Cis 333 Final Term Paper

2543 words 11 pages
Technical Project Paper: Information Systems Security
Information Systems Security
Haseeb Ahmed Khan
Mark O’Connell
CIS 333 Fundamentals of Information Security
March 12, 2012

In today’s IT world every organization has a responsibility to protect the information and sensitive data they have. Protecting data is not only responsibility of security and IT staff but every individual is involved in protecting the information. The risks to information security are not digital only, but it involves technology, people and process that an organization may have. These threats may represent the problems that are associated to complex and expensive solution, but doing nothing about these risks is not the solution.
The case we
…show more content…

Usually the logical breach results due an unauthorized access to the system/network. The users on the front desk should be given access to the information they need to perform their job on need to know basis. Any workstation is capable to breach into sensitive information. Access to any machine could lead to confidential information breach. All users are required to use their credential to access information on the network. A strong password is required by the policy outlined by the IT department.
Logical vulnerability deals with anything which is to do with computer software/network other than the physical network. People are the weakest link in the whole chain. They are the biggest threat to the IT network; any user could compromise the system without even knowing the result of his/her actions. Users using personal device on the enterprise network is the biggest threat ever. Use of personal media should be strictly prohibited because it could bring in the malicious code which gives access to hackers to break into network and steal confidential information.
A weak password also helps intruders to disguise them as the legitimate user and access the information to compromise the network. Software and antivirus updates could also be crucial if it is not done on time, it can lead into breach.
The physical threat and vulnerability can result in huge loss in revenue and confidential