Professional Documents
Culture Documents
Management Information Systems Assignment 7 Bus 381
Management Information Systems Assignment 7 Bus 381
Assignment 7
3/2/2014
Q1.) How is the security of a firm's information system and data affected by its people,
organization, and technology? How can a firm's security policies contribute and relate to
the six main business objectives? Give examples.
A1.) People, the organization and technology all play key parts in a firm’s security of its
information. The people need to be able to use the proper techniques while they are on the
computer. They need to have knowledge of the software’s they use so they can be aware if a
problem arises and how to fix it. The people are also the ones that develop the security policies
and plans for if anything happens. The organization need to deploy the security to the computer
systems. Having properly trained employees will help stop problems from occurring, and
training is the organizations responsibility. Technology is a big part of a firm’s security. They
need to be up to date with their software and have proper security features. The technology
aspect implements web site security systems, authentication technologies, and individual security
features. A firm’s security policies contribute greatly to a firm’s security controls. Software
controls prevent unauthorized access of software programs, system software, and computer
programs. Hardware controls ensure that computer hardware is physically secure and check for
equipment malfunction. Organizations that are critically dependent on their computers must
make provisions for backup. Computer operations controls oversee the work of the computer
department to ensure that programmed procedures are consistently and correctly applied to the
storage and processing of data. The controls help assist with backup and recovery procedures.
Data security controls ensure that valuable business data files on either disk or tape are not
subject to unauthorized access, change or destruction. Implementation controls audit the systems
development process at various points to ensure that the process is properly controlled and
managed. Administrative controls formalize standards, rules, procedures and control disciplines
Q2.) Why is software quality important to security? What specific steps can an
organization take to ensure software quality? Hackers and their companion viruses are an
increasing problem, especially on the Internet. What are the most important measurers for
a firm to take to protect itself from this? Is full protection feasible? Why or why not?
A2.) Software quality is very important because software errors pose a constant threat to
information systems. Problems with software can cause untold losses in productivity. Flaws in
software can also create security vulnerabilities that open networks to intruders. Keeping up to
date software with proper security features will help prevent hackers. Flaws can be corrected
with small pieces of software called patches. Patches repair the flaws without disturbing the
proper operation of the software. Governing design, security, and using computer programs that
secure data files throughout the organization will protect the infrastructure. Applying this to all
computers along with a combination of hardware, software and manual procedures will help
control against hackers. Zero defects cannot be achieved because complete testing is not possible
with large programs. Large corporations can contain tens of thousands of lines of code, which
Q3) Read the case study (How Secure is Your Samrtphone?) on page 249. And answer the
following questions:
a. It has been said that a smartphone is “a microcomputer in your hand.” Discuss the
security implications of this statement. What people, organization, and technology
factors must be addressed by smartphone security? What steps can individuals and
businesses take to make their smartphones more secure?
b. Visit two of the following Web sites: Droid Security, F-Secure, Lookout, and
Kaspersky and review their capabilities for mobile device security. Compare the
capabilities of two of these services. What mobile platforms does each support?
What protection does each provide?
A3.1.) A huge security risk is that if the person loses their phone all of that information stored is
vulnerable to whoever finds it. People store so much information on their phones and have many
banking or other important applications that could be hacked into if the phone was stolen. The
fact that they are like a computer puts smart phones at risk of being hacked in similar ways. The
article says spam and malicious downloads are almost easier to download on a phone than a
computer. People need to be more careful with what applications they download, and workers
need to have closer observations of applications that are approved for users to buy. Organizations
like Apple and Android need to create much higher security standards for applications and
maybe offer optional increased protection. These smart phones are very advanced but they might
not have enough security features. Businesses can make more secure products and individuals
need to be more aware and careful about internet use on their phones. Paying attention to what
A3.2.) I first looked at Droid Security, and they offer many features. The software can find and
protect your phone if lost or stolen; it also offers scanners to protect you on the internet. It
enhances performance, gives better battery life and storage performance. It finally helps protect
against spammers and hackers. F-Secure the other company protects against viruses, improves
device speed and allows secure web browsing. It helps locate missing mobile devices and
protects against harmful applications or any intrusions or identity theft. Both companies provide
similar features needed to protect your mobile device. F-secure might offer a few more features
but it also costs $29.99 and Android is free. Droid Secure only supports Android smart phones
and tablets. F-secure also support versions of Android. Droid secure and F-secure both protect
data, and have tracking features to find lost or stolen phones. Virus protection and anti theft are