Critically Evaluate the Importance of Information Security
CB Hart Law Firm: An Information Security Report
November 2011
Business Information Systems
Salford Business School
TABLE OF CONTENTS:
INTRODUCTION pages number
1. MAIN CONTENT 1.1. Information security from business perspective 2-4 1.2. Value of information 4 1.3. Information security threats and risks: 4-5 1.3.1.Theft 5-6 1.3.2.Fraud 6 1.3.3.Malicious damage 6 1.3.4.Incompetence and mistakes 7 1.3.5. Accidents and disasters 7
2. MAIN BODY 2.1. Domains 7-8 2.2. Ten most common domains 8 2.2.1. Security management practices 8-10 2.2.2. Access control 10-11 2.2.3.Cryptography 11-12 2.2.3.1.Terminology 12-13
3. Conclusion 14-15
4. List of figures 16
5. References 17-18
INTRODUCTION
CB Hart has suffered major reputation problems because of disregarding the small security issues. Company has been affected by the event of data leakage. The information that leaked was not hugely confidential but that situation was damaging enough to cause a big decrease in the reputation of the CB Hart. Company requires serious changes in its security aspects. This will need to be done by reviewing the past similar situations regards data leakage. It is important that proper security of clients’ information, which is stored within CB Hart’s database, is a part of the company marketing strategy. IT department will have to review past security problems and methods of how it has been solved. They will also be required to arrange new problem solving methods that have not been previously implemented. IT team will need to research most current data which is stored on company’s servers and try to find and eliminate possible errors. New CB Hart’s management has agreed further steps and investment for marketing strategy and differentiation factor of the firm. IT department is required to provide solutions for company’s security improvement. The most
November 2011
Business Information Systems
Salford Business School
TABLE OF CONTENTS:
INTRODUCTION pages number
1. MAIN CONTENT 1.1. Information security from business perspective 2-4 1.2. Value of information 4 1.3. Information security threats and risks: 4-5 1.3.1.Theft 5-6 1.3.2.Fraud 6 1.3.3.Malicious damage 6 1.3.4.Incompetence and mistakes 7 1.3.5. Accidents and disasters 7
2. MAIN BODY 2.1. Domains 7-8 2.2. Ten most common domains 8 2.2.1. Security management practices 8-10 2.2.2. Access control 10-11 2.2.3.Cryptography 11-12 2.2.3.1.Terminology 12-13
3. Conclusion 14-15
4. List of figures 16
5. References 17-18
INTRODUCTION
CB Hart has suffered major reputation problems because of disregarding the small security issues. Company has been affected by the event of data leakage. The information that leaked was not hugely confidential but that situation was damaging enough to cause a big decrease in the reputation of the CB Hart. Company requires serious changes in its security aspects. This will need to be done by reviewing the past similar situations regards data leakage. It is important that proper security of clients’ information, which is stored within CB Hart’s database, is a part of the company marketing strategy. IT department will have to review past security problems and methods of how it has been solved. They will also be required to arrange new problem solving methods that have not been previously implemented. IT team will need to research most current data which is stored on company’s servers and try to find and eliminate possible errors. New CB Hart’s management has agreed further steps and investment for marketing strategy and differentiation factor of the firm. IT department is required to provide solutions for company’s security improvement. The most
References: Stoneburner, Gary. “Computer Security”, Retrieved November 11, 2011, From National Institute of Standards and Technology at http://csrc.nist.gov/publications/nistpubs/800-27A/SP800-27-RevA.pdf Back, Adam Fenner, Audrey. “Placing Value on Information”, Retrieved November 10, 2011, From http://unllib.unl.edu/LPP/fenner.pdf Hinson, Gary (2008) Unknown author (2010). “Top 10 Information Security Threats for 2010”, Retrieved November 21, 2011 from Help Net Security at http://www.net-security.org/secworld.php?id=8709 Unknown author Unknow author (2010). “ 10 Security Domains”, Retrieved November 24, 2011 From http://orkanet.com/production/info_tech/10_security_domains.htm Dougherty, Michelle (2004) Cazemier, Jacques (1999). “Security Management” (1st Edition), Controller of Her Majesty’s Stationary Office, Norwich. ISBN: 0 11 330014 Janczewski, Lech Hawkner, Andrew (2000). “Security and Control in Information Systems”, Routledge, New York, ISBN 0-415-20534-4 Unknown Author, Retrieved November 22, 2011 From http://transit-safety.fta.dot.gov/security/SecurityInitiatives/DesignConsiderations/CD/sec5.htm