StudyDaddy Article Writing Discuss some  of the key issues to be aware   of and the best practices to mitigate them. Discuss strategic analysis decisions in the next  five years, what we need      to watch out for in the inform

Discuss some  of the key issues to be aware   of and the best practices to mitigate them. Discuss strategic analysis decisions in the next  five years, what we need      to watch out for in the inform

Running head: INFORMATION TECHNOLOGY 1

Sample paper Do not copy!

Information technology (IT) is the technology involving the development, maintenance, and use of computer systems, software, and network for the processing and distribution of data (Merriam-Webster, 2017). An article in the Harvard Business Review that was written in 1958 stated that information technology consisted of three basic parts, computational data processing, decision support, and business software (Mitchell, 2017). No matter how one defines information technology, it plays a vital role in both large corporations and small businesses alike. With the world advancing and becoming more technology-centric, information technology has to change as these advancements make their way to the forefront. There are several trends in tech world that will drive IT decision making for the next five years.

Data growth is forcing IT departments to adopt new forms of operation and reset their expectations of work. Server loads are growing 10% every year, network bandwidth is increasing by 35%, and storage capacity is expanding by 50% (Schaffhauser, 2015). With the increasing popularity of online video there is a demand for network bandwidth both on Internet and on IT networks. Because these new software packages demand more data usage due to their richer graphics and interaction with computers, IT teams must plan accordingly for their company’s current and future needs to keep up with the network traffic (Mitchell, 2017).

The Internet of Things is creating a new way to looking at business and collecting information about the clients and developing a new level of automation to make the business more efficient (Schaffhauser, 2015). The Internet of Things is a network of small devices that are self-aware and self-discovering. These sensors support their own mesh network so that as devices are deployed, they find each other and “report back.” They are often location-aware and in some cases don’t require batteries (Schaffhauser, 2015). Currently, there are hospitals using these sensors that are attached to hand-cleaning stations. As nurses and doctors wash their hands, the sensors scan their badge and the data is collected. If there is ever a lawsuit, because someone get infected and blaming the hospital, they can go back and track the sequence of every movement to use as a defense against the lawsuit. Right now most organizations are in a “look-see mode” (Schaffhauser, 2015). It is important that IT stays on top of what their company’s plans are as it relates to the Internet of Things.

Software-defined infrastructure is creeping into the data center. Conceptually, they are intended to create a new way to operate, orchestrate and automate, by putting configuration controls at a higher plane than it was. Instead of having individuals go out and optimize at the devise level to get the best performance or best use of that particular resource, if someone can do it at a control plane, they can enhance the workload, traffic flow and automation. This can eventually improve the overall efficiency of the operation. This is currently being tested, but the promise is there (Schaffhauser, 2015). Eventually one will be able to manage these environments on or off the premise. It will become a virtual environment. Workloads could move based on actual business needs, performance needs, and time of day. They could be moved to wherever they need to be. A related trend is “proactive infrastructures” where data centers are beginning to use predictive prescriptive analytics to help IT staff gain a sense of what will happen in real time as the machines are running or what would happen if a particular system change were made (Schaffhauser, 2015).

As technology continues to advance, security risk become more problematic. Security risk come from both internal and external. Internal attacks are one of the biggest threats facing any data systems. These risk can come from various places. One way is by a disgruntle employee. A rogue employee, especially if they are part of the IT staff, with knowledge of and access to networks, data centers and admin accounts, can cause severe damage (Schiff, 2015). That is why it is imperative that a company identify all privileged accounts and credentials, and immediately terminate those that are no longer in use or are connected to employees who are no longer with the company (Schiff, 2015). Next, they need to monitor closely, control and manage the privilege credentials to prevent future exploitation by implementing necessary protocol and infrastructure to track, log, and record the privileged account activity. Alerts should be in place to allow for quick response to the malicious activity (Schiff, 2015).

Another internal risk comes from careless or uninformed employees. When an employee is not trained in security best practices and have weak passwords, visit unauthorized website, and click on links in suspicious email or open email attachments, these pose an enormous security threat to an organization’s system and data (Schiff, 2015). One risk is that spyware can be downloaded into the system. When spyware enters the network, a company can no longer guarantee that their corporate information is secure (Johnson, 2004). It also generates more spam. When spyware finds an email address, it sends it back out over the internet to be traded shared or sold to spammers. When a user is clueless enough to click on the product ads within the spam, they risk downloading additional spyware, which in turn devours network resources causing poor performance and proliferation pop-up ads (Johnson, 2004). That is why businesses must train employees on cybersecurity best practices and offer ongoing support. IT must also ensure that all employees have strong passwords, since they are the first line of defense (Schiff, 2015).

