Question

Principles of Information Security

Using about 1000 words Describe the three simplistic stages of Lewin’s change management model.

Answer 1

The basic principles of information security: confidentiality, integrity, and availability.

Confidentiality is probably a three-dimensional element that immediately comes to your mind when you think about information security. Information is confidential only those people who are authorized to access it can do so; To ensure privacy, you need to know who is trying to access data and block those attempts without permission. Passwords, encryption, authentication, and protection against hacking are all ways to ensure privacy.

Integrity means keeping data in its proper place and preventing it from being distorted, either accidentally or aggressively. Many privacy measures will also protect the integrity of the data - after all, a giant cannot change the data they can access - but there are other tools that help provide deep integrity protection: checks can help you verify data integrity, for example, translation control software and common backups appropriate if necessary. Integrity includes the idea of ​​non-disclosure: you should be able to prove that you have maintained the integrity of your data, especially in legal situations. Second, integrity refers to the type of information that is protected. The data must be accurate, up-to-date and reliable in the service provided by the business. Only authorized employees should make changes to the data. In addition, if an error was made during the planning, there must be unsuccessful steps to recover the damage. All information technology is at risk of human error, which is completely natural. Therefore, businesses require existing policies to protect security information. In addition, this policy also includes a virtual computer network.

Availability is a secret mirror image: while you need to make sure your data is inaccessible to unauthorized users, you also need to ensure that it can be accessed by those with the right permissions. Ensuring data availability means matching network and computer resources to the expected data access capacity and implementing a good support policy for disaster recovery purposes Finally, access is simply easier to access data on a daily basis. High availability is good for businesses, as they can easily access and process data. Both hardware and software risk access. If hardware problems do occur, data cannot be accessed. In addition, software maintenance should be minimized to avoid prolonged downtime.One attack available is Distributed Denial of Service (DDoS). This means that criminals compromise the security of the data by bringing down servers. As a result, customers or employees do not have access to data, even when authorized. Overall, DDoS attacks have become commonplace, with companies such as Apple, Microsoft, Google and Sony suffering.

1. Do Not Freeze Stage

The Unfreeze phase involves ensuring the readiness for change, by preparing the organization to understand and accept the importance of the need for change. 4 Key Steps to Define the Freeze:

Confirm the need for change

The first step during the opening phase is to do the organization's Current State Assessment (CSA) to identify what needs to be changed and why. The initiative also mandates mitigating the current situation, challenging existing trends, reviewing prevailing practices, and creating new ways of doing business.

Gather support

Next, leadership needs to find support for change in key people in management and across the organization through Stakeholder Analysis and Stakeholder Management, and place it as one of the most important things in business.

Develop a strategy and plan to communicate with the need for change

Thereafter, senior management must work through organizational vision and strategies to ensure coherence of the vision for change and the need for change across the board. This requires editing and developing convincing messages and structured sharing methods.

Appreciate and manage any bookings and uncertainties

This step involves addressing any employee's doubts and fears about change by repeatedly pointing out the reasons for the suspension of existing business practices so that people can accept the need for change.

Leaders may need to control the cultural balance of an organization by measuring the forces of opposition - the various factors that drive or oppose change - with the help of Force Field Analysis means a thorough evaluation of advantages and disadvantages of change. If the force of change exceeds the opposing element change will occur; otherwise the transformation agenda may fail.

2. Change (or Change) Stage

When people are ‘not yet open’ and ready to move on to the situation they want, change sets where it shows to make the necessary changes. This period is often difficult for people, as at this stage they are uncertain about the future, new to these changes, and need time to understand and prepare for them.

4 steps are necessary to manage the transition phase (transition):

Communicate in a formal and consistent manner

In all planning and implementation of the transformation phase, leadership needs to clearly define and share the impact, consequences, and benefits of change across the organization, and prepare everyone for the future.

Dispel gossip

Senior leaders should support the people by holding regular meetings to answer their questions openly, quickly resolving any issues, and conveying the need for change as a need for action.

Encourage action

Next, senior executives need to emulate the desired behaviors and attitudes, plan and deliver rapid victories to keep stakeholders engaged, and empower people to come up with solutions to deal with new problems and commonalities.

Involve people

The next step involves people in the process, allowing them time to change, and talking to external stakeholders (e.g., trade unions) if needed.

3.Free (or Refreeze) Stage

By freezing or closing again, Kurt Lewin means strengthening and implementing the desired changes, ensuring that they are widely accepted, used at all times, and incorporated into the business and organizational culture. The implementation of the ice phase introduces a new sense of stability for employees, makes them feel confident, builds new relationships, and frees them with new ways of working.

The purpose of the last step - to resume - is to support the change you have made. The aim is for the people involved to view this new state as a new status-quo, so they are no longer opposed to the military trying to make a difference. Group policies, tasks, strategies, and procedures are transformed in a new way.

In addition to appropriate measures to support and strengthen change, the formerly dominant nature tends to strengthen itself. You will need to consider both legal and informal methods in order to implement and implement these new changes. Think of one or more actions or actions that can be strong enough to counteract the accumulation of all the power of change - these powerful steps help to ensure that a new change will dominate and become a "new normal".

In the Refreeze section, companies should do the following:

1: Tie new changes to the culture by identifying the foundations for change and changing barriers

2: Develop and improve ways to maintain change over time. Consider the following:

3: Ensuring support for leadership and management and changing organizational structure where necessary.

4: Establish response processes.

5: Creating a reward system.

6: Provide training, support, and communication both temporarily and long-term. Develop both formal and informal approaches, and keep in mind the different ways employees learn.

7: Celebrate success!