StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Information Security Mapping for Biomed Devices - Case Study Example

Cite this document
Summary
The paper "Information Security Mapping for Biomed Devices" will discuss the significance of information to organizations and society, describe and apply ideas relating to information security, and discuss the benefits, shortcomings, and risks o various IT environments…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.3% of users find it useful

Extract of sample "Information Security Mapping for Biomed Devices"

Information Security Mapping Name Institution Information Security Mapping Introduction This paper is a case study of Robert who is a client manager for Biomed Devices in Perth. He stores his information in a laptop and carries an iPad and a smart phone. He uses Microsoft word 2013 for all his business activities which contain detailed and confidential information about his clients. Robert has little knowledge on information security and does not use third party firewalls, antivirus, among other software for protection of his information system. From the case study, Robert enjoys extensive benefits from his information systems; however, he is exposed to immense threats associated with use of IT systems. The paper will discuss the significant of information to organizations and the society, describe and apply ideas relating to information security, and discuss the benefits, shortcomings, and risks o various IT environments. Importance of information to organizations and society in general Organizations gather and distribute information, and it may undergo some distortions in the process. Majority of these distortions are deliberate and at times, the staff of a certain organization summarize and report data to the management. Data summary means that some of the data has been eliminated (Friedman, Kahn Jr, Borning & Huldtgren, 2013). This kind of distortion is deliberate. Other times, information may undergo major distortion such that loses its actual meaning. The word and information are most of the times utilizes interchangeably as they are assumed to have similar concept. In reality, the two terms are distinct. Data refers to collection of observations that may at times be proved wrong; therefore, data may not be necessarily true. Data is convertible to information after processing. The procedure of processing data involves the elimination of errors and reduction of unreliability of the sources. Data is then assessed to make it relevant to the issues at hand. The final step involves organizing data in methods that are understandable (Bélanger & Crossler, 2011). Information systems refer to composition of people and computers that process and interpret information. At times, the term is used in referring to applications utilized in running computerized databases or to refer to computer system. In the current rimes, use of computers and information has become inevitable. Since mid 1960s, the use technology has greatly increased and consequently, production technology has also significantly increased (Venkatesh, Thong & Xu, 2012). The increase in the use of technology has altered the work system and the massive use of technology in companies has resulted to notable changes in technology. Use of information systems has led to reduction in operational costs by over 40% since mid 1950s. The cost reductions resulted from introduction of new computer applications which include mathematical and other systematic applications (Zhang, Li, Ruan, Liu, 2012). Storage costs have reduced with over 30% yearly in the last 10 decades. The reduction in cost enables any users save their data on technological gadgets. Also, there has been significant reduction in transmission costs due to the use of networked technology (Ryan, Mazzuchi, Ryan, De la Cruz & Cooke, 2012). The reductions in costs indicate how information has developed with time. Majority of companies do not have to manage their data as hard copies. Information systems enable companies to store their data in an easily accessible way which is effortlessly updated. Information systems are very significant in strategic planning (Lapointe & Rivard, 2005). The management utilizes information systems in the evaluation of information from distinct sources involving external sources which present the actual situation of the economy. This is significant in making of vital business related decisions since an organization is able to assess market current market trends. With the increase in globalization, majority of international companies work with greater revenue and have bigger business prospects. The need for adequate information systems vary with the magnitude of the business. As the businesses advance, information systems are utilized in the managing of operations, monitoring the increasing supply chains. Environment security is understood differently by many people (Liang & Xue, 2009). It includes two significant concepts including making sure that the environment is not contaminated or corrupted in any way which would hinder its normal operations and ensuring that nothing escapes from the confined environment not information is shared without the consent of the organization. Systems encompass of individuals, gadgets, and technologies. An environment is viewed as a system and securing things in the system’s environment shows a great level of responsibility and success in information security (Lumley, Coetzee, Tladinyane & Ferreira, 2011). Concepts, principles and techniques relating to the security of information Information security also referred to as InfoSec or computer security refers to the process of protecting information from unauthorized persons’ use, exposure, inspection, alteration, copying, and destruction. Computer does not necessarily refer to home desktop. Computer refers to any tool with a processor and some storage system and includes mobile phones, tablets, and calculators (Nolan & McFarlan, 2005). Majority of big organizations employ IT security experts because of the significance of the information they hold. They are obligated to keep all the technology within the company safe from all kinds of malicious activity which may try to access its confidential information (Tallon & Pinsonneault, 2011). They should ensure that data is safe when dangerous issues arise. The issues may involve natural disasters, physical destruction of theft, and any instance which involves data loss. Majority of the information in the current times is stored in computers and one of the major ways of offering information assurance is having an off-site backup of the data when any of the calamities occur (Ifinedo, 2014). The most significant step of information security is identifying the value of all sections of the information and establishing the most efficient methods of required for its protection (Ray, Muhanna & Barney, 2005). Some forms of information require high levels of security unlike others which explains the significance of information classification. In this case, Robert should recognize that confidential information about his clients is very valuable and should be protected from all forms of malicious activities. Aspects to consider while determining how vital information is by establish the value it holds for the company, the duration the organization has been in possession of the information, or whether the information is outdated (Yen & Bakken, 2011). The behavior of the staff plays significant role on the security of the information a company holds. Cultural concepts enable majority of organizations establish various protective measures for the business information. However, information security culture should be updated frequently so as to accommodate the changes in technology. Information security is a continuous process which requires strategic planning (Roberts & Grover, 2012). IT environments The IT Environment Framework composes of four major parts which include IT systems services, IT operational services, IT operating Environmental Services, and System developmental life cycle. The area or section of the IT systems services offer all technical solutions and services which is very significant in any IT organization. Technical solutions may be small such as the Atomic Systems or large as the composite systems. No environment is all-inclusive without accounting fully for the relevant systems. IT operational services assist in the maintenance of all the other systems. It involves both general and specific systems which include Deployment Management and problem management respectively (Sambamurthy, Bharadwaj & Grover, 2003). IT operating systems refer to the restricted and delimited operating systems. It enables the carrying out of IT work in contained regions that do not affect other environments. Such environments involve reconstruction environments. The Systems development life cycle refer to specific environment in which every environment belongs to. It includes various policies, standards, processes and work vital in moving a system through system development life cycle in an effectual and productive way. Information threats occur in various forms the most common threats in the current days include software attacks, damage, theft of intellectual property, loss of equipment, and information extortion (Sittig & Singh, 2011). The most common software attacks include viruses, Trojan horses, worms and phishing attack. Intellectual property refers to the possession of property with some form of safety. Software theft is the most frequent in IT organizations in the current times. Identity theft is when a person attempts to use another person’s identity to take advantage of various situations and access confidential data (Rindfleisch, 1997). Majority of technological devices are prone to theft because they are portable. Cell phones, tablets, laptops are prone to theft and have become extensively used with the increase in data amounts. Sabotage refers to distortion of a company’s website in the attempt to spoil the customers’ confidence with the company. Information extortion refers to theft of the information of an organization in the attempt to gain cash in exchange of the stolen information. There are many methods which are applied in the protection of information systems, but the most important and efficient method is user circumspection. In this case, Robert is prone to all the above mentioned IT threats. Firstly, he does not use protective software or any other third party protective applications. Secondly, he leaves his electronic gadgets unattended most of the time in his car (Shaikh & Haider, 2011). Thirdly, he uses public internet cafes which expose him to a wide range of threats. If confidential information about his company, the clients, or the products get into hands of his competitors, the company would suffer extensive permanent financial loss and the organization’s reputation would be lost. It is the obligation of the management of every organization to protect its information from IT threats (Lo & Chen, 2012). Securing confidential information of nay business is an ethical requirement and organizations should invest in information security. So as to protect his information from IT threats, Robert should install an updated antivirus system in his computer. It defends the computer against any forms of virus attacks (Stoneburner, Goguen & Feringa 2002). He should also keep his windows updated. Technology gadgets such as phones, laptops, and tablets should not be left unattended as the vulnerability for theft increases. Windows firewalls notify the user when the computer detects any malicious activity trying