Theresa Jn. Baptiste - St. Lucia
Managing Information Technology
Security isn’t simply a technology issue, it’s a business issue. Discuss
In any given organization information technology generally refers to laptop and desktop computers, servers, routers, and switches that form a computer network, although information technology also includes fax machines, phone and voice mail systems, cellular phones, and other electronic systems. A growing reliance on computers to work and communicate have made the control of computer networks an important part of information security.
Security days as just a technical or technology issue are done. It is becoming a central concern for leaders ...view middle of the document...
Results from the present study indicate 81% of respondents have a defined information security governance structure (e.g., defined responsibilities, policies, and procedures) while 18% are in the process of establishing one [Deloitte 2007].
The evolution of technology has had its impact on virtually every business or private aspect of our lives. From privacy to liability issues, the impact of technology on business is only limited to imagination. Unauthorized access to paper documents or phone conversations is still an information security concern, but the real challenge has become protecting the security of computer networks, especially when they are connected to the Internet.
Most large organizations have their own local computer network, or intranet, that links their computers together to share resources and support the communications of employees and others with a legitimate need for access. Almost all of these networks are connected to the Internet and allow employees to go "online."
Information technology security is controlling access to sensitive electronic information so only those with a legitimate need to access it are allowed to do so. This seemingly simple task has become a very complex process with systems that need to be continually updated and processes that need to constantly be reviewed. There are three main objectives for information technology security: confidentiality, integrity, and availability of data to the organization. Confidentiality is protecting access to sensitive data from those who don't have a legitimate need to use it. Integrity is ensuring that information is accurate and reliable and cannot be modified in unexpected ways. The availability of data ensures that it is readily available to those who need to use it (Feinman et. al., 1999).
Information technology security is often the challenge of balancing the demands of users versus the need for data confidentiality and integrity. For example, allowing employees to access a network from a remote location, like their home or a project site, can increase the value of the network and efficiency of the employee.
Unfortunately, remote access to a network also opens a number of vulnerabilities and creates...