Security
Components
Computer security rests on confidentiality, integrity, and
availability. The interpretations of these three aspects vary, as
do the contexts in which they arise. The interpretation of an
aspect in a given environment is dictated by the needs of the
individuals, customs, and laws of the particular organization.
Computer Security has the ability to detect and prevent attacks and
to be able to recover.
Network security is any activity designed to protect the usability
and integrity of your network and data. It includes both hardware
and software technologies. Effective network security manages
access to the network. It targets a variety of threats and stops
them from entering or spreading on your network.
Access control
Not every user should have access to your network. To keep out
potential attackers, you need to recognize each user and each
device. Then you can enforce your security policies. You can block
noncompliant endpoint devices or give them only limited access.
This process is network access control (NAC).
Antivirus and antimalware
software
"Malware," short for "malicious software," includes viruses, worms,
Trojans, ransomware, and spyware. Sometimes malware will infect a
network but lie dormant for days or even weeks. The best
antimalware programs not only scan for malware upon entry, but also
continuously track files afterward to find anomalies, remove
malware, and fix damage.
Application security
Any software you use to run your business needs to be protected,
whether your IT staff builds it or whether you buy it.
Unfortunately, any application may contain holes, or
vulnerabilities, that attacker can use to infiltrate your network.
Application security encompasses the hardware, software, and
processes you use to close those holes.
Behavioral analytics
To detect abnormal network behavior, you must know what normal
behavior looks like. Behavioral analytics tools automatically
discern activities that deviate from the norm. Your security team
can then better identify indicators of compromise that pose a
potential problem and quickly remediate threats.
Data loss prevention
Organizations must make sure that their staff does not send
sensitive information outside the network. Data loss prevention, or
DLP, technologies can stop people from uploading, forwarding, or
even printing critical information in an unsafe manner.
Email security
Email gateways are the number one threat vector for a security
breach. Attackers use personal information and social engineering
tactics to build sophisticated phishing campaigns to deceive
recipients and send them to sites serving up malware. An email
security application blocks incoming attacks and controls outbound
messages to prevent the loss of sensitive data.
Firewalls
Firewalls put up a barrier between your trusted internal network
and untrusted outside networks, such as the Internet. They use a
set of defined rules to allow or block traffic. A firewall can be
hardware, software, or both. Cisco offers unified threat management
(UTM) devices and threat-focused next-generation firewalls.
Intrusion prevention systems
An intrusion prevention system (IPS) scans network traffic to
actively block attacks. Cisco Next-Generation IPS(NGIPS) appliances
do this by correlating huge amounts of global threat intelligence
to not only block malicious activity but also track the progression
of suspect files and malware across the network to prevent the
spread of outbreaks and reinfection.
Mobile device security
Cybercriminals are increasingly targeting mobile devices and apps.
Within the next 3 years, 90 percent of IT organizations may support
corporate applications on personal mobile devices. Of course, you
need to control which devices can access your network. You will
also need to configure their connections to keep network traffic
private.
Web security
A web security solution will control your staff’s web use, block
web-based threats, and deny access to malicious websites. It will
protect your web gateway on site or in the cloud. "Web security"
also refers to the steps you take to protect your own website.
Wireless security
Wireless networks are not as secure as wired ones. Without
stringent security measures, installing a wireless LAN can be like
putting Ethernet ports everywhere, including the parking lot. To
prevent an exploit from taking hold, you need products specifically
designed to protect a wireless network.
Employees Responsibilities
toward the policies to maintain a safe and effective
workplace.
1) Comprehension
Management develops workplace security policies and training
programs to familiarize employees with the ways to maintain a safe
workplace. But management cannot force employees to understand all
of the policies. It is the responsibility of employees to benefit
from workplace security training and to come away with a
comprehensive understanding of policies. If an employee does not
understand a policy, or did not get information on a security
measure, she must approach management to get clarification or more
information.
