...Information Security and Phone Users CMGT/441 Information Security and Phone Users Infosecurity magazine released an article today December 3, 2012 titled “Phone Users Worry About Security, but Won’t Pay for It. Information security is heavy on most people’s minds these days. The running risk of identity theft, hacking, and viruses leaves people feeling uneasy at times, but often they are also considering the risk to the information stored on or used with their cell phones. The people who are considering the information security with their cell phones are more often than not, unwilling to pay for it, and that is what that article addressed. The Statistics The article discusses a survey done of 1026 cell phone users in the UK (United Kingdom), most of them did express a concern about information security within their mobile device . Of those 1026 users, 38% (389.88 users) felt it would be the service providers fault if there was an information security breech. 32% (328.33 users) felt they would most likely blame themselves if their information was stolen, while 18% (184.68 users) would blame the cell phone manufacturer. When questioned further, a startling 68% of users were unwilling to pay for information security, and 24% were unwilling to pay more than £1 (about $1.30) per month to pay for added security, that is a total of 943.92 people. The Attitude This is interesting information, it is curious why people who are clearly concerned about the possibility of...
Words: 475 - Pages: 2
...Security Policy 1. Introduction The McBride Security Policy is intended to protect its digital and physical assets as well as protect the rights and privacy of McBride Financial. This policy details best practices, company guidelines, and regulations which are to be implemented and followed from inside the scope of Information Technology. The security team has created this document to protect users from virus attacks, compromise of network systems, and any legal ramifications that may occur because of this. While responsibility is on IT security to provide these tools, McBride Financial employees must know these guidelines and follow them as they may be held liable for any violation of the contents of this policy. 2. General Use and Ownership 1. All data created by McBride's employees is the property of McBride Financial Services. McBride's data should never be placed on an unauthorized device, moved, altered, deleted, or sold without the consent of IT Security. 2. Employees are required to use good judgment when on the internet. While IT Security has implemented UTM systems to restrict the personal use of internet, employees are still responsible for any rogue executables or malware in which they download from their e-mail. If an employee feels they are visiting a website in which they should not be allowed, they should contact IT security immediately at itsecurity@mcbridefinancial.com immediately. 3. McBride IT Security has the right to monitor...
Words: 792 - Pages: 4
...http://homeworklance.com/downloads/acc-202-entire-course/ http://homeworklance.com/downloads/acc-206-entire-course/ http://homeworklance.com/downloads/acc-310-entire-course-week-1-5-latest/ http://homeworklance.com/downloads/acc-340-complete-course-material-wk-1-5-a/ http://homeworklance.com/downloads/acc-400-entire-course-final-exam-guide/ http://homeworklance.com/downloads/acc-407-entire-course-advance-accounting/ http://homeworklance.com/downloads/acc-423-entire-course/ http://homeworklance.com/downloads/acc-455-entire-course-asolution/ http://homeworklance.com/downloads/acc-556-entire-course-forensic-accounting/ http://homeworklance.com/downloads/acc-556-entire-course-forensic-accounting-2/ http://homeworklance.com/downloads/acc-557-complete-course-material/ http://homeworklance.com/downloads/acc-557-full-course-new-updated-2014/ http://homeworklance.com/downloads/acc-561-complete-course-material/ http://homeworklance.com/downloads/acct-212-financial-accounting-complete-course/ http://homeworklance.com/downloads/acct-504-accounting-finance-managerial-use-analysis/ http://homeworklance.com/downloads/acct-505-managerial-accounting-entire-course/ http://homeworklance.com/downloads/ajs-532-entire-course-week-1-6-complete-course/ http://homeworklance.com/downloads/ajs-582-entire-course/ http://homeworklance.com/downloads/bcom-275-complete-course-material/ http://homeworklance.com/downloads/beh-225-entire-course-weeks-dqs-assignments/ http://homeworklance.com/downloads/bis-155-complete-course-material/ ...
