Introduction to security and personnel, Computer Network Security

Assignment Help:

INTRODUCTION TO SECURITY AND PERSONNEL

When implementing information security, there are several human resource issues that should be addressed. They are

•    Positioning and naming
•    Staffing
•    By valuating impact of information security across the role in IT function
•    By integrating solid information security concepts into persons practices

Employees feel threatened when organization is creating or enhancing overall information security program.

 Positioning and Staffing the Security Function

Security function can be placed within the following:

- IT function
- Administrative services function
- Insurance and risk management function
-Physical security function
- Legal department

Organizations balance requirements of enforcement with the requirement for education, training, awareness, and customer service.

Staffing the Information Security Function

Selecting personnel is based on several criteria, including supply and demand. Many professionals enter security market by gaining experience, skills, and credentials. Presently information security industry is in period of high demand.


 Credentials of Information Security Professionals

Many organizations seek recognizable certifications where most of the existing certifications are new and not fully understood by hiring organizations. Certifications include: TICSA; Security+; CISSP and SSCP; CISA and CISM; GIAC; SCP; IISFA’s Certified Information Forensics Investigator.

Cost of Being Certified

Better certifications can be much expensive even experienced professionals find it difficult to take an exam without preparation. Many candidates teach themselves through trade press books; others prefer structure of formal training.

Advice for Information Security Professionals

Always keep in mind that business before technology. Technology offers elegant solutions for some problems, but increases difficulties for others. Never lose the sight of target: protection. Be heard and not seen. Be more skillful than you let on; know more than you say. Speak to users, not at them. Know that is education can never be completed.


 Separation of Duties and Collusion

Separation of duties --control used to reduce the chance of individual violating information security; stipulates completion of significant task requires at least two people. Figure given below depicts how to prevent collusion.

Collusion – dishonest workers conspiring to commit unauthorized task.

Two-man control – The two individuals review and approve work of each other before the task is categorized as finished.

Job rotation – Employees know each others’ job skills.

 

 

                       2353_INTRODUCTION TO SECURITY AND PERSONNEL.png


Related Discussions:- Introduction to security and personnel

Ciphertext, Encode the following plaintext, using the Caesar cipher: ...

Encode the following plaintext, using the Caesar cipher: LORD OF THE RINGS b) The following ciphertext jw njbh lxmn cx kanjt has been encoded using a

Identified issues in networks, The "Big Red Rocks" (BRR) mining company is ...

The "Big Red Rocks" (BRR) mining company is based and operates in Western Australia. They are primarily an iron ore miner, but they also produce electricity through tidal power to

SNORT, Detect each visit to www.google.com that is made by the machine. o S...

Detect each visit to www.google.com that is made by the machine. o Send an alert when an activity relating to network chat is detected. o Send an alert when an attempt is made for

Securing the network using a packet filter firewall, 1. Network Design ...

1. Network Design Design your network giving appropriate IP addresses for your hosts. Provide a topology and table showing your addressing scheme. 2. F i re wall po

Differences between a hacker and a cracker, Question: (a) Which of the...

Question: (a) Which of the following is not a goal of security: i) detection ii) prevention iii) recovery iv) prosecution (b) You are an honest student. One day you

What is the main security vulnerability of ipv4, Question: (a) What is...

Question: (a) What is the main security vulnerability of IPv4? (b) Which protocol can be used for secure remote login? (c) Distinguish between the transport and tunnel

Define broadcasting , Broadcasting is the distribution of video and audio...

Broadcasting is the distribution of video and audio content to a whole audience via any audio or visual mass communications medium, but generally one using electromagnetic radiat

Encryption, How safe is the encryption of virtual private networks?

How safe is the encryption of virtual private networks?

How Ethical are Major Internet Companies?, Ask question #MHow Ethical are M...

Ask question #MHow Ethical are Major Internet Companies?

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd