0
How can companies use IT to meet the challenges of data resource security?
Basmaaw
Most organizations know that it is important to protect their data and resources from loss or damage due to theft, human or computer error, malicious intent, or any number of other events. You can take steps to limit the opportunities for loss or damage to occur. You can also establish policies and procedures to respond to and minimize the effects of the loss or damage to your IT environment. The Rationalized level in this guide deviates somewhat from the Core Infrastructure Optimization Online Self-Assessment and focuses on the following topics: two-factor user authentication, standard security review for new assets, and data classification processes.
Phase 1: Assess
The Assess phase should determine the appropriate security needs for your organization and which processes are currently in place. Security requirements can vary dramatically from company to company or institution to institution based, for example, on size, industry or field, or regional laws and regulations. Gathering the requirements of your organization will allow you to define an appropriate security process.
Phase 2: Identify
During the Identify phase, an organization will examine the tools and procedures currently in place and determine what the security requirements are for its organization. During this phase, you will gather security policies that are currently implied or enforced, in addition to technology components already in use or at your disposal. You will also gather any external requirements based on laws or regulations for your region or industry.
Phase 3: Evaluate and Plan
The Evaluate and Plan phase moving to the Rationalized level of optimization highlights specific areas of improvement.
Two-Factor Authentication
Single secrets such as passwords can be effective security controls. A long password of more than 10 characters that consists of random letters, numbers, and special characters can be very difficult to crack. Unfortunately, users cannot always remember these sorts of passwords, partly due to fundamental human limitations.
Two-factor authentication systems overcome the issues of single secret authentication by the requirement of a second secret. Two-factor authentication uses a combination of the following items:
Something that the user has, such as a hardware token or a smart card.
Something the user knows, such as a personal identification number (PIN).
Smart cards and their associated PINs are an increasingly popular, reliable, and cost-effective form of two-factor authentication. With the right controls in place, the user must have the smart card and know the PIN to gain access to network resources. The two-factor requirement significantly reduces the likelihood of unauthorized access to an organization's network.
Smart cards provide particularly effective security control in two scenarios: to secure administrator accounts and to secure remote access. This guide concentrates on these two scenarios as the priority areas in which to implement smart cards.
Because administrator-level accounts have a wide range of user rights, compromise of one of these accounts can give an intruder access to all network resources. It is essential to safeguard administrator-level access because the theft of domain administrator-level account credentials jeopardizes the integrity of the domain, and possibly the entire forest, together with any other trusting forests. Two-factor authentication is essential for administrator authentication.
IT Challenges:
Limited PC security, The process for updating security on all network connected IT assets is undocumented.
Solutions :
Continue optimizing defense-in-depth security policies
Develop and implement two-factor identity and access management policies
Develop a process to manage security requirement testing on all acquired or developed software
Establish a standard and repeatable procedure for classifying sensitive data
IT Benefits:
Automated services and tools free up resources to implement new services or optimize existing services
Proactive IT operations resolve problems earlier to avoid reducing user productivity
Wiki User
∙ 13y ago
Add your answer:
Earn +20 pts
3 How can companies use IT to meet the challenges of Data Resource security?
Companies can use IT to meet the challenges of data resource security by using companies such as Vontu Inc. and Opsware Inc. These companies help protect data that is important to the company.
What are some challenges in a data center migration?
Some challenges in a data center migration include downtime risk, data security concerns, and ensuring compatibility between old and new systems. Proper planning, communication, and testing are essential to mitigate these challenges and ensure a smooth transition.
What are the challenges facing e-commerce today?
security of data and possibility of fraud are the two main challenges e-commerce today
What kind of software is available through Websense?
Websense is an online security companies. They provide web security, email security, and data security as well as advanced information protection to their clients.
What are the challanges facing e-commerce today?
security of data and possibility of fraud are the two main challenges e-commerce today
Which companies provide security token hardware?
Security tokens are small devices that get connected to a computer to verify the user's identity. They can be used along with or instead of a password. Companies that produce security tokens include: VASCO Data Security International, Verisign, Entrust, and Secure Computing.
What is it called when data or a file resource that is immediately available?
A data or file resource that is immediately available is said to be: Online or a online data or file resource.
What software would provide internet and data security?
For internet security, you have many options depending on what you wish to secure against. Norton, McAfee, and AVG are the three leading companies in internet security.
What is the definition of data resource?
stored data.
A company's use of VoIP on its WAN?
Big Companies usually uses WAN. A private network with great data security.
What does data security standard refer to?
Data science is utilized in the corporate world to find new business opportunities, improve overall business performance, and lead wise decision-making. As businesses go to cloud data management, cyber attacks are becoming more common. On the other hand, data security is one of the most serious challenges in data science, affecting organizations all over the world. Regulatory norms have developed as a result of repeated hacks, extending data consent and usage processes and worsening data scientists' dissatisfaction. Learn more about data security and how it is important for data science, at Learnbay.co institute.
What are some good ideas for network security solutions?
Network security is focused on keeping companies data private and secure. There are products such as CellSniper which prevents misuse if handsets are lost or stolen.
