Managing Business Information Systems
Final Project
Managing Business Information Systems
The Need for Network Security
By: Jose L. Rodriguez
The Need for Network Security
The primary objective with this paper deals with how network security systems protect, detect, adapt, recover and/or reconfigured from anomalies in order to provide some desired level of security services. This paper is a strategy for the development of a general security mechanism/countermeasure valuation scheme. The general objective addresses the question, "Given the value of information to be protected and the threat environment, how strong and assured should security mechanism(s) be to provide desired security services(s)?" [DEL98]
Company information is as valuable a company asset as money in the bank. In fact, some information can be even more valuable than cash, so protecting the company 's information with appropriate security is critical to business success. The network and data security measures you put in place for your business, from a firewall to a data backup system, are physical manifestations of business rules. You make business decisions about how important your computer network and the data it holds are to your business, and as well as how you want to protect it. Data security systems are the direct result of those business decisions.
Security exists on many layers. Network security considerations begin with (but are not limited to) a range of factors including: [ALE96]
How company office facilities are selected and maintained,
How potential employees are screened,
The remote access policy and procedures to the company 's systems and information, and
What kind of encryption and firewalls are provided in the corporate network.
In other words best-practice security isn 't just good business sense; in some cases, it 's also the law. Legal requirements are vary between specific industries and different jurisdictions. For example, the Health Insurance Portability and Accountability
Managing Business Information Systems
The Need for Network Security
By: Jose L. Rodriguez
The Need for Network Security
The primary objective with this paper deals with how network security systems protect, detect, adapt, recover and/or reconfigured from anomalies in order to provide some desired level of security services. This paper is a strategy for the development of a general security mechanism/countermeasure valuation scheme. The general objective addresses the question, "Given the value of information to be protected and the threat environment, how strong and assured should security mechanism(s) be to provide desired security services(s)?" [DEL98]
Company information is as valuable a company asset as money in the bank. In fact, some information can be even more valuable than cash, so protecting the company 's information with appropriate security is critical to business success. The network and data security measures you put in place for your business, from a firewall to a data backup system, are physical manifestations of business rules. You make business decisions about how important your computer network and the data it holds are to your business, and as well as how you want to protect it. Data security systems are the direct result of those business decisions.
Security exists on many layers. Network security considerations begin with (but are not limited to) a range of factors including: [ALE96]
How company office facilities are selected and maintained,
How potential employees are screened,
The remote access policy and procedures to the company 's systems and information, and
What kind of encryption and firewalls are provided in the corporate network.
In other words best-practice security isn 't just good business sense; in some cases, it 's also the law. Legal requirements are vary between specific industries and different jurisdictions. For example, the Health Insurance Portability and Accountability
References: [ALE96] Alexander, Michael, The Underground Guide to Computer Security, Addison-Wesley Publishing Company, 1996. [BAR96] Barrett, Daniel J., Bandits on the Information Superhighway, O 'Reilly & Associates, Inc., 1996. [COH95] Cohen, Frederick B., Protection and Security on the Information Superhighway, Johen Wiley & Sons, Inc., 1995. [DEL98] Delmonico, D., ‘‘Detect Network Intruders Before They Wreak Havoc, ' ' InternetWeek, Oct 5, 1998, pp. 38. [ESC98] Escamilla, Terry, Intrusion Detection: Network Security Beyond the Firewall, John Wiley & Sons, 1998. [KRO92] Krol, Ed, The Whole Internet, O.Reilly & Associates, Inc., 1992. [NUL98] Null, C., ‘‘Covering your assets, electronically, ' ' LAN Times, April 27, 1998, pp. 44. [PFA97] Pfaffenberger, Bryan, Protect Your Privacy on the Internet, Johen Wiley & Sons, Inc., 1997. [PFL97] Pfleeger, Charles P., Security in Computing, Prentice Hall, Inc., 1997. [POW99] Power, Richard, 1999 CSI/FBI Computer Crime and Security Survey, Computer Security Journal, Volume XV, Number 2, 1999, pp. 32.