Information Security: Evaluation and Recommendation Essay

Exclusively available on IvyPanda Available only on IvyPanda

Introduction

The protection of confidential clients’ information receives a lot of concern from every security firm. However, due to increased advancement in technology, firms and clients are becoming more conscious of the current environment that we are living in. The number of cases related to data loss is at an alarming rate due to risks stemming from hacking, password cracking, and software or system application breach. Some applications such as file sharing are exposing both data handlers and clients to serious risks (Johnson, 2012).

We will write a custom essay on your topic a custom Essay on Information Security: Evaluation and Recommendation
808 writers online

As of today, advancement in technology is endangering the safety of clients’ information especially those who keep their information with security firms that are not using up-to-date security systems. This essay will seek to prepare a short technology evaluation paper addressing the risks associated with the collection, processing, and storage of confidential client information (loss of confidentiality).

Executive summary

Data handling involves many risks; from fear of losing the company’s face value to the loss of finances. Generally, when a case involving loss of data through leakage or any other way, security firms entrusted with the responsibility of handling confidential information of clients stand to face serious challenges directly associated with loss of funds and company reputation (Craddock, 2003). Assessments based on those security firms that use simple methods of data handling such as file sharing application face continuous cases of data loss especially when the application is accessed by anybody else who is not an employee of that particular firm (Dept. of Information Resource, 2008).

An overview of this matter proves that data loss can also lead to lawsuits, which in turn can drain the firm of its resources including loss of clientele. It is recommendable that security firms in the line of data collection, processing, and storage should have high technological devices suitable for ensuring safe data handling.

In addition, potential clients should understand that application of mobile phones, laptops, or notebooks, and safe boxes are more accurate and safe. Reasonably, a mobile phone is a portable device, capable of storing information externally, and traceable in case of loss. Some original mobile phones are hard to crack passwords when it falls in the wrong hands (Johnson, 2012). Further, security firms using mobile phones to store data can keep those devices in other safer locations where they are inaccessible to unauthorized persons.

In addition, laptops have the capability to store large data and are lockable using passwords. On top of that, using safe boxes to store client information forms the largest margin of confidentiality. Therefore, a client promised to have his or her data collected, processed, and stored in any of these should rest assured that the information is indeed in the safest hands (Craddock, 2003).

Technology evaluation matrix

What Is Risk or Vulnerability?What Needs to Be Protected? (e.g., passwords, data, file backups, system registry)Candidate Technology SolutionHow the Technology Solution WorksEffectiveness (High, Medium, Low)
Data leakage via mounted audio and video devices in either rooms or personnel involved in the collection, processing, and/or storageDataMobile phonesWith mobile phones, data can be protected with more than one device. Ideally, the data handler can input the desired data into a USB, then insert it in a mobile phone, and lock that phone in a safe box.High
Password cracking- data leakage might stem from cracking of a security keyguardPasswordsLaptops/eNotebookThis technology works in a manner that, the confidential information of a client is stored in a laptop with a concrete password, which they should be added another key pass. This means no one else can access the data without the consent of the password holder.High
Access of information by unauthorized usersFile backupsElectronic safe boxesParticularly, data is secured in a safe box, which is then locked in a bank or safety deposits available in different cities. Whenever the client needs it, he or she accompanies the data handler to the respective destination where the box is stored.Medium

Risks involved in the loss of confidentiality

Loss of confidential information of a client can result in a damaged reputation of the company handling such data. This entails that the collection of confidential client information is one of the processes that require utmost secrecy and should take place in an enclosed place with no possible ways of data leakage. This means the place should be set such that no one else can have access to or hear the information (Johnson, 2012). Firms should always ensure that there are no devices mounted on their premises without their consent mainly because unexpected people wishing to get this information from outside may mount video and sound recording devices secretly.

1 hour!
The minimum time our certified writers need to deliver a 100% original paper

Additionally, whoever is found guilty of leaking confidential information is eligible to face a long time jail term including the security firm and its employees (Dept. of Information Resource, 2008). During the collection of information, it is believable that the unexpected can happen. Therefore, risks related to leakage can occur.

Risks associated with data processing are many and hard to control. Nevertheless, it is possible to prevent the occurrence of such threats with substantial software and other associated means of preventing data loss or leakage. Processing of client’s information involves procedures such as typing the data, saving it in special computers, and locking it in safe boxes among others. During this process, risks like key duplication in the case of locking safe boxes are rampant while the installation of spy cameras is also a challenge (Johnson, 2012). This shows that risks associated with data leakage during processing tend to pose serious challenges in the data processing.

