Community for Human Resource Management Community for Human Resource Management Think HR, Think CHRM
Home Community CHRM Briefcase Knowledge Center Directories Articles Blogs Business Forms
 
  
  |  You have to become a member before you can post messages, download files and presentations  |  Participate & Contribute through your postings, accumulate points & get promoted within the community  |  To view last week website activities, visit the Archive section
Human Resources
Administration
Attrition and Retention
Business Etiquettes
Capacity Building
Career Planning
Case Studies
Certifications
Change Management
Coaching & Mentoring
Communication Strategy
Compensation & Benefits
Corporate Social Responsibility
Employee Relations
Ethics & Values
Heath, Safety & Well Being
HR Metrics & Measurement
HR Outsourcing
Industrial Law & Discipline
Knowledge Management
Motivation & Leadership
Organization Development
Organizational Reforms
Performance Management
Policies & Samples
Recruitment & Staffing
Technology
Training & Education
Workforce Acquisition


Self Excellence
Personal Development
Spiritual Insights
Tales of Wisdom


MBA Students
Career Resources
Entrance Exams
Indian B-Schools
International MBA
Project / Internship


Website Support
Help


Archive
   Data Security Challenges

The term data security is used interchangeably with the terms information security and data privacy. Data security deals with the availability, integrity and confidentiality of data. When information as well as the controls used to secure it is available for use, data is said to be available. When the available information is not prone to modification or deletion without proper authorization the integrity of the data is said to be maintained. Information is confidential if it can be used only by those who are authorized to use it.

Risk management is the most important component of data security. According to the CISA Review Manual 2006, “Risk management is the process of identifying vulnerabilities and threats to the information resources used by an organization in achieving business objectives, and deciding what countermeasures, if any, to take in reducing risk to an acceptable level, based on the value of the information resource to the organization.” There are three major kinds of control used to counter risk to data security. Procedures, policies, standards and guidelines are known as administrative controls. When data and software is used to control access to information, it is known as logical control. When physical entities are used to guard the information systems and the work environment, it is known as physical control.

Some of the most common security myths are: most damage is caused by hackers; data can be made completely secure through encryption; and, data can be made secure by using firewalls. In fact, about 80% damage is caused by insiders, encryption must be supported by integrity, availability and control, and 40% of data damage occurs even when a firewall is present. The most prevalent data security risks are data tampering, data theft, eavesdropping, false user identities, threats related to passwords, unauthorized access to information, and complex management requirements.

There are four aspects to the safe handling of data security challenges: security planning, incident response plans, change management and disaster recovery planning. The security planning stage involves creating the reporting structure and strategic plan, risk assessment, budgeting, establishment of policies and standards, and training. Incident response plans are comprised of selection of team members and delegation of roles and responsibilities. Change management involves direction and control of modifications made to the information systems. Change may be requested and then approved, or it may be planned, approved, tested, scheduled, communicated, and then implemented and documented. This change must be followed-up from time-to-time. Disaster recovery planning is comprised of preparation of back-up, identification of stakeholders and prioritization of business functions and assets.

Data security is an important component of businesses as breach of security may lead to a lost client or even bankruptcy. The challenges must be assessed and weighed before preparing plans to deal with them.


Become a Member Free Subscription    Sign Up
Workplace Knowledge Base of Articles
Briefcase (Basic HR Questions)
Vendor Consultants Directory
Management Schools Directory
Community for Discussions
Community Archives for Articles/Topics
Powerpoint Slides & Presentations
Business Forms
Regular Additions of Knowledge based Content
Exhaustive Functional Based Forums
Contribution of Content
Blogs
Poll/Survey Participation and Results
Knowledge Center
Daily Digest Newsletter
Weekly eBulletin
 
 


 
Send Invition Send Invitation
 
 
Send Invition Related Articles
Corporate Social Responsibility : Key Challenges and Implementation
HR Challenges in IT Industry
Hiring Challenges for mid-level Managers
Challenges for human resource practitioners
 
Send Invition Related Discussion
Salary Survey Data
Information Security Policy
Practice for Information Security Management
Termination on grounds of falsification of data
HR challenges related to foreign parent orgn.
What are some of your biggest challenges?
 
 
 

© Copyright - 2008 to 2009, CHRMGlobal.com, All Rights Reserved. - Terms & Conditions | Privacy

A posting is strictly the opinion/comment of its author and never the official position of CHRMGlobal.com
Designed and Developed by WeTheDevelopers