StudyDaddy Computer Science Effective information security recommendations must be incorporated into a formal information systems security plan with the objective to protect critical organization information assets.Use your find

Effective information security recommendations must be incorporated into a formal information systems security plan with the objective to protect critical organization information assets.Use your find

Security Threats and Policies 0



Computer Science Assessment

  1. What are the significant information security related threats that your organization is subject to?

My selected organization is the Kroger Company. Organizations face a variety of both external and internal digital related threats which are capable of corrupting hardware as well as compromising data. Private data along with intellectual property can be utilized in committing fraud and e-crimes (Grama, 2011).  There are a variety of security threats associated with information that can impact Kroger Company. They are;

  1. Malware and viruses

Malware software along with malware spread viruses via email attachments as well as files that are located on removable storage disks and visiting infected websites (Kim, 2016).  Hackers utilize malware to manage one’s computer in a remote way, steal or damage data even passwords. In addition, they corrupt the computer hardware as well as the software and spread malware. Spam emails also promote non-existent commodities like lottery wines and fraudulent.

  1. Online scams and Phishing

They are formulated to trick someone into revealing sensitive data including passwords as well as credit card related numbers.



  1. Cybercrime and Hacking

Sophisticated along with complex e-crimes entail the theft of data or intellectual items like trademarks (Kim, 2016).  Hackers usually access your hardware along with data in an illegal way to utilize information like credit card information for the act of cyber fraud and it might corrupt online security.

2. How does the organization's code of ethics and security policies help to reduce these threats?

Unlike more organized and developed professions such as law, a variety of ethical related issues which IT as well as security professionals confront are not yet codified as well as there is lack of a standard mandatory oversight system. However, the identified question regarding ethical behavior in the IT related professions is starting to be addressed (Vacca, 2013). Voluntary professional associated associations like the Association for Computing Machinery have established their personal codes of ethics as well as professional conduct that can act as a guideline for people along with organizations. Code of ethics provides oversight associated with the management of organizations regarding information technology aspects. It assists greatly in minimizing the involved threats that come along with an organization implementing IT. The identified code presents a summary of the various values as well as principles and business related practices which guide the organization conduct. Furthermore, it offers a set of fundamental principles to act as a guideline to covered individuals concerning the minimum ethical necessities that are expected of them (Vacca, 2013). 


  1. What specific security policies should your organization implement for their Information Systems?

  1. Confidential Data Strategy

Confidential data is identified as the data which is associated with the greatest value to an organization. Confidential data is considered to be valuable to other people too, therefore it can possess a higher risk than overall company data. It is therefore essential to dictate security related standards which relate particularly to confidential data (Stewart & Gibson, 2012). 

  1. Email Policy

Email is considered to be an essential component regarding the art of business communication, although it presents difficulties because of its potential to cause security threats (Stewart & Gibson, 2012). It can also possess an impact on the liability of the company by offering a written record of various communications. Email policy offers a detail on the usage guidelines of the organizations in regard to the email system. It is essential in assisting the organization in reducing risks of security issues associated with the email.

  1. Network Security Policy

The policy can entail specific techniques like logs, networked hardware and device passwords.




References

Grama, J. L. (2011). Legal issues in information security. Sudbury, MA: Jones & Bartlett

Learning.

Kim, D. (2016). Fundamentals of information systems security. Jones & Bartlett Learning.

Stewart, J. M., Chapple, M., & Gibson, D. (2012). CISSP. Hoboken: John Wiley & Sons.

Vacca, J. R. (2013). Computer and information security handbook. Amsterdam: Morgan

Kaufmann Publishers is an imprint of Elsevier.

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!