Technical Project Paper: Information Systems Security

Read Complete Research Material



Technical Project Paper: Information Systems Security

Technical Project Paper: Information Systems Security

Background

Being the information security officer for a small pharmacy, which has been opened recently in the local shopping mall, I am required to prepare a report related to the information security concerns and solutions of this pharmacy. The daily operation of a pharmacy is a unique business that requires a combination of both physical and logical access controls to protect medication and funds maintained located on the premises and personally identifiable information and protected health information of your customers. The supervisor has tasked me with identifying inherent risks associated with this pharmacy and establishing physical and logical access control methods that will mitigate the risks identified.

Introduction

Information security is essential in a number of companies and organizations, specifically the ones in sensitive fields like pharmacies. Therefore, the security officers are required to necessarily ascertain local as well as physical security of the firm. The information security manager or officer would be required to perform various tasks and duties; for instance, the management of information security functions in accordance with the established policies, provisions, and guidelines of the firm, preparing and generating reports to the administration of the firm at reasonably frequent intervals. This is aimed at the establishment and ascertaining of information security standards and procedures being implemented, in accordance with the legal provisions in the state. Such policies encompass the regulations for the management of risks, consultation and recommendation to the pharmacy regarding the concerns of enhancing or improving the network security of the pharmacy. This process would require the information security officer to conduct information security assessment and analysis programs along with several other relevant measures.

Discussion

Computer systems and networks go through innumerable attacks on a usual basis and the frequency of these attacks increases dramatically with the passage of time. There are innumerable firms and companies that have made great amounts of investments in computer networks, only for the purpose of exploring and assessing that, computer networks also expose the organization to potential malicious attacks and threats, although they are an efficient means to improve the productivity and efficiency of the firm. Such attacks have been, since ever, the most challenging concern for majority of the information security officers and engineers, where they exploit the required and pertinent resources for the purpose of securing the network from such and other vulnerabilities and risks. The biggest susceptibility to the computer systems, computer networks, and the data and information stored in them is caused by the human activities, whether they are malicious or ignorant (Bishop, 2005). Whenever any human being perpetrates any malicious activity, there is generally some particular purpose or intention behind their malicious activity. They may for instance require disturbing the routing business activities and operations thereby denying the availability and generation of data and information. Research presents that blockage of more than five and a half billion malicious attacks have been reported in the previous year on various computer networks of different companies and ...