Additionally, collusions emanating from a client –data handler relationship also act as part of threats associated with data processing. Generally, good customer relationship depends highly on good working relations (Craddock, 2003). If by any chance the client feels that a particular security firm is inadequate or cannot handle data safely, it is likely that the client might not corporate with the data collection, processing, and storage. This kind of threat paints a negative picture of the firm hence the firm losses its credibility in the market.

Comparison of the candidate technology-based solutions

Facts show that the use of safe boxes in securing client information is the most confidential, safest, and accurate. Safe boxes have electronic security locks that can never be broken without the right equipment. Furthermore, electronic safe boxes are not portable meaning that they are not vulnerable or exposable to possible attacks. Whoever deposits the safe box into the firm’s security premises is the only one mandated to access it all the time (Burnett, 2006).

They are kept in places such as banks and post offices where the intrusion is minimal. Through advanced technology, clients will be able to secure their data without fear of exposure or leakage as currently, security firms are advancing with technology. As much as this technology appears safer, it is surprising that it has a vulnerability. Electronic safe boxes also use keys. An employee might make a duplicate of the key singly or with the help of other people. This puts the secured information at risk as one can access it using the duplicated key (Dept. of information resource, 2008).

Mobile phones are also technologically friendly as they can use passwords, encrypted software, and external storage devices such as USB and microchips. Mobile phones are conventional devices capable of safely securing a client’s confidential information since they can be locked with passwords incapable of cracking. Passwords minimize the risks involved in data handling since only the holder owns the secret code (Burnett, 2006).

These passwords are always strong enough to withstand guessing attacks and cracking. This becomes possible by coming up with a password made up of numbers, letters, and symbols. They are also long enough to endure hacking attempts. It is advisable to change the passwords time after time to ensure that they do not get into the wrong hands. Mobile phones are vulnerable since they are portable. This factor of mobility increases the chances of getting lost, damaged, or rendered ineffective, as the device is reusable if lost (Dept. of Information Resource, 2008).

Remember! This is just a sample
You can get your custom paper by one of our expert writers

Recommendation and conclusion

It is recommendable electronic safe boxes are the fit test technology-based solution that can mitigate these associated risks. Compared to the other proposed technology-based solutions, electronic safe boxes are more dependable and safe. In conclusion, employees should at no instant share a client’s information with anyone. Confidentiality and reputation should be everyone’s priority, and thus, the management should discourage its employees from storing sensitive data in portable devices since they can easily get into the wrong hands through theft (Johnson, 2012). Moreover, security firms should budget for high technology machinery in order to ensure enhanced security.

References

Burnett, M. (2006). Perfect Passwords: Selection, Protection, Authentication. Waltham: Syngress.

Craddock, M. (2003). Assistive Technology: Shaping the Future: AAATE’03. Texas: DIANE Publishing.

Dept. of Information Resource, (2008). Information Resources Security & Risk Management: Policy, Standards, & Guidelines. Texas: DIANE Publishing.

Johnson, P. (2012). Gurry on Breach of Confidence:The Protection of Confidential Information. Oxford: Oxford University Press.

Print
Need an custom research paper on Information Security: Evaluation and Recommendation written from scratch by a professional specifically for you?
808 writers online
Cite This paper
Select a referencing style:

Reference

IvyPanda. (2020, August 30). Information Security: Evaluation and Recommendation. https://ivypanda.com/essays/information-security-evaluation-and-recommendation/

Work Cited

"Information Security: Evaluation and Recommendation." IvyPanda, 30 Aug. 2020, ivypanda.com/essays/information-security-evaluation-and-recommendation/.

References

IvyPanda. (2020) 'Information Security: Evaluation and Recommendation'. 30 August.

References

IvyPanda. 2020. "Information Security: Evaluation and Recommendation." August 30, 2020. https://ivypanda.com/essays/information-security-evaluation-and-recommendation/.

1. IvyPanda. "Information Security: Evaluation and Recommendation." August 30, 2020. https://ivypanda.com/essays/information-security-evaluation-and-recommendation/.


Bibliography


IvyPanda. "Information Security: Evaluation and Recommendation." August 30, 2020. https://ivypanda.com/essays/information-security-evaluation-and-recommendation/.

Powered by CiteTotal, free citation creator
If you are the copyright owner of this paper and no longer wish to have your work published on IvyPanda. Request the removal
More related papers
Cite
Print
1 / 1