Corporate Writing on "Identity Management and Security Awareness Training Plan"

Corporate Writing 6 pages (1839 words) Sources: 0

[EXCERPT] . . . .

Identity Management and Security Awareness Training Plan

The entire human race is in a constant phase of experiencing technological innovations and advancements, since the globe has crossed the threshold of twenty first century. Due to this progression, the organizations are leveraging with sophisticated and complex software and management programs, but at the same time, the risk to data and information stealing has elevated to paramount heights. In fact, the security threat with respect to the information and data has become one of the alarming aspects for organizations regardless of their size in today's time.

In this age of technological boom, the threats that a company encounters are not only from the external sources; but, internal threats have become one of the greatest vulnerabilities to information security. This is predominantly due to the reason that the inside people are very much familiar with the infrastructure of the organization; thus, inside attacks are counted as most dangerous one.

Considering the security of the private and confidential data of the enterprises, it has been typically observed that the managements are somewhat lackadaisical or lazy to put their administrative passwords on encrypted sheets. At instances, they don't even change their privileged account passwords. Besides, many of the organizations don't pay any attention to the importance of securing their data, even though they spend huge amount of funds on various security plans.

As an outcome of such carelessness, the companies do not implement or apply the security products and even fail to control to implement the fixes to the issues, which rather pose risks to the regulatory fines. Due to these factors, new security lapses have been exposed from numerous organizations, which has escalated the need to increase the awareness regarding the management and security of the data and information, as it is the most important element for any organization. The security awareness training initiatives with the organization makes sure that the employees are less likely to make costly errors concerning information security.

The Identity Management and security Awareness Training Plan is basically a subsection of a Security Policy Document, which is designed and presented to ABBA Corporation. Security awareness training program, in this regard would prove to be effective, as it facilitates in reducing the negligent threats amongst the organization, as well as aid in reducing the number of successful external threats. The training plan provides a comprehensive guideline on operating systems, network and system security, application of fixes and patches, and auditing.

Operating Systems and Measurements of Solidifying

Operating system and relative measures to harden are amongst the few of the essential components of security awareness training plan. The operating system of an organization needs to be protected from all kinds of inside and outside security threats in order to avoid any data or information robbery. This is usually due to the reason that operating system is said to be the heart of any organization, as it is an anthology of software which is installed to manage and control the hardware resources as well as protect the classified information or data of the organization.

Taking into account the significance of operating system, measurements needs be taken on continuous basis in order to harden the operating system, as a part of the training plan. Hardening simply refers to securing or strengthening the computers, servers and operating systems so that the confidential data of the organization can be protected. In fact, it is a fundamental step that helps in fighting with the means of attack, since this process involve turning off the unnecessary services.

Several steps are involved in hardening or securing the operating system, which forms layers of protection. Antivirus and antispyware protection along with security patches of vendors or manufacturers is the primary step of it. Another layer involves installation of firewall and disabling non-essential applications, which help in securing all workstation and servers. These layers make the computer systems more secure, which becomes harder to break into.

The training plan also highlights the importance of administrative as well as user account passwords, as it is again a pivotal layer that aids securing the data to a large degree. Moreover, the policies on changing passwords are also included as a prominent aspect in the training plan. This clearly means that changing passwords on timely basis are relatively vital, because it immensely curtails the chances of getting data robbed. Indeed, strong passwords that are formed on passphrases are another measure that helps the organization in safeguarding the data, since they are relatively harder to crack or guess.

Network, Systems, and Peripherals Security

As a part of the security awareness training plan, securing and hardening the internal systems and networks is equally imperative as securing the peripherals. This is due to the reason that data pilfering is not only done from outside sources but internal threats are also present that can destroy or crack the classified data of the enterprise.

Due to the advancements, the organizations are making more and more devices available on network that enables multiple computers and laptops to share single internet broadband connection; hence, it makes the data enter the dangers of sniffing. Indeed, sharing of files among computers can easily be made, therefore, securing and hardening the network is a prime factor of the security awareness training plan so that the employees of the company can save their data from getting robbed.

Increasingly, the peripheral devices such as printers, security cameras, UPS, scanners, and many more are also frequently being connected over a network; thus, the security of network along with peripheral devices have become a necessity. Securing the peripheral devices is also crucial because most of these devices ensure user-friendliness due to which they are designed to work out of the box.

