11.1 - The Role of the Operations Department

Companies perform important pieces of “due care and due diligence” efforts which include correct policies, procedures, standards, and guidelines. These due diligence efforts require responsible, careful, cautious, and practical company practicing. It is important to identify systems and operations that are sensitive (meaning they need to be protected from disclosure) and critical (meaning they must remain available at all times). Organizations consider many threats including disclosure of confidential data, theft of assets, corruption of data,...

10.3 - Software Development Life Cycle

The Software Development Life Cycle consists of requirements gathering, design, development, testing/validation, and release/maintenance. Requirements gathering: Determines the why create this software, the what the software will do, and the for whom the software will be created Design: deals with how the software will accomplish the goals identified Development: programming software code to meet specifications laid out in the design phase Testing/validation:...

10.2 - System Development Life Cycle

A life cycle is a representation of development changes. Systems have their own developmental life cycle, which is made up of the following phases: initiation, acquisition/development, implementation, operation/maintenance, and disposal. These together are referred to as a system development life cycle (SDLC). Initiation: Need for a new system is defined Acquisition/development: New system is either created or purchased Implementation: New system is installed into production environment Operation/maintenance: System is used and cared for Disposal:  System...

10.1 - Where Do We Place Security?

Different Environments Demand Different Security - Network and security administrators are overwhelmingly having to integrate various applications and computer systems to keep up with company demand. Environment vs Application - Application controls and are very specific to their needs and in the security compromises they understand. Functionality vs Security - Code security and functionality is inherently built-i...

9.3 - Ethics

Ethics are based on many different issues and foundations because of this they are interpreted differently on an individual basis. Computer Ethics Institute is a nonprofit organization that works to help advance technology by ethical means. The Computer Ethics Institute has developed its own Ten Commandments of Computer Ethics: Thou shalt not use a computer to harm other people. Thou shalt not interfere with other people’s computer work. Thou shalt not snoop around in other people’s computer files. Thou shalt not use a computer to steal. Thou...

9.2 - Intellectual Property Laws

Intellectual property laws do not always concern themselves with what is right or wrong. Its main focus is on how organizations and individuals protect what they rightfully own from unauthorized use. This provides these entities options for what they can do if these laws are violated. Trade Secret This is something that is proprietary to an organization and vital for its profitability  and survival. For example, the trade secret that Coca-Cola owns is the formula used for their soft drink. This resource is highly confidential and protected...

9.1 - Complexities in Cybercrime

A majority of cyber attackers rarely caught because they mask their identities and addresses, this is known as spoofing. As we know, these attackers hack into networks, retrieve any resources they sought, and wipe clean all logs that may have tracked their activity. Often times, companies do not even know they have been violated. The Evolution of Attacks In the early days of computing, hackers were mainly made up of people who just enjoyed the thrill of hacking. True hackers saw this as a challenging game without any real intent of harm or damage....