Security Requirements And Possible Risks Essay

1019 words - 5 pages

Security Requirements and the Possible Risks associated with the
Benefits Elections Systems of Huffman Trucking Company
CMGT/442

Security Requirements and the Possible Risks associated with the
Benefits Elections Systems of Huffman Trucking Company

Huffman Trucking has sent out a service request regarding the development and installation of a benefits election system to support the tracking and reporting of employee (union and non-union) benefits (University of Phoenix, 2011). Per this request, this paper will discuss possible security requirements and possible risks that may occur or be associated with the development and implementation of the Benefits Elections Systems. ...view middle of the document...

The term “firewall” in computer talk can be either software-based or hardware-based and is used to help keep a network from being intruded. Its main goal is to control incoming and outgoing network traffic through analyzing the data packets and determining whether it should be allowed through or not, based on a predetermined rule set (Wikipedia, 2012). When considering a firewall from a security standpoint it stops unwanted traffic on the outside from logging onto a computer in the company’s private network. Once implemented the firewall can be configured to only allow traffic needed for the company to conduct business. Because the Benefits Election System is a database-style system, one or multiple firewalls should be used to protect it from invasion.
The Benefit Election System should implement some style of password protection. Password protection is very important because it allows the employee to create a specific user name and password to access the Benefit Election System. Doing this, will allow the user to be the only one to access his or her personal data for the system. It should not be written down but remembered the only other person who should have access to the individual user name and password is the administrator just in case it is forgotten.
The last security requirement that should be implemented is Risk Management Software or RMS. Risk Management is the identification, assessment, and prioritization of risk (Wikipedia, 2012). The advantage of using an RMS is it saves time and removes the difficulty of some of the risk analysis and management procedures. The risk management software, rather it is a tool or standalone software allows administrators to use a user-friendly interface to retrieve the newest tools to obtain the project risks. For instance an RMS can provide warnings concerning any risk that may have trespass a preset limit. Basically RMS can help make the administrator job easier.
With that being so, potential risk must be examined. The following section of the paper will discuss various risks that could cause issues within the Benefit Election System. Risk by definition is “the probability or threat of a damage, injury, liability, loss or other negative occurrence, caused by external or internal vulnerabilities, and which may be...

Other assignments on Security Requirements And Possible Risks

Understanding Nist 800‐37  Fisma Requirements  Essay

2451 words - 10 pages  organizational risk in accordance with FISMA requirements.  This framework sets  forth an approach to security control selection and specification with consideration to effectiveness,  efficiency, and constraints.  Federal agencies must undertake the following steps to maintain an  effective information security program:  Figure 1 NIST Framework      • • • • • • • • Step 1 ‐  Define criticality /sensitivity of information system

Nt 2580 Testing And Monitoring Essay

309 words - 2 pages . Passwords that meet security requirements but remain easily guessable are a hazard and could affect a network. The Solution: Implementing a change of password every so often. Implement the strategy that requires a combination of letters and numbers, and a minimum of a 30 day password renewal policy. Information on a laptop that is not encrypted would be a huge security issue. It would be likely that there would be some sort of damage in the event of “falling into the wrong hands.” The Solution: To prevent this from happening it is important to encrypt the drives and other sensitive information.

Risk Analysis Temple

1892 words - 8 pages 2-1 2.4 Contingency Planning 2-1 3.0 SYSTEM SECURITY 3-1 3.1 Baseline Security Requirements 3-1 3.2 Baseline Security Safeguards 3-1 3.3 Sensitivity Level of Data 3-1 3.4 User Security Investigation Level and Access Need 3-1 4.0 RISKS AND SAFEGUARDS 4-1 4.x [Risk Name] 4-1 4.x.1 Risk Category 4-1 4.x.2 Risk Impact 4-1 4.x.3 Potential Safeguard(s) 4-1 4.x.3.y

Wgu Capstone

8774 words - 36 pages sure that the company is in compliance with the requirements of the GLBA. Implementing an ISMS program for the company ensures the security and integrity of their customer’s information is maintained. The creation and development of new policies and procedures that will manage the risks that the company faces. The focus of the project will be the Privacy and Safeguard rules of the GLBA. The project covered the specific information that

