Security Administration

  • Uncategorized

SecurityAdministration

SecurityAdministration

Defensein depth is the precaution taken by an individual or company toprevent intrusion. It reduces the chances of being attacked bymalicious hackers. A well-structured plan of this sort can alsoassist security personnel and system administrators to detectindividuals trying to compromise computers, Internet ServiceProviders (ISPs), or servers. When a hacker manages to access thesystem, the defense in depth reduces the adverse effects giving theengineers and administrators time to install updates or novelcountermeasures to avoid recurrence. The constituents of defense indepth comprise firewalls, hierarchical passwords, antivirus software,anti-spyware programs, biometric verification, and intrusiondetection. Additionally, physical protection of the organization’ssites is utilized to back up the electronic countermeasures. Apartfrom that, comprehensive training of the personnel enriches thesecurity of crucial information against destruction, theft, orcompromise (Rouse, 2016).

Itis an important facet of physical security. As illustrated above,defense in depth ensures malicious hackers do not access unauthorizedsystems. The personnel involved will be trained to achieve smoothintegration to incorporate the approach within the protection plan.In other words, since the approach is strengthened via physicalsecurity, the people involved ought to be highly trained. In thismodel, an analysis should precede synthesis to comprehend theentirety of the evaluation. Evidently, for security to be effectualin governing access to a safety zone or an asset, there ought to be away of sensing, delaying and reacting to adversary efforts to gainillegal access. The protection plan will ensure interruption andnullification of the adversary before a fruitful zone crossing.Additionally, tags will be provided harmonized with the roles in thecompany. Therefore, security clearance will be granted depending onthe functions.

Asa security manager, the inclusion of secure authentication andadequate training of personnel is to prevent intrusion. In the firstcase, heightening authentication measures would prevent unauthorizedpersonnel from accessing confidential information. Intrusiondetection will also be installed to avoid any criminalities.Therefore, the staff involved will undergo extensive training toensure everything runs smoothly. The major factors to consider beforechoosing a barrier are cost, ease of use, privacy, and security. Thenew barriers have to be cost friendly according to the organization’scapabilities. The ease of operation has to fit all the personnel. Themeasure must also maintain the confidentiality of the involved staff.The security action needs to correlate with the facility’srequirements (Nok, 2016).

Developingthe business continuity plan will follow four critical stages, thatis, business impact assessment, recovery strategies, policydevelopment, and testing. The first step is to ascertain what eachstep entails before concentrating on plan development. The first twostages are involved in determining the gaps between the recoveryneeds. Furthermore, the second phase ensures the appropriate recoverymechanisms are chosen and implemented. The plan development phaseentails developing a framework, organization of the recovery groups,the creation of relocation plans, writing of the company’scontinuity and IT adversity procedures, and document the manualworkarounds. The plan will then be tested before the employees aretrained.

Whenbusiness is hindered, it usually costs a considerable amount ofmoney. It results in lost revenues and extra expenses that lessen theprofits. The four phases of developing a business continuity conceptmust be observed. The recovery strategies must also be developed toensure technology is restored early enough to cater for the businessneeds. The manual workarounds are part of the Information Technology(IT) concepts.

Technologyis advancing at a considerable rate across the globe. Thetechnological depth has also heightened competition among differentorganizations. Though the corporations boast of steady technologicaladvancements, they still face numerous challenges. One core concernis security. Some people utilize their knowledge to accessunauthorized data or even steal from private institutions. In future,the advancements in technology will be greater, but security willstill be a major concern. Economic/Industrial espionage poses a hugethreat. According to the Federal Bureau of Investigation (FBI),industrial espionage is on the rise. The agency realized that therewere many instances of industrial espionage targeting the U.S.organizations. Most of the perpetrators originate from China withlinks to the country’s authorities (Bruer, 2015).

Thecompetitive nature of businesses has increased the desperation amongcompetitors. In that regard, people resort to spying as a means ofstaying competitive. A good example can be drawn from the musicindustry. Many copyright cases have been reported whereby an artistcopies dance moves from other choreography. The same cases have beenreported in the automobile industry. The competitive nature is boundto worsen relations among manufacturers. As the FBI ascertained, theprivate companies are the most affected. Actually, out of the 165private organizations that took part in the FBI survey, half of themcomplained about theft of trade secrets or economic espionage. Theprimary objective of industrial espionage is to limit spending. Inother words, instead of spending high amounts of cash on marketresearch, a company just spies and copies proven methods from fellowcompetitors. Due to the rising global market competition, thebehavior is bound to increase (Bruer, 2015).

References

Bruer, W. (2015, July 24). FBI sees Chinese involvement amid sharp rise in economic espionage cases. Retrieved from CNN: http://edition.cnn.com/2015/07/24/politics/fbi-economic-espionage/

Nok, N. (2016). Four Barriers to Adopting Strong Authentication. 1-10.

