Information Security Measures

Information security measures

Every organization must ensure that information is protected from loss and access by unauthorized parties. The information security measures should consist of physical, technological and administrative safeguards to protect the information (Hill, 2010). Each safeguard is responsible for protecting the organization from unauthorized access by persons from outside and within the company.

Physical safeguards include limiting the physical entry of personal into the organization or into areas information is stored. Physical safeguards include using a badge program that includes information about the employee and their specific access areas. Limiting the entrance of outside parties such as vendors or salespeople from access the network or using personal laptops in the organization is another physical safeguard (Hill, 2010). Physical safeguards would protect the movement of hardware and data storage devices such as flash disks in and out of the organization.

Administrative safeguards are important measures in protecting the information within the organization. Administrative safeguards include setting policies and procedures that guide the activities if the employees within the organization. Information access management is another administrative measure that determine who has access to specific information within the organization (Whitman & Mattord, 2012). Security awareness and training would help to educate the employees on their responsibilities and activities that should undertake to prevent loss of information such as deleting unknown emails to prevent phishing.

Technological measures of protecting information include establishing strong passwords to ensure data cannot be easily accessed. Encryption of data in the organization would prevent authorized parties from understanding the information. Installation of anti-virus and anti-malware would ensure malicious software are detected and destroyed before any sensitive information can be leaked (Whitman & Mattord, 2012). The organization has to put strong firewalls to protect their computer systems from entry. Backing up data constantly would prevent it from the loss when the system is hacked. Updating software periodically to ensure they are up to standards would be another technological measure of protecting information.

References:

1. Hill, D. (2010). Data protection. Boca Raton, FL: Taylor & Francis.
2. Whitman, M., & Mattord, H. (2012). Principles of information security. Boston, MA: Course Technology.