StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Information System Security of a Company - Essay Example

Cite this document
Summary
This essay talks about the danger of social engineers who attempt to gain information by enticing people into simple gimmicks and taking advantage of the people’s trusting nature, for example, deceiving naive people into revealing proprietary information using a simple phone…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.8% of users find it useful
Information System Security of a Company
Read Text Preview

Extract of sample "Information System Security of a Company"

As companies increasingly focus on making changes to their security policies and enhancing security of their electronic resources and networks by using latest technologies, there is often a ‘weak link’ that they completely ignore. Kevin D. Mitnick, cofounder of Defensive Thinking (a Los Angeles-based information security firm) and a notorious former hacker, describes the measures companies should take against ‘social engineers’. According to the author, phones are the most dangerous tools that hackers use in stealing out information from an organization.

Because of their skills in deceiving naïve people into revealing proprietary information, these hackers are termed as social engineers. They attempt to gain information by enticing people into simple gimmicks and taking advantage of the people’s trusting nature. Quoting an example of a real life case where a hacker manages to get a spyware installed on a Vice President’s PC, the author points out about the vulnerability of human beings and the ease at which any clever hacker can succeed.

The hacker or social engineer first manages to get the contact number of a new employee from the HR department and then, pretending to be one of the vice presidents, he calls the employee and fools him into downloading a file on the actual VP’s computer. Of course this does require technical skills to create the malware files and a sufficient amount of information about the organization and its employees, but the core essence is the ability to sound genuine on the phone and trick the other person into believing you.

This method is very dangerous and using such techniques, social engineers can easily gain control of company’s computers and telephone systems and pretending to be company’s employees, they can even access company’s confidential information such as customer lists and financial data. Given this threat and an example of how an attack is actually carried out, the author explains some of the measures that organizations can take to protect themselves. At the first step, the organization should have a complete security policy that also takes social engineering attacks into account.

Every member of the organization should be made part of the security team and be involved in the process. It is important that all employees are made aware about social engineering and the techniques hackers use to carry it out. They should be continuously reminded to guard themselves and be motivated about it. A part of it would be to carry out exercises from time-to-time and send out security messages and reminders. As a further measure, employees should be rewarded for observing the security policy and be charged in case they violate it.

However, despite all these, the most important technique is to make the employees realize that their personal data and confidential information is also at stake along with the organization’s data. Additionally, the organizations may also take help from professional security firms to diagnose weaknesses and devise policies.

Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Information System Security of a Company Essay Example | Topics and Well Written Essays - 500 words”, n.d.)
Information System Security of a Company Essay Example | Topics and Well Written Essays - 500 words. Retrieved from https://studentshare.org/information-technology/1562814-information-system-security-of-a-company
(Information System Security of a Company Essay Example | Topics and Well Written Essays - 500 Words)
Information System Security of a Company Essay Example | Topics and Well Written Essays - 500 Words. https://studentshare.org/information-technology/1562814-information-system-security-of-a-company.
“Information System Security of a Company Essay Example | Topics and Well Written Essays - 500 Words”, n.d. https://studentshare.org/information-technology/1562814-information-system-security-of-a-company.
  • Cited: 0 times

CHECK THESE SAMPLES OF Information System Security of a Company

Information securtiy

This corporate information is the most crucial asset of a company and is at stake if proper measures are not taken to deter the security attacks.... First part deals with a general discussion about information security.... An introduction is given as to what information security… Then, the importance of designing an information security policy has been discussed.... Information security in different fields has been considered....
12 Pages (3000 words) Essay

Information Systems Security

The report provides an overview of risks and vulnerabilities of the information system (IS) in the pharmacy.... The hardware comprising of central processing unit, external hard disk drives, keyboards and monitors are an integral part of any information system.... Physical components of the information system are exposed to threats and damages in the form of fire, theft or any kind of physical damage that can result in loss of data.... The paper "Information Systems security" concerns such security systems as PIN numbers, key card accesses, and passwords that could be easily stolen and hacked....
8 Pages (2000 words) Essay

Information Systems Security Survey

As a result, the Federal Information Security Management Act (FISMA) states that every agency should form, record and implement a security program for the whole information system that seeks to promote the organizational assets with minimum risks (Grance, 2003).... As a result… IRS has an information security risk management program that is mainly constructed to balance the company's security duties alongside other business duties.... The company must continue with its operations despite the exposure to The program ensures that all the managers that work in the different centers follow the compulsory security requirements that have been put in place and make their decisions with an aim of reducing the risks....
3 Pages (750 words) Essay

Information Security Challenges and Technologies

In spite of a number of security initiatives, customers and business organizations are still worried about the security of data and information.... Basically, information security is the set of rules and regulations, tools, techniques, and measures that organizations follow in order to ensure the security of their organizational resources (Northern Illinois University, 2007; Sipior & Ward, 2008; Grimaila, 2004).... This coursework "Information security Challenges and Technologies" describes some of the major information security issues....
6 Pages (1500 words) Coursework

The Primary Objectives of Information Security

It defines the importance of a company's information assets and lays out guidelines on how these assets are to be secured.... a company's sensitive information is at stake more due to the illiteracy of the authorized staff, which handles the information, regarding information security.... It is vital for a company or an organization to design and implement a security policy regarding the protection of information before starting sensitive projects....
6 Pages (1500 words) Coursework

Concepts of IT Security

This paper outlines the legal measures to increase its system security and to create security training and awareness for its employees.... This coursework "Concepts of IT Security " describes an essential aspect that the company must deal with it seriously.... nbsp;… This paper is going to give an analysis of the security background carried out by Enigma Security Services analyst about a particular company.... Based on the findings, the company has been found to contain various assets and computer accessories that might be at risk....
10 Pages (2500 words) Coursework

Transcorp Company System Security

The IT support team will see to the implemetation of the following measures or steps in the process of implementing personal security in the organization:Develop a security policy- The IT support team shall establish information security policies and practices with the aim of ensuring uninterrrupted security of the personal information in the company.... … @2010Systems security-Option 2Introduction Transcorp company, a transport company uses the break-in security in the management of its systems for security purposes....
8 Pages (2000 words) Case Study

The InnoSensors Technology Company

Information about a company is very important even more than physical property.... (Anderson, 2001) security of any kind ensures that a strong barrier is built around the important computer assets to prevent them from falling into the wrong hands.... … The paper "Information Security: InnoSensors Technology company" is a worthy example of a case study on information technology.... nbsp;This research is about information security and specifically narrows down to the InnoSensors technology company that is about to launch a new health monitoring device and the aim of the research is to develop a security mechanism that is appropriate for the company....
12 Pages (3000 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us