Security management is a wide subject of management associated to assets control, human resources, as well as physical securities safety operations. It comprises the marking of a company’s data assets and the documentation, growth, and execution of regulations, steps, standards, and outlines. In network control, it refers to the set of operations, which protects systems and telecommunications links from illegal access by individuals, organizations, acts, or effects and they entail a number of sub functions like developing, controlling, and deleting security services and approaches. This also involves allocating security-significant data, presenting essential incidents, managing the allocation of main items and authorizing users’ access, privileges, and rights. A virus scanner is a form of antivirus program with the ability of searching a system to detect virus signatures. These detected virus signatures normally attach themselves to executable applications and programs like e-mail clients. Consequently, a virus scanner has the ability of either searching all the executable programs during the period when the system has been booted or scanning a file. File scanning is important in the sense that viruses can also change the data or the information in the file (Burns, 2007).
Control tools like the data categorization, risk evaluation, and risk examination are applied to classify threats, weigh assets and rate system susceptibility in order to successfully management may be executed. With the emergence of e-commerce and public Internet, personal computers alongside computer networks, when not sufficiently supervised, are rousingly susceptible to harmful attacks. Viruses, hackers, malicious workers or even human error entirely demonstrate open and severer dangers to networks. All computer applicants right from highest casual Internet users to big organizations, may be influenced by network security breaks. Nevertheless, security breaks may usually be avoided by use of the readily available virus scanners. Risk or viruses being protected by the scanners refer to any action or occurrence with the ability to cause damage to a company by the exposure, alternation, or harming of data, or through the denial of crucial services (Dennis, et al.,1992).
It is clear, therefore, that while the Internet has changed a highly developed the manner in which we conduct business transactions, this enormous network together with its related technologies have opened the door to a rising amount of security dangers that need to be prevented to allow upward business transaction (Brynjolfsson & Hitt, 2000).
In spite of the expensive danger of prospective security breaks, the Internet may be one of the satisfying approach through which individuals can carry out their businesses. People, usually have fears and suspicions while carrying out online transactions, and from that emerges the mistrust of the Internet. This mistrust may restrain the business chances of organizations, mainly those that are entirely Web depended. Therefore, organizations should endorse security regulations and establish precautions, which not just are essential but are also considered as effective. Firms should be in a position to communicate sufficiently the way they have arranged to safeguard their clients (Swanson & Guttmann, 2006).
The capacity of security to assist the vision of a company can be restricted by a number of aspects, like the social matters. For instance, security and workplace privacy may interfere. Usually, security is executed on an IT structure through pointing applicants and trailing their operations. Nevertheless, anticipation of privacy differs and may be broken by a number of security approaches. Despite privacy being a highly essential societal matter, it is not just one. The trend of information, mainly between the citizens and the government is the other condition where security can require adjustments to aid a community objective. Furthermore, a number of validation approaches can be taken intrusive in certain cultures or environments. Security approaches must be chosen and executed with an identification of the appropriate and valid concerns of others. This can entail weighing the security conditions of data applicants and owners with societal objectives. Nevertheless, policies and anticipations adjust in relation to the suitable application of security management. These adjustments can either raise or reduce security (Burns, 2007).
During the company operations, different people always use computers; hence, incident response should be created at network implementation. This denotes the travels in reaction to a network spasm or equivalent incident, which influences networks, and organization information. An incident response plan is focused at framing the reaction processes, which must occur when a network is being confronted or there is compromised security. The incident response plan must help a company while addressing the occurrence in systematic fashion. When the computer are not in use it is advisable to always put them off and disconnect any network cables since they can be used by hackers to get access to company details. Everyone should also be cautious while sending or receiving emails, or other information that look suspicious (Henderson & Venkatraman, 1993).
Use of information technology in business
With the presence of information security like the one of virus scanners in any business, it implies that there must be also information technology that can help in reinforcing business strategy. Therefore, the next session of our discussion is going to focus on the idea of information technology and its application in the business. Consequently, there are several forms of information technologies in any business. However, in this case, we are going to focus on Tracking systems and EDI.
