INF325: Telecommunications & Networking Concepts
Week 4 Security Plan
Security is a management issue and not a technological issue according to numerous studies since the late 1990s. It all has to do with the firms need to have an excellent planning, implement, and execute the best day to day security technology. If the firms have a good security processes in place, most technological advanced security will do little good to the companies. However, practitioners in the trenches know better the greatest vulnerabilities organizations face is down to human behavior.
Banks are the most companies may have a sophisticated application in place to manage identities; failure to follow a process to 'on-board' and 'off-board' employees may result in leaving back doors open. And with the axe still swinging over banks and other financial institutions leading to a steady flow of redundancies, this particular security imperative has come to the fore as a critical issue.
Failure to effectively ensure that authorized access to data is terminated immediately when individuals lose their jobs puts sensitive and confidential data at risk and can lead to a breakdown in an organization’s control framework. Experienced security professionals have long highlighted this vulnerability to senior management and HR departments and maybe these unprecedented events in the financial world and radical changes in business practices will now focus their minds and lead to positive change.
Additionally, as banks merge with other banks to avoid collapse, the need to ensure that multiple information security as well as risk management control frameworks are synchronized becomes increasingly important. Inviting security to the table when senior business and IT management meet to discuss integration strategies and merged environments can serve to avoid downstream costs and problems associated with the exploitation of vulnerabilities.
Information security controls, if...