Research Proposal in Strategic Information Management

Running head : RUNNING HEAD FOR PUBLICATION GOES HERE

Title of Your Goes Here

Your Name Goes Here

Institutional Affiliation Goes Here Part 1 Unit 05

Security and Privacy Issues

The installation of a comprehensive Lotus Notes and Domino system brings about a host of security and privacy issue . As a wide variety of sensitive corporate information on Kucera Clothiers is stored and easily accessibly on the Lotus Notes and Domino system , the security and integrity of this information , as well as read and write access , is a critical issue p

There are two main security risks that Kucera Clothiers ' need to address . The first is external attacks by hackers which attempt to access the data stored in Lotus Notes and Domino , namely information such as credit card numbers or contact numbers . The second is unauthorized access by either internal employees of Kucera Clothiers or external parties through various intrusive methods , to sensitive customer data such as credit card numbers and details or addresses for non-official purposes

Lotus Notes and Domino has certain inbuilt security features , such as public key cryptography for client-server and server-server authentication as well as the encryption of data stored in the Lotus Notes and Domino servers . However , the inbuilt security features in Lotus Notes and Domino are neither foolproof nor sufficient to ensure that customer data stored by Kucera Clothiers ' in confidence is safe and secure

Security and Defensive Measures

The possibilities of security threads that Kucera Clothier 's new Lotus Notes and Domino system might face are varied , sophisticated and ever-evolving . Hence a comprehensive defense against hackers and unauthorized intrusions requires a comprehensive and integrated list of defensive measures which work together to fortify Kucera Clothier 's system . Here we discuss the various elements that should be present in such defence

Security Policies

Security policies specify what constitutes appropriate and inappropriate access to computing resources or data . It should specify who should access what resources and data , and what different groups of people should avoid doing to endanger the security and integrity of the system and data , and what they should do to be safe

The security policy should answer questions such as

What kinds of passwords are users allowed to create for use on the new system and how often should they change passwords

Who is allowed to have accounts on the new system

What security features must be activated on a computer before it can connect to the new network

What services are allowed to operate inside the new system

What are users allowed to access or download

How is the security policy to be enforced

Other benefits of having a security policy in place is that it can resolve confusion about handling information and reacting appropriately under different circumstances , as well as streamlining activities in the face of a security issue , as it helps people to know what to do and when to do it , assisting them in responding to security crisis decisively and correctly (Wright , 2001

Firewalls

A firewall is an...