MIS Security Threats Essay Example

is security threats can be categorized in the following programs: worms, these are malicious program that largely exploit the operating system to spread itself; Viruses are Programs that infect other programs, adding their own code to them to gain control of the infected files when they are opened; Risk ware are dangerous applications that include software that have no malicious features but could form part of the development environment for malicious programs or could be used by hackers as auxiliary components for malicious programs. Trojans are a category of Programs that carry out unauthorized actions on computers, such as deleting information on drives, making the system hang ad stealing confidential information. Spyware, they are Software that collects information about a particular user or organization without their knowledge; Root kits, are used to conceal malicious activity.

CISSP

Certified Information Systems Security Professional (CISSP) is an independent information security certification governed by the nonprofit .the body has duties to a collection of topics relevant to information security professionals around the world. The CISSP establishes a common framework of information security terms and principles that allow information security professionals worldwide to discuss debate and resolve matters pertaining to the profession with a common understanding.

Forensic Investigation Methods

Forensic Investigation Methods is a branch of digital forensic science pertaining to legal evidence found in computers and digital storage media. The goal of forensics investigation is to examine digital media in a forensically sound manner with the aim of preserving and recovering, analyzing and presenting reality of information. It is mostly used in investigation of a wide variety of computer crime and computer civil proceedings. The investigation method involves similar techniques

and principles to data recovery and other steps and practices designed to create a legal audit trail. Evidences from computer forensics investigations are usually subjected to the same guidelines and practices of other digital evidence.

Legal Requirement for Reporting

The law requires that any information on MIS security threats be treated with due care and should not be misused (Lucey, 17). Information should be confidential and no an authorized user should access. The reporting should comply with the laws and should never go beyond the legal requirement.

Qualifications of Personnel to Hire and Salary

The qualification of personnel is that he or she must have a minimum knowledge and skill necessary to qualify for a specific watch station or maintain a specific equipment for example for management position it requires a bachelors degree. Advancement like leadership is also paramount for the managerial position. The salaries for the personnel vary by specialty and level of responsibility.eg annual wages for the manager varies from that of other personnel's. Other than getting salaries personnel who are at higher levels often receivee employment related benefits such as bonuses, insurance covers and stock option plans (Davis, and Olson, 99).

Mitigation

MIS security is day to day process of exercising due care to protect information and information system. To ensure that MIS well protected from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. Organization and individuals should ensure that their system is well built in strong passwords to limit access. They should also make sure that their systems are also protected from viruses and worms by installing and keeping on updating their antivirus. The never ending process of

information security involves ongoing training, assessment, protection, monitoring & detection, incident response & repair, documentation, and review of information (Rocheleau).

One also has to make sure he or she has adequate anti-virus software and is regularly updated for their computer. Scanning the computer network should be done regularly to eliminate any malware, viruses, spyware and other harmful problems. The firewall should always be turned on; it is a digitally created barrier that helps ones computer system from hackers getting into it.

One should always ensure that important information is always encrypted so that it is not compromised. One can utilize encryption software, the software "garbles" the data and makes it unintelligible for anyone who hacks into ones computer system (Kilkenny, 17). Also one should not provide personal information to website one knows nothing about. This is especially in those websites that ask for ones name, address, mailing, bank account number and also ones social security number.

An individual or organization should always create strong passwords for websites that have their personal information stored. To create strong passwords one should use numbers, lower and upper case and also symbols in the password. One should also secure their wireless network and other networks with very strong encrypted passwords a good password should have at least 32 set of characters.

To protect you computer and network from the risk of Intentional network based attacks and cyber threats (data theft, identity fraud and Hacking) and also malicious software such as viruses, Trojan horse, spyware and adware. One should always ensure that the spam blocker is always turned on. This will prevent any unwanted message, like fraudulent emails and phising emails

do not get to your inbox.