Critically Evaluate the Importance of Information Security

Topics: Information security, Security, Computer security Pages: 14 (3482 words) Published: February 12, 2012
CB Hart Law Firm: An Information Security Report
November 2011

Business Information Systems
Salford Business School


INTRODUCTIONpages number
1.1. Information security from business perspective2-4
1.2. Value of information4
1.3. Information security threats and risks:4-5
1.3.3.Malicious damage6
1.3.4.Incompetence and mistakes7
1.3.5. Accidents and disasters7
2.1. Domains7-8
2.2. Ten most common domains8
2.2.1. Security management practices8-10
2.2.2. Access control10-11
2.2.3.Cryptography11-12 12-13
3. Conclusion14-15
4. List of figures16
5. References17-18


CB Hart has suffered major reputation problems because of disregarding the small security issues. Company has been affected by the event of data leakage. The information that leaked was not hugely confidential but that situation was damaging enough to cause a big decrease in the reputation of the CB Hart.

Company requires serious changes in its security aspects. This will need to be done by reviewing the past similar situations regards data leakage. It is important that proper security of clients’ information, which is stored within CB Hart’s database, is a part of the company marketing strategy.

IT department will have to review past security problems and methods of how it has been solved. They will also be required to arrange new problem solving methods that have not been previously implemented. IT team will need to research most current data which is stored on company’s servers and try to find and eliminate possible errors.

New CB Hart’s management has agreed further steps and investment for marketing strategy and differentiation factor of the firm. IT department is required to provide solutions for company’s security improvement. The most important will be then to provide proper training for IT technicians with newly implemented changes, which will be a must to be applied in current and new contracts.


An organization is formulating its objectives and this is being transferred to IT department and all the other sections. All departments had been given required tasks and targets, which will need to be achieved to follow new strategies. Entire processes in Business take place in organization in order to achieve these objectives. While these processes are being executing, the organization becomes increasingly dependent on properly functioning information supply. In other words, organizations are increasingly dependent on IT services to meet all the business requirements. Finally, information security is not a goal in itself but a means of achieving the business objectives.

The way the information providing process is maintained depends on the type of organization and the nature of its products or services, which are supplied in support of business processes. The appropriate organization collects information in order to make products or supply a service. The data is stored, processed, security aspects are applied and are available anytime whenever are required. The people responsible for the information supply chain have to ensure that clients can count on the integrity of the product. It is highly important to make sure that only authorized persons can gain the access to this information. Main key concepts of information supply are confidentiality, integrity, authenticity, non-repudiation, and availability. Therefore a company must organize collection, storage, handling, processing and provision of data in a way where all conditions and requirements are met and client is satisfied.

Figure 1.1

Information security can be described as all types of process that are required to protect the information and information systems from unauthorized access, use,...

References: Stoneburner, Gary. “Computer Security”, Retrieved November 11, 2011, From National Institute of Standards and Technology at
Back, Adam
Fenner, Audrey. “Placing Value on Information”, Retrieved November 10, 2011, From
Hinson, Gary (2008)
Unknown author (2010). “Top 10 Information Security Threats for 2010”, Retrieved November 21, 2011 from Help Net Security at
Unknown author
Unknow author (2010). “ 10 Security Domains”, Retrieved November 24, 2011 From
Dougherty, Michelle (2004)
Cazemier, Jacques (1999). “Security Management” (1st Edition), Controller of Her Majesty’s Stationary Office, Norwich. ISBN: 0 11 330014
Janczewski, Lech
Hawkner, Andrew (2000). “Security and Control in Information Systems”, Routledge, New York, ISBN 0-415-20534-4
Unknown Author, Retrieved November 22, 2011 From
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • Essay about Information Security
  • Importance of Information Security Systems: Essay
  • Information Security Essay
  • Essay about security
  • Information Security Essay
  • Essay about importance of awareness of the security knowledge
  • Essay on Information Security
  • Information Security Essay

Become a StudyMode Member

Sign Up - It's Free