Words: 1331 - Pages: 6
...http://homeworklance.com/downloads/acc-202-entire-course/ http://homeworklance.com/downloads/acc-206-entire-course/ http://homeworklance.com/downloads/acc-310-entire-course-week-1-5-latest/ http://homeworklance.com/downloads/acc-340-complete-course-material-wk-1-5-a/ http://homeworklance.com/downloads/acc-400-entire-course-final-exam-guide/ http://homeworklance.com/downloads/acc-407-entire-course-advance-accounting/ http://homeworklance.com/downloads/acc-423-entire-course/ http://homeworklance.com/downloads/acc-455-entire-course-asolution/ http://homeworklance.com/downloads/acc-556-entire-course-forensic-accounting/ http://homeworklance.com/downloads/acc-556-entire-course-forensic-accounting-2/ http://homeworklance.com/downloads/acc-557-complete-course-material/ http://homeworklance.com/downloads/acc-557-full-course-new-updated-2014/ http://homeworklance.com/downloads/acc-561-complete-course-material/ http://homeworklance.com/downloads/acct-212-financial-accounting-complete-course/ http://homeworklance.com/downloads/acct-504-accounting-finance-managerial-use-analysis/ http://homeworklance.com/downloads/acct-505-managerial-accounting-entire-course/ http://homeworklance.com/downloads/ajs-532-entire-course-week-1-6-complete-course/ http://homeworklance.com/downloads/ajs-582-entire-course/ http://homeworklance.com/downloads/bcom-275-complete-course-material/ http://homeworklance.com/downloads/beh-225-entire-course-weeks-dqs-assignments/ http://homeworklance.com/downloads/bis-155-complete-course-material/ ...
Words: 1331 - Pages: 6
...http://homeworktimes.com/downloads/acc-202-complete-course-acc-202-entire-course/ http://homeworktimes.com/downloads/acc-206-entire-course-new/ http://homeworktimes.com/downloads/acc-206-new-week-1-assignment-chapter-one-problems/ http://homeworktimes.com/downloads/acc-206-new-week-2-assignment-chapter-two-three-problems/ http://homeworktimes.com/downloads/acc-206-new-week-2-journal-institute-management-accounting/ http://homeworktimes.com/downloads/acc-206-new-week-3-assignment-chapter-four-five-problems/ http://homeworktimes.com/downloads/acc-206-new-week-3-journal-hershey-company/ http://homeworktimes.com/downloads/acc-206-new-week-4-assignment-chapter-six-seven-problems/ http://homeworktimes.com/downloads/acc-206-new-week-5-assignment-chapter-eight-problems/ http://homeworktimes.com/downloads/acc-206-new-week-5-assignment-final-paper/ http://homeworktimes.com/downloads/acc-212-financial-accounting/ http://homeworktimes.com/downloads/acc-250-complete-course-acc-205-entire-course/ http://homeworktimes.com/downloads/acc-290-complete-course-acc-290-entire-course/ http://homeworktimes.com/downloads/acc-291-complete-course-acc-290-entire-course/ http://homeworktimes.com/downloads/acc-340-entire-course-acc-340-complete-course/ http://homeworktimes.com/downloads/acc-400-complete-course-acc-400-entire-course/ http://homeworktimes.com/downloads/acc-407-entire-course/ http://homeworktimes.com/downloads/acc-455-complete-course/ http://homeworktimes.com/downl...
Words: 3197 - Pages: 13
...Security Evaluation Matthew Williams CMGT/441 1/21/2013 Shivie Bhagan Security Evaluation My evaluation is of the paper “Why Information Security is Hard” by Ross Anderson. This paper is an evaluation that covers an economic perspective of information security in the financial industry throughout the world. Simply summed up by the statement, “The more people use a typical network, the more valuable it becomes. The more people use the phone system - or the Internet - more people there are to talk to and so the more useful it is to each user.” (Anderson, 2001) In the first paragraph Denial of Service (DOS) attacks are described as one of the issues presented by the current security incentive structure. “As an example presented the author states, “While individual computer users might be happy to spend $100 on anti-virus software to protect themselves against attack, they are unlikely to spend even $1 on software to prevent their machines being used to attack Amazon or Microsoft.” (Anderson, 2001) The statement accurately describes what I’d like to call a failure to respond to an indirect threat. Simply because a user is not directly being attacked most assume they are safe and that the statistics are in their favor. Unfortunately, this is rarely the case, like the great library in Alexandria which was destroyed and affects us all even today though indirectly. In a typical connection, the user sends a message asking the server to authenticate it. The server returns the...
Words: 495 - Pages: 2
...Security Policy M CMGT/441 July 14, 2014 Instructor: Introduction This paper will illustrate the needs of a security policy for McBride Financial Services and discuss the issues of implementing the online loan application. A security policy is an essential tool for any organization, these security policy are designed to protect valuable asset of organizations such as data, demographic of clients, account numbers, and other valuable information (Stalling, Brown, Bauer, & Howard, 2008,). The online application will benefit with a security policy set in place. Security Policy The security policy has three essential parts that are the bases on establishing a well designed security policy. These principles are known as confidentiality, integrity, and availability. An organization will rely on the core principles of an effective information security system. (“Information Security, 2014”). Confidentiality. The collection of data such as but limited to; information about employees, customers, products, research and financial status, this information are stored electronic computers for sending or stored for later use (“Information Security, 2014”). Integrity. According to “Information Security” (2014), “means maintaining and assuring the accuracy and consistency of data over its entire life-cycle”. The concept of this security aspect is to ensure that the organization’s data is not modified by an unauthorized person (“Information Security, 2014”). Availability. The...
