We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy

IT Department BTEC Essay Sample

essay
The whole doc is available only for registered users OPEN DOC
  • Pages:
  • Word count: 1424
  • Category: business

Get Full Essay

Get access to this section to get all help you need with your essay and educational issues.

Get Access

IT Department BTEC Essay Sample

Describe the various types of threats to organisations, systems and data – P1

* Unauthorised access – This category covers internal and external threats. Internal threats are things such as:

Magic Disks – A recovery or backup disk that has been modded to include viruses or key loggers.

Man in the middle attacks – People extracting sensitive and confidential information whilst posing to be a customer, or a legitimate company.

Implanting Key loggers – Applications designed to record key strokes and send them back to the hacker.

External threats are this such as;

Viruses – Rouge applications designed to damage or make a system vunerable

Trojans – Applications designed to infiltrate a system often by posing to be a harmless file or embedded into another file.

Piggybacking – A term given to people who use someone else’s internet connection without authorisation. This is often undertaken by logging onto an unsecured network without permission.

Phishing – Attempting to fool a user into believing you are a legitimate service attempting to gain sensitive information.

* Damage to or destruction of systems or information

Damage to systems can occur when devices fail such as hard drives failing or natural disasters occurring in the workplace that could result in damaged or destroyed places. Such as:

1. Natural Disasters: This refers to what happens when data is lost as a result of natural disasters such as earth-quakes, floods, tsunami’s, terrorists, fires and such.

2. Malicious Damage: This covers data that is lost, damaged, or stolen as a result of a hacker of some sort. A hacker can implant a virus onto a system in order to damage the system or simply steal data such as credit card data.

3. Technical Failure: Technical Failure covers when devices fail abruptly such a servers going down, power supply failing, hard-drives crashing ect.

4. Human Errors: is when someone makes a mistake which results in data being lost. Incidents such as people accidentally deleting files and pulling plugs and such.

5. Theft: Theft occurs when criminals gain access to an office building or other work environment and physically steal hardware and other entities that have a significant impact on the company (such as data).

* Information security

Information security refers to keeping sensitive data safe and confidential.

An organisation would need to keep data complete, precise and up-to-date. Data such as bank details, blood types, addresses and other such information needs to be kept secure and confidential.

* Threats related to e-commerce

There are various security threats related to E-commerce. As websites that sell goods online rely solely on the availability and accessibility of an online store, they need to ensure the website is secure and not vulnerable to hackers. For example; Denial of Service attacks could prevent potential customers from purchasing goods and thus forth lose sales.

Another example is website defacement which would also repel potential customers from buying online.

There is also a threat of hackers implementing the ‘man in the middle’ technique on behalf of particular online retailers which fools customers in believing the hacker is a legitimate worker of the website, this method could result in the hacker exploiting the customer and thus gaining the website a bad reputation.

* Counterfeit goods

Counterfeit goods effect creators, directors and artists as they cause a direct loss to potential income. Downloading counterfeit software, movies and music could result In a fine or lawsuit. Counterfeit goods are becoming increasingly popular as the ease of ripping DVD’s, Music and Software makes it easier to access. Counterfeit goods may cause loss of business for companies. The loss of business then results in businesses having to raise prices to make up for loss of profit.

* Organisational impact

Security threats can cause loss or alteration of essential documents that the an organisation may need to function correctly. Loss of business followed by loss of income can also occur, this ultimately could result in bad reputation from potential customers. Systems going down could result in companies being unable to contact suppliers and customers.

Circumstances of 4 security related threats on organisations – p2

Phishing -This is the process of gaining information from someone by pretending to be a legitimate worker for a company and retrieving information for legitimate reasons. Phishing could result in customer details being leaked, distributed, and exploited. This could badly reflect on the company and lose the company business and income.

Denial of Service – Denial of Service is a process that involves a hacker overloading a server which results in the server being forced to shut down. This could result in loss of potential customers and thus profit.

Piggybacking – Piggybacking is the process of using a company internet connection without having authorisation to use it. This can severely effect bandwidth and damage company productivity. Piggybacking could result in systems lagging and becoming slow, this would result in workers being unable to do there job efficiently and at an optimised pace. There is also a threat posed by people using a companies network to browse illegal content to which the company would have to take responsibility.

Man in the middle attack – This is the process of being directly involved in communicating with both parties, claming to be one another. The outcome is both parties believe they are speaking to eachother, but they are actually talking to someone else. This method results in the ‘man in the middle’ acquiring sensitive information such as credit card details from either party. This could result in the ‘middle man’ leaking sensitive customer information such as customer addresses and more importantly; bank details. This could then result in the company getting a bad reputation or being taken to court for breaching data protection. The man in the middle could also waste company time and as a result; money.