Management Of Information Systems

1747 words - 7 pages contains flaws that create security vulnerabilities • Hidden bugs (program code defects) • Zero defects cannot be achieved because complete testing is not possible with large programs • Flaws can open networks to intruders • Patches • Vendors release small pieces of software to repair flaws • However, amount of software in use can mean exploits created faster than patches be released and

The Internet

989 words - 4 pages or board as an issue of critical concern. Information Security Governance is a framework predicated on principles and accountability requirements that encourage desirable behavior in the application and use of technology. Results from the present study indicate 81% of respondents have a defined information security governance structure (e.g., defined responsibilities, policies, and procedures) while 18% are in the process of establishing one

Principles Of Information Security

953 words - 4 pages investments and business opportunities. Security issues are unknowingly generated via employees using consumer electronics in their homes. As more consumer communications and devices enter the corporate enterprise security professionals need to consider the risks for business security. Things to consider included IM, gmail, iphones, un-secure home networks, etc. Employees are using these devices at home and in the workplace. . The first and most

Hipaa

3778 words - 16 pages attorney. Unless otherwise noted, HIPAA COW has not addressed all state pre-emption issues related to this Guide and the Toolkit documents. Therefore, these documents may need to be modified in order to comply with Wisconsin/State law. The Toolkit provides an example HIPAA Security Risk Assessment and documents to support completing a Risk Analysis and Risk Mitigation Implementation Plan. While it covers a broad spectrum of the requirements

Security

1066 words - 5 pages sense of worth and hence higher productivity. Relevance of security programs One of the biggest risks to an organization’s information security is often not a weakness in the technology control environment. Rather it is the action or inaction by employees and other personnel that can lead to security incidents; for example, (i) through disclosure of information that could be used in a social engineering attack, (ii) not reporting observed

Winton Carter Mining - The Risks Of Engaging A Mining

1264 words - 6 pages industry in terms of management and production for short-term and long-term gain. By engaging in the project, WCM will improve its reputation, increase its goodwill because of a likely increase in its share price, and potentially establish a new considerable source of income. The risks, however, are substantial. Firstly, security risk that is considered high due to social instability of African countries may reduce the site’s revenue considerably

Cissp

682 words - 3 pages closely your company adheres to these best practices: Awareness & Training, Assessment & Audit, Development & Quality Assurance, Compliance, Vulnerability response, Metrics & Accountability, and Operational security. To determine how to implement the Security Software Development Life Cycle, there are roughly (depending on scope) 6 phases: Requirements Gathering, Design, Coding, Testing, Deployment, and Maintenance & Retirement. Requirements

Similar Documents

Benefit Election System Essay

1290 words - 6 pages a benefit election system to support the tracking and reporting of employee (union and non-union) benefits (Apollo Group Inc., 2011). With the new benefit system coming online brings new security requirements and possible risks that must be addressed. This document will list some of those security requirements and risks of the Benefits Election System of the company. Paper Risks and Security Requirements Huffman Trucking is a national

Security Awareness Essay

2691 words - 11 pages Management Act of 2002 ("FISMA", 44 U.S.C. § 3541, et seq.) which is listed in Figure 1-1 Regulatory Requirements on page 5, requires that an “agency-wide information security program shall include security awareness training to inform personnel, including contractors and other users of information systems that support the operation and assets of the agency, of information security risks associated with their activities and their responsibilities in

Cyber Security In Business Essay

1513 words - 7 pages supporting the goals and principles of information security. * Communicate the business risks associated with information security incidents and accidents. * Document information security, responsibilities and the high-level principles personnel must observe. * Specify key activities that must occur within the organization, such as carrying out security classifications and risk analyses, safeguarding important records and reporting suspected

It Securityspecialization Essay

567 words - 3 pages require organizations to have proper security controls for handling personal information referred to as “protected health information,” or PHI. This includes security controls for the IT infrastructure handling PHI. Which of the listed risks, threats, or vulnerabilities can violate HIPAA privacy and security requirements? List one and justify your answer in one or two sentences. 2. How many threats and vulnerabilities did you find that