Other internal security risks can come from cloud applications and unpatched devices. The best way to prevent threat from a cloud application is to defend at the data level using strong encryption that prevents any third party from accessing the data even if it resides on a public cloud (Schiff, 2015). Unpatched devices, such as routers, servers and printers that employ software or firmware in the operation, and a patch for vulnerability in them has not been created or sent, or their hardware was not designed to enable them to be updated, can easily be accessed by hackers (Schiff, 2015). The best way for a company to defend against this risk is by instituting a patch management program that ensures devices, and software are kept up to date at all times (Schiff, 2015).

Like internal information security risk, external information security risk can be devastating on a company as well. One of these security risk can come from vandalism and looting, where individuals exploit security weakness that are exposed during an emergency or natural disaster that make it impossible for security to reach the damaged facility (FFIEC, 2017). In order to prevent these events from occurring, businesses need to address these potential threats before any disaster takes place by implementing alternative security measures. These measures must be capable of protecting the company both physically and logistically (FFIEC, 2017).

External information security risk can also come from natural disasters, such as fires, floods and other water damage, and severe weather (FFIEC, 2017). A fire can result in the loss of equipment and data. It is essential that a business’ evacuation plan provide guidelines for securing or removing media, if time permits. That is why fire drills should be periodically conducted to ensure that personnel understand their responsibilities (FFIEC, 2017).

As with a fire, water can also damage equipment resulting in data loss. If a company is built near a floodplain, they risk being flooded. Since water always seeks the lowest level, business need to make sure that their critical records and equipment are located on upper floors, if possible, to mitigate this risk (FFIEC, 2017). By raising the flooring or elevating the wiring and servers by several inches off the floor, can also prevent or limit the amount of water damage. A business should also be aware that water damage can occur from other sources such as broken water mains, windows, or fire sprinkler systems (FFIEC, 2017). If a business has their computer or equipment room located in an area that has a floor above it, the ceiling should be sealed to prevent water damage. The company should also consider in investing in water detectors as a way to provide notification of a problem (FFIEC, 2017).

A disaster resulting from an earthquake, hurricane, tornado, or other severe weather typically occurs by a defined geographic location (FFIEC, 2017).  Given the random nature of these natural disasters, a company located in an area that experiences any of these events needs to include appropriate scenarios in their business continuity planning process.  In instances where early warning systems are available, businesses should implement procedures before the disaster to minimize losses (FFIEC, 2017).

In conclusion, the information technology world is rapidly changing. From increased data growth to the Internet of Things, modern society depends on information technology in nearly every facet of human activity (Al-Ahmad & Mohammad, 2013). With these changes comes new opportunities, however, organizations are exposed to increasing information technology security risk. That is why it is imperative that companies create standards, best practices, and frameworks to help manage these risks (Al-Ahmad & Mohammad, 2013). Risk associated with the use of technology needs to be adequately maintained and assessed for an organization to maintain their business (Al-Ahmad & Mohammad, 2013).

References:

  • Merriam-Webster. (2017). Information technology. Retrieved from https://www.merriam-webster.com/dictionary/information%20technology


  • Mitchell, B. (2017). Introduction to information technology (it). Retrieved from https://www.lifewire.com/introduction-information-technology-817815


  • Schaffhauser, D. (2015) 5 tech trends that will drive it decision-making for the next five years. Retrieved from https://campustechnology.com/articles/2015/04/20/5-tech-trends-that-will-drive-it-decision-making-for-the-next-5-years.aspx


  • Schiff, J.L. (2015). 6 biggest business security risks and how you can fight back. Retrieved from https://www.cio.com/article/2872517/data-breach/6-biggest-business-security-risks-and-how-you-can-fight-back.html.


  • Johnson, M. (2004). Spyware wake-up call. Computerworld, 38(18), 20. Retrieved from EBSCOhost


  • FFIEC. (2017). Appendix c: internal and external threats. Retrieved from https://ithandbook.ffiec.gov/it-booklets/business-continuity-planning/appendix-c-internal-and-external-threats.aspx.


  • Al-Ahmad, W., & Mohammad, B. (2013). Addressing information security risks by adopting standards. International Journal of Information Security Science, 2 (2), 28-43. Retrieved from EBSCOhost.

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!