Essay sample

System Security Plan

Free ideas for

Security data and information is very important for any company in the world

Indeed, high technology environment, and organizations become more and more subordinate on their information systems. The public worry about the appropriate use of information, specifically personal data. Cybercrime are increasing rapidly. Many organizations have operations that need to be protected. According to Merriam-Webster Dictionary, security in general is the quality or state of being secure. Many companies try to secure their systems and they spend a lot of money for the security. As the result, most company try to define what they needed. Each security has rules and principle which connect with the protection of the system.

Free ideas for

Most networks and operating systems use the IP address of a computer to identify a valid entity. In certain cases, it is possible for an IP address to be falsely assumed— identity spoofing. An attacker might also use special programs to construct IP packets that appear to originate from valid addresses inside the corporate intranet. After gaining access to the network with a valid IP address, the attacker can modify, reroute, or delete your data. Password-Based Attacks A common denominator of most operating system and network security plans is password-based access control. Thus the access rights to a computer and network resources are determined by the person, the user name and the password. Older applications do not always protect identity information as it is passed through the network for validation. This might allow an eavesdropper to gain access to the network by posing as a valid user. Sniffer Attack A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Even encapsulated (tunnelled) packets can be broken open and read unless they are encrypted and the attacker does not have access to the key.

Free ideas for

The system has been encrypted with a password (Azari 67). The transactions and records of the patient are stored based on the patients’ names, illnesses and insurance companies. The system uses an SRU network system to create communication between staff and the mainframe system. The systems are monitored through log Ins that the management and nurses have on the system

The computer systems record every time and date the computers are accessed to prevent security issues such as hacking and cracking of information from the computers. An incident response program will be installed on the computers to ensure that in the case records of patients are changed from an outside source, there will be an alarm on all computers. Potential threats of the security plan include hacking and cracking that comes from people who want to snoop into the most secure computers of the hospital to access information that they may not have access to as they are not allowed in the systems. Viruses are also a potential threat to the information in the company because when information is faced with viruses, it is hard to retrieve such information (Fugini 70).

Free ideas for

For the most part, it is clear enough that they have seen the flaws or loops that the system had and that was the only ways in penetrating to those systems. The government should use these 'geniuses' who have surpassed those information technologists whose main aim is to protect the system. It could also be an idea to open up institutes that will specifically be for training people in areas that concern government information security. These people should also be trained in ways to combat future or day zero kinds of threats

It is not always that the systems will a forever be safe, but efforts that are put out to protect the government information and data will make the agencies feel better and safe.

Free ideas for

Azari, Rasool. Current Security Management & Ethical Issues of Information Technology. Harrisburg, PA: Idea Group Inc, 2003. Print.

Fugini, Mariagrazia, and Carlo Bellettini. Information Security Policies and Actions in Modern Integrated Systems. Hershey, PA: Idea Group Pub, 2004. Print.

Kim, David, and Michael Solomon. Fundamentals of Information Systems Security. Sudbury, MA: Jones & Bartlett Learning, 2011. Print.

Kovacich, Gerald L. The Information Systems Security Officer's Guide: Establishing and Managing an Information Protection Program. Amsterdam: Butterworth-Heinemann, 2003. Internet resource.

Was this essay example useful for you?

Do you need extra help?

Order unique essay written for you
essay statistic graph
Topic Popularity