Countermeasures Implemented to reduce risk of damage to systems – p3 & p4

Countermeasures Vermason could implement to protect physical systems – p3:

CCTV – This would work as both a visual deterrent to prevent thieves and vandals breaking into a building and causing damage or stealing systems and would also enable the company to keep an eye on potentially rouge employees that may steal data or embed viruses into systems.

Sheilding Network Cables and Wirless Communications – Data travelling via electro-magnetic or radio transmissions can be vulnerable to being remotely monitored because the copper data cable can be analysed to discover what data is travelling along the line. Fibre optic is the safest variation of network cabling and cables can be shielded to prevent data being ‘tapped into’. This would be a great countermeasure to prevent sensitive data from being leaked or exploited.

Intrusion Detection Systems – Systems such as proximity alarms can prevent burglars breaking into a building and can be set-up to call the police upon break-in. This works as both a deterrent; because warning potential burglars of alarms would prevent them from breaking in. And also as a countermeasure to attempt to catch anyone with malicious intent.

Countermeasures Vermason could implement to protect network security – p4:

Backups – Backups are an essential countermeasure in offices. If there was an electrical fire or other natural disaster that could result in loss of data, this would insure that all essential data such as databases the company requires to undertake work related tasks are still there aswell as contact, supplier and customer information so that they do not need to be re-acquired.

Passwords – Passworded systems can be implemented to secure individual workers within the company, it firstly provides an element of data security for each individual (eg; sensitive information that may be kept on a user account) and also holds each user responsible for there own actions on the computer under there own user account. More importantly; passwords ensure that only legitimate employees have access to important company files and other such potentially confidential information.

Firewalls – A firewall would prevent unauthorised access from outside the network. It does this by scanning data packets coming onto the computer and ensuring that they are safe, it also is responsible for actively preventing virus’s such as Trojans being downloaded from the internet and onto the network computers. Installing a firewall would prevent hackers from accessing the network and stealing data or causing damage.

We can write a custom essay

According to Your Specific Requirements

Order an essay

You May Also Find These Documents Helpful

A Business Plan for an It Start-Up

The company is an ITES startup that makes apps and websites for third party. The business aims at targeting the lesser exploited markets of grocery stores, schools and medical stores. For doing the on-ground marketing of our services, we have planned to hire a salesman. We’ll train him well and make him enough knowledgeable about our business so that he can give us our potential...

Ethical and Legal Issues Revolving

A civil action film is a based on true life experiences that revolve around the good scenarios and issues that are bound to be tried by legal bodies. It is based on the true stories that were taking part in the year 1980s when the environmental pollution took place and better parts of Woburn. There was the ethical issue revolving around the film as there...

Business Ethics - International Trade Administration

As experts in business ethics, your expertise can be used to help breakdown a situation good or bad. In situations we can come in and erase the bad and replace with good or simple reinforce the good that is being done. In this case, we will be doing a lot of erasing for many reasons. This branch of the bank was not doing what it...

Wace Group’s To Scaling A Business

M&S was highly specific about the quality of paper, size of paper, cuts as well as delivery schedule. Though quality standards and technical skills were forte of Wace Group, yet some of the major changes that the company had to accompany in its order schedule, capacity schedule and delivery schedule. Most importantly were of important concern which on one hand can pose risks to the...

Business Accounting and Assurance Coursework

The conceptual framework has been defined as ‘a coherent system of interrelated objectives and fundamentals that is expected to lead to consistent standards.’ (FASB 1978) Answer the following questions in relation to the International Accounting Standards Board’s Conceptual Framework, 2010. Q1. What is meant by general purpose financial reporting and how does it differ from special purpose financial reporting?​The financial report implies noticing down the monetary exercise...

Get Access To The Full Essay
icon
300+
Materials Daily
icon
100,000+ Subjects
2000+ Topics
icon
Free Plagiarism
Checker
icon
All Materials
are Cataloged Well

Sorry, but copying text is forbidden on this website. If you need this or any other sample, we can send it to you via email.

By clicking "SEND", you agree to our terms of service and privacy policy. We'll occasionally send you account related and promo emails.
Sorry, but only registered users have full access

How about getting this access
immediately?

Become a member

Your Answer Is Very Helpful For Us
Thank You A Lot!

logo

Emma Taylor

online

Hi there!
Would you like to get such a paper?
How about getting a customized one?

Couldn't Find What You Looking For?

Get access to our huge knowledge base which is continuously updated

Next Update Will Be About:
14 : 59 : 59
Become a Member