Wednesday, May 6, 2020

Computer Science Research and Technology - MyAssignmenthelp.com

Question: Discuss about the Computer Science Research and Technology. Answer: Introduction Allowing employees to bring their portable devices to the work environment at Aztek is useful. However. The practice has the ability to increase threats to the information systems of the organization. Such threats include viruses and illegal access to the organizations information by competitors, frauds, and members of the team who intend to harm the company. Information is the most important thing in the organization. It is what keeps the business running. There is an increased need to prevent and protect this information with the highest security degree possible. Thus, allowing new devices into the company might trigger information leakage when employees leave the firm. What happens if the devices are stolen or get lost on their way home? Information gets into the hands of harmful people. However, this should not prevent the company from venturing into the project. When starting any kind of business, a good entrepreneur is always ready to face risks. There are no businesses which operate without risks. What Aztek should put into consideration is how to choose among the potential hazards likely to occur. There are several strategies to solve risks in organizations. Some include transferring the risks to the third party, which in this case include investors, insurance bodies among other financial institutions which can give a helping hand in times of need or the occurrence of the estimated risks. The greatest advantage of the mobile devices to the users is that they are familiar with every kind of operation within them. Making mistakes or omissions using the device you use every day is rare. This paper will also cover the possible solutions to the risks involved when workers are allowed to bring their devices to work. The possible solutions include teaching employees to abide by the companys organizational culture and ethics; not sharing informat ion with others. It is unethical to give out information regarding your company to the outsiders. Organizational culture does not permit that. An employee with his senses working well will not violet the companys policies easily. With financial institutions, a single employees mistake will cost the entire financial status of the company. When working as a team, a members mistake is a failure to the entire team. It is should be therefore the responsibility of the company to ensure that everyone with the BYOD device in the firm takes responsibility. In the past few years, there has been rapid growth in the computer technologies. Cybercrimes have also increased as people learn new ways to get access to information that does not belong to them. This paper has covered the various topics of information security in relation to the case of giving employees chances to bring their devices to work. It also analyzes the emerging trends in the IT security field. Some of the widely covered areas in this writing include threats, management of risk, password cracking, access control management system as well as Firewalls. Several recommendations are also covered in this report. The recommendations include limiting the use of personal devices to perform tasks in offices. If the company will limit the information to be accessed by the employees using personal devices, then the security problem is controlled. Another recommendation provided is the education of the Aztek employees about the appropriate security measures to ensure that their devices are secure. This will help them to keep information safe even if their devices get lost or stolen on the way. For instance, teaching them how to make use of strong passwords which no person can easily access. Allowing employees to bring their own devices to work will facilitate the work output, improve IT efficiency at Aztek, reduce congestion over the workplace devices, lead to increased revenue among several other advantages. However, with the emerging attacks, there are several limitations which are associated with these devices thus making it hard to trust them. Financial Services Sector Review The finance sector is crucial in the Australian economy. Aztek, operating under this financial body should employ the maximum security possible to keep the company going without any IT threats. Putting into consideration the need to help clients all the time, introducing the use of personal electronic devices like mobile phones, laptops and iPads can serve best. Customers need to access their financial statements whenever they need and at convenient services by the company. One way of solving the limited resources challenge in the Aztek Company is by allowing employees to bring in their devices. However, finance being a sensitive area, what is the way to go to ensure that it remains as secure as needed? Bringing personal IT gadgets to the company might be a way of setting Aztek from spending in buying different technologies. It is not that simple to allow the practice in the financial institutions. It is something which might cause great losses. From statistics, most financial institutions do need to put into exercise extreme diligence as far as handling the financial data is concerned. Some of the reasons why the implementation of these might be hard in Aztek include the government regulations which have been set by the Australian Law enforcement authorities. This is done with a primary