Information Systems Security (1 page)
Your boss mentions that recently a number of employees have received calls from individuals who didn’t identify themselves and asked a lot of questions about the company and its computer infrastructure. At first, he thought this was just a computer vendor who was trying to sell your company some new product, but no vendor has approached the company. He also says several strange e-mails requesting personal information have been sent to employees, and quite a few people have been seen searching your company’s trash dumpsters for recyclable containers. Your boss asks what you think about all of these strange incidents. Respond and be sure to provide recommendations on what should be done about the various incidents.
Directions:
- Students are required to post one original response to the discussion questions each week, as well as a response to one classmate. Original responses should not be a word for word rehashing of what is stated in the readings, but rather an integration of the concepts and additional insights, either from real world experience or additional sources. It should be a 250 word response to the question you should have done your secondary posting. Your secondary posting is a response to one classmate’s post. Each answer/response should be supported with research. Responses to classmates should not be “I agree” or “I like the way you stated that.” These responses should again be insightful, offering an opinion or facts based on your research and experiences. The response to one classmate should be a minimum of 125 words. See APA criteria for citing resources. You must provide a minimum of a reference, in APA format, in your original response.
Reply to this topic (0.5 pages)
In order to address the case, the higher authorities of the company should give instructions to every employee that not to share the information to the fraud emails. Company should train their employees on cyber security, every employee should aware about the spam calls and strange e-mails, company should train the staff systematically.
Information systems are frequently caught to different types of threats, which can cause the various types of damages that might lead to financial losses and system destruction. Some threats will affect the confidentiality or integrity of data. Company should know to whom the data is sharing and what kind of data is shared. Every employee should follow some steps to share the company’s data.
Companies should follow the security threat classification model to protect the data and assets of the company. Educate employees about the fraud data and phishing e-mails; employees should report the IT department about any kind of fraud. Secure the Internet connections with VPN security connections. Updating the software day-to-day to make system secure.
The incidences are interlinked and elucidate the actions of some unauthorized parties trying to gain information about the company. The fact that they do not identify themselves and ask about the company’s computer infrastructure indicates a suspicious character of the inquirers. Considering no vendors have come forth with sale proposals leaves the question of who the parties are and what they want. Moreover, the strange emails verify the nature and intent of the stranger which is to gather as much information as possible about the company and its computer framework.
553 words