Question

In: Computer Science

Managing IT security and risks Information security is critical in the development and implementation of information...

Managing IT security and risks Information security is critical in the development and implementation of information systems in organizations. Assume that you are developing a customer relationship management system for Morita Loan, list five methods that you can use to protect the data in such a system and discuss how you can implement these five means for information security.

Solutions

Expert Solution

Five methods to protect data in a CRM system:

1. Physical IT infrastructure:

Number one method of data protection is to keep it safe by protecting the overall infrastructure and customer's data in it. It is very essential to make sure that not everyone has network access and a firewall is also installed. Antivirus software should be used and should be kept updated.

Operating systems should be updated regularly. An encryption software can help prevent data breaches.

2. CRM Provider reliability:

The number one CRM provider would be where security of the software is ensured. Requested data should be given unlimited access and there should be strict standards of data. The dealings should be transparent as well.

3. Employee training:

Employees should be trained as well on how to use certain equipment and prevent breaches. There are different scenarios where training is the best method to make all staff aware of the breaches, dangers, and security risks. Then they should be trained on how to deal with such circumstances and prevent them in the first place.

4. Passwords:

One has to be very smart with the kinds of passwords they select. If someone hacks your password, the problem becomes more pertaining to security. They can steal any kind of data. Passwords should be complex, strong, long, etc. It should not be written in insecure places and should be prevented from being stolen.

5. Monitoring:

Regular monitoring of CRM activity is very important. It is sometimes not possible to monitor all the time, but an alert system can be set where each time a pattern is identified, the system will send an alarm.

All these five means are easy to implement in information security. Information security deals with protecting data related to electronics and printers. Such systems can be protected by setting up proper passwords, preventing their misuse by educating employees, and with regular monitoring of the system.


Related Solutions

Establishing an effective Information Technology Security Policy Framework is critical in the development of a comprehensive...
Establishing an effective Information Technology Security Policy Framework is critical in the development of a comprehensive security program. Additionally, there are many security frameworks that organizations commonly reference when developing their security programs. Review the security frameworks provided by NIST (SP 800-53), ISO / IEC 27000 series, and COBIT. Assume that you have been hired as a consultant by a medium-sized insurance organization and have been asked to draft an IT Security Policy Framework. You may create and / or...
As the CISO, you are responsible for development and implementation of various security policies to ensure...
As the CISO, you are responsible for development and implementation of various security policies to ensure the protection of company sensitive information and systems. There are different levels of policy from executive level to issue specific and system level policies. Discuss how the program policy leads to the other types of policies. Provide at least two examples of issue specific policies and two system specific (codified) policies. Include at least one research reference and associated in-text citation using APA standards....
Cyber security is an essential tool for managing risks in today’s increasingly dynamic and capable cyber...
Cyber security is an essential tool for managing risks in today’s increasingly dynamic and capable cyber threat landscape. Yet the market for cyber security remains small, and organizations are making only tactical investments in cyber security measures—one of the reasons why there has been an increase in cyber-attacks. Evidence suggests that this trend will last for some time to come. However, the anticipation of an increasingly open and mobile enterprise should help refocus the spotlight on strategic investments in areas...
Describe the major Information Security risks that you see associated with the move to this Microservices...
Describe the major Information Security risks that you see associated with the move to this Microservices strategy for Web Services. You should name and describe each risk that you estimate its likelihood and consequence and then describe a possible control for the risk and describe using tabular form
An information security manager is assisting in the development of the request for proposal (RFP) for...
An information security manager is assisting in the development of the request for proposal (RFP) for a new outsourced service. This will require the third party to have access to critical business information. The security manager should focus PRIMARILY on defining: A. security metrics B. service level agreements (SLAs) C. risk-reporting methodologies D. security requirements for the process being outsourced Correct Answer: ????????????? ____________________ ■ Answer A (security metrics) is believed to be the correct one (but often they are...
Explain the Security Systems Development Life Cycle methodology from the perspective of the Chief Information Security...
Explain the Security Systems Development Life Cycle methodology from the perspective of the Chief Information Security Officer (CISO). How does each phase, its deliverables and the personnel involved relate to the requirements of the CISO? PLEASE DO NOT PROVIDE ANSWERS ALREADY GIVEN. NO PLAGIARISM, PLEASE!
The HIPAA Security Rule is a critical document for Health care Information Technology professionals to understand...
The HIPAA Security Rule is a critical document for Health care Information Technology professionals to understand and support. Review the HIPAA Security Rule and discuss: (1) importance of access controls in addition to audit controls, (2) what “emergency access procedures” mean under the Access Control standard, (3) how role-based access controls meet the HIPAA Privacy Rule Minimum Necessary standard, (4) what form of authentication best meets the Person or Entity Authentication standard for different healthcare applications.
What is a critical success factors of a Global SIEM implementation?
What is a critical success factors of a Global SIEM implementation?
The role of the marketing manager is inclusive as to the development and implementation of the...
The role of the marketing manager is inclusive as to the development and implementation of the strategic marketing plan. Based on Chapters one and two of the book by Kotler, P., & Keller, K. (2016). Marketing management (15th ed.), outline the core elements of an effective marketing strategy and how the role of the marketing manager influence the overall development and implementation of the marketing strategy.
Discuss the process of managing the implementation of a major upgrade to an acute care hospital...
Discuss the process of managing the implementation of a major upgrade to an acute care hospital 's electronic health record system.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT