Introduction
Organizations require data security programs that will enable the management as well as the control of identified security risks. There are quite a number of threats to the business that attack most especially cybersecurity when the business deals in major online sales. It is vital to ensure that there is no attack that occurs by designing ways to control and implement security. In the event of an attack, it could influence the reputational, operational, legal and also strategic risks through limiting the data vulnerability.
Common threats to this kind of business include botnets, distributed denial-of-service, hacking and malware among others (Chen, Qian, Mao, Tang, & Yang, 2016). Botnets are a collection of software robots that create an army of infected computers. In that case, they could be sending spam emails to customers that are attached to a virus, and spreading other malware.
A distributed denial-of-service attack refers to when a malicious user manages to sabotage a website or server. The online website that contains all the sales could be interfered with leading to an increase in the volume of traffic overloads and making it slow down. Hacking happens when an unauthorized individual gains access to the computer. Malware is when a malicious software infects the computer and could delete files send emails on one's behalf and take control of the computer (Tsao, Alexander, Dohler, Daza, Lozano, & Richardson, 2015).
The controls and protocols that one finds in a security policy include management responsibility where the seniors need to ensure that there is the integration of the necessary controls. Controls include physical controls where there are security measures, devices and the means to control the access of people to the computers (Martellini, Abaimov, Gaycken, & Wilson, 2017). Technical controls are such as technology-based measures that control logical access to sensitive information while the process controls define and guide user actions and restrictions. The business protocols include the legal areas, permits, research in the market, business ideas and also plans.
Protocols are such as Point to point protocol (PPP) which is a data link layer between two routers directly. It provides connection authentication, transmission, encryption and compression (Contreras-Castillo, Zeadally, & Guerrero-Ibanez, 2017). The packet filters help to control access to a network through analysis of incoming and outgoing packets. Network Address Translation (NAT) is a router that creates a local area network and interconnects to wide area networks. The Challenge Handshake Authentication Protocol (CHAP) is responsible for authenticating a user to an authenticating entity thus providing better security. Password Authentication Protocol (PAP) is used to validate users. Protocols are designed to prevent unauthorized persons from accessing the servers and computers hence utmost security. They help in applications, service or device access to a network.
The Open Systems Interconnection (OSI) model is known as the transport layer whose responsibility is to provide communication services between computers on a network. It guides vendors and developers to facilitate a clear framework that describes the functions of a system. Transmission Control Protocol/Internet Protocol (TCP/IP) provides network communications where data is passed through layers up to its destination thus enhancing security. SysAdmin, Audit, Network and Security (SANS 20) describes the twenty critical security controls that one needs to add and they include malware defenses, application software security and remediation among others (Martellini et al., 2017). Controls help to ensure that organizations receive no attacks to the servers. The management is able to implement security measures with the help of controls as they are in the business plan to ensure that actions and restrictions are made.
References
Chen, M., Qian, Y., Mao, S., Tang, W., & Yang, X. (2016). Software-defined mobile networks security. Mobile Networks and Applications, 21(5), 729-743. Retrieved from http://www.ece.ubc.ca/~minchen/min_paper/2016/2016-2-MONET-1-SDN-Security.pdf
Contreras-Castillo, J., Zeadally, S., & Guerrero-Ibanez, J. A. (2017). Internet of vehicles: Architecture, protocols, and security. IEEE Internet of things Journal, 5(5), 3701-3709. Retrieved from https://www.researchgate.net/profile/Juan_Contreras_Castillo/publication/315971071_Internet_of_Vehicles_Architecture_Protocols_and_Security/links/5cee98ada6fdcc8475f627fa/Internet-of-Vehicles-Architecture-Protocols-and-Security.pdf
Martellini, M., Abaimov, S., Gaycken, S., & Wilson, C. (2017). Known Weaknesses with Security Controls. In Information Security of Highly Critical Wireless Networks (pp. 27-28). Springer, Cham.
Tsao, T., Alexander, R., Dohler, M., Daza, V., Lozano, A., & Richardson, M. (2015). A security threat analysis for the routing protocol for low-power and lossy networks (RPLs). RFC7416, 131.
Cite this page
Secure Your Business: Essay Sample on Implementing Effective Data Security Programs. (2023, Feb 13). Retrieved from https://proessays.net/essays/secure-your-business-essay-sample-on-implementing-effective-data-security-programs
If you are the original author of this essay and no longer wish to have it published on the ProEssays website, please click below to request its removal:
- Essay Sample on Importance of Stakeholders
- The Surprising Power of Questions Article Review
- Leadership in Temporary Organizations Paper Example
- Essay on Product Introduction Stage: R&D, Financing, & Marketing Strategies
- New Managers: Avoiding Common Mistakes in Leadership - Essay Sample
- Risk Assessment Tools: Effective Health Condition Assessments for All Ages - Essay Sample
- Essay Sample on Global Strategies: Enhancing Competitive Advantage Across Borders