2) Vigilance
Employees need to remain vigilant when it comes to executing
security policies in the workplace. When an employee sees
suspicious activity, he needs to follow security procedures and
report it. A workplace security policy is effective only if it is
used and practiced. Employees should make it a point to attend all
security training classes and to be ready to use security
procedures at all times
3) Personal Space
Part of employee responsibility in maintaining a company security
policy is being responsible for his own area. Employees need to
make sure that their work areas adhere to security standards, and
each employee must be certain that her personal effects in the work
area do not hamper security. For example, if an employee has a
large plant on top of his file cabinet that blocks a security
camera, that plant needs to be moved.
4) Procedures
Employees need to have respect for corporate security procedures to
allow those procedures to be effective. For example, an employee
should refuse to assist a coworker in bypassing the card-swiping
entry system because the coworker forgot her access card. The
employee should remind the coworker of the security procedure in
place for people who misplace their access cards.
EMPLOYEE
RIGHTS
1) EDUCATION
The best network security strategies include ongoing employee
education. Hackers are continually evolving their tools and
tactics. To beat them, you need to keep your employees up-to-date
on current cyberthreats and on end-user security best
practices.
For instance, you can hold semi-regular training seminars to go
over the latest security threats. You can discuss what to look out
for, what to do in case of a virus, and what the process is in case
of a data breach.
Proper password usage can be a constant struggle for people.
Everyone must manage multiple accounts at different times of the
day. As a result, many people frequently use the same simple
passwords over and over to save time.
2) Email and Privacy
In most cases, email messages are not subject to any personal
privacy laws. As a result, employers are generally free to monitor
and read employees’ email messages, with no restrictions. The
theory in this situation is that emails sent using a workplace
computer are the property of the employer, regardless of whether
the sender or recipient of the email message intended to keep its
contents private. Whether an employer is monitoring email messages
to and from employees in order to ensure that employees are
productive, to guarantee that employees are not disclosing
confidential information, or simply to decrease the possibility of
any employee misconduct or wrongdoing, employers typically are well
within their rights to monitor employee email.
3) Internet Usage at Work
Similarly, employees’ internet usage in the workplace is subject to
the same scrutiny as email messages. Employers generally can track
employees’ internet usage, in terms of time spent online, websites
visited, and engagement in other online activities. An employer
also may restrict an employee’s access to the internet or access to
certain websites, or prohibit personal usage of workplace computers
altogether. As a result, there is no cognizable right to privacy
claim against your employer for monitoring or restricting your
internet usage
4) Written Work
Policies
Likewise, employers these days typically have written policies
regarding personal computer usage, which place employees on notice
of the employer’s stance on using a workplace computer for personal
purposes. These policies provide support for employers when they
choose to discipline or even discharge employees for
inappropriately using workplace computers. However, even in the
absence of such policies, the law generally sides with employers in
setting and enforcing personal computer usage by employees in the
workplace.
Why is it important that by the time employees start, they should be thoroughly briefed on...
Discussion why security awareness, education and training is important within organizations. What topics should be included in security education and training? Should training only be for lower level employees, or should management be required to receive training as well? I need work without plagiarism.i need a typed answer not hand written answer.
Worker Rights and Protection 1) Employers owe certain things to their employees; one of these is honesty and respect. Why should employers treat their employees with honesty and respect? 2) What other types of responsibilities do employers owe to their workers? List three responsibilities that your employer owes you as their worker. 3) There are a number of laws and policies that were implemented to help protect workers in different workplace situations. What is the purpose of each: Fair Labor...
The Civil Right Rights Act of 1964. Each group member will pick a topic and thoroughly discuss the chosen topic. You should tell (1) why it is important, (2) how it has impacted the workforce, and (3) if that topic has impacted you.
Why is it important for organizations to focus on hiring ethical employees?
In one brief paragraph thoroughly identifies the values and beliefs that you feel are important in nursing and why you feel they are important.
Do you feel it is important to foster self-sufficiency in your employees? Why or why not?
1.why should every employee should know his rights in the workplace? 2.why the industrial officer union protects the employees?
Cyber Security and Crime Ciampa (2012) discusses training techniques in Chapter 14. Why is it important to train employees about security defenses? Does training employees increase or decrease security for an organization? Explain. There is not a right or wrong answer to this question. Use your critical thinking skills to examine how training employees can impact the overall security of an organization.
Why is it important that an employer ensure that employees set personal and career goals ?
Why is it important for healthcare employees to use the CPT coding system correctly?