How to resolve a security issue in a situation where the need for security is great but the available funds are limited
Community participation is a very important aspect in enhancing security. Through the community’s leaders individuals can be sensitized on the need to protect each other and also help them to create a ‘we’ feeling in the management of the important resources in a region. This will enable the community members to identify with the resources and wealth of a region and hence strive to protect it by all means. Governments and administrative officials should also involve the locals in making of decisions that are of utmost ...view middle of the document...
Rather it is the action or inaction by employees and other personnel that can lead to security incidents; for example,
(i) through disclosure of information that could be used in a social engineering attack,
(ii) not reporting observed unusual activity,
(iii) Accessing sensitive information unrelated to the user’s role without following the proper procedures.
Having security programmers in place is thus a vital concept that every organization should embrace. This helps to warrant the fact that employees are conscious about the value of guarding sensitive information. It also serves to ensure that they are aware of what to do to ensure secure handling of information, and the risks involved in mishandling of the information. How the employees comprehend the personal and organizational consequences of improper handling of sensitive information plays a great role towards the success of the organization. A case in point could be the penalties imposed on an organization, the detriment towards an organization or its employees, and the influences posed towards the employee’s career. Putting the possible organizational mischief into focus for the workers and noting the effects of such damages to the organizational performance is thus vital (Bakari, Magnusson, Tarimo, & Yngström, 2006).
The single most important asset of a security program
Information is the most important asset to any organization’s security program. The implementation and progression of private networks is stirred by candidness and convenience of the systems, which also reveals a threat to the confidentiality of individuals and business data. The accountability and uprightness of business dealings are also put into stake, and thus a potential risk to the failure of a business venture. The key disquiets includes the risks of alteration, larceny, seizure and propagation of organization’s private information, as well as deception, and mutilation of the organizations image that can lead to pecuniary losses. The sources of threats to the security of business information could be categorized as either external or internal. The activities of hackers and other competing firms to cause alterations to an organization’s information systems is an external threat. On the other hand, the activities of snooping workers and outworkers that could lead to sensitive information seeping from an organization becomes the internal threats. Further, adequately guarding digital data that comply with the governing regulations and preventing cases of cyber-crime is a challenge. ...