to access it. While using public internet cafes, Robert should ensure he clears his internet cache and browsing history. In addition, public Wi-Fi is associated with numerous risks and chances of being hacked are extensively high. It makes it easy for unauthorized parties to access his confidential information. Conclusion This paper is a case study Robert who is a client manager for Biomed Devices in Perth. He stores his information in a laptop and carries an iPad and a smart phone. Robert enjoys extensive benefits from his information systems; however, he is at exposed to immense threats associated with use of IT systems. Data refers to collection of observations that may at times be proved wrong; therefore, data may not be necessarily true while information refers to processed data. In the current rimes, use of computers and information has become inevitable. Majority of companies do not have to manage their data as hard copies. Information systems enable companies to store their data in an easily accessible way which is effortlessly updated. Information systems are very significant in strategic planning and have reduced operational costs significantly. Information security or computer security refers to the process of protecting information from unauthorized persons’ use, exposure, inspection, alteration, copying, and destruction. Information threats occur in various forms the most common threats in the current days include software attacks, damage, theft of intellectual property, loss of equipment, and information extortion. In this case, Robert is prone to all the above mentioned IT threats. References Bélanger, F., & Crossler, R. E. (2011). Privacy in the digital age: a review of information privacy research in information systems. MIS quarterly, 35(4), 1017-1042. Friedman, B., Kahn Jr, P. H., Borning, A., & Huldtgren, A. (2013). Value sensitive design and information systems. In Early engagement and new technologies: Opening up the laboratory (pp. 55-95). Springer Netherlands. Ifinedo, P. (2014). Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition. Information & Management, 51(1), 69-79. Lapointe, L., & Rivard, S. (2005). A multilevel model of resistance to information technology implementation.MIS quarterly, 461-491. Liang, H., & Xue, Y. (2009). Avoidance of information technology threats: a theoretical perspective. MIS quarterly, 71-90. Lo, C. C., & Chen, W. J. (2012). A hybrid information security risk assessment procedure considering interdependences between controls. Expert Systems with Applications, 39(1), 247-257. Lumley, E. J., Coetzee, M., Tladinyane, R., & Ferreira, N. (2011).Exploring the job satisfaction and organisational commitment of employees in the information technology environment.Southern African Business Review, 15(1), 100-118. Nolan, R., & McFarlan, F. W. (2005).Information technology and the board of directors.Harvard business review, 83(10), 96. Ray, G., Muhanna, W. A., & Barney, J. B. (2005). Information technology and the performance of the customer service process: A resource-based analysis. Mis Quarterly, 625-652. Rindfleisch, T. C. (1997). Privacy, information technology, and health care. Communications of the ACM, 40(8), 92-100. Roberts, N., & Grover, V. (2012). Leveraging information technology infrastructure to facilitate a firm's customer agility and competitive activity: An empirical investigation.Journal of Management Information Systems, 28(4), 231-270. Ryan, J. J., Mazzuchi, T. A., Ryan, D. J., De la Cruz, J. L., & Cooke, R. (2012). Quantifying information security risks using expert judgment elicitation. Computers & Operations Research, 39(4), 774-784. Sambamurthy, V., Bharadwaj, A., & Grover, V. (2003). Shaping agility through digital options: Reconceptualizing the role of information technology in contemporary firms. MIS quarterly, 237-263. Shaikh, F. B., & Haider, S. (2011, December). Security threats in cloud computing. In Internet technology and secured transactions (ICITST), 2011 international conference for (pp. 214-219).IEEE. Sittig, D. F., & Singh, H. (2011).Defining health information technology–related errors: new developments since To Err Is Human.Archives of internal medicine, 171(14), 1281-1284. Stoneburner, G., Goguen, A., & Feringa, A. (2002).Risk management guide for information technology systems.Nist special publication, 800(30), 800-30. Tallon, P. P., & Pinsonneault, A. (2011). Competing perspectives on the link between strategic information technology alignment and organizational agility: insights from a mediation model. Mis Quarterly, 35(2), 463-486. Venkatesh, V., Thong, J. Y., & Xu, X. (2012). Consumer acceptance and use of information technology: extending the unified theory of acceptance and use of technology. MIS quarterly, 36(1), 157-178. Yen, P. Y., &Bakken, S. (2011). Review of health information technology usability study methodologies. Journal of the American Medical Informatics Association, amiajnl-2010. Zhang, J., Li, T., Ruan, D., & Liu, D. (2012). Rough sets based matrix approaches with dynamic attribute variation in set-valued information systems. International Journal of Approximate Reasoning, 53(4), 620-635. Concept Map n Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Information Security Mapping for Biomed Devices Case Study, n.d.)
Information Security Mapping for Biomed Devices Case Study. https://studentshare.org/information-technology/2065105-information-security-mapping-case-study
(Information Security Mapping for Biomed Devices Case Study)
Information Security Mapping for Biomed Devices Case Study. https://studentshare.org/information-technology/2065105-information-security-mapping-case-study.
“Information Security Mapping for Biomed Devices Case Study”. https://studentshare.org/information-technology/2065105-information-security-mapping-case-study.
  • Cited: 0 times

