Risks to Data Security: Iteration 1 & 2, Reflective statement
RISKS TO DATA SECURITY 11
Hemanth,
Please have your papers corrected by student services before submitting them to Blackboard. There is not a paragraph in your paper that did not have some corrections. Proof-reading by someone else is needed for every paper.
Please go to the Student Success Center's writing assistance page http://www.wilmu.edu/ssc/writing.aspx.
When you get your paper back from me, please look at it to learn what are the corrections that need corrections or improvements and do not repeat same errors.
Do not use REFERENCE TOOL from MICROSOFT OFFICE’S Word application.
I cannot give you individual reference’s feedback because you used REFERENCES TOOL.
Be Advised.
If you continue using this tool, you might get zero (0) for your efforts in References.
RE-DO YOUR PROPOSAL PART OF THIS PAPER.
Go through your entire paper and correct all errors and all comments.
Risks Toto Data Security
Hemanth Kumar Reddy Ambati
IST 8101
September 2017
Wilmington University
Running head: RISKS TO DATA SECURITY 1
Running head: RISKS TO DATA SECURITY 8
Table of Contents
Iterations 1: Interviews and Gathering Requirements 7
Iteration 2: Follow up Sessions and Data Analysis 7
Iteration 3: Development and Presentation of Findings 8
Iteration 4: Development of Design and Implementation Process 10
List of Tables and Figures
Figure 1: Diagrammatical representation of the iterations........................................................... 9
Literature Review Comment by Dr. Singh: Missing project title.
Data security risks areis one that that have been on the rise and is if a solution is not fouind soon, the people using such devices such as computers can no longer feel safe using such devices. This is because such data security risks can interfere with the privacy of people who are using such devices (Rosenberg, 2006). Stopping using devices like computers among others is something that cannot be provided as one of the ways of the solutions to the data security risks, it is, therefore, necessary that a better alternative is found (Vacca, 2009). There are various literature materials that have been written regarding this issue of data security risks. It is important that such literature materials are interrogated to see where the problem is and the various ways in which such problems can be solved. Comment by Dr. Singh: Read this sentence and correct it.
Stephanie Obodda in his article, provide the various ways in which people can protect their computers against viruses and malware. In her article, the author starts by saying that the solution to malware and viruses is are different from one software to another and also depends on the different operating systems such computers are using such as Windows or Macintosh among many others. Some of the solutions that she gives areis through the use various anti-virus software such as Windows defender for windows operating system among others (Obodda, 2016). She also proceeds to give solutions for mobile devices.
U.S. Department of Education through their various publications has written of data security in particular top threats in data protection. Thisese publication starts by noting that advancement in Information Technology (IT) have raised various concerns about the risks to data associated with IT security. For example, data privacy, confidentiality, and security practice are some of the consequences of such security threats (U.S Department of Education, 2011). The publication then proceeds to identify the various threats to data security. Some of the threats that are identified include: viruses, malware, attacks and compromise of network systems and services. This literature is a very good as it provided the first step inof getting a solution to the problem of increased data security risks.
Steven C. Bennett (2008) in his article identified data security breaches, in particular looks at the issue of the problems and the solution associated with the issue. The author looks and at data security breaches by taking cases study of investigation of the commercial world and how technology is being used. Bennett (2008) investigates the data breaches that are going on with social security numbers, credit card information, financial records, health data, and intellectual property in the commercial environment. For example, in his research Bennett (2008) founds out that between 2006 and 2007 more than 300 major incidents of data breach have been reported (Bennett, 2008). There are various ways to help reduce the risk of data security breach. One ways given is through organizations establish comprehensive data-detailed security policies, and create a security-conscious workforce, through training and periodic reminders Bennett (2008).
Federal Trade Commission (FTC) in its January 2015 report highlights highlighted the privacy and security in a connected world. The report starts with the definition of what it means by the term the report uses that is “The Internet of Things”, which is defined as the ability of everyday objects to connect to the internetInternet and to send and receive data (Federal Trade Commission, 2015). The report then goes ahead to highlight the various privacy and security issues that are affected “The Internet of Things the internet of things”. The report first notes that in accessing the internetInternet it must be done through the use of a device such as computers and mobile phones among other similar gadgets. This is where the problem of privacy and security of data comes in. There are various data security risks that are associated with the use of such devices such as viruses and malware. The report makes recommendations that every individual and organization must take responsibility by use using software that helps in the protection of data in such devices to avoid instances of a data breach.
SANS Institute writes wrote a paper which evaluates the cyber risks in engineering environments. The paper notes that Industrial Control Systems show an increase in the use of advanced process control software, mobile applications, web-based infrastructure and embedded Information Technology. This implies an ever-increasing use of IT hardware and applications. There is also the use of “off-the-shelf” IT which has brought costs down, the increased use of IT has also added complexity and increased susceptibility to threats associated with IT security (Mohr, 2016). This has exposed engineering environments to cyber risk, and the threats are increasing in both sophistication and frequency at a continual upward trend. This is paper is basically giving an outline of the various cyber security risks that are being experienced in the engineering environment and trying to understand why such environments are have such increased incidence of data breaches and similar acts.
