Security Requirements Possible Risks - 1342 Words

Security Requirements and Possible Risks: Benefits Elections System Angela Nelson CMGT/442 February, 25, 2013 James Summerlin Security Requirements and Possible Risks: Benefits Elections System Huffman Trucking, an established trucking company since 1936, has recently requested the implementation of a new Benefits Elections System to assist management in tracking and reporting the benefits of both union and non-union employees. A database system will be utilized to store critical data such as employee information, along with the benefit package of their choosing. Storing such information requires necessary security measures to be in place to ensure the total protection of the data within. The risks associated with storing†¦show more content†¦The ability of an organization to renew passwords frequently is a significant step towards enhanced data protection (Brown, 2010). To enhance the effectiveness of password renewal, system users should not have the ability to use previous passwords when renewing the current ones. Implementing password renewal on the Benefits Elections System will ensure secu rity measures are continually enforced, especially in the event that if an unauthorized user were to gain access to the system, the password would only be good for a specific length of time before it will be changed. Possible Risks â€Å"Risk† is a term that most people, as well as organizations, are familiar with. Risk can be defined as the probability of any possible threat turning into a disaster, which is why significant measures are often taken to reduce and/or eliminate such possibilities. By utilizing a SWOT analysis (Strengths, Weaknesses, Opportunities, and Threats), Huffman Trucking can effectively determine the vulnerabilities associated with implementing a Benefits Elections System, and develop action plans to correct the vulnerabilities to prevent the risks from becoming reality. Several risks are often associated with the implementation of a new system, however, the main risks that must be considered by Huffman Trucking include: database corruption, human error, and hacking and other malicious attacks. Database corruption isShow MoreRelatedE Business Vs. E Commerce1552 Words   |  7 Pageswith meeting their functionality requirements since they certainly serve and meet the business needs behind their development; however, with the increase in demand for these applications, their development and updates are being realized at faster rate in order to stay in competition on the customer market. While most software engineering firms follow the Standardized Systems Development Life cycle principle, many do not have standard mechanisms to assess the Security issue in any of the developmentRead MoreEssay On Cloud Hacking1362 Words   |  6 Pagespopular software such as Uber, Spotify, Facebook and Fitbit among others, host their data and applications on dedicated servers to allow for user access services through their devices. The challenge with server based systems is that the integrity and security of private data is left out to third parties, nowadays established as corporations who offer hosting services for applications database and file storage. The main advantage of cloud based models is that customers do not have to pay for the installationRead More Assessment of Risk Management and Control Effectiveness at Cincom Systems1581 Words   |  6 PagesAssessment of Risk Management and Control Effectiveness at Cincom Systems Introduction Based on the Information Asset Inventory and Analysis completed for Cincom Systems the next phase of improving their enterprise security management strategy is to concentrate on assessments of risk management and control effectiveness. This specific study evaluates the effectiveness of the security technologies and methodologies in place at Cincom, also determining uncertainty and calculating the risk of the mostRead MoreInternational Association Of Corporate Directors868 Words   |  4 Pagesfinancially sustainable. A risk-based perspective enables an efficient and effective GRC program by leveraging threat-based assessments based on attack scenarios. This approach builds a risk register that is populated with most likely attack scenarios. Following the enactment of Sarbanes-Oxley in 2002, many U.S. companies implemented comprehensive policy-based internal controls frameworks. This approach focused on compliance with regulatory and accreditation requirements (e.g., SOX, HIPAA, PCI). Read MoreWhat s The Difference Between Hitrust And Hipaa?859 Words   |  4 Pagesorganizations are taking preventive measures in order to avoid breaches and possible fines. However, healthcare organizations are confused on what measures they need to take in order to protect healthcare information HITRUST and HIPAA are two unique types of assessments that share the common objective of safeguarding protected healthcare information but otherwise are different in how they are setup. HITRUST takes a risk based approach and HIPAA takes a compliance based approach. HIPAA - (HealthRead MoreCore Competencies For Physical And Cyber Security806 Words   |  4 PagesIn the risk-filled world we live in today, managing security for any organization is a difficult task. Whether an organization is dealing with physical security or cyber security, following and enforcing core competencies will make the security process more effective. The core competencies are determined by many factors that include the size of an organization and geographical location to name a few. (McCrie, 2007) When managing a security operation, the core competencies that are applicable forRead MoreUnderstanding The Supply Chain Is A Critical Piece Of A Cybersecurity Program1255 Words   |  6 PagesIntroduction One of the greatest ignored threats to cybersecurity is the supply chain. Even as organizations battle to shore up the specialized security of their systems, PCs (personal computers), portable devices and programming, â€Å"many overlook a major ‘back door source of cyber risk: the third party contractors, suppliers, outsourcers, cloud services, and other vendors who have been given direct or indirect access to sensitive company systems and data (Wiggin and Dana LLP, 2015). UnderstandingRead MoreAn Reliable Delivery Service At The Automotive Industry For Electronic Car Parts1289 Words   |  6 Pagesalways strive to exceed expectations. Executive Summary This document outlines how Digits and Widgets will create an effective Security Program to ensure that business critical assets and processes are protected from disruption and to minimize any impact resulting from any form of Information Security attack. This may include internal or external threats, physical and digital risks, and mobile technology while transporting goods. We will follow a structured process to first identify what our businessRead MoreSecurity Monitoring Activities1074 Words   |  5 PagesThis paper will describe the security monitoring activities that should be implemented and carried out in an organization on both internal and e-commerce applications. Managing risk is very crucial and plays an integral part in an organization especially to those that considers data as one of their asset. In this time and age, good risk management is the basis in achieving good business and attaining the company’s goals high ROI (Return On Investment). Security monitoring is associated and linkedRead MoreAnalysis Of Cybersecurity Metrics As Well A Governmental Policy Framework Essay1677 Words   |  7 Pagesindividual could be compromised if someone was to leverage their medical information in way they are forced to divulge other types of sensitive information that could be used to gain access or compromise information systems that protect national security. For the fore mentioned reasons, that increases the propensity for compliance for an individual working in the healthcare industry, and holds them to a deeper-level of compliance. Internal as well as external factors that affect IA policy compliance