Gem Infosys, is a small software company, with a relatively small network of computers. Devising an IDS Policy for this company, would involve five major components (Albrechtsen, 2007) for policy formulation of internal control which consists of (1) the control environment, (2) risk management, (3) control activities, (4) information and communication, and (5) monitoring.
Over the years several security advances have been evolved that help in organizing data security and in limiting the possibilities of a data security breach. The diverse advances drop into four very broad categories: checklists, risk investigation, prescribed procedures and supple approaches (Siponen, 2001).
The general command environment groups the pitch of an association, leveraging the command consciousness of its people. It is the base for all other constituents of interior command, supplying control, esteem and structure. Controlled environment components encompass the integrity, ethical standards, and competence of the entity’s people; management’s beliefs and functioning style; the way administration organizes and evolves its people; and the vigilance and main heading supplied by the board of directors.
Furthermore, risks from internal and external sources must be closely assessed by trained employees. Mechanisms are needed to deal with the special risks associated with change in the systems environment and its security measures.
External connectivity points and internal servers are to be secured with mechanisms to be installed, that limit access to data and software information within the internal network to only management-approved resources, umbrella-type security products are to be installed with default passwords deactivated and default logic set to “Access Denied unless specifically authorized,” application-level coding would be in place to limit access to applications on an application-specific basis.
A process for monitoring that assesses the quality of the systems’ performance over time and generates intelligent reports for the management to evaluate and approve. This would be accomplished through ongoing activities and services of a trained security expert in consultation with the top management.
These are just random excerpts of essays, for a more detailed version of essays, term papers, research paper, thesis, dissertation, case study and book reviews you need to place custom order by clicking on ORDER NOW.