Information Technology Reference
In-Depth Information
6.5
Technology
Technology as one of the key information security components was also investigated
by 17 Likert scale questions. According to information security experts of the defense
industry organization, results indicate that 15 requirements are fully implemented.
These requirements can be classified under the following titles:
Protection of internet-accessible servers by more than one security layer,
Controls between the layers of end-tier systems,
Scanning of organization's networks, systems and applications in regular
time intervals,
Monitoring networks, systems and applications for unauthorized access or
anomalous behavior,
Log records of security-related activities such as hardware and software
configuration, changes and access attempts,
Enforcement processes for password change management.
Beyond these requirements, confidential, personal or sensitive data are not
encrypted and associated encryption keys are not properly protected by the
organization. There is not an authentication system in place that applies higher levels
of authentication to protect resources with higher levels of sensitivity.
6.6
General Overview
Apart from the specific results about essential components of information security, a
general overview for the whole organization was also provided by the assessment tool
in order to present whole capabilities and requirements. In this context, general
overview for the information security approaches of the defense industry organization
is demonstrated in Fig. 3.
As can be seen in Fig. 3, risk management approaches and processes are
prominent components (respectively with the rates of 100% and 93%) for the
organization. Technology is the third component with the rate of 88% while people is
fourth (77%). On the other hand organizational reliance on IT is quite low because of
the defense industry's nature and some security measures applied by the organization.
In the light of the assessments, the scoring section of the assessment tool indicates
that organizational reliance on IT of the defense industry organization is at the
medium level and overall assessment shows that organization is at a good level
with 300 points calculated, based on the responses for each section of the assessment
tool.
Previous Page
Next Page
Challenges of Information Management Beyond the Cloud
Search WWH ::




Custom Search
Home