...Securing and Protecting Information Jane Doe CGMT/400 March 9, 2015 John Doe Securing and Protecting Information As the most important asset within the organization it is necessary to provide measures that can effectively protect data from loss and unauthorized intrusions. Information security involves authenticating users with a high level of protocol and promoting accountability within the information infrastructure. This approach may involve use of the organization assets, identification, authentication, authorization and the use of third party security systems or devices to protect data from unauthorized access. Security Authentication Process The security authentication process is the first step in information security and assurance. This process involves “binding a specific ID to a specific computer connection” (University of Phoenix, 2011) in order to authenticate access to the information system. During this process the user provides a user ID and password to the computer system or remote server to verify his or her identity. Authentication is accomplished when the system or server matches the user ID to a specific password and grants the user remote access to system resources. Identification The identification process is an access control element designed to match a user to a specific process. The identification process is performed the first time a user ID is issued to a specific user. User IDs have unique values and can...
Words: 1903 - Pages: 8
...Securing and Protecting Information CMGT/400 May 27, 2013 Securing and Protecting Information Introduction The last few years have been marked by numerous malicious applications that have increasingly targeted online activities. As the number of online activities continues to grow strong, ease of Internet use and increasing use base has perfected the criminal targets. Therefore, attacks on numerous users can be achieved at a single click. The methods utilized in breaching Internet security vary. However, these methods have increasingly become complicated and sophisticated over time. With the increase in threat levels, stronger legislations are being increasingly issued to prevent further attacks. Most of these measures have been aimed at increasing the security of Internet information. Among these methods, the most prominent approach is security authentication and protection. This paper comprehensively evaluates the security authentication process. The paper also introduces security systems that help provide resistance against common attacks. Security Authentication Process Authentication is the process that has increasingly been utilized in verification of the entity or person. Therefore, this is the process utilized in determining whether something or someone is what it is declared to be (LaRoche, 2008). Authentication hence acts as part of numerous online applications. Before accessing an email account, the authentication process is incorporated in identification...
Words: 1090 - Pages: 5
...CMGT 400 Week 3 Securing and Protecting Information Security Authentication Process It is necessary to secure your authentication method to safeguard your system against varied forms of security threats, like brute-force or wordbook attacks, impersonation of users, and reply attacks. Additionally, if you share resources on your network with alternative organizations, you need to make sure that your authentication policies are interchangeable with the organization in which you are exchanging your information with. Authentication is the method in which a person must prove that they are who they say they are. Public and private networks, utilize authorized logins and passwords. Data is ran through the password database to ensure that the user is someone that has the credentials to access the network. In order to allow access a company’s intranet, they must register or be registered with the appropriate credentials to access this network. For this reason, net business and plenty of alternative transactions need additional authentication methods. “The utilization of digital certificates issued and verified by a Certificate Authority (CA) as a part of a public key infrastructure is taken into account probably to become the quality thanks to perform authentication on the web” (D'Arcy, Hovav, & Galletta, 2009). Process includes: Create a strong password policy Establish an account lock out policy Assign logon hours Create a ticket expiration policy Establish network authentication...
Words: 1442 - Pages: 6
...Securing and Protecting Information Securing and Protecting Information CMGT/400 May 27, 2013 Securing and Protecting Information Introduction The last few years have been marked by numerous malicious applications that have increasingly targeted online activities. As the number of online activities continues to grow strong, ease of Internet use and increasing use base has perfected the criminal targets. Therefore, attacks on numerous users can be achieved at a single click. The methods utilized in breaching Internet security vary. However, these methods have increasingly become complicated and sophisticated over time. With the increase in threat levels, stronger legislations are being increasingly issued to prevent further attacks. Most of these measures have been aimed at increasing the security of Internet information. Among these methods, the most prominent approach is security authentication and protection. This paper comprehensively evaluates the security authentication process. The paper also introduces security systems that help provide resistance against common attacks. Security Authentication Process Authentication is the process that has increasingly been utilized in verification of the entity or person. Therefore, this is the process utilized in determining whether something or someone is what it is declared to be (LaRoche, 2008). Authentication hence acts as part of numerous online applications. Before accessing an email account, the authentication process...
Words: 1094 - Pages: 5
...Securing and Protecting Information Instructor: April 24, 2014 Security Authentication Process It is necessary to secure your authentication method to safeguard your system against varied forms of security threats, like password-cracking tools, brute-force or wordbook attacks, abuse of system access rights, impersonation of attested users, and reply attacks. Additionally, if you share resources on your network with alternative organizations, you need to make sure that your authentication policies are interchangeable with the organization in which you are exchanging your information with. Authentication is the method in which a person must prove that they are who they say they are. Public networks as well as private networks (including the Internet), use authentication to utilized or authorize logins and passwords. Data is required and ran through the password database to ensure that the user is authentic. Before anyone is allowed to access an organization’s intranet, they must first register or be registered by someone that has the appropriate credentials to perform these tasks. For this reason, net business and plenty of alternative transactions need additional authentication methods. “The utilization of digital certificates issued and verified by a Certificate Authority (CA) as a part of a public key infrastructure is taken into account probably to become the quality thanks to perform authentication on the web” (D'Arcy, Hovav, & Galletta, 2009). Process includes: ...
