Module 4 - Case
WEB SECURITY AND EMERGENCY PLANNING
Several common issues in web security must be considered. A survey data in the following article show the relative frequency for a certain web security breach to occur. The article also provides the detailed explanation of different potential web security breaches.
Heilmann C. (2010). Web Security: Are you part of the Problem?
Google Code University provides even more detailed explanations in sets of presentation slides. They even have exercises to test your skills. You are not required to do these exercises. But you are encouraged to give it a try. Please from the general overview of web security, select three issues to study in depth. And selectively learn from the appropriate sets of presentation below:
Google (2012). What every web programmer needs to know about security. http://www.reddit.com/r/webdev/comments/i8xgw/what_every_web_programmer_needs_to_know_about/
As far business continuity planning to prepare for data recovery and protection, there is increasing consensus that is really a policy issue or a management priority as far as security planning. The first article discusses the basic disaster recovery planning for data protection:
Tech Target (2011). Disaster recovery security: The importance of addressing data security issues in DR plans. Retrieved from http://searchdisasterrecovery.techtarget.com/feature/Disaster-recovery-security-The-importance-of-addressing-data-security-issues-in-DR-plans
In the DIKW model (Data, Information, Knowledge, and Wisdom), knowledge is one level above information. Tactics in disaster recovery of data and information may not be sufficient for disaster recovery of knowledge; however, if a company has already had a planning for knowledge recovery in case emergencies happen, it may imply that the company must have good data and information recovery plan. The following articles reflect the diversity of approaches being taken to thinking about emergency recovery in terms of knowledge management
O’Sullivan, K. (2010). Knowledge continuity: Strategies, approaches, and tools. Star Knowledge. Retrieved from https://knowledgecompass.wordpress.com/2010/09/21/knowledge-mapping-approach-methodology/
Beazley, H. (2003) Knowledge continuity: The new competitive advantage. ASAE. Retrieved from http://www.asaecenter.org/PublicationsResources/EUArticle.cfm?ItemNumber=11836
Kaieteur Institute For Knowledge Management. (2005). Vital knowledge assets protection planning service. Retrieved from http://www.kikm.org/assetplanning.pdf
Field, A. (2003) Thanks for the (Corporate) memories. HBS: Working Knowledge. Retrieved from http://hbsworkingknowledge.hbs.edu/pubitem.jhtml?id=3465&t=entrepreneurship
In addition, there is material in the background information bearing on these questions, and you may wish to do further research yourself by following up some of the links or other references.
Review reading materials, and think about the issues involved, please prepare a 6-9 page paper addressing the questions.
Web Security Issues and Solutions"
"How can a company`s data, information and knowledge be protected in the event of a disaster?"
Use information from the modular background readings as well as any good quality resource you can find. Please cite all sources and provide a reference list at the end of your paper.
The following items will be assessed in particular:
Your overview of web security, among which you identify three of them to discuss in depth.
Your understanding of selected web security issues.
Your understanding of current solutions to selected web security issues.
Your understanding of what is considered to be a disaster in the context of information security. Please provide at least two examples and measures taken by organizations in dealing with the disaster.
Your understanding how to protect a company`s data, information and knowledge in the event of a disaster.
How a Company`s Data, Information and Knowledge Be Protected in the Event of a Disaster Name Institution Date How a Company`s Data, Information and Knowledge Be Protected in the Event of a Disaster Introduction The emergence of web 2.0 has seen many organizations adopt the web as a means of doing business and service delivery. Sharing information through social networking increases threats to security and privacy as websites become targets for malicious attacks. Tech Target (2011) states that many managers assume that basic data security measures such as firewall, backups, and strong user account passwords are enough. However, they have no idea how well their organizations are protected until they take a look from a malicious attacker’s perspective. Therefore, this paper discusses major web security issues and the measures some organizations have taken in dealing with them. Web Security Issues and Solutions Google (2012) states that security is holistic, and it involves physical security, which involves the protection against information leakage and document theft, technological security that mitigates malicious traffic, policies, and procedures, which require employees to be aware and vigilant. According to Hassanien (2009), new technology has seen companies store their data in a ubiquitous database for it to be accessed from any location, any time. New issues about privacy and information security have been addressed as a result of decentralizatio...