Words: 383 - Pages: 2
...Information Security Article Evaluation Kathy Newman CMGT/ 441 October 02, 2013 Matthew R. Ahrens, MSIT Information Security Article Evaluation There are several ways to evaluate a website or article. Evaluating allows people, especially students; an opportunity to obtain a better understanding on the value of the objects that is evaluated. This paper will allow the reader to obtain information about one of the major errors in Information Security. Error: Believe it or not, people are still the biggest threat to information security. Most companies report that 78 percent of their errors are because of a breach created by malicious acts or negligence of either past or present employees. But, not everyone has to be within a company to end up with a system that has been breached. Systems can have breaches because of several risks that were taken by people in general. According to a blog [ (Dell - Andrea B, 2012) ], there are at least “10 risky practices employees routinely engage in that are directly related to information security”. The practices are as following: 1) Linking systems to an Internet with an unprotected wireless net. 2) Not getting ride of data on their system when it is no further needed. 3) Giving out security codes. 4) Reusing the identical security codes and screen names on various sites. 5) Using common USB devices not protected or encrypted. 6) Leaving systems logged on while not being in the office. 7) Misplacing...
Words: 554 - Pages: 3
...Information Security Evaluation CMGT 441 June 16, 2014 Information Security Evaluation Introduction In today's age where technology is constantly developing and shifting faster than most individuals can recognize, one feature stand dependable is company resources. Of these resources, none seems more significant in the age of instant media than information. Safeguarding information can be crucial to a failure or achievement of the company. Around 2008 to 2009, a consortium of security specialists from the United States government, private industry, and international organizations generate a list of the 20 most critical security controls against threats on the Internet. Transferred in 2013 by SANS Institute the list is to assist network administrators with the most developed Internet security faults (SANS Institute, 2000-2014). This list was intended for network administrators who are flooded with the security threats that are revealed day by day and not known where to begin. Some software defenselessness is because most effective strikes on computer systems because attackers are opportunistic, and take the simplest path by utilizing the most weaknesses in the systems with extensively accessible attack tools. Hackers rely on individuals and organizations not correcting the faults and frequently attack unsystematically by scanning the cyberspace for defenseless systems. According to SANS Institute (2000-2014), "the present 20 Critical Security...
Words: 615 - Pages: 3
...McBride Financial Services Security Policy xxxxxxxxxxx CMGT 441 November 23, 2014 Professor xxxxxxx McBride Financial Services is a start-up loan company that will provide low cost mortgage services using state-of-the-art technology. McBride has five locations; the locations are in Idaho, Montana, Wyoming, North Dakota, and South Dakota. The clients will consist of the following: * Professionals purchasing either a primary or secondary residence. * Retirees purchasing a primary or secondary residence. * Families and/or individuals purchasing recreational properties With the type of low cost mortgage services being provided the McBride Financial Services will need to implement security polices to protect clients using the services. The Information Security requirements of Online Applications Services have to be more secure than Information Security requirements of a physical bank. Protecting user data has to be a number one priority for any online financial company. The policy will apply to all Online Loan Applications (OLA) and any outsourcing to McBride’s application provider and support staff. The best practices for OLA are as follows: * Ensure Consumers are making educated financial decisions by fully disclosing all Loan terms in a transparent and easy to understand way. * Give Consumers a chance to change their mind by maintaining a reasonable cancellation policy. * Be a company in good standing with the officials and regulatory bodies that govern you...
Words: 682 - Pages: 3
...Security Policy for McBride Financial Services Introduction to Information Systems Security Management CMGT 441 December 06, 2011 Security Policy for McBride Financial Services The following document was developed to respond to a request by McBride Financial Services for a security policy based perceived needs associated within the loan department and issues in implementing online loan applications (OLA). The security policy will address the current need along with any issues that may arise with their online loan application process. The majority of McBride’s customers are comprised of an affluent demographic of professionals, families looking to purchase a home, and retiree’s requesting mortgages (University of Phoenix, 2005). McBride’s customer base is largely well educated individuals who generally keep an eye on personal information and financial records and would most likely be aware of any unauthorized changes. Therefore, it is of extreme importance that McBride Financial secures this data. The areas included in the security policy for the loan department will include the following: • Physical Security Policy • Account Access Controls Policy • Data Backup Policy • Non-Compliance Policy The implementation of electronic key cards will be recommended to McBride as a source of control in the physical security area. This will restrict employees only to have access to areas they are authorized to be in. Any employee accessing an unauthorized area of the...
