VA Information Security

In your opinion, how hearty develop ar your administrations culture credentials policies? Describe policies and measures holdd by your placement to go through confidentiality, availability and dependableness of info and teaching. Describe how the governing could (or does) nourish from the loss its data. What steps could (or do) they take to suck in sure that data remains brotherly in the event of a harmful event much(prenominal) as a fire or other graphic disaster? What things do you think your organization could do to further enhance study credentials? Name UniversityCourse omnibus Date In your opinion, how well substantial be your organizations culture aegis policies? Describe policies and measures used by your organization to ensure confidentiality, availability and dependability of data and teaching. Describe how the organization could (or does) protect from the loss its data. What steps could (or do) they take to draw sure that data remains frie ndly in the event of a harmful event such as a fire or other pictorial disaster? What things do you think your organization could do to further enhance breeding warrantor?Information protective covering policies argon measures taken by organizations to ensure the security department and natural rubberty of teaching of an organization (St completelyings, 1995). The policies of an organization pertaining to entropy and data are bench marks and core resource in any organization. This paper looks at the culture security situation in the fall in States Department of Veteran Affairs (VA) with an start of analyzing the organizations information security policies, standards and measures used by the organization to ensure confidentiality of its information.VA has in the recent years been on the spotlight concerning its information security break specifically it has been accused of being rattling(prenominal) vulnerable to information security breaches. VA lacks information control dodging which is vital in nark to the organizations information system. VA also lacks enough physical aegis of computer facilities, manything which leaves its information stored in computers very vulnerable to burglary.In terms of the man means in information, security the organization data and vital information is slowly accessible to a wide run for of staff some of whom do non require access to the information. VA is currently set about the threat of information security in the areas of personal identification information, loss of data, availability of data to unauthorized persons, or utilize of information and should deal with the above issues in order to ensure maximum information security.The information security policies at VA imply well laid out procedures for implementing and dis draw of day-to-day data and information, controlling the employees access to data and information, careful selection of security controls. VA has enacted steps aimed at prote ction its information systems, further it has safeguarded the nearby buildings by do sure that recommended fire protection as well as other hazards such as floods and wind. The equipment at VA is also safe guarded from any hazards such as , natural, environmental, as well as unauthorized access.In addition, access of data in VA is well safe guarded by use of non-easy-to-hack passwards. These are comprehensive and in compliance with ISO standards. At VA, such are updated very regularly. There is also a full pledged department for documentation the information system of the organization. Since human factor plays a very vital business office in information security, alongside the scientific issues are human oriented efforts such as awareness campaigns and seminars aimed at enhancing security in VA.Examples of technological based security measures adapted by VA include the installing of firewalls, installation and constant upgrading and updating of antivirus software, on base the above, VA ensures the security measures are controlled through use of security alarms, when thither is impending riskiness as well as ensuring that all incoming emails are scanned. VA has invested in restricted staff and consequently, the quality of security forethought is guaranteed. In terms of physical security, VA has invested in security attention.In terms of reacting to security breaches, VA has a clear reporting system which culminates in thorough investigations and appropriate course of actions once breaches are reported to the management Disasters can, and do strike when least anticipate and if no proper systems are in place for data recovery, massive slander and loss of information as well as equipment can be suffered. The address is very high and sometimes it is irreparable. some(prenominal) data protection measure essential take into account the facilities, data, hardware and mesh big topology safety (Summers, 1997).At VA, the data is valuable and is crucial since it entails details of veterans information and if this was to be lost, it can not be regained. by chance the hardware, the facilities, and the networks can all be reconstructed. The data protection strategies at VA include, back ups there exists hard copies of data stored in variant locations. Such back ups also are available in online backups and disks. It will be wise though, for VA to include snapshots of disks to act as back ups in the event of data corruption as well as carrying out these back ups regularly.VA can significantly improve its information security by readying all staff on the information policies as well as standards and draw sure such are comprehensive and updated (Neumann, 1995). This is necessary and relevant to VA because some of the information breaches reported there, in the foregone were related to lack of stringent policies. By ensuring that, evaluation of systems is done properly forward system change over in order to avoid setbacks. By train ing employers on enhanced security measures such as use of passwords ensuring commitment from top management to safeguard information.Virus attacks are common in computer networks therefore it is highly commendable that, VA ensures installation of effective anti-virus software. There is a need to occupy secure and restricted areas for systems. Although data encryption is highly commended, access should be guaranteed to make sure that no an authorized person gains access to the back-ups. System hardening is highly recommended since data in VA system is potentially useful and of interest to hackers and therefore it is not unlikely that hostile networks may tone-beginning to hack the information.