Major risks to the organization when implementing and using IT
Order Instructions:
It is important to pay close attention to grammatical errors and sentence structure as you compose this paper. you must also try to use research to support your examples. Use the resources below to help you in completing this paper. Also take note that they are a series of questions asked hear and you must clearly respond to each one of them in essay form and remember that a paragraph cannot be anything less than 5 sentences
IT Risk Mitigation
You have examined the role of IT within the organization, including its impact on the structure of the company and the ability to increase competitive advantage. But with the new opportunities that IT can create, there are risks and threats that must be addressed.
– What are the major risks to the organization when implementing and using IT?
– To what degree are IT security risks and business risks interrelated?
– What disadvantages might a business encounter from a “locked-down” IT environment, and how can these be balanced against the disadvantages of a security breach?
– Also include in your discussion the topic of ethics as it relates to handling consumer or patient data and intellectual property.
Be sure to include examples from your own experience or research you have done in your discussion.
Resources
Course Text
• Management Information Systems for the Information Age
Chapter 8, “Protecting People and Information: Threats and Safeguards,” pages 356–365
This chapter discusses privacy, intellectual property, copyright, fair use, and pirated software.
Articles
• Tran, E., & Atkinson, M. (2002). Security of personal data across national borders. Information Management & Computer Security, 10 (5). Retrieved from ABI/INFORM Global database.
This article discusses how national laws regarding personal data can impact transnational companies.
• Halliday, S., Badenhorst, K., & Solms, R. (1996). A business approach to effective information technology risk analysis and management. Information Management & Computer Security, 4(1). Retrieved from ABI/INFORM Global database.
This article connects business risk analysis with information technology risk analysis.
Farahmand, F., Navathe, S. B., Sharp, G. P., & Enslow, P. H. (2005). A management perspective on risk of security threats to information systems. Information Technology and Management, 6(2–3). Retrieved from ABI/INFORM Global database.
This article takes a management, rather than IT, point of view on security threats to information systems
SAMPLE ANSWER
What are the major risks to the organization when implementing and using IT?
Cyber criminality is increasingly becoming sophisticated every day. The ever growing cleverness in the hacking industry has literally become a critical challenge that organisations are faced with. A survey on cyber security demonstrates that more than 55% of survey correspondents indicated that cyber molestation and the general criminal activities have grown immensely. More than 30% of organisations witnessed negative monetary damage resulting from attacks like hacking and phishing in a period of one year. Organisations should now compete with a range of hi-tech attacks orchestrated by well structure monetarily driven criminals (Halliday, Badenhorst & Solms, 1996).
Data violations can culminate to embarrassing disclosures, the threat of clientele identity theft, and fines or legal dilemmas. In addition cryptographic keys can fall in wrong hands, granting unauthorized individuals or applications entry to sensitive or important information. Based on a particular nature of the information, the loss of cryptographic keys can culminate into critical mishaps that are likely to disorient business operations, the loss of clients and legal implications. Application-centered key control procedures present only limited security, leaving sensitive codes and information they safeguard, susceptible to assault. Propagation of fragmented key control systems can enhance the intricacies and security cost control, leading to business procedures that are complex to administer and scale. The complexity of reporting obligations can be enhanced with poorly documented key control.
To what degree are IT security risks and business risks interrelated?
As firms globally take advantage of ICT to curtail cost and enhance performance, digital data can be shared or accessed through interlinked information structures, the threat of information violation in increasingly concerned (Farahmand et al. 2005). Various major threats that concern ICT experts and business investors include system malfunctioning, disaster recovery, data reliability, which are equally concerns of the potential business threats. Security issues subsist from all assaults that include; connectivity such as; IP spoofing, spamming, and malicious programs. Such intrusions end up tampering with data, data modification, data disclosure and service interruption on power grids and even physical harms like was the case of Staxnet, which dealt a heavy blow on the Iranian nukes. In fact, malware technology has become so lethal that it can now create a physical destruction. With the enormity of such security threats in an IT setting, the business fraternity remain vulnerable especially in the absence of security analysis. Firms will still be vulnerable if they fail to implement a comprehensive security plan. As Tran and Atkinson (2002) state, business environments are fitted with some proficient security measures like data encryption, security socket layer (SSL) protocol to encode the transmission, and biometric validation that manages the physical entry.
What disadvantages might a business encounter from a “locked-down” IT environment, and how can these be balanced against the disadvantages of a security breach?
Firms that are run on heavy computerized networks would be disadvantaged with a locked down IT setting. Nonetheless, the limitation of such backdrops is the rigidity of application updates. IT experts should come in to decide a balance between practicality, fee, comfort, as well as safety measures as the “locked down” IT environment expects managerial leadership. Information and Technology experts require utmost support from the managerial that should comprehend the potential threats. By and large, implementing a locked down IT framework will be instrumental for the business. Most companies should take advantages of Microsoft Windows 2008 to ensure security is guaranteed. Apart from the Cisco firewall, online activities should be validated with SSL apart from static web server (Tran and Atkinson, 2002). Moreover, the issue of security can be enhanced by redirecting emails through virus interceptors and spam filters prior to hitting the front end substitution of all incoming emails. While personal emails should not be allowed within the corporate systems, the organization should implement programs that filter spamming and safeguard web traffic.
Ethics as it relates to handling consumer or patient data and intellectual property
The truth is that humans tend to abuse the technology per se by simply abusing the best practices. Human virus can alter how applications work, like tampering with payroll information to enhance the wage bill. This can be done by administrators on the back-end, to alter figures without any documentation. This is to say personnel represent the highest risks particularly when they abuse their rights and professional ethics (Farahmand et al. 2005). At that point, it becomes paramount to implement safety assessment in almost all structures and networks through an independent party to preclude the issue of unethical behaviors as well as practices.
References
Farahmand, F., Navathe, S. B., Sharp, G. P., & Enslow, P. H. (2005). A management perspective on risk of security threats to information systems. Information Technology and Management, 6 (2–3).
Halliday, S., Badenhorst, K., & Solms, R. (1996). A business approach to effective information technology risk analysis and management. Information Management & Computer Security, 4(1). Retrieved from ABI/INFORM Global database.
Management Information Systems for the Information Age Chapter 8, “Protecting People and Information: Threats and Safeguards,” pages 356–365
Tran, E., & Atkinson, M. (2002). Security of personal data across national borders. Information Management & Computer Security, 10 (5)
We can write this or a similar paper for you! Simply fill the order form!
