Information Security Management
Information Security Management
Firms with multiple locations are susceptible to security threats because they rely on the internet to communicate. Some of the notable security threats are viruses- firms often receive infected e-mails or files. Opening of the infected mails may lead to lose of company data or theft of the same. Additionally, Trojan and worms sent unsuspecting company may cripple the operation of the company.
The after effects of viruses are another potential effect to internet security. According Thuraisingham (2013) a viral attack to company information system creates a loop hole for the back door viruses. The back door viruses can enable the hackers to generate codes that could lead to accessing the confidential company information. Further, the worms may turn the company computers into remote mail servers and send numerous volumes of email that would prevent service attacks (Zurich, 2008). Notably, mail viruses dictate the mail recipients to run the fictitious code.
Identify or information theft is major problem that company may experience. This theft may target financial information of the company or its employees. Critics have established that identify theft help fraudsters to generate information about the company or its employees (Ernst & Young, 2010). Another incident of theft is hacking crucial information.
Some of the ways manage information include installing antivirus to the company computers. This will protect the company computers from viruses and worms. Another method of controlling the information threat is through creating IP address security (Lainhart, Robinson, and van Zadelhoff, 2010). This method will limit receipt of junk mail into the company computers subsequently limiting incidences of information theft or viruses. Additionally, the company should consider creating a server where its administrator would be controlling all the activities of the company.
References
Ernst & Young. (2010). Advanced Security Centers. Retrieved on 20 Jan 2014 from http://www.ey.com/Publication/vwLUAssets/Advanced_Security_Centers/$FILE/Advanced_security_threats.pdf
Lainhart, J., Robinson, S., and van Zadelhoff, M. (2010). Managing threats in the digital age. Retrieved on 20 Jan 2014 from http://www.naco.org/programs/csd/Technology%20Documents/2013%20Leg%20-%20CIO%20Forum/GBE03423-USEN-00.pdf
SANS. An Introduction to Information System Risk Management. Retrieved on 20 Jan 2014 https://www.sans.org/reading-room/whitepapers/auditing/introduction-information-system-risk-management-1204
Thuraisingham, B. (2013). Developing and Securing the Cloud. New York: CRC Press.
Zurich (2008). Strategies for managing information security risks. Retrieved on 20 Jan 2014 from http://www.zurichna.com/internet/zna/SiteCollectionDocuments/en/media/inthenews/strategiesformanaginginformationsecurityrisks.pdf
