Data security at each Riordan Manufacturing plant
Current status
The current status of data security at each of the Riordan Manufacturing plant is not in place. The company has a wide collection of systems which are different but work together towards a common goal. For this reason, it is hard to manage data and worse still, it is hard managing the security of data. This is something that brings a lot of risks and inefficiency in handling data management tasks. Some of the issues that need to be looked into include access rights, data transfer mechanisms, and a universal format of data between the many plants and departments in these plants. Regarding these issues, there is no data access rights that have been put place, also there are no mode of data transfer that has been adopted between the plants. Also, there is no reliable backup policy that has been adopted in this company. This is the case even though the company has an enormous IT budget and commands sales of one billion dollars. There is no excuse then these issues should have been implemented long ago.
Recommendation:
One area that needs improvement is that of handling of data. Data in store and in transmission need to be in good condition. It is only after data security mechanism is put in place in the network that these issues should be looked into. A better way to look at data security in the company is by way of enterprise level. There are some issues and questions of concern that need to be addressed like what data is available and why this data should be secured. All the data in the company should be identified and their levels of security should also be identified. Also of paramount importance is the control that should be applied in each data that has been identified in the company. There is a need to have controls for each data that has been identified.
Regarding the software and hardware aspects of data security, there are some recommendations that are put forward in this paper. Some of these include encryption of drives, access basing on the roles of the individuals in the organization, authentication using two factor techniques. With this respect, there is therefore a need to have some tools and software that will take this into consideration. Some of the software that needs to be implemented includes Active Roles Server, and Active Administrator, and management of password processes using the Microsoft Shell Technology. These tools also provide reports that are necessary when monitoring security.
With cloud computing technology being fast adopted in the world, there is need to adopt data security methods that will take into consideration emerging trends and ensure that data in the cloud is safe. One such tool that can be adopted by Riordan Company is Ironkey Enterprise. This tool secures thumb drives and even enables self-destruction capability if it gets lost the data is not accessed. There is also a need to protect data that are meant for external mobile storage devices. This tool, EndPointProtection 11.0, from Symantec allows data that are meant for external drives to be scanned. They also have such features like backup and recovery.
Also of paramount importance is the need to integrate encryption in data management practices of Riordan Manufacturing. This is especially true for data that is on transit. If one plant would like to send data to another site, it will be in order to have data encryption in place. One such technology is Pretty Good Protocol which is used to protect data that is on transit. This technique is effective and has been used in data protection for a long time.
References
Riordan manufactering (2010, 08 10). analysis of service request. Retrieved 02 09, 2012, from www.riordan.org: http://www.riordan.org
Tipton, H. F., & Nozaki, M. K. (2011). Information Security Management Handbook (Vol. 5). Florida: CRC press.