A nNew report by government technology a website that talks about issues of cyber security haves given a very good article that gives the various steps to a cyber-security risk assessment. The article started by noting that many organizations suffer from security paralysis a condition in which it is impossible to prioritize areas for remediation due to limited resources (News Report, 2010). Others also apply a set of best practices in the hope that what worked for another organization will work for their organization. These approaches are not a rational strategy that can adequately protect information assets or lead to maximization of the value returned from investments in security, according to IT solutions provider. The article advice organizations and individuals to take appropriate measures and engage in a more necessary and objective oriented assessment to get the vast nature of cyber security threats.
Proposal
Iteration1: Interviews and Gathering Requirements
It is good to understand what the project is all about. This project is one that is aimed at identifying the various data security risks that individuals, as well as organizations, face in regards to issues such as viruses and malware. The project will also continue to provided different solutions to this particular problem that has seenaw the rise of data security breaches in many organizations and individuals. Project know that there are increased data security risks and the questions areis just identifying these risks and explained the risks through thorough interrogation using evidence that is available in order to get solutions that are not only practical but also achievable for both organizations and individuals. Comment by Dr. Singh: What do you by this?
There are various things that will be needed to engage the project, in getting to meet such requirements, there will be interviews with senior employees, in particular in the Information Technology department to expound more on the issue of data security risks. The aim of the interviewed is to get the practical side of the whole issues as what have been relied mostly on is the literature materials which are mostly opinions of scholars with a few of them being researched-based articles and similar works. The interview will help get to understand what such senior employees feel as the best practical ways that such data security risks can be minimized.
Iteration 2: Follow-Up Sessions and Data Analysis
From the brainstorming sessions, there are various things that remain unclear that needs to be clarified. It is, therefore, important that clarifications are taken from experts with similar expertise or opinions. During these sessions, it will be more of letting the group of people being interviewed of the various arguments and information that you have gathered to them in evaluating them. This is to ensure that whatever information that is obtained is one that has satisfied. Data security risks areis one area in cyber security that has various literature materials some just being written for commercial purposes. This session will help separate the good useful information from those information that are bad andthe unnecessary information.
There are various hardware that hasve been developed to help in the technological advancement such as access of internetInternet and network virtualization where organizations and individuals store theirre information in a cloud. Some of the hardware include computers, and mobile phones among similar devices. There isare also various software that hasve been created to help in carrying out of such technological advancements. Some of the software that hasve been created include: windows, Macintosh among other operating systems like the in-house operating system used by Apple company in the production of its mobile and computer devices.
Iteration 3: Development and Presentation of Findings
There are various findings that have been found as a result of the literature review and brainstorming sessions with the senior employees. During this period there were various findings that were being made in regards to various data security risks. It is at this point in which the senior staff will be informed and briefed about the progress of the project. This will be done through the provision of various findings from the information that will have been gathered. For example, the it has been evident from the interviews that increase use of mobile and computer devices among similar others without a certain level of protection from virus and malware is the root cause ofto increased cases of data security risks for many organizations.
Iteration 1
Interviews and Gathering Requirements
Reflection
Observation
Action
Plan
Iteration 2
Follow-up sessions and Data analysis
Reflection
Observation
Plan
Action
Iteration 3
Development and Presentation of Findings
Reflection
Observation
Action
Plan
Iteration 4
Development of Design and Implementation Process
Reflection
Observation
Action
Plan
Iteration 5
Final Stage of the Project
Observation
Reflection
Action
Plan
Figure 1: Diagrammatical representation of the iterations
Iteration 4: Development of Design and Implementation Process Comment by Dr. Singh: Missing Iteration 5.
This will take places after the senior management is convinced that the course isam taking is a noble and one that can help the organization and many others. This will lead to approval of the financial requirements that areis expected to help in the completion of the project. This phase will see the creation of a detailed plan that will help see the project reaches its completion. Various heads of departments will be used as part of the team to help in giving their experiences at the departmental level about the various data security risks that they have been faced with. The roll out of the new process will be done in such a manner that each member of the team will be given a specific role to play and then bring whatever has been as result of that role on the table for consideration and thorough analysis.
References Bennett, S. C. (2008). Data Secuirity Breaches: Problems and Solutions. The Practical Lawyer Journal, 39-44. Federal Trade Commission. (2015). InternetInternet of Things: privayc and security in a connected world. Federal Trade Commission January 2015 Report, 1-71. Mohr, R. (2016). Evaluating cyber risks in engineering environments a proposed framework and methodology. SANS Institute Journal, 1-34. News Report. (2010, June 24). Five steps of cyber-secuirty risks assessment. Retrieved from Government Technology: http://www.govtech.com/security/5-Steps-to-Cyber-Security.html Obodda, S. (2016). Protect your computer against virus and malware . BROWN CIS IT Service Center, 165-201. Rosenberg, B. (2006). RFID: applications, security, and privacy. New York City: Addison-Wesley . U.S Department of Education. (2011). Data Security: Top Threats to Data Protection. U.S Department of Education Publication, 1-8. Vacca, J. (2009). Computer and information security handbook. New York City: Elsevier.