objective of overseeing the thousands of sensitive information transactions since the cybercriminals make most of them a target. For such to be implemented, there it will require Aztek to do registration with AUSTRAC (Australian Transaction Reports and Analysis Center). Without this registration, such services will not be provided. The act also aims at countering the financing of terrorist activitie s in Australia. By being complicated to implement in the financial sector, it means that financial policies have to be included to regulate how individual devices will be used for work. Allowing workers to use personal devices in the financial firms like Aztek is risky. Losing the financial data might be catastrophic with the use of personal devices. For instance, mobile phones are prone to be lost. So many people lose mobile phones in Australia each day. When tired, people take screenshots in their smartphones to use later. If such get in the wrong hands, Aztek will be in the danger of being invaded. If a laptop which contains customer data gets lost, what will happen? Havent you endangered the person if the customer gets a loss? In one of the instances which occurred in the US, more than $930,000 was lost due to stolen personal devices which were allowed in the financial institutions (From the Trench of Insecurity, 2015). One of the best-established practice so far is to buy those mobile devices for the employees. When they leave the work environment, they leave them there to avoid misplacing them or giving them to people who are likely to misuse the information in them. The technologists in the field of electronics have a great role to play to ensure that the business stakeholders information is kept safe despite the means which information is transferred. They should code much information which without enough verification, no transaction will take place. Such include using the client's fingerprint to make a transaction. This will reduce the high chances of losing funds to frauds. Having the information needed will not help them without full access to the device (without using the fingerprint). Aztek stakeholders will be in a position to make efficient and fast decisions with the technologies brought from their home places with convenience if the security protocols are well-set by the technologists. Security Posture Review The Bring Your Own Device (BYOD) to Work project has a great impact on the security of information at Aztek at the moment. With information being the most crucial element in organizations, the BYOD project is likely to decrease information safety in Aztek (Zelkowitz, 2015). Currently, there is much security in the organization since no device moves out of the office. Restriction in the movement of devices is a good thing for the firm. With the maximum financial security available in the firm, the essence of BOYD is not seen as a big deal by the stakeholders. However, if a clear consideration is put into account, there are several vulnerabilities, loss of information and other threats which this project is likely to bring into the premises. BYOD technologies provide surplus work output for the company without much investment. This calls for the need of the project. But which strategies should be implemented to ensure that the BYOD project is successful in Aztek? Or what should the CEO of the company do to be able to stay within the acceptable risk level? There are several users of mobile phones, and it might pose a problem to control their users even in financial institutions. Most mobile phone devices use Bluetooth, wireless networks (WLAN) as well as WI-FI in data connection. If several such devices join the same network, information might leak from device to device. Hence, vulnerabilities are introduced (Grefen, 2013). Aztek can employ the following strategies to enjoy the benefits of BYOD project and also maintain the security at the best acceptable posture: Transferring the risk Accepting the risk Avoid the risk Transferring the risk With the knowledge that the BYOD technology will bring a greater improvement to the firm, Aztek should transfer the associated risks to a third party like for example an insurance company for financial security. Other ways of transferring the risk include hedging, getting into partnership with other firms and outsourcing. Despite the security threats, the business will be able to operate and make huge profits from the project. Merging with other businesses will help Aztek to share the risk. In the event of the risk, the company will still have surplus money to repair the damages. Despite this strategy, the company should also find another way of minimizing the risks among its employees. If Aztek will find it hard to transfer the risk to the third party or accept the risk, then the only way forward is to reject the implementation of BYOD project. Some of the reasons why this firm will be reluctant to accept the risk or to transfer the risk to a third party includes the extent of the risk: if the The probability of the risk to occur within a short period of time is high; the company will suffer great losses. The best thing is to avoid the entire project. With security being the first priority of financial institutions or any other organization working under it, like in our case Aztek, information should be in the first line before anything else. Most frauds in the world are using mobile devices to commit cybercrimes. This is because most of these devices are not well