Delivery in day(s): 3
ITC 596 IT Risk Management Assignment Help
This is the assessment 1 of ITC 596 IT Risk Management
IT security plays a very important role in today’s era where the systems and servers are getting highly affected by the virus. The systems are not secure and they are prone to the attacks that lead to the loss of information and privacy. This leads to a need of the security steps being taken for the installation of the IT systems and their peripherals. The topics discussed in this report takes us through the security risks and threats along with the assessment done over them.
IT security and Technology Landscape
Technology landscaping can be applied for attaining the different outcomes from the business for various organisations. The landscaping has changed the scenario as offices are moving from desktop to laptop and mobiles. Today the business is IT enabled and they are at risk. The reason behind it is the freedom to be operated by anyone that is associated with the particular business.The security on the risk should be provided so that there would be good functioning of the Information technology enabled businesses (Page, 2017). Various preventive measures can be adopted that would result in good security of the Technology Landscape that has been designed for the businesses. The preventive measures can be tracing digital steps of the business that were used to be taken by the officials of the business. These digital steps are the steps that the company used to take for the process of different operations that used to be in action by the company (Page, 2017). The beefing up of the passwords would be a good step that can be taken for the security purpose by the officials of the different organization that wants to secure the data. Phishing is the other step that can be used for the security purpose by the organisation for the security of the data. This step includes the different ways like the Operating system update, and update of the application. A Strong password should be established for the security of the data that would protect the whole database (Schroder, et. al., 2016). The bank details of the different technology landscape are also at the high risk. This can be secured by reviewing the bank statement of the whole organisation. Anti-malware software can be installed for the IT security. Double checking the security framework would be the good option that can be adopted for the security (Schroder, et. al., 2016).
IT security model and access control
Access control is the type of control that the authorized personality is having on the particular data. The particular data of any organisation can be accessed with the limited number of people. The disclosing of the data can lead to high risk of the data. At present, the data of the different organisation and the process of the different organisation are based on the IT or they are IT enabled. It can be understood with the help of Biba model as an example (Almorsy et. al., 2016). Biba is the model that is used for accessing the data with the help of permission on the particular data. This Biba Model gives the gives the access data control rules for the data security. It is the helpful security model that prevents the important data of the different organisation.
The prevention of the data modification can be done by the Biba model. The prevention is from the unauthorized party (Liu, et. al., 2015).
The prevention of the unauthorized data can be done with the help of the Biba model. This prevention is also for the unauthorized party.
Internal and external consistent data can be maintained by the help of the Biba Model. This helps in accessing the data by the authorized officials of any organisation. The framework of the security would be helpful in ensuring the security of the data and the process of the business that is operated with the help of IT (Almorsy et. al., 2016).
The accessing of the data for the limited user would be helpful in securing the data of the different organisations. Biba model of the IT security would be helpful for the data security and access of the data for the authorized personnel only. The IT security model and access control secure the data and important information in very secure mode (Liu, et. al., 2015).
IT security threat and risk assessment
IT security threat is the danger that business faces which can breach the system and exploits the data. The threat is anything that is unauthorized and has the capability of destroying, manipulating, modifying the data resulting in harm to the organization. Threats can be in the form of hackers (individual or organisation), computer malfunctioning, online scams, cookies, viruses (Baker, 2017).
Hackers get a certain control over the system from sitting at a far distance and then corrupt the hardware, steal and destroy the information. Cookies have the tendency of keeping a record of the website visited, such information is collected and given to the third party. Spam or junk mails fool people with fake prizing schemes, abroad trips, lottery winning pop ups and clicking on such links spread malware in the computer system. Also, these online scams trick into revealing sensitive information like passwords, personal information, banking and credit card details. Computer malfunctioning or glitches in the software prove to be another threat to the information present in the systems (Tsao, et. al., 2015).
IT risk assessment is a document in which the threats faced by the organization are reviewed. Threats can be evaluated on the basis of their occurrences and their effect on the operations of the organization. The result of this threat evaluation will clarify how to deal with the threat whether to ignore or eliminate it (Tsao, et. al., 2015).
In the process of risk assessment, first the vulnerable threats are assessed and safe guards are being identified and risk is assessed whether it’s qualitative or quantitative risk. Then a document or report is been made in which all the related findings are written and then the issues are prioritised on the basis of the harm they are doing to the system or organization. And then adequate measures to deal with the threat so identified during assessment are taken (Baker, 2017).
The above report discusses the various aspects of the information technology that are leading to the security issues arising in the IT sector. The report discusses the new technologies arriving and the risk assessment for the same. Various vulnerabilities of the systems making it prone to be attacked by the hackers are discussed and are made the basis of the data security steps to be implemented such as the Biba model being the one. Some methods to keep the data safe and to prevent the data loss are also discussed which would let the users be secure from the attacks like Phishing and other such attacks.
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.
Baker, C. A. (2017). Freedom to Fracture: Universal Human Rights as a Security Threat to a Multi-ethnic Russian Federation (Doctoral dissertation).
Liu, G., Zhang, J., Liu, J., & Zhang, Y. (2015). Improved Biba model based on trusted computing. Security and Communication Networks, 8(16), 2793-2797.
Page, E. H. (2017). Modeling and Simulation (M&S) Technology Landscape. In Guide to Simulation-Based Disciplines (pp. 25-35). Springer, Cham.
Schroder, T. B., Sastry, S., Dyre, J. C., & Glotzer, S. C. (2016). Evidence for a Dynamical Crossover in a Supercooled Liquid From Analysis of its Potential Energy Landscape. Physical Review Letters.
Tsao, T., Alexander, R., Dohler, M., Daza, V., Lozano, A., & Richardson, M. (2015). A Security Threat Analysis for the Routing Protocol for Low-Power and Lossy Networks (RPLs) (No. RFC 7416).