System Security Plan
According to Merriam-Webster Dictionary, security in general is the quality or state of being secure. Many companies try to secure their systems and they spend a lot of money for the security. As the result, most company try to define what they needed. Each security has rules and principle which connect with the protection of the system.
After gaining access to the network with a valid IP address, the attacker can modify, reroute, or delete your data. Password-Based Attacks A common denominator of most operating system and network security plans is password-based access control. Thus the access rights to a computer and network resources are determined by the person, the user name and the password. Older applications do not always protect identity information as it is passed through the network for validation. This might allow an eavesdropper to gain access to the network by posing as a valid user. Sniffer Attack A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Even encapsulated (tunnelled) packets can be broken open and read unless they are encrypted and the attacker does not have access to the key.
The systems are monitored through log Ins that the management and nurses have on the system. The computer systems record every time and date the computers are accessed to prevent security issues such as hacking and cracking of information from the computers. An incident response program will be installed on the computers to ensure that in the case records of patients are changed from an outside source, there will be an alarm on all computers. Potential threats of the security plan include hacking and cracking that comes from people who want to snoop into the most secure computers of the hospital to access information that they may not have access to as they are not allowed in the systems. Viruses are also a potential threat to the information in the company because when information is faced with viruses, it is hard to retrieve such information (Fugini 70).
Azari, Rasool. Current Security Management & Ethical Issues of Information Technology. Harrisburg, PA: Idea Group Inc, 2003. Print.
Fugini, Mariagrazia, and Carlo Bellettini. Information Security Policies and Actions in Modern Integrated Systems. Hershey, PA: Idea Group Pub, 2004. Print.
Kim, David, and Michael Solomon. Fundamentals of Information Systems Security. Sudbury, MA: Jones & Bartlett Learning, 2011. Print.
Kovacich, Gerald L. The Information Systems Security Officer's Guide: Establishing and Managing an Information Protection Program. Amsterdam: Butterworth-Heinemann, 2003. Internet resource.