secured. People can hack easily into them, steal information, and use it to commit huge crimes like terrorism. Currently, Aztek has a strong security system installed in place (Weidman Eeckhoutte, 2014). The work equipment is only left for employees; no outsider will access it. With your laptop, anybody can access it, hence the poor security of vital information. In the Aztek environment, computers are connected over the LAN and other reliable networks. Nevertheless, they are connected to the main computer where backup information is kept. The backup information is security for data in case something goes wrong. With the mobile devices, in this case, mobile phones, connecting them to the main server will cause traffic and slow down the companys activities. On the other side, if they are not connected, there will be no backup data in case the device gets destroyed beyond repair, gets stolen or misplaced. This is an increase in insecurity in the company. In the case whereby the devices are likely to infect the systems with viruses, the best way to go about it is to find the control measures for reducing the infection. A good example is the installation of antivirus programs. These will secure useful documents at Aztek. Threats, Vulnerability and consequences assessment There are several threats and Vulnerabilities which are involved when BYOD is introduced into Aztek. These include malicious apps, rooting/jailbreaking, untrustworthy employees, buggy applications, lost devices and software bugs (Kasemsap, 2017). With mobile phones, some dodgy applications can accidentally slip into the Google Play store or Apples App store at some point. These applications might pose a great danger to the device, and one might end up losing data or sharing it without their knowledge. For Aztek, this will be a great problem since the customer's data has been lost or made available to the outsiders. The best way to protect your BYOD hardware from such threats is by installing applications which will monitor the other applications installed on the hardware. A good example of such software is Marble Security service. This will help IT personnel to manage the applications installed on the devices (Ohio, 2012). Rooting procedures often undo the security features which are placed in the devices by the manufacturers. This opens up the BYOD devices to increase the attack risks. For this kind of threat, the mobile device management (MDM) can be used to keep watch of the device. Since BYOD devices are under the control of the owner, stealing data from the firm will be easier. Most people like keeping their privacy, therefore, will not let anyone have access to their mobile phones. This is a very difficult situation to control. However, with the use of Endpoint security software data leakage can be prevented. The main challenge with this threat is that it is hard to control data which the Aztek employees will have legitimate access. Aztek will be forced to tighten the controls and encrypt most of the information. Some applications can leak data accidentally or deliberately. When such data is leaked the company will be at a great risk of losing some of its potential customers. Most people like keeping their financial records private, letting them out to a second party will possible chase them away. Endpoint security solutions (ESS) can be the best way to keep monitoring these applications. When a device gets lost, it is usually a great risk until it is recovered or its data wiped off. There are several instances where crimes get committed due to the information found on the lost devices. The longer the BYOD device stays without knowing where it is, the higher the risk chances. Suppose it falls into the wrong hands, then Aztek will be in trouble of exposing the financial statements of clients. The MDM is the best solution when it comes to this. Wipe all the data in the device. Despite losing the information, Aztek is assured that the information will not get into the hands of people with the intention of causing harm. In this case, one risk is foregone to solve one, the most important; you will only lose the mobile device and not information falling into the hands of the wrong people and the device. This is a good strategy for the company in case such instances will occur upon implementation of the BYOD project. Software bugs The Software bug is a big problem which faces all companies with the aim of implementing the BYOD projects or operate under it and Aztek will be no exception. Some phones screens get bypassed so easily hence giving someone access to some features on the phone. The implication of this is that the company will be under a great threat of attacks from individuals with bad intentions. The large numbers of digital devices which individuals will bring into the company will increase the buggy amount. The best solution for the challenge is the use of the Mobile device management applications. Nevertheless, upgrades should be made every time new patches get into the app store. The IT experts in Aztek should be up to date with mobile device advancements. They should know the most secure devices in the market and encourage the employees to buy them if they are willing to bring them to work. Nevertheless, they should know about updates every time the companies bring them to the access of the cons umers. All mobile devices which are considered to be a danger to Aztek must be quarantined until solutions are found. There is no need to work with known risks. Cloud