ARTICLES
  1. SupervisoryMethods of Information Technology Security

Supervisoryprecautions that can be implemented in everyday life usage of theinternet and information technology means all the rules are laid downand necessitate for all of them to be applied. Just as it is inalmost everything in life, everything within IT security needs to bestated clearly and with the utmost honesty.

Today, scriptjunkies create viruses that cause spiritual and monetary harm, accessbank accounts, attack computer networks and domains and we see thesepeople and problems in the media every day. Along with this, itshouldn’t be thought that what system managers and security expertsdo every day are limited to what is shown in the media. Apart fromwhat is shown in the media, there are weekly, monthly, to put itshortly “periodical” projects that are created and these arecalled supervisory methods. The fundamental processes that make upthis sector are;

  • Securitypolicies

  • Security checks

  • Risk management

  • Standards andprocedures

Data found on thecomputers within a corporation or establishments network are ofcritical importance and are in direct connection with the missions ofthe corporation. For this reason, supervisory methods are importantfrom the ground up. The main job of a security management unit withina corporation is not merely creating methods to maintain security butalso, primarily, to execute security relevant demands by theadministrators. The support of administrators is necessary, becauseit will be hard to execute what is needed of a security system from acorporate base, to act as a median between upper management andsecurity management.

Security Policies

Security policies isthe general name given to the role that security plays withincorporations. The person or people that can compose a security policyare a committee comprised of the security experts within acorporation. The security checks that are to be executed within thecorporation should be conceptualized without getting into too muchdetail. For example; according to the magazine, Internet Week, thatalthough 70% of corporations claim to have security policies only afurther 38% within that percentile have a written security policy.

In this case, peoplewho are working for these corporations will have been rid of all oftheir legal responsibilities. Along with this, the private andpersonal information of the corporation will be secure against thosewho want to steal, abuse and manipulate them. At the same time thecorporation will then have learnt new data processing methods andalso have put a stopper to the waste of resources.

Security checks

Security checks isthe procurement the security structure, security policies andstandards and procedures of a corporation, finding the weak spotswithin and getting rid of these weak spots by supplying alternatives.A successful security check would be executed if all members within acorporation were to be involved. But the fact of the matter is, isthat when security checks are the case, most people are prejudicedand can be discomforted. In actuality security checks determinewhether or not a certain security policy works successfully for acorporation, the logins and logouts on computers, document proceduresand the changing of network access rights. The example cases in asecurity check are among many others that can be added to the list:the determination of a document being classified as “Read only”or changeable, the identification of people who have a right tochange important information, system access, the blocking of thingsthat can halt resource consumption, how access to a network is to beexecuted, whether or not computers, computer networks and thebuildings these are found in are physically secure, whether or notchanges made in the system are watched or not, user groups, useraccess authority and the rights of the users within the system etc.

Risk Management

Risk can be definedas the possibility of an event that is harmful to a corporationtaking place. Risk management is the assessment of these risks andreducing them to a bare minimum and keeping it that way to keep thecomponents of a corporation running smoothly and in unison. It isimpossible to have a 100% secure work environment. There are alwaysgoing to be faults in security and risks connected to these and thebest thing to do would be to manage these risks in the proper way.

The risks that canarise when it comes to IT security within a corporation are; personalmistakes made by workers within the corporation, hardware problems ona corporate computer, manipulation of private data or the loss ofdata and the software applications running faultily or in a wrongmanner.

Standards andProcedures

The securitystandards of a corporation contain information on how the softwareand hardware on those corporations’ computers are to be used.Standards might not regard real life situations and measures to betaken in practical situations. In these situations, the flaws withinsecurity measure may be rid of with the help of a supervisor.

Procedures aredocuments that examine in detail the processes that are to beimplemented and help in executing these processes. For example; whensoftware is to be installed, when hardware is being mounted, changingthe settings on software or hardware and the verification of useraccounts in the system can be executed.

Standards and procedures need to be prepared sothat they work in unison. If I were to give an example; If when thesupervisor is to enter the system and if this person needs to getthrough an ID verification process, the procedure would be that thenecessary steps are taken and presented to that person in a way thatthey will understand. 

COMMENTS
ADVERTISEMENT
Authors of the article
Last Articles
Most Read Articles