1- Physical Control
Information Systems that process and store business critical data and information need to be protected physically as well in order to ensure that only authorized personnel are able to gain access to them. Therefore, physical access to these systems should be controlled by using physical authentication systems such as Biometrics systems or code locks. Each employee allowed for accessing these systems should be given a unique code which he or she must use to gain access to the systems. In case of biometrics this is automatically performed by scanning finger prints of the user for making a decision on access.
2- Use of Technology
Both the hardware as well as software under use by the employees of Alpha Corporation can be used to protect the access to information according to the classification of information. Each employee of the company can assigned an ID to login and access information from any system. This ID can then be mapped onto the classification of information. This would ensure that only those employees who have been allowed to access certain piece of information will be able to access it. This can be done using the operating system installed on PCs which can then be monitored and controlled from a central server system. Furthermore, hardware can be used to control access to systems in different part of the network. For example, a router can be configured to disallow all connections to a particular system in HR or Finance department. Furthermore, access control list can be used on these routers as well as firewall to control the access to different part of the network from within or outside (Whitman and Mattord 2007).
3- Education and Training
Employees are the biggest asset of any organization; hence play a critical part in running operations of an organization in a smooth manner. In order to significantly protect its data, Alpha Corporation must take responsibility of educating and training its employees with regards to information access and classification of information. The company should organize training regime for all its employees in order to training them in realizing the importance of information assets as well as bringing into their knowledge the conduct and practices that can be expected from them after the training, that would ensure proper implementation of information classification. Particular attention should be played to those employees who are directly involved in creation, processing and handling of such classified information and the company must ensure that these employees have full understanding of company’s policies as well procedures and the responsibilities that is expected from them (Oregon State Website 2002).
The classification of information is important to properly implement information security. The absence of classification of information has resulted in tremendous loss of information in previous occasion and often the organization has been perused for litigation and fines for such instances. Alpha Corporation, being a financial organization lacks such information classification, hence putting its critical and confidential information at risk of loss which may cause the company severe troubles in terms of its reputation and finances.
This is just a sample term paper for marketing purposes. If you want to order term papers, essays, research papers, dissertations, case study, book reports, reviews etc. Please access the order form.