Rouse, M. (2016). Defense in Depth . Retrieved from Teach Target: http://searchsecurity.techtarget.com/definition/defense-in-depth

Security Administration

  • Uncategorized

SECURITY ADMINISTRATION 4

SecurityAdministration

SecurityAdministration

Asa security manager at a large facility, you have been tasked withdeveloping a business continuity plan. How would you develop the planusing the knowledge management process? To manage a successfulknowledge management program, you need to consider people, processes,technology, structure and culture. Analyzing the executive managementset of knowledge management issues enables to create a newsophistication level, innovation, and creativity within anorganization (Smith &amp Brooks, 2012). The executive managementissue addresses essential elements that are critical to an individualthrough a strategic view. It also includes potential benefit andpitfalls. Operational management issues help to identify theavailable knowledge in an organization. The issues also include therequired processes of capturing knowledge. A costs, benefits andrisks issue addresses the time, funds and human resources anorganization should invest in the process of developing a managementprocess (Smith &amp Brooks, 2012). Standard issues are concernedwith technology and communication regarding technical validity anddefinition such as incorporation of technology from various vendorsand proprietary applications with nonproprietary systems.

Explainin detail how you would develop a robust business continuity plan andfully detail the important considerations you would emphasize in yourplan and why? Developing a business continuity plan needs theemergency response at the initial stage. It normally entailsprotecting people and assets from damage in the first 24-48 hours.This phase includes response plans such as the emergency managementplan (Smith &amp Brooks, 2012). Typical security plans at this stageare fire evacuation and improvised explosive devices. The continuityresponse step maintains the critical business functions to run duringa crisis. It involves a period of weeks and months. The recoverystage considers the critical operational activities. Such taskscomprise new processes lessons learned organizational improvementsand deactivation. The restoration stage takes into consideration thestrategic activities for any major regulatory changes. The mainpurpose of this stage is the implementation of policy changes to theorganizations from lessons learned in the previous period before acrisis (Smith &amp Brooks, 2012). There can be a change in focus instrategic and business objectives.

References

Smith,C., &amp Brooks, D. J. (2012). SecurityScience: The Theory and Practice of Security. Burlington: Elsevier Science.

SECURITY ADMINISTRATION

  • Uncategorized

SECURITYADMINISTRATION

SecurityAdministration

Manycompanies in different fields have access control systems that limitpersonnel from having entree to particular offices, room, or evenmonitor. Access control systems ensure that everyone is accounted forand provides information on who might have accessed a particularpoint, log into a computer, or a company’s network at a precisetime. It is considered that access control is any system that managesright of entry through the authorization, or revocation of rights tophysical, or logical assets within an organization (Ferrari, 2010).

Currently,access control systems are an absolute necessity for businesses andorganizations and are essential too. Notably, there are many benefitsof having access control systems in an organization some of theseare

First,access control systems can detect and prevent intrusion (Ferrari,2010). Businesses with access control systems can keep out intruderswho may be informed of employees or visitors, and might intentionallybe trying to entree restricted areas, which they are not supposed to.Also, some impostors might try to infiltrate the business premisesand access points that they are not supposed to. Access controlsystems detect and prevent interlopers from accessing constrainedareas that contain confidential information. There are also caseswhereby visitors may lose their way inside the business premises, andthe access control systems will help.

Second,with the appropriate access control systems, industrial accidentswill be prevented. For instance, the number of people who can accessan unsafe area in a facility will be controlled (Ferrari, 2010)therefore, advancing industrial safety in an organization.

Third,it will deter criminal activities that may occur in a business(Ferrari, 2010). Hence, having these systems is essential in as faras, dealing with crime is concerned. Whether it is a business or abuilding that contain houses, it is inevitable to evade challengessuch as burglary, vandalism and other heinous acts that might affectthe smooth running of the business, or peaceful living. Appropriateaccess control systems should be put in place to prevent these actsfrom taking place.

Anotherimportance is that these systems enable a company cut its costs e.g.keeping registers that are bulk, printing and photocopying IDs, andother expenses since the system will be able to preserve all thisinformation (Ferrari, 2010). Similarly, the system will assist thecompany going green whereby the system communicates with buildingmanagement so as to cut unnecessary heating and lighting in areasthat are not occupied.

Specificfeatures that I would employ in my integrated system are videosurveillance and biometric readers. The reason for video surveillanceis because it provides more details such vehicle number plates andalso has the capabilities of facial recognition. Biometric readerswill ensure that only authorized personnel will access a particularareas or documents in the facility.

Thebiometric security applications that I would employ in my facilityare fingerprint and biometric locks. Fingerprint biometrics willenable the company monitor employee attendance, whereas Biometriclock will be used to restrict unauthorized personnel from enteringareas they are not authorized. The fingerprint biometrics would beplaced at the entrance of the premise for employees and at eachdepartment to ensure that everyone clocks in. As a result, this wouldcreate convenience to all employees. Biometric locks would be placedat entrances to secure rooms to monitor the movement in those rooms.

References

Ferrari,E. (2010). Accesscontrol in data management systems.San Rafael, Calif.: Morgan &amp Claypool. Retrieved from:https://www.utoledo.edu/research/ututc/docs/UTC_Data_Library_Final_Report_.pdf

Close Menu