Considering the seriousness of network's and peripheral devices' security, the training plan incorporates options of securing the network. ABBA Corporation can secure their network through technologies such as WEP (wireless encryption protocol), as it uses passwords in order to encrypt the network traffic. The company can have authorized users in order to limit the access to the network through password policies. This would also limit the access to the peripheral devices such as printers, scanners or security cameras.

The training plan also lay emphasis on various other measures that the enterprise can implement, which include hardware security like fingerprint recognition. Indeed, the most important one to consider with respect to security is the internet access. The company can have privacy settings to higher levels to ensure the network protection especially from outside viruses, spam and hacking attempts.

Applying Patches and Fixes

The security awareness training plan is incomplete without including the component of patches and fixes application. When talking about patches, it is simply a part of software that is capable of fixing various kinds of problems that include security vulnerabilities, bugs and viruses. Patches are applied with the purpose of performance or usability improvement.

Different operating systems design patches according to their software and in order to make these patches work in an appropriate manner, ABBA Corporation should apply the patches of the operating system's vendor. Moreover, application and software should always be updated with current and most recent patches and fixes. In this manner, the operating system of the company would be free from all bugs and other related problems, as it is a principal process that fixes the security vulnerabilities in software.

Patches usually play a key role of fixing security holes as far as operating systems and server software are concerned. Automatic or semi-automatic update facilities are generally provided by the operating system. As an outcome of such a corrective action, not only successful exploitation is averted but it also alleviates the ability of the threat to exploit security vulnerability.

The fact cannot be ignored that patches are an integral source that has been particularly designed to fix a bug; however, at the same time it is prudent to note that patches can break the functionality or even damage the operating systems. This clearly exhibits the fact that new problems are likely to arise if the patches are not designed in an appropriate manner. Therefore, the enterprise should only opt for applying those patches that are well proven or have been asked by the module maintainer to test. In addition, as a part of the security training awareness plan, it is always recommended to update the operating system as well as the applications with the necessary patches in a timely fashion, as it alleviates the risk of getting virus or bug in the operating system.

Auditing and Security Maintenance

As a part of the security training awareness plan, auditing and security maintenance is also a crucial block to mention. It is vital to consider because it has been observed that most of the people do not record the track changes that is being made to the systems and applications, which is essential in order to have a secured it infrastructure. Additionally, the security maintenance is another gray area that is typically overlooked by… READ MORE

How to Reference "Identity Management and Security Awareness Training Plan" Corporate Writing in a Bibliography

Related Corporate Writings:

Security Self-Assessment Coyote Systems Security Self-Assessment Organization Thesis

Security Self-Assessment

Coyote Systems Security Self-Assessment

Organization Description

The company Coyote Systems develops enterprise software applications for the world's leading manufacturing companies. It has development offices in Chicago, Illinois, throughout… read more

Thesis 7 pages (2030 words) Sources: 1 Topic: Management / Organizations

---

Managing Homeland Security Essay

Criminal Justice - Homeland Security

MANAGING HOMELAND SECURITY

Explain the four phases of emergency planning (i.e. mitigation, preparedness, response, recovery) in detail. Practically speaking, which phases do you think most… read more

Essay 4 pages (1204 words) Sources: 4 Style: APA Topic: Management / Organizations

---

Long-Term Planning and Information Systems Security Life Cycle Management Term Paper

Computer Science

Long-Term Planning and Information Systems Security Life Cycle Management

Information security means defending information and information systems from unlawful access, use, revelation, disturbance, alteration, examination, assessment, recording or… read more

Term Paper 4 pages (1180 words) Sources: 4 Topic: Management / Organizations

---

Management Information Systems Security Term Paper

A different study conducted by Price Waterhouse Coopers (PWC) suggests that in the year ended 2013, the number of breaches reduced but the overall cost of these breaches increased.

In… read more

Term Paper 12 pages (3422 words) Sources: 6 Topic: Management / Organizations

---

Security Policy Dr. Fossett's Dental Office Term Paper

Security Policy of a Dental Office

Information Technology Security for XYZ's Dental Office will be achieved by implementing these controls, policies, procedures and standards. This approved Security policy reflects the… read more

Term Paper 3 pages (1254 words) Sources: 0 Topic: Computers / IT / Internet

---

View 100+ more related papers  >>