Internal & External Security Paper for the Hospitality
Internal and External Security Paper
BIS/303
March 21, 2011
Professor Eric Wilson
Internal and External Security
Security has become increasingly complex, and is an important consideration when building, upgrading, and maintaining the hardware, software, and infrastructure of an information technology department. Security contains many aspects. Physical security, virtual security, data integrity, accountability, business continuity, and auditing are among topics that address different security aspects and concerns. Security must be addressed not only regarding internal users and issues, but must also be resolved from external threats that are presented when connecting an organization’s network to the Internet and various external customers, vendors, and outside agencies. This paper will distinguish between internal and external threats to the physical locations where resources are located, as well as the virtual resources that are accessible electronically from inside or outside of the organization. Strategies that are used to protect the physical and virtual resources will also be presented, as well as how those threats are defined and distinguished. As the capabilities and complexity of information technology systems have progressed, security has evolved into a specialized information technology field of study. The importance of building and maintaining the proper security controls can have a direct correlation to the success or failure of an organization.
Data Privacy Issues
One of the fundamental reasons that an organization creates a computer network is to facilitate the collection and storage of data. Attached to the collection of that data, is the responsibility to protect the integrity of it, as well as limit the access to it, to minimize the possibility for misuse. Numerous pieces of data must be secured because they comprise the information needed to establish identity, open lines of credit, and legally
BIS/303
March 21, 2011
Professor Eric Wilson
Internal and External Security
Security has become increasingly complex, and is an important consideration when building, upgrading, and maintaining the hardware, software, and infrastructure of an information technology department. Security contains many aspects. Physical security, virtual security, data integrity, accountability, business continuity, and auditing are among topics that address different security aspects and concerns. Security must be addressed not only regarding internal users and issues, but must also be resolved from external threats that are presented when connecting an organization’s network to the Internet and various external customers, vendors, and outside agencies. This paper will distinguish between internal and external threats to the physical locations where resources are located, as well as the virtual resources that are accessible electronically from inside or outside of the organization. Strategies that are used to protect the physical and virtual resources will also be presented, as well as how those threats are defined and distinguished. As the capabilities and complexity of information technology systems have progressed, security has evolved into a specialized information technology field of study. The importance of building and maintaining the proper security controls can have a direct correlation to the success or failure of an organization.
Data Privacy Issues
One of the fundamental reasons that an organization creates a computer network is to facilitate the collection and storage of data. Attached to the collection of that data, is the responsibility to protect the integrity of it, as well as limit the access to it, to minimize the possibility for misuse. Numerous pieces of data must be secured because they comprise the information needed to establish identity, open lines of credit, and legally
References: Barr, J. G. (2007). UOP EBSCOhost library - Data Center Physical Security. Retrieved from http://140.234.1.9:8080/EPSessionID=39ad8a39ea692bdf7b39f8cd6a0df5b/EPHost=www.faulkner.com/EPPath/products/securitymgt/docs/pdf/datacentersecurity0207.pdf Conjecture Corporation. (2011). wiseGEEK – What is data encryption? Retrieved from http://www.wisegeek.com/what-is-data-encryption.htm Drumheller, R. (2010). UOP EBSCOhost library – Conducting an Information Security Gap Analysis. Retrieved from http://140.234.1.9:8080/EPSessionID=ccd596d997d4416161818e659718f89/EPHost=www.faulkner.com/EPPath/products/faccts/00018422.htm Indiana University. (2010). University Information Technology Services – Knowledge Base – What is a firewall? Retrieved from http://kb.iu.edu/data/aoru.html Yoder, A. (2003). UOP EBSCOhost library What is HIPAA privacy? Retrieved from http://ehis.ebscohost.com/ehost/delivery?hid=120&sid=e9415e48-b833-4fb3-a45c-e30ecd465b00%40sessionmgr114&vid=10