Words: 596 - Pages: 3
...Security Policy Wendy Lee CMGT/441 July 11, 2013 Marilyn Harris Security Policy A security policy is developed based on perceived needs associated within the loan department and any issues in implementing online application. McBride Financial Services located in the virtual organizations needs a security policy to protect customer information against hackers. Hackers are finding new ways to hack customer information. Identity theft is a leading crime in the world. Developing a security policy for McBride Financial Services can be demanding. Hugh McBride and Abram LaBelle of Smith’s consulting discuss the priorities for safeguarding personal information on a secure website. McBride needs a security policy to satisfy the business needs of McBride Financial Services. McBride discusses securing personal information from both external and internal threats. Majority of McBride customers are families looking to purchase a home. Loan applications are processed online. While processing loan applications, McBride Financial Services has to collect a large amount of customer information. This information may include social security numbers, birthdate, address, credit card information, background information, bank information, credit score, and etc. It is important to secure McBride financial data because McBride’s customer base is well educated individuals, who will keep an eye on personal information and financial needs. The customers will know of any unauthorized changes...
Words: 601 - Pages: 3
...Website Security Paper Instructor: Class: CMGT/441 On June 19 2013 the popular social media website LinkedIn had a DNS hijack which affected all users of the website. According to “Tech Crunch” (2013), ‘’Shortly after the outage began, App.net co-founder Bryan Berg wrote on his blog that the site’s DNS may have been hijacked–in other words, its domain name was redirected to a different IP address”. Often this is the result of an attacker compromising the account used to manage DNS servers. One of the many flaws in LinkedIn’s security design is lacking SSL which means that if you visiting the website while the hack was occurring the cookies would have been sent over the network wire in plain text format and the hijackers would now have access to the payload data. SSL should be used anywhere where communicating information that should not be public. It is a very dangerous assumption to believe that no-one is listening to traffic between user’s computers and the remote server the hackers or black hats do not need direct access to the router it’s a simply listening of the network traffic and the information can be readily available. Without using SSL for sensitive communications, a single machine with a virus on a coworker’s computer is all that is needed for stealing the information of a network and then the compromises truly begin to happen. The availability of an authentication session cookie in an unencrypted form would allow an attacker to gain full access to a user's...
Words: 882 - Pages: 4
...Security Policy Marc Johnson CMGT/441 December 21, 2014 Praful Dixit Security Policy for McBride Financial Services Information Technology (IT) Security Policy I. SCOPE This IT Security Policy has been undertaken In order to safeguard sensitive, confidential, and proprietary information that is passed through the network of McBride Financial Services. The safety and security of such information is vital to the success of McBride Financial Services and any sensitive information that is compromised would be harmful to McBride Financial Services and its efforts as an organization. Use of information technology networks by employees of McBride Financial Services is permitted and encouraged where such use supports the goals and objectives of the organization. However, McBride Financial Services has a policy for the security of the information that is shared trough these networks. Employees must ensure that they: * Comply With the current IT Security policy, * Use information technology networks in an acceptable, safe, and responsible manner, and * Do not create unnecessary risk to McBride Financial Services by their misuse of information technology networks. II. POLICY STATEMENT All members, employees, guests, and individuals are responsible for adhering to this IT policy and maintaining the security of proprietary information shared on the information technology networks of McBride Financial Services. This IT Security Policy is applicable...
Words: 711 - Pages: 3
...Security Policy CMGT 441 Security Policy Current Loan Process McBride currently has two methods of applying for a loan: in-person or online. Either method eventually will return the same results; however, the online application method is faster as customers do not physically have to show up to an office to complete the paperwork. The obvious benefits of completing the loan application online far outweigh the physical appearance; however, there are a few downsides. The major downside is that should customers have questions about any portion of the loan application or loan process, they must either wait until their application has been received and turned over to a loan officer or contact one of eight offices via telephone. Current Security Issues Security of information is a major concern for businesses, but when dealing with the Internet, additional security threats emerge. Because McBride uses both an office setting and an online environment setting to accept loan applications, different security issues are related to each one. In-Person Almost all of McBride’s offices lack proper security features that will protect client information from getting stolen. All buildings located in each of the eight offices lack any sort of surveillance equipment. Because of this, hallways, offices, cubicles, and the parking area are not monitored for potential criminal activity. There are also no security measures in place that protect against unauthorized access into...
Words: 891 - Pages: 4
