Discussion 1
Authentication will also be another vulnerability that will be an issue in the company because of the things that might go wrong in the end. Without authentication, there will be wrong people who are not allowed to use the data and information in the company. It will lead to data corruption within the company. One of the vulnerability is the unauthorized access. This vulnerability has high probability of happening because of the many people who are making use of the system and the database that is in place (Norman). One of the ways in which this will be audited is to have access controls and have a list of the people who will make use of the system that has been put in place.
Another vulnerability that is of significant concern is that of data corruption due to unauthorized personnel getting to the database. It is a real threat that has to be taken into account and have measures that will ensure that the database has been secured to have the better ways in which the data will be secured.
There is also encryption. Encryption is a vulnerability that will have to be undertaken in order to have the data secured and protected from people who might access it and corrupt the data. Encryption will come up as vulnerability because of the possible corruption and failure to use the data that has been provided in the company. If encryption will be used in a wrong manner, then the data will be corrupt and will not be used in an efficient manner.
Database integrity and authorization is another aspect that is bound to bring with it a significant vulnerability. In database integrity, the data has to remain with the highest levels of changeability as much as possible. This will make sure that the data will remain unchanged and if there are any changes that will be made in database, the changes will come from the people who have the authorities to make the changes.
Discussion 2
One of the control policies that will be selected is user account control policy. The user control policy will be selected because it will enable the users to be able to follow the set procedures and rules that have been laid out in order to have the right information and aspects to be managed in the organization (Benantar 82). User account control is a significant policy and control mechanism because most of the users will have the data that is required in order to have the needed aspects in the entire process.
Acceptable use policy is another control policy because of the need to have ways in which the assets will be used in the company. It will be important to have ways in which the data wil be used in the company so that eth users will be aware of the procedures that will be followed while handling the resources.
Another control policy is database access control policy which will be useful in the management of the database. With the popularity of database information systems, it is becoming important to have ways in which the databases will be managed in order to have the data management and processing safe and secure for the entire organization. There is a need to have a way in which the database will be managed and enhanced in data processing. This control policy has been chosen because database management systems are common in any organization and there is a need to ensure that the data management and processing software secure and safe.
Discussion 3
One of the safeguards that can be implemented is the use of access control of the different systems in the company. One way is to have access control mechanism that include use of passwords and s in order to be allowed to access the system. The use of the passwords will enable the users of the systems to have access controls that will enable them to have access to the systems.
Another guard is to have a log of the activities that are done by the users on the network. The log will record the things that the members will be doing in order to have a way in which to manage the activities that are being done on the network. The use of the log will help to understand the way the resources of the network are done.
Another safeguard for the network is to have a firewall and an access control for the database. There should be different levels of access to the database. It will help to understand who will have access to what part of the database. It is one of the methods in which the data will be achieved and managed in the entire process.
A team would first of all list the users who access the system and have ways in which to understand the types of the data that are being accessed by the users. This information will help understand how the audit of information systems will be achieved.
Works Cited
Benantar. Access Control Systems: Security, Identity Management, and Trust Models. Springer: New York, 2005.
Norman. Electronic Access Control. New York: Butterworth-Heinemann, 2011.
