Answer To: Research Paper 2 Due date: 17 September 2012 Value: 30% Objectives The course objectives met by this...
David answered on Dec 25 2021
University | Word Limit: 2757
Date: 18th September 2012
Topic: IT SECURITY PROGRAMS
Student name
Professor’s name
Course Title
Candidate Statement
I hereby declare that this assignment is my own work and any use of materials from other sources has been referenced accordingly.
Candidate Signature:
Date:
Tutor Statement
I hereby confirm that this assignment, to the best of my knowledge, is the candidates own work and they have not collaborated in the production of this assignment with any other person. I also confirm that I have a record of this candidate’s progress tutorial/s.
Tutor Signature:
Date:
TABLE OF CONTENT
Introduction………………………………………………………………………………..4
Current Security State of Woolworths Limited…………………………………………...5
Suggestions for improvements in the security…………………………………………….6
Current role of the security program………………………………………………………7
Suggestions for improvements of security program………………………………………8
Plan for incorporating training requirements……………………………………………...9
ISO security standards…………………………………………………………………...10
Reasoning for suitability of security model……………………………………………...11
Suitability of certification (Threat identification and provide risk assessment)…………13
Conclusion……………………………………………………………………………….14
References………………………………………………………………………………..15
Introduction
Today, security is the major issue for an organization. No matter in which one is engaged, whether it is retail business, water treatment plant, or financial service company, there is always a threat t the information, because of the fluidity or a gap between the organization present protection level and the level it matches with the security threats. In today’s time, organizations are examining the security programs, and they are also implementing it in the organization in order to mitigate threats. Technology is the major focus of the security program; therefore, it is important that security programs should be updated, and something these programs should be relevant that depends on how the businesses grow (Shoniregun 2005).
For building a security program it is crucial that organizations should ensure that technology should be in place, from softwares to the server, and they should also ensure that all the requirements should be upgraded. There is urgency for security programs in present organizations, because theft and malicious hackers are growing in strength, in result of that security of sensitive information reaches to the hackers, through they can also get all the critical status (Shoniregun 2005). Security programs are required in the companies in order to secure the sensitive financial information, customer records, along with the transactional information.
There are four components of security which should be considered by the organization while initiating the project to integrate sensitive information which are authorization, authentication, audit ability, and protection of data. For an effective security program, it is important that security gap should be eliminated and three attributes should be focused: One is data confidentiality that assure about the information that is accessed, another is data integrity that dictates unauthorized parties and the last is data availability, which ensures about the critical information and services that are accessed by the people.
Current Security State of Woolworths Limited
Security measures are quite crucial for the online retailers. Information related with ways to gather, store and distribute are implemented differently all over the web. There are many common errors that are made in online business, which includes information security and the protocols that are put in place both in terms of the data collection, establishment of personnel protocols, such as password change and handling of computer infrastructure, and computer infrastructure (Kailar 1996).
Woolworths Limited ensures that the transaction taking place between the client and server is properly examined with the protocols through the use of sharing of information, such as secure socket layers and various encryption, certificates, and security measures. Woolworths Limited implements and utilizes effective security programs and techniques through, which the company recognize, resist, and recover the technologies (Kailar 1996). Woolworths uses firewalls, encryptions, threat detection, software updates, penetration testing, and authentication programs for building security in their organizations.
Firewall is used for the purpose of filtering the communication that creates a threat for the system. It also limits the traffic to a system and permits the pre-determined activities. Woolworths also uses secure socket layer and place in between client and host for encryption. All communication held while visiting a page having confidential information, like social security number and credit cards are encrypted over the internet, this is common when a person purchase online product from the website of Woolworths. Therefore, the common uses secure socket layers, so that hackers are unable to intercept the data packets through the information being exchanged over the internet.
Suggestions for improvements in the security
Regular improvements needs to be bringing in the security programs implemented in the company, so that chances of threat could be reduced. Woolworths brings improvements in their security programs, so that it doesn’t get obsolete. While bringing improvements in the security program, the company focuses on certain areas, such as Woolworths enter into a dialogue with the organizations and local experts in order to ensure about the use of security forces with the suppliers and even ensure that the laws and customer customs are not contravene (Meadows 1991).
The company also encourages the establishment of the complaint and even concern about the experience of security forces. Through security programs, the company tries to approach the identifying, planning, and rolling out of the infrastructure improvements. It also focuses over the security infrastructure that requires two driving requirements, such as maintaining the ability to conduct the business activities and other is maintaining the security (Meadows 1991). The company regularly updates its softwares, so that it don’t get expired and create threat to the security system of the company. Through the use of Windows Automatic updates, antivirus software, and block internet access provides security to the websites.
Current role of the security program
Retailing companies...