Words: 1469 - Pages: 6
...Disaster Securing and Protecting Information Sherry Stender CMGT 400 December 10, 2012 Dr. Derek Sedlack Disaster Securing and Protecting Information Authentication, verifying a user’s identity, is an important way to establish trust in business processes. Authentication is the process of verifying a user’s claim of identity and is most commonly implemented through a username and password combination when logging into a business’ system or application. While the password and username combination is the most common, there are various other methods of authentication such as: voice recognition, a token device, or swiping a smart card. Authentication is based on the principle that a proper form of identification is not produced by the user that the system will not correlate an authentication factor with a specific subject. Many factors can contribute to a system’s security, but the authentication is a key element to the success of a secure information system. Authentication is vital for maintaining the integrity, confidentiality, and availability of a business’ IT infrastructure. The application of access controls includes 4 processes: * Identification- obtaining the identity of the user that is seeking access to a physical or logical area * Authentication- confirming the user’s identity that is requesting access to a physical or logical area * Authorization- determining which specific actions can be performed by the authenticated user in a specific logical or...
Words: 1433 - Pages: 6
...Securing and Protecting Information CMGT400 Securing and Protecting Information The internet is a worldwide phenomenon, reaching across the globe and connecting virtually every person together. The internet is essentially comprised of one thing, information. It is information entered into code that produces the websites, emails, and advertisements people see displayed every day. As a result, there are numerous products available which provide connectivity and internet service. Businesses, companies, and banks use the internet to conduct business with customers and other associates. The internet allows companies to potentially recruit customers from around the world, who they normally would not have any interaction with otherwise. With this added advantage of being able to reach across the world, also comes the add threat of becoming a target of malicious hackers. The hackers attention becomes drawn to these companies and their systems and clients' information becomes at risk. The cloud is an offsite storage technology which was originally only available to businesses, but is now easily available to the public. Companies and users are able to store their files on servers instead of local machines, often paying a fee to do so. It is often a useful way to reduce overhead and maintenance costs while paying a company to secure your data and back it up in a virtual environment. Companies that provide this service utilize advanced security software and protocols...
Words: 1513 - Pages: 7
...Computers, networks, and software are the heart and soul of the IT world today. Because of the availability of those systems, they are very vulnerable to malicious attacks and activity. It is of upmost importance that an organization takes security seriously and takes the proper measures to protect their systems. They can do this through a number of different ways, but one area of focus is through the authentication process and the related hardware and software to go along with it. Identification and Authentication Authentication is the process of the system or program recognizing the user and granting them access, which has been predetermined by access controls. It begins with two major parts; Identification and Authentication. Identification is the process in which the system recognizes the user and gives them access according to Abstract object that are controlled by the administrators of the files and systems. Privileges will be granted based on their user account having been verified. This process is usually a user ID. The system recognized the ID and knows the access right and privileges of that individual that have been verified. The Authentication begins once the user account ID has been identified. This is the process in which the user credentials are actually verified, meaning the specific attributes of their specific user account and authenticated and verified to make sure the access rights are correct. This process uses a password or some sort of credential such...
Words: 2199 - Pages: 9
...white pAper: cloud Securit y Securing the Cloud for the Enterprise A Joint White Paper from Symantec and VMware White Paper: Cloud Security Securing the Cloud for the Enterprise for A Joint White Paper from Symantec and VMware Contents Executive summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.0 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1 1.2 1.3 1.4 Enterprise computing trends . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Transitions in the journey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Evolving threat and compliance landscape . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 A security strategy for the cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.0 Key elements of cloud security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
Words: 5327 - Pages: 22
...Securing and Juan Protecting Information CMGT / 400 February 9, 2015 Anthony Seymour Securing and Protecting Information When do you have to pay attention to the security requirements of your information system? From the very earliest stages of planning for the development of the system to its final disposal is the advice of the National Institute of Standards and Technology (NIST). By considering security early in the information system development life cycle (SDLC), you may be able to avoid higher costs later on and develop a more secure system from the start. The System Development Life Cycle (SDLC) The system development life cycle starts with the initiation of the system planning process, and continues through system acquisition and development, implementation, operations and maintenance, and ends with disposition of the system. Specific decisions about security must be made in each of these phases to assure that the system is secure. The organization develops its initial definition of the problem that could be solved through automation. Also during this early phase, the organization starts to define the security requirements for the planned system. Management approval of decisions reached is important at this stage. During this initiation phase, the organization establishes the security categorization and conducts a preliminary risk assessment for the planned information system. Categorization of the information system using federal...
