project. The senior management shall also intervene frequently to understand the progress.
Conclusion
Information security and network security are the two topics that are being extensively studied and analyzed by the researchers and technocrats. It is due to this reason that there is a lot of development that is being witnessed in these areas (Allen, 2012).
Bitdefender Antivirus Plus is an application that has been developed to put a control on the malware attacks and to also detect their presence. There are different types of malware that can be created and launched which may have a corresponding impact. These malware are designed for specific reasons and therefore, the significance of the impact resulting out from these attacks can be high. Comodo Advanced Equipment is an integrated security solution that allows and offers the overall security and may be used by the organization for its successful expansion. The most powerful feature of the application is its platform that is extremely secure and makes sure that only the secure and non-objectionable files are provided with the access and the other ones are blocked for further checks. Encryption is a mechanism in which the information and files are converted to their cipher of encrypted form. These contents can only be viewed with the aid of a security key which may be public, shared or private in nature. There are tools that have been developed for this purpose and one of the widely used tools is VeraCrypt. IDRIX is the creator of this open source tool that offers the ability to enable disk encryption in the system.
These three applications and many others will allow XYZ organization to easily expand and fulfill its objectives. These will make sure that adequate strategies are followed and implemented so that the in-house development may take place. These will also assist in the customization of the off-the-shelf applications so that the overall expansion process is made smoother and easier.
There are various developments that are happening in the area of technology and the organization must research correctly to have a clear picture on the tools and technologies that it may use and implement. There are technologies such as Big Data and Business Intelligence that are on a rise and are being applied in all of the business sectors. The use and integration processes of these technologies shall be researched and analyzed correctly (Hagen, 2013). The management must also set up a team to research on the advanced encryption algorithms and processes that may be used and applied (Brecht, 2012).
The selection between the two methods viz. in-house development and the customization activities shall be selected on the basis of the customer requirements. The various factors and elements must be analyzed before selecting the method that shall be used and applied.
There will also be many changes that will come up during the process of expansion. The management of these changes shall be done with a proper plan and there shall also be a marketing strategy that shall be developed so that the customers get to know about their latest offers and services. The several modes and mediums of marketing shall also be clearly listed out.
References
Allen, J. (2012). Deriving Software Security Measures from Information Security Standards of Practice. Retrieved 18 September 2017, from https://www.sei.cmu.edu/library/assets/whitepapers/derivingsecuritymeasures.pdf
Bajwa, M. (2014). Wireless Network Security Threats and Mitigation—A Survey. Retrieved 18 September 2017, from https://file.scirp.org/pdf/_2014091813425297.pdf
Brecht, M. (2012). A Closer Look at Information Security Costs Working Paper. Retrieved 18 September 2017, from https://www.econinfosec.org/archive/weis2012/papers/Brecht_WEIS2012.pdf
Comodo. (2016). Comodo Launches Advanced Endpoint Protection Solution. comodo.com. Retrieved 18 September 2017, from https://www.comodo.com/news/press_releases/2016/02/comodo-launches-advanced-endpoint-protection.html
Fearn, N. (2017). Top 5 best encryption tools of 2017. TechRadar. Retrieved 18 September 2017, from https://www.techradar.com/news/top-5-best-encryption-tools
Gnanasankaran, N., Natarajan, S., Alagarsamy, K., & Iyakutti, K. (2013). A Case Study of the Application of COTS Components in a Molecular Dynamics Software. Retrieved 14 September 2017, from https://www.lnse.org/papers/31-E060.pdf
Hagen, J. (2013). Effectiveness of Organisational Information security measures. Retrieved 18 September 2017, from https://www.frisc.no/wp-content/uploads/2013/02/finse2013-hagen.pdf
Haider, S., Samdani, G., Ali, M., & Kamran, M. (2016). A comparvative analysis of In-house and outsorced development in software Industry. Retrieved 14 September 2017, from https://www.ijcaonline.org/archives/volume141/number3/haider-2016-ijca-909578.pdf
Lippmann, R., & Riordan, J. (2016). Threat-Based Risk Assessment for Enterprise Networks. Retrieved 18 September 2017, from https://ll.mit.edu/publications/journal/pdf/vol22_no1/22_1_3_Lippmann.pdf
Mohammed Salim, R. (2016). Importance of network security for business organization. Retrieved 14 September 2017, from https://file://melstud/12047542$/Downloads/9120836%20(3).pdf
Nazareth, D., & Choi, J. (2015). A system dynamics model for information security management. Retrieved 14 September 2017, from https://ac.els-cdn.com/S0378720614001335/1-s2.0-S0378720614001335main.pdf?_tid=c703030a-8eb5-11e7-b607-00000aacb362&acdnat=1504229883_21b0981211b42a588a985a023ef05aa3
Pcmag. (2016). Bitdefender Antivirus Plus. PCMag India. Retrieved 18 September 2017, from https://in.pcmag.com/bitdefender-antivirus-plus-2015/52300/review/bitdefender-antivirus-plus
PCMag. (2017). VeraCrypt. PCMag Business Software Index. Retrieved 18 September 2017, from https://www.pcmag.com/business/directory/encryption/1671-veracrypt
Roozbahani, F., & Azad, R. (2015). Security Solutions against Computer Networks Threats. Retrieved 14 September 2017, from https://www.ijana.in/papers/V7I-1.pdf
Shameli-Sendi, A. (2017). Taxonomy of Information Security Risk Assessment (ISRA). Retrieved 18 September 2017, from https://www.synchromedia.ca/system/files/SurveyRisk.pdf
Stephenson, P. (2017). Comodo Advanced Endpoint Protection product review | SC Media UK. Scmagazineuk.com. Retrieved 18 September 2017, from https://www.scmagazineuk.com/comodo-advanced-endpoint-protection/review/9393/
Strom, D. (2016). 10 cutting-edge tools that take endpoint security to a new level. Network World. Retrieved 18 September 2017, from https://www.networkworld.com/article/3089361/endpoint-protection/10-cutting-edge-tools-that-take-endpoint-security-to-a-new-level.html
Veracrypt. (2017). VeraCrypt. CodePlex. Retrieved 18 September 2017, from https://veracrypt.codeplex.com/
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download