User Account

All Pages

What are some of the ethical and legal ramifications

Assignment Help Management Information Sys
Reference no: EM131306057

INFORMATION SECURITY MANAGEMENT ASSIGNMENT

Case 1 - Marcum State University

The personnel department at Marcum State University has recently purchased PCs for individual offices in the various departments so that they can keep their own records. In the past, all records were stored on the university's mainframe computer. By decentralizing this computer function, each department will have better control over its individual records, and the security of these records will be easier to manage. Most of the departments would like to transfer personnel records of faculty, staff, and student employees in their departments to their PCs from the mainframe. Dr. John Gould, Chairperson of the Accounting Department, would like to use the personnel data regarding the people in his department to generate some statistics concerning salaries, vacation days used, and absences. Rather than code the files or use social security numbers, Dr. Gould would like to keep the names of the individuals with the information that is recorded about them.

  • What are some of the security considerations in this conversion?
  • What are some of the ethical and legal ramifications of keeping files with a person's name attached?
  • What might be a better way of extracting (and storing) this information to ensure maximum security and control?

Case 2 - Bishop Enterprises

Bishop Enterprises, located in Seattle, Washington, is a medium-sized business specializing in building concrete structures (storage building, bridges, utility buildings, and various defense-related installations).

Peter Bishop, president of the company, states that security of its computer systems is critical due to the competitiveness of the commercial concrete industry and the need to protect defense-related information. BE's computer system, as is typical of many, grew on an ad hoc basis as the company grew. Security was not an issue in the early days when there were only a few key employees and the day-to-day, hands-on-management style assured constant vigilance. Mr. Bishop now feels that a solid security package should be added to ensure the ongoing protection of the computer operation.

Mr. Bishop has assigned the task of evaluating several security packages to the director of computer operations, James Clarke. The four objectives that Mr. Clarke has defined for the package selected are:

1. Accountability

2. Auditability

3. Integrity

4. Usability

What factors should be included in an official policy statement sent out with the request for proposal to the vendors? Write a clear and concise statement so that the vendor is able to respond correctly.

Case 3 - Read the following scenario and then answer the questions below.

"Stafford, Cripps Stockbrokers, Accounts Dept, Susan Briggs speaking"

"Susan - we need your help. I'm Dave Bloggs, manager of the new audit division. I'm doing a statutory audit of the accounts system and need a password to check access controls. What is your password?"

"Are you from that new division in Manchester controlled by Mr Stafford himself?"

"Yes - that's us"

"I would like to help but I cannot give you my password without authorization from my manager"

"Glad to see you're careful Susan - I'll contact your manager directly - what is his name?"

"Michael Phillips"

"Many thanks - I'll speak to Mike and mention your help"

Later:

"Stafford, Cripps Stockbrokers, Accounts Dept, John Nugent speaking"

"Good morning John. I'm Dave Bloggs, assistant manager to Mr Stafford the CEO in Manchester. We are redesigning the accounts system with your manager Michael Phillips and John, we've decided to include you on our team"

"Really? Thank you"

"It will be a demanding role but it is a high profile project - do well and promotion could be yours. So, John, to get things rolling I need some help from you. We've already approached your colleague Susan Briggs for her password and now need yours."

"Of course - it's o-p-e-n-d-o-o-r"

"Thank you John"

  • In the context of the above scenario, define the term 'social engineering'.
  • In the above scenario, identify FOUR (4) instances where the staff member was subject to a social engineering technique. Identify the technique and say why it was used.
  • Compare different methods of making staff more aware of 'social engineering' techniques.

Case 4 - Bank of Shenandoah Valley

Today, banks are transferring large sums of money electronically and facing enormous exposure in the process. The Bank of Shenandoah Valley, located in Roanoke, Virginia, is actively involved in this process. The possibility of funds transfer fraud is prompting many banks to adopt protective measures. The two most common techniques used in the banking industry are encryption and message authentication. Encryption involves the scrambling of messages sent-for example, from a commercial bank to the Federal Reserve Bank. An authenticated message is sent clear-anyone who intercepts it can read it. Tacked on to the message is a related secret code that only the receiving party is capable of decoding.

Most observers say that authentication offers more security than encryption because a key is involved.