Words: 1328 - Pages: 6
...program that would decrease a CPAs insurance cost. In order to obtain this decrease they would need to take 20 hours of Risk Management courses. This short article would be beneficial for any CPA. This would be an eye opener for anyone not realizing the liability a poor computer system could cause. Considering the information, this new program should be mandatory opposed to optional. This source may bring to light the Risk Management CPE courses that are available for my boss. Most of his CPE courses are taken last minute and scheduled by our office manager, who may be unaware of these courses. Brown, T. (2015). A Primer on Data Security. CPA Journal, 85(5), 58. Data breaches are becoming a common occurrence. This article brings light to the different types of security breaches, common hacks and why...
Words: 655 - Pages: 3
...prepared to respond. DHS primary responsibilities are combatting terrorism, securing boarders, enforcing immigration laws, safeguarding cyberspace, and responding to natural disasters. Coordination with the federal response teams and partnerships with local, state, and private sectors, enhance the DHS response tactics in a national emergency. Department of Homeland Security Mission, Operations, and Responsibilities The Department of Homeland Security’s mission is to keep America safe, protected, and resilient from various elements that threaten the country. As identified by (dhs.gov, 2013) DHS has three key concepts that strategies are based upon security, resilience, and customs and exchange. The process that defines homeland security missions and incorporates the key concepts is the Quadrennial Homeland Security Review (QHSR). DHS missions are spread across the enterprise and do not only cover DHS. The delegated missions define in detail how to prevent, protect, respond, recover, secure, ensure resilience, and facilitate customs and exchange as noted by (dhs.gov, 2013). Department of Homeland Security operations encompass five core objectives. The objectives covered under DHS are prevention of terrorism and enhancing security; secure and manage our boarders; enforce and administer immigration laws; safeguard and secure cyberspace; ensure resilience to disasters stated in (dhs.gov, 2013). Protecting Americans from terrorist threats is the highest priority for DHS through...
Words: 1685 - Pages: 7
...Protecting the proprietary information of Acme Corporation is of the highest importance. Losing information such as plans, or manufacturing procedures could cost Acme Corporation the exclusive contract to supply equipment to the military. Having assessed the needs and necessary steps to protect all proprietary information, the following is to be considered as our recommendation for securing all necessary information. First and foremost, securing the companies computer servers in one closely monitored and locked location is essential. It is our recommendation that Acme limit server room access to the IT security team. The team must work in pairs to hinder the abilities of someone downloading sensitive files to devices such as flash or thumb drives, or writing files to a compact electronic device such as a cellphone. The IT security team is to be escorted by an armed security person, while an armed guard will also be stationed at the entrance to the server room. It is also recommended to use video cameras inside the server room to monitor the room when it is not being occupied. In order to be employed as a member of the IT security team, an applicant must be able to obtain and maintain a security clearance through the federal government. Outside of the server room, all sensitive files should use 56-bit encryption to protect them from being read by any outside entities. All portable devices used for business purposes by employees with access to secure files should also be encrypted...
Words: 557 - Pages: 3
...of interconnected computer networks where information can be shared among users around the world. But these days the Internet is not secure as the fundamental mechanics of the Internet are well known to many people and leading to long-standing security issues caused by the bad people who could build a “cyber nuke” to take down the network. This paper discusses about the cyber terrorism where a hacker or terrorist attacks the confidential websites of the nation and gets the important information for their activities. This cyber terrorism came into light after the 9/11 attack on WTC and from then the media focused its attention on Cyber security that has reflected public policy concerns worldwide about this topic. Security of Internet and BGP The Internet is where every network is able to reach every other network. According to industry analysts, there are 794 million people online world-wide and it is expected to be more in the coming years. This represents a lot of data interchange. But many small businesses, and even large organizations, do not know how to protect their sensitive data, thus making it easy for criminals. Online Security is a growing concern for governments around the world. Border Gateway Protocol (BGP) is the protocol which makes core routing decisions on the Internet, but unfortunately, BGP is not secure because some network administrator somewhere made a small mistake that generated bogus routing information that BGP blindly accepts and relays across...
Words: 2007 - Pages: 9
...HIPAA Privacy – Safe Guarding and Securing Patient Data HIPAA Privacy – Safe Guarding and Securing Patient Data Robert N. Reges DeVry University/ HSM 410 Professor Anthony LaBonte 12 December 2010 Abstract According to section 1.07 of the APA Publication Manual [ (Ame01) ], “An abstract is a brief, comprehensive summary of the contents of the article; it allows readers to survey the contents of an article quickly, and like a title, it enables abstracting and information services to index and retrieve articles” (p. 12). . HIPAA Privacy – Safe Guarding and Securing Patient Data It has been said time and time again that life was much less complicated at the turn of the 20th Century and this saying could not be truer when it comes to medicine. At the turn of the 1900’s there was a personal bond between the provider and the patient, between the provider and the community, and between citizens in the community. In small towns across the nation there was less of a sense of privacy & individualism and more emphasis on helping your neighbor; because of this medical privacy was not a concern. You cannot help your neighbor if you are not aware of their issues. If we fast forward to the year 2010 times have changed significantly; with the advent of technology the American culture has changed. Personal information is no longer just stored on paper in the doctor’s office, patient information is stored in vast computer banks and sold like stocks and bonds on...
Words: 3127 - Pages: 13