Proper Security Practices for Universities Essay - 530 Words

Introduction In this case study(Dhillon, 2007, p. 129), University of California(UC) at Berkley was hacked because of an unpatched database which had a known security flaw. The hackers stole 1.4 million users private data. The authorities were informed of the incident that took place in August 2014 so they can start the investigations. The incident was discovered by security staff of UC. The problem did not stop at the stolen data but could also extend to UC reputation as an institute of higher education. Because the hackers could have used UC systems to launch Denial of Service(DOS) attacks on others. This paper is going to discuss proper security policies and procedures that help universities limit vulnerabilities while allowing†¦show more content†¦Even though the IT staff are the ones who should be leading this process. Because students are part of the university. If the IT department forces certain policies but the students do not comply then it is just useless. Therefore, the stud ents must be trained and educated about the importance that security plays in their lives and the lives of others. A student must also understand that a university is not just a place to learn at but also a whole community of people living and interacting together just like a neighborhood. The Frequency of Security Policy Update It is advisable that a university updates its security policy every semester or quarter depending on the type of term the university uses. That is the normal update period but sometimes urgent information security news come from different vendors(hardware, software or firmware) forcing the university to suddenly update its security policy. In other words the security policy update should have acceptable period of time and be adaptable to urgencies in IS. Conclusion After discussing the required material pertaining to university security, a person must understand that information security is a science that keeps changing. Therefore, universities need to keep up with the latest information from specialists and experts not just people in Academia(Viega, 2009). They also must train and educate their employees and students in information security. TheShow MoreRelatedEthical Values With Professional And Personal Integrity830 Words   |  4 Pages8.3 CONTROL ENVIRONMENT As established by the administration of the University, the control environment sets the tone of the University and influences the control awareness of its persons. A local control environment is established by the heads of every area, activity of department. To provide discipline and structure, this has been the base for all other parts of internal control. There should be a good personal and professional morality between employees and managers, to continue a degree of competenceRead MoreThe Security Breaches Of The Target Store Corporation Essay1306 Words   |  6 Pageswill assist with determining the controls required to implement to ensure that data are secure for the Northcentral University. This paper will summarize the security breaches of the Target Store Corporation over the previous year and make recommendations in the form of information technology security best practices to strengthen the University’s infrastructure. Summarize Major Security Breaches The Target Corporation was exploited in December 2013 and then again in 2015. These breaches included customer’sRead MoreEmergency Management Training in College Campuses840 Words   |  3 Pagesinteractions, student programing and more. Public news often comes from universities with questionable activities such as fraternity hazing, supporting controversial leaders, and more. This behavior is what makes a university campus and atmosphere so unique relative to other educational venues. The university can foster these activities while being sensitive to others personal beliefs. Unforeseen circumstances are common place however on university campuses with such unique activities, beliefs, and behaviorsRead MoreSample Information Security Policy1122 Words   |  5 Pagesappropriate security for all Information Technology data, equipment, and processes in its domain of ownership and control. This obligation is shared, to varying degrees, by every member of the company. This document will: 1. Enumerate the elements that constitute IT security. 2. Explain the need for IT security. 3. Specify the various categories of IT data, equipment, and processes subject to this policy. 4. Indicate, in broad terms, the IT security responsibilitiesRead MoreDigital Millennium Copyright Act At The Embassy Level1237 Words   |  5 PagesCompetition Assurance Act. It allows computer repair technicians to make temporary, limited copies of computer software while they’re repairing a computer. The computer must already have a copy of the software program on it† (Grama, Purdue University Security Policy and Compliance Director Joanna Lyn, 2011). With this provision in place we will not infringe on any copyright laws while we are repairing anything as long as things are properly licensed when we are finished. Along with illegal downloadsRead MoreBusiness Model For Information Security Essay1681 Words   |  7 PagesModel for Information Security (BMIS). The model manages information security by addressing the complexity of security. It consists of four construct; Organization Design and Strategy, People, Process and Technology which interact with each other (ISACA 2009). According to (Horvà ¡th, 2010) the model emphasizes the importance of an organization culture as applied to information security. In the creation of this culture the following are instituted: alignment of information security with business objectivesRead MoreThe University Of A Private Higher Learning Institution Located At St. Louis County, Missouri Essay1039 Words   |  5 PagesMaryville University of St. Louis Maryville University is a private higher learning institution located in St. Louis County, Missouri. It was founded in 1872, so it is one of the older universities in the state. Maryville University is a nationally ranked university that serves over 6,500 students every year. Students may choose from over 90 undergraduate and graduate degrees. There are six colleges within the Maryville University system. This includes the College of Arts and Sciences, whichRead MoreNo Child Left Behind Act1358 Words   |  6 Pages Steps Taken by Educational Institutions to Comply with FERPA Few decades back, educational institutions maintained educational records mainly in paper files. In those days, privacy breaches meant access to information present paper files without proper consent, and the main concern was related to misuse of the student information by agencies rather than the theft of records. To comply with FERPA, educational institutions had to safeguard paper files from illegal access, and provide access to theseRead MoreHuffman Trucking Benefits Election System Risks1200 Words   |  5 PagesHuffman Trucking: Benefits Election System Security Lisa M. Gardner CMGT442: Information Systems Risk Management March 19, 2012 Craig McCormick Huffman Trucking: Benefits Election System Huffman Trucking Company has requested a new Benefits Election System to be implemented within the organization. The current benefit packages include medical, dental, and vision plans for employees. For the BenefitRead More Law Enforcement Innovations in Reaction to The 9/11 Terrorist Attacks and the Virginia Tech Massacre1084 Words   |  5 Pagesto the World Trade Center towers in New York City on September 11, 2001 has changed the way federal, state and local police departments communicate with each other, their structures, and operations. The new federal organization known as Homeland Security set out to coordinate their work at the state level, collect, analyze and share pertinent information and intelligence, protect key infrastructure and assets, secure the nation’s borders and ports, team up with federal and local task forces, and