The Bank of Shenandoah Valley is considering both options and needs to address the following questions:

  • Are there major differences between the two techniques?
  • Are all messages critical or would encryption/authentication be applied only to certain transmittals? If so, which ones?
  • Will these processes slow down operations?
  • What other safeguards should be considered?

Reference no: EM131306057

Questions Cloud

Which lender offers the best rate : Which lender offers the best rate?- What fees and conditions are attached to this rate?- What are the conditions attached to the rate in "c" above?
Analyze the benefits of use-case modeling : Analyze the benefits of use-case modeling and isolate the most advantageous benefit to the firm you currently work or worked in the past and state why. Describe the biggest challenge to the successful use of use-case modeling and recommend how to ove..
Find the same information for rapid city sd : What is the best rate that you could obtain for a 36-month new car loan in Poughkeepsie, NY?- Find the same information for Rapid City, SD.
What ways does commitment benefit an organization : In what ways does a commitment benefit an organization? How can knowledge of individual differences improve productivity and employee morale? Provide examples.
What are some of the ethical and legal ramifications : CSM660 INFORMATION SECURITY MANAGEMENT ASSIGNMENT. What are some of the security considerations in this conversion? What are some of the ethical and legal ramifications of keeping files with a person's name attached
What will be the total amount that you will pay : Assume you purchase an automobile requiring a $30,000 loan at 7% for 48 months. What will be the monthly payment? What will be the total amount that you will pay over the 48 months?
Explain the influence of altruistic organizations on health : Describe the factors that impact health and health care delivery in the global areas most affected by the topic you selected. These factors may include not only culture and tradition, but also politics, economics, and social attitude.
What complications will be faced regarding communicating : What complications will be faced regarding working and communicating with an ethnically diverse population? What complications will be faced regarding working and communicating with military personnel, aircraft, and ships? Explain.
Total quality management as a component : Total Quality Management is a way for the company to improve its sustainability, reduce production time, lower costs, and increase product demand. You have now completed two rounds of the simulation with Total Quality Management as a component.

Reviews

len1306057

12/9/2016 1:52:07 AM

This assignment consists of ONE PART ONLY. Your assignment will be examined based on the followings criteria: ability to show comprehension on the subjects and ability of using methods available in the learning materials. For each of the cases below, please respond to the question(s) appearing at the end of each case. Strictly confine your responses to 250 - 350 words for each case. Penalty will be imposed if you do not follow the word limit. Remember to document your sources (Internet sites, text material, outside readings, etc.). Your marks will depend heavily based on the originality of your answer.

Write a Review

Management Information Sys Questions & Answers

  How it could be used to provide business intelligence

Find a map application online, and describe how it could be used to provide business intelligence

  Write research paper for security tools for communication

Write research paper for Security tools for communication and information systems

  User documentation and system documentation

Explain the difference between user documentation and system documentation. What are the reasons underlying the popularity of online documentation? Are there any limitations to online documentation? Explain

  Using mysql create a database with a table named noveltitles

Using MySql create a Database with a table named NovelTitles that has the following attributes Novel Name, Author, Genre, Main Character and Rating/Review.Create an HTML Form that allows the above attributes to be added/deleted to the data base

  Why you identified each argument as either strong or weak

Construct at least six reasons for and six reasons against the topic. Rank the reasons in terms of strength and effectiveness. Explain why you identified each argument as either strong or weak in each category.

  How much impact do managers actually have on an organization

How much impact do managers actually have on an organization's success or failure? Provide one example of a manager who has affected the success or failure of an organization.

  Business brought together through technologycan you think

business brought together through technologycan you think of any partnerships by seemingly dissimilar businesses that

  Explain the domino''s business model

Domino's Sizzles with Pizza Tracker Case Study - Explain the Domino's business model? How successful has it been?

  Computer security checklistdesign a checklist for assessing

computer security checklistdesign a checklist for assessing computer security controls. the checklist should be

  It is common practice to categorize computers into groups

it is common practice to categorize computers into groups such as personal computers network servers network computers

  New technology and worker replacement

New Technology and Worker Replacement -  I read an article just the other stating that people are taking anything now, even jobs they would not have thought to do maybe five years ago. Explain.

  Describe how big data and distributed data

Define ‘Big Data'. Describe how ‘Big Data' and distributed data fit in the modern business environment. The Internet is considered a ‘game changing' technology. Discuss at least three reasons why this is true

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd