Shielding Network Cables And Wireless Communication Systems Information Technology Essay
Security personnel offer an essential service in managing the security of an organisation and the system on which important data is stored. Outside of working hours the security personnel of the company should monitor a variety of safety systems as well as monitoring the building and its environment. The security personnel will help reduce theft.
Shielding Network Cables and Wireless communication systems
Data which is transmitted using electromagnetic or radio transmission is open to being remotely monitored. The signals travelling along a copper data cable gives out a magnetic field. This can be analysed to discover what data is travelling along the line. To preserve faith the devices which can join a wireless system need to be pre configures so that the wireless system does not allow any other devices to join the system.
Port Lockdown
The bank can tighten up security by port lockdown. One type of port lockdown is a wall socket into which the computers network cable connects. If the port is inactive then port lockdown should take place in the central communications room. This can be done by accessing the switch and disabling the port or unplugging the cable from the opposite end of the cable leading to the port. This procedure will prevent additional devices from joining the system.
Lock and Key
All the rooms in the bank should be locked if not in use. This will prevent thieves entering the bank and stealing equipment or important data. The person who is in charge of security in the bank should only keep the keys.
Equipment Identification
Equipment identification helps prevention as well as identification of stolen property. Equipment which is marked acts as a deterrent for the majority of thefts. So for example all equipments should have a label, which states it belongs to the bank.
CCTV
CCTV stands for closed circuit television. CCTV surveillance reduces crime and the CCTV can also be used in court as evidence to show that a certain person was in a certain place during the crime was committed.
CCTV is used to:
Monitoring public areas: to detect incidents
Recording events: for use as evidence
Directed surveillance: of suspected offenders.
Staff and Visitor identification
The bank should have a system which will identify employees and visitors, this system will offer immediate authority for those who should be there, so that know unknown people should be there. Identification cards should be worn all the time so that security officers know that the have right of entry. In many organisations, identification cards are used also as a key, so that people can swipe in to certain rooms.
Identification card can also be part of a personal database where the database saves photographic identification from a personnel record. All visitors should carry a visitor pass around with them. Visitors should be escorted from entry to exit.
Access control Systems (Sign in/out)
Access control systems should be used in the bank. This system uses swipe cards instead of using keys to access some parts of the building. There are many advantages of using an Access control systems:
The system will log when someone has entered the room and when someone has exited the room.
Monitor time keeping for example if employees are late
The swipe cards will be programmed so that only certain people can enter certain rooms.
Only staffs who work at the bank will be gained access to rooms.
M1
Recommend improvements to an organisation’s operational security
D1
Justify suggested improvements to the operational security of an organisation
I am going to recommend improvements to my given organization operational security. I am also going to explain how a company could improves it’s operational security. I am also going to justify fully the improvements that I have recommended on the previous criteria.
Policies
Many organisations operate a variety of policies in the management security. All types of policies are created to ensure that all employees, departments and customers follow a common principle which will ensure their welfare as well as that of the system. Below I have explained a few policies the bank could use to improve its operational security.
Budget Setting
Budget settings and management finances take place in order to ensure the organisational systems security is maintained at a reasonable level. Security is not free and requires continuous investments to maintain control. To budget annually the bank should consider the following:
Software Licensing
Staff Wages
Cost of each audit
Replacements of equipments
Training of staff
Justification of Budget Setting
A budget setting should be carried out in the bank because this will help the payroll department and human resource department work out how much staff will be paid annually. The human resource department will also be able to work out how much it will cost to train staffs in the bank. Budget setting is important because this will help ensure that the organisational systems security is kept well at a sensible amount.
Disaster Recovery Plan
Every Business or organisation needs a physically powerful plan. A disaster recovery is something which no one wants to go through however everyone needs a plan. Disaster recovery is the ability to continue work after any number of disastrous problems, ranging from a computer virus or hacker attack to a natural disaster such as flood, fire or human error.
Having a disaster recovery plan in place takes a little time and effort. A disaster recovery policy details what actions are to be taken in the event of a natural disaster or human based disaster that may fall on an organisation. Disasters may include natural disasters, power failure, equipment failure and loss of key personnel.
In order to have a disaster recovery process means that an organisations network management needs to have clear policies in place in case of disasters such as fire or flood, severe failure and loss of internet connectivity. The policy may involve using alternative technologies, relocation plans or ensuring the data is safe.
Under the ‘Data Protection Acts of 1984, 1988, 2000’ the bank must keep all data secure. So therefore if a disaster is too happen the bank must keep a disaster recovery plan before hand. Also the bank must backup all data of customers.
Justification of Disaster Recovery
Disaster recovery plan is important and is necessary because the disaster recovery plan will detail what actions should be taken in the event of natural disaster or human based disaster. Also under the Data Protection Act, the bank must always keep customer data confidential. So therefore just in case there is a disaster, the bank must have a plan. The network management needs to have policies in place in case of disasters.
Security Audits
Security audits of physical and networked systems need to take place at regular intervals. These are often undertaken without informing the employees of the organizations to prove authentic effectiveness of the systems. If regular audits are undertaken then the IT technical support team will know if all staffs follow the company’s policy.
Justification of Security Audits
The reason why I have chosen Security Audits to improve operational security is because; security audits will help the bank prove authentic effectiveness of the systems. If security audits are undertaken then the Facilities department will know if all the staff are doing their work properly and also check if all staffs are trustworthy. Security audits are often undertaken without informing staff so that they can check all staff are reliable. Undertaken security audits will always help the banks operational security.
System logs
All staffs that use computers in an organisation should be logged so that if they go to any inappropriate websites it will be logged and reviewed at a later date. System log files may also show users any changes that are made to the computer such as any devices being changed and any events that take place. If staffs are logged then staffs will know that they can not go to any inappropriate websites because if they do, the IT technical staff will be able to see.
System log will help the bank to improve its operational security because, system log will always contain information about devices being changed and any inappropriate activities taking place.
Justification of System Logs
System logs will improve the banks operational security because while staffs are using the computers everything will be logged. The reason for this is to check if any staffs are visiting inappropriate websites. While staffs are on the computer everything will be logged and reviewed at a later date. System does not only log what type of websites you have visited it also logs if there is any device changes, device drivers and system changes.
Codes of Conduct
Many employees, customers and suppliers may use an organisation computer system. To allow them complete freedom which is not recommended, creating codes of conducts are important. Codes of conduct are signed by the individuals who need access to the system places the legal responsibility on them. Many organisations operate codes of conduct.
Codes of conduct will help employees in the bank know the rights to the system. This will help prevent unauthorised users accessing the system. Codes of conduct should be reviewed by the manager undertaking a meeting with each individual.
Justification of Codes of Conduct
Codes of conduct will help the banks operational security because all staff will know what they are allowed to do and who can have access to the system. Codes of conduct are signed when staffs have started working new at the bank. But also codes of conduct will be reviewed. While codes of conduct are being reviewed, responsibilities and rights may be changed. This will help the working procedure of the bank.
Procedures and Escalation Procedures
The term Procedures means that there are specific methods employed to express policies in action in day-to-day operations of the organization. Both, policies and procedures make sure that a point of view held by the managing department of an organization is taken in steps that result in an outcome compatible with that opinion. The procedures document how changes are made, including describing what changes are taking place and back out and testing procedures.
An example of when a procedure and escalation procedure would take place is when for example, a computer in the bank is not working properly. The staff should immediately inform the manger or duty manager support of this because the computer might be needed later on. The manager or duty manager should then inform someone from the facilities department. Then someone from the facilities department should attempt to fix the computer. However if the computer can not be repaired then the facilities department should then send the computer to the manufacturer.
All procedures and escalation procedures should be clearly stated and explain to all workers so that if anything does happen to the banks equipment then they know who should be informed and how it will be fixed. If all procedures are clearly stated then there will not be confusion about how everything should be managed. All procedures and escalation procedures could be explained in staff handout books or could be explained during a meeting.
Justification of procedures and Escalation Procedures
Procedures and escalation procedures needs to be clearly stated and this could be stated through meetings. The reason why I believe this could be stated through a meeting is because then all the staffs will be gathered and a discussion will be taking place.
If a meeting is taking place then staffs will know what to do if particular equipments in the bank are not working. If all procedures are clearly stated then there will be no confusion when something happens at the bank. Another way the bank could list its procedures are in staff handout books. If procedures are written in staff handout books then staff will be able to view it when ever they want.
Health and Safety
Employees in the bank must always follow the ‘Health and Safety at Work Act 1974’. This act protects workers against risks to health and safety while at work. This act makes sure that all workers are in a safe and usable environment. The manager of the bank should train workers is what is required by the legislation and how to protect themselves.
The health and safety expects workers to keep customers safe when they attend the bank. For example when the employees want to talk to the customer, and when the customer approaches the computers, staff should let customers know that no food and drink are allowed next to the computers because this could cause an accident or an electric shot.
Staff should know that all computers wires and cables must be tucked in so that know one falls and hurts themselves. Also staff should make sure that their workstation is not cramped up. One important procedure workers should follow is, not to have any food or drink at their workstations. The manager of the bank should also make sure that workers take a break for 10minutes after every uninterrupted 60minutes of computer work.
The manager of the bank should let workers know about all these procedures. The manager could do this by holding a team meeting where he or she explains the health and safety act and how workers should prevent an accident from taking place and also how to protect themselves while at work. Also another way for staff to know about the Health and Safety Act is placing posters in the staffroom.
Justification of Health and Safety
Placing posters regarding the health and safety act will help workers know how to prevent an accident taking place. Also it will help users realise that they must follow certain procedures. A team meeting will be better because the manager will explain the health and safety act better than a poster will. However when a poster is hung up on the wall the staff can refer to it whenever they want, where as with a member of staff giving a speech about health safety, staff will probably not remember everything that was stated.
If discussions, meetings and posters are created then staff will know more about the health and safety act and this will also improve the staff’s awareness of health and safety.
Order Now