CHECK THESE SAMPLES OF Information Security Mapping for Biomed Devices

Information Security of Business

nbsp; information security essentially requires that the genuine parties to a transaction are identified, the actions they are allowed to perform are determined and their actions are limited to only those that are necessary to initiate and complete the transaction.... Tokens come in various shapes and sizes and they are mainly of two types; "passive tokens" are storage devices that contain a secret code that allows users to gain access to a network, whereas "active tokens" are usually small stand-alone electronic devices that generate a one-time password that is only useful for a single log-on and the user logs on to the system using this one-time password....
3 Pages (750 words) Term Paper

Mobile Device Security Policies

The administrator formulates mobile device security policy to protect all the mobile devices and other software from unauthorized access, use,… The purpose of these policies and restrictions is to ensure appropriate use of mobile devices and software.... The administrator formulates mobile device security policy to protect all the mobile devices and other software from unauthorized access, use, disclosure, alteration, modification, deletion, destruction and removal....
2 Pages (500 words) Research Paper

Build and sustain an innovative work environment

hellip; ent of trust and mutual respect among staff depends on how receptive the management is to new ideas and the constructive suggestions provided by staff and any stakeholders and by involving the stakeholders when introducing changes. Smart Spot is a shop or business that has It offers a wide selection of cutting-edge technology tablet pc's, smartphones and related services such as application configuration, networking, software updates and training on the best use of the devices....
4 Pages (1000 words) Assignment

Security Locking Devices

The author of this assignment entitled "Security Locking devices" comments on the difference of two locking devices for doors and windows and the means of generating power through alternative means to that of the existing modes of power generation.... Thus, the texts attempt to convey the central idea about the locking devices and power generation mechanisms in a way that is comprehensible with some knowledge of the engineering specifics.... This term, especially after huge technologic improvements, became a name of the sector because safety techniques and equipment developed as much as weapons and other criminal devices....
6 Pages (1500 words) Assignment

The Eden Project in Cornwall

The paper “The Eden Project in Cornwall” seeks to evaluate one of the most successful Landmark Millennium projects in Britain, which were supported by the Millennium Commission (MC) funding.... In an outdoor area of 15 ha, the modern Garden of Eden presents different climate zones of the world....
12 Pages (3000 words) Assignment

The Impact of Mobile Devices on Cyber Security

hus, at such an age where The paper “The Impact of Mobile devices on Cyber Security" is a cogent example of a term paper on technology.... Thus, at such an age where the technological mobile device use is so rampant, the question that begs an answer is whether the population is aware of the potential security threats to their devices.... The increased use of wireless technological devices opens a floodgate of cybersecurity threats to the owners of such gadgets (Global Focus, 2013)....
3 Pages (750 words) Essay

Information Classification of the Human Implantable Device in Company BioMed Devices

The company that is the subject of this paper "Information Classification of the Human Implantable Device in Company biomed devices" is biomed devices, a tiny company specialized in technology that makes the human implantable device.... hellip; The devices manufactured by the biomed devices company need specialized knowledge and skill in order to come up with the required and desired shapes and materials.... These devices are of medical origin....
13 Pages (3250 words) Case Study

Developing a Way to Protect the Information in the BioMed Devices Company

The paper "Developing a Way to Protect the Information in the biomed devices Company" is about Global System for Mobile Communications.... The task was to develop a way to protect the information in the biomed devices Company in three weeks.... biomed devices is a competitive company specialized in technology that creates human implantable devices.... A European standard that describes the protocols for second-generation networks for cellular digital phones, is of help in the management of information security....
12 Pages (3000 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us