computing is the best strategy for the Aztek company to secure and solve these vulnerabilities. Cloud computing refers to the act of using the remote servers that are hosted on the internet for data management, Storage, and processing instead of using a personal computer or a local server. Mobile devices increase cloud computing to the firm. Though, using this online platform to share documents via emails and other forms may pose a danger if such information is leaked out to the wrong hands. With cloud computing, the BYOD model in Aztek will be more secure. Cloud computing provides an external storage to the device. No information will be stored in the mobile device. So, even if the gadget is lost, the information is safe. Cloud computing brings security in several ways. With cloud computing, data is processed outside the mobile device. It becomes only a medium for work. With such benefits, the procedures involved in the making of various transactions will not be anywhere in the device until one with passwords and other security details gets access to the site. With crucial data away from the device, Aztek will benefit the security benefits of the project (Economics of information security, 2014). No relevant data is made available to any third party. Nevertheless, the cloud provides more space for more storage of data. The only way an individual can access the data is to consult one with a password. Data Security The flow of data at Aztek is vital for the daily business transaction to take place. And so is the data security (In Bauer, 2011). Protecting data is keeping safe from people who intend to cause harm to your firm. Aztek should consider the risks and vulnerabilities which are likely to befall them one the BYOD model is Brought into use. Cloud computing: All data is stored on the internet, not on the device To secure data cloud computing might serve as the best way. The nice thing with cloud computing is that (Bhowmik, 2017): It is not easy to lose that data stored online even if the BYOD devices get lost. There is always sufficient backup for the business to run. Enough storage space. Aztek is a company dealing with several clients. There is so much information to be kept in records. Most mobile devices like the mobile phones will not have the capacity hold all the information. The online server is effective for it provides the adequate space needed. Nevertheless, keeping data off the mobile device is safe since most workers will go home with them and no one knows what kind of damage might befall them (Dawson et al, 2014). There is maximum security for the data. Only the people with access to the website are able to log into the powerful information of the Aztek Company. The best way to control the security of the data is to let few people get access to the details of the company (Bao et al., 2016). The only thing which should be kept available for the most users is a page allowing them to conduct transactions but not get into the deep data. The only people to get access to the data should be those who work under the IT and Accounts departments. For the IT experts, it is a necessity since they will need to keep updating the programming of the systems to allow the latest software. Nevertheless, those IT experts must be those employed permanently by the organization. For the accounts department, all transactions involving the company are run there, it is wise to give trust to them. In any case, why would Aztek provide deep information to the customer service department for instance? They should only have access, be able to download the various documents including the financial statements but should never be allowed to manipulate anyhow the data availab le in the servers using their personal devices (Susilo Mu, 2014). With the BYOD project, the most likely risks to be involved will include the loss of the mobile devices, lack of enough storage space, manipulation of the data stored by untrustworthy clients among several others. I believe that the cloud computing will solve most of these challenges (Windley, 2012). Conclusion BYOD technologies are crucial to the success of the Aztek Company in Australia. Given that the large population of citizens in the country have access to the mobile devices and laptops (Assing, Cale? Cale, 2013). Especially with the introduction of the Android platform which can allow installation of multiple software, any company willing to increase its returns inwards will be in a good position to implement their use. However, the most trending issue at the moment regarding BYOD model in organizations is IT security (Andress, 2011). Despite their advantages, these devices have the ability to bring a company down if wrongly used. The possibility of giving information out to undesired or unknown individuals are very high. In some instances, one might lose his device and lose all the data in it. Losing data will bring the Aztek Company down if the BYOD project is put in place (Endrijonas, 2015). The big question is, should risks prevent the company from implementing the BYOD project? The best business people are those willing and ready take risks. What will keep them going is the ability to solve the risks or integrate them into their systems. With the several ways of solving the risks which will be brought by the implementation of the program, the company should go ahead. Though BYOD is a complication to most financial institutions; it is the emerging trend in the globe. Aztek should not be left behind. Most workers get happy to use their own devices to perform the work assigned to them. However, what should be brought into concern by the company are some personal risks with the employees. Bringing in BYOD technologies can interfere with the work rate at some point. Such cases include: Those who will make use of their mobile phones might get distracted by calls during the work hours. Research indicates that most people spend much of their time sending short texts using their phones (Gardner, 2017). This is not a habit the company can stop. Personal laptops contain personal information. At some point, some employees might end up doing their own work rather than the organizations tasks. Nevertheless, most people keep videos, images or messages which remind them of their past. If they come across such, they might be affected emotionally hence the reduced work rate. The perfect way to go about the issue is to make use of the organizations culture, ethics and policies. Educating staff about their work and what is ethical. Personal works or calls can be taken during free hours or breaks. This might serve them conveniently (Gralla, 2006). With cloud computing in place, Aztek should find it the best solution to employ the BYOD model (Buyya, Vecchiola Selvi, 2017). They will not have to incur expenses on IT technologies. The only thing is to control the server and information that reach specific people to secure data. Data security is vital to ensure that the company or clients information is not breached by anyone (Endrijonas, 2015) References Andress, J. (2011). The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice. Burlington: Elsevier Science. Applegate, K. A. (2016). The Android. Milwaukee, WI: Gareth Stevens Pub. Assing, D., Cale?, S., Cale, S. (2013). Mobile Access Safety: Beyond BYOD. Somerset: Wiley Bao, F., Chen, L., Deng, R. H., Wang, G. (2016). Information Security Practice and Experience: 12th International Conference, ISPEC 2016, Zhangjiajie, China, November 16-18, 2016, Proceedings. Bhowmik, S. (2017). Cloud Computing. Cambridge: Cambridge University Press Bishop, M. (2016). Information security. Place of publication not identified: Springer International Pu. Buyya, R., Vecchiola, C., Selvi, S. T. (2017). Mastering cloud computing: Foundations and applications programming. Waltham, MA: Morgan Kaufmann Dawson, M., Omar, M., Abramson, J., Bessette, D. (January 01, 2014). The Future of National and International Security on the Internet Economics of information security. (2014). Boston: Kluwer. Endrijonas, J. (2015). Data security. Rocklin, Calif: Prima Pub. From the Trench of Insecurity. (August 20, 2015). The State of Security: Tripwire, 2015-8 Gardner, G. C. (January 01, 2017). The Lived Experience of Smartphone Use in a Unit of the United States Army. Gralla, P. (2006). How personal Internet security works. Indianapolis, Ind.: Que Pub. Grefen, P. (July 01, 2013). Networked Business Process Management. International Journal of It/business Alignment and Governance (ijitbag), 4, 2, 54-82 In Bauer, J. P. (2011). Computer science research and technology: Vol. 3 In Tipton, H. F., In Nozaki, M. K. (2014). Information security management handbook: Volume 7. Kasemsap, K. (January 01, 2017). Software as a Service, Semantic Web, and Big Data. Katzan, H. (2014). Computer data security. New York: Van Nostrand Reinhold. Kuttner, H., Moore, C. L. (2012). Android. Wilsonville, or: EStar Books. Ligh, M. H. (2011). Malware analyst's cookbook: Tools and techniques for fighting malicious code. Indianapolis, Ind: Wiley Pub. Miller. (2009). Cloud Computing. Que Publishing. Mobile security: Antivirus apps. for Android, Apple users. (2014). S.l.: CreateSpace Ohio. (2012). Internet security. Columbus: Office of Statewide IT Policy. Pang, A. S.-K., Dixon, W., Hoopla digital. (2013). the distraction addiction: Getting the information you need and the communication you want, without enraging your family, annoying your colleagues, and destroying your soul. United States: Gildan Audio Pradhan, D. K., International Conference on Advances in Computing and Communications, Preetham, V. V. (2012). Internet security and firewalls. Cincinnati, Ohio: Premier Press. Stiakakis, E., Georgiadis, C. K., Andronoudi, A. (November 01, 2016). Users Perceptions about mobile security breaches. Information Systems and E-Business Management, 14, 4, 857-882 Susilo, W., Mu, Y. (2014). Information Security and Privacy: 19th Australasian Conference, ACISP 2014, Wollongong, NSW, Australia, July 7-9, 2014. Proceedings. Cham: Springer International Publishing. United States. United States. (2012). Information technology reform: Progress made but future cloud computing efforts should be better planned : report to the Subcommittee on Federal Financial Management, Government Information, Federal Services, and International Security, Committee on Homeland Security and Governmental Affairs, United States Senate. Washington, D.C.: U.S. Govt. Accountability Office. United States. (2013). Information security. Washington, D.C.: U.S. Dept. of Justice, U.S. Marshals Service, Office of Inspections, Internal Security Division. Weidman, G., Eeckhoutte, P. V. (2014). Penetration testing: A hands-on introduction to hacking Windley, P. J. (2012). The live web: Building event-based connections in the cloud. Boston, Mass: Course Technolgy Zelkowitz, M. V. (2015). Information security. Amsterdam: Elsevier Academic Press

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.