Description
Case Study carries a 15% weight of the final grade (150 Points) . You must find an organization that has implemented information systems security with emphasis on one or more security services and mechanisms. These services and mechanisms may include Access Control, Authentication, Intrusion Detection, Firewalls, Perimeter Protection, VPN security, Antivirus Infrastructure, Intranet Security, PKI, Real-time Protection, Unix/Windows Security, and Security Auditing. There are many more services and mechanisms that might be available for analysis. The focus of this assignment is Information Systems Security. Writing about gates, guards, fences, lighting , CCTV, and building access is not appropriate for this assignment.
Your case analysis must focus on strengths and weaknesses of the security of information infrastructure with respect to the services and mechanisms you have identified for analysis. You do not need to analyze all services and mechanisms. Select those that you might consider critical to the system being examined. For example, access control is very critical in on-line Consumer Banking system, while encryption is considered very critical in Business-to-Business Electronic Commerce. The case does not need to identify the corporation or employer. This is done for those who would like to look at a problem within their own organization without the problems associated with publishing employer information. The case should focus on a specific security issues and technologies. Recommendations for improvement are a required part of the analysis.
E-commerce organizations that have experienced a data breach in the past will have adequate information published to formulate a case. Interviews are not required for this case. If a Department of Defense organization is used in Case Study, ensure that all sources are from the public domain.
Analyze the case you have selected by providing the background and existing infrastructure for information systems security and make reasonable recommendations for improvement. There is always a room for improvement. Approximate length of case should be between 3 to 5 pages, double-spaced, and well-documented. You must make specific recommendations.
Your grades in case study will be determined by your analytical skills, ability to identify real-life security problems, professional competence, and the feasibility of recommended solution(s) for real-life implementation. Your case is unique and therefore, your report will not be compared with other student reports.
Primary Reference: Corporate Computer Security (Online Courses ONLY )
Author: Randall J. Boyle
Publisher: Pearson
ISBN: 978-0133545197
Explanation & Answer
Please let me know if there is anything needs to be changed or added. I will be also appreciated that you can let me know if there is any problem or you have not received the work. Please let me know if there is anything needs to be changed or added. I will be also appreciated that you can let me know if there is any problem or you have not received the work Good luck in your study and if you need any further help in your assignments, please let me know Can you please confirm if you have received the work? Once again, thanks for allowing me to help you R
Running head: INFORMATION SECURITY SYSTEMS
Course Title
Student’s Name
Professor’s Name
Course Code
Date
1
INFORMATION SECURITY SYSTEMS
2
Introduction
The corporate world is increasingly implementing information systems securities as a
measure to limit attacks in business and commerce. Many organizations are confiding confidence
in these security systems with the assurance of non-compromised computing devices and
communication outlets. The fundamental of the information system accrue in environment enlisted
to focus or attributes of these physical systems. A trio combination of essentials to sound security
systems include availability, integrity, and resided confidentiality (Boyle et al., 2017).
Primarily, mechanisms for profound effectively working information systems based on the
attributes of accessibility of the information by anyone at any given timeframe depending on the
information types. For instance, a company such an as Amazon has its database serves to work all
through such that anyone can access the services at his/her schedule. Whereas some companies
have, an insight of no damages, however much there, servers may fail. The integrity of a system
also increases its security.
The sole purpose of the guard is non-alteration and accurate representation of information
provided. However, some factors do not attribute in integrity loss such may include blackouts,
local authorities making mistakes in information updates, or corrupts files. A security system also
has to restore confidence in keeping the information, and it is content to secure from unwanted
viewers (Peltier, 2016).
An organization implementing information systems security has to lay emphasis on
services and mechanisms, including authentication, access control, real-time encryption
protection, and firewalls. This tool is essential to confidence, integrity, and availability of
information.
This paper, therefore, presents the concepts of analyzing the strengths and
INFORMATION SECURITY SYSTEMS
3
weaknesses of the mechanisms listed above and the recommendations of the outcomes in the realtime world.
Encryption
Encryption is a progression of encoding data upon transmission to allow only authorized
users to access information. Computer programs aid these encoding processes, plain text encode
transmits, and the receiver decrypts the ciphertext. In this essence, therefore, the parties involved
must agree on a uniform encoding methodology for effective communication (Fritzon et al., 2014).
An encryption key shared between the two enables encoding and decoding simultaneously.
Encryption has two-identity keys. Symmetrical key encryption (private key) and public key
encryption.
Functionally a public key is for anyone to send encrypted information; the receiver has to use a
private key to decrypt the text. Therefore, for the security of data across this mechanism dictates
that each user owns one private key and one public key.
Authentication
Authenticity implicates a way to identify a person sitting behind computer bars owing to
some aspects they associate in. Effective accomplishment of authentication, therefore, requires
something they own, what they are or love, and maybe what they know (Soomro et al., 2016).
Password and Identification codes are the most recent and commonly applied here, a finalizing
factor above all is something a person is, and it is hard to alter. A user identified by his or her
physical physiognomies.
Therefore, this is a biometric approach. A more confine authentication approach is a multifactor authentication in that a combination of two or more factors identifies a person. A personal
identity number and something one knows (Fritzon et al., 2014). The weakness of these
INFORMATION SECURITY SYSTEMS
4
mechanisms is that once an identity token altered, the system is lost. Hackers thus subject to
compromise easily bypass sidebars of ID and passcodes. Identifying someone by their keys or
something they have can be problematic in case of forgetfulness or misplace prepositions. Thus,
the mechanism is a subject to improvisation for exclusive safety of information on databases.
(...
Review
Review
