Information System Security



Introduction4

Discussion4

Physical Vulnerabilities and Threats5

Information and Equipment Theft5

Sabotage6

Human Error6

Environmental Implication6

Logical Threat, Vulnerabilities and their Implications7

Network Threats and its Vulnerabilities7

Host Threats and Vulnerabilities9

The Pharmacy Concern10

Tackling the Physical Vulnerabilities and Threat12

Logical Vulnerability and Threats - Strategic Aspect14

Physical Vulnerabilities and Development of Controls15

Logical Vulnerabilities and Development of Controls15

Conclusion16

List of Figures

Figure 1: Risk Analysis Steps (Sandia.gov, 2013)9

Information System Security

Introduction

Internet has flourished by leaps and bounds during the last few decades and has also facilitated a number of companies, firms and organizations to manage as well do their work at ease. Personal, business, and government applications are continuously growing with exponential rate thereby providing unmatched help to the end-users and office personnel. The Information system had also penetrated into the grounds of healthcare, and it has conquered the grounds which were only a dream once. However, by the development of the IT industry, the threats have also become quite grave and serious which has resulted in malicious attacks on various organizations as well as innocent desktop users. (Ptgmedia.pearsoncmg.com, 2013).

Discussion

As far as the pharmacy is under consideration, it will not require that much security measures as that of an enterprise. Although, the pharmacy is stationed in a public place having high population as compared to any industrial district; this will surely pose some threat to the firm which can be categorized into physical as well as logical threats and vulnerabilities. Before proceeding further with the discussion about the physical and logical threats and vulnerabilities, the definition of threat and vulnerability should have to be borne in mind. Threat is commonly used to refer a person or even an event which bears the ability to cause harm to the valuable resources of the company or firm in one way or another. On the other hand, the vulnerability is used to refer the quality of the event or any other resource for causing harm to the environment which allows us to realize the potential threats. The vulnerabilities are the core driving force for enacting security policies as well as risk assessment, assignment mitigation, and avoidance so that the company will function in better and secured environment for the working personnel.

Physical Vulnerabilities and Threats

Most of the times, information security personnel, information workers and CIO (Chief Information Officer) pays great attention towards the development of the better and effective logical security system thereby leaving behind the physical security completely neglected. Physical threats are related with the physical being of the vulnerabilities. Although, there is also quite a strong bond between the physical and logical threat and vulnerabilities giving rise to a new dimension of convergence platforms for both ends of security. The physical attacks can cover a range of categories including the theft, sabotage, human error, and environment disruptions.

Information and Equipment Theft

The theft has both the physical as well as the logical implications and is considered to be the most commonly encountered threat. Computing and Network equipments are quite susceptible to be attacked to be stolen in case of organized heist and can easily be resold to ...