Use of the Technology
- Order Processing
Order processing involves diverse measures of carrying out work in an organization such as packaging, picking up, and delivery of both products and services to the required destination. A business organization should develop software which is effective in taking orders from customers. The company benefits from this system because it helps in unifying all the departments handling the orders, furthermore it enables efficiency in handling of orders. Lastly, Order Processing enables a company to reduce the manual entry of information associated to sales order and does not call for making changes to the existing business practices (Powner, 2009).
- Electronic data interchange
Electronic Data Interchange can be defined as a means of exchanging information between organizations through the use of electronic means. For example a company can transfer electronic documents from one company to another through the use of internet software such as E-mail (Ray & Acharya, 2004).
- Tracking System
To ensure more efficiency in a business organization, the company should launch an electronic tracking system that would supervise the movement of documents and files across different departments. Due to this, the company’s managers and workers should be able to maintain a constant watch over the exchanged of important documents and receipts at different departments in the progression of making decision (Schwalbe, 2010).
Competitive Advantage Tracking systems and EDI to Company
Tracking systems and EDI can support business strategy. The goals of the any given company can be achieved through the use of effective systems, the application of technology so that the transaction process can be carried out in the shortest time possible. This Tracking systems and EDI will benefit the company in various ways such as saving the company’s money. This is achieved by using this system instead of using the normal process of passing information which entails an enormous deal of human interactions and facilities such as paper documents, holding meetings, using faxes, and others (Powner, 2009).
Secondly, the company will benefit a lot in this new system because it will reduce the handling costs such as sorting, organizing and disbursing paper document. Besides, it will reduce the problems of retrieving the lost paper documents. Tracking systems and EDI such as Electronic data interchange will helps the company in reducing the storing space which the paper documents could have occupied. Furthermore, the use of this system will assist the company to reduce the unnecessary expenses such as the cost of manual entry because of the possibility in the system of storing and manipulating data electronically (Henderson & Venkatraman, 1993).
Thirdly, the use of Electronic Data Interchange will reduce errors, for example recording and billing errors. This is possible because the use of the system will reduce the need to rekey documents in the place of destination. Besides, the system is so faster whereby the information send is received immediately. This is very essential for business companies because they can use this information in serving their customers and making decisions which might be used by the subsidiary companies (Rittenberg, 2009).
The human resource managers need to organize their employees so as to select the team to be trained so that they can handle the new system in the company. These employees should be selected basing on their competitive nature, their educational background, and the leadership skills which they posses. It is economical to train few employees because the company will later adopt the in house training whereby the employees who are already trained will train their colleagues. This is necessary for the succession purposes in the organization (Henderson & Venkatraman, 1993).
In any organization, traffic may increase in the company’s website. At this point, there is need to ensure that there is sufficient security in the networks. Intruders also need to be detected and documented. In this case, such network security items as intrusion detection items, firewalls and security zones have to be used to make the network extremely secure (Brynjolfsson & Hitt, 2000).
First and foremost, it is of subtle importance to have security zone facts that will guide every activity. These are portions of network with specific security details and requirements. This zone will have to be introduced in order to assist in filtering and separate the incoming and outbound traffic. This will enable one design a zone to host all networks protected from the internet. Moreover, this zone enables one defines a zone within a specific network to control access to certain servers that hold sensitive details. Some common zones include LAN, FTP and extranet (Venkatesh, et L., 2003).
Switch security facts should be introduced in order to increase the security of the network. Some of these are the virtual LAN, MAC filtering security, and the port authentication. Others are the use of the telephony security facts the transmission media security facts and the wireless authentication encryption facts. All these will server to improve the security of the internet in any connection (Venkatesh, et L., 2003).
Another item that has to be introduced is IDS facts. These are intruder detection systems that are fixed in a special device of networks that has the ability any suspicious activities and attacks via the internet. They made use of the administration of the IDS, in multiple ways to monitor events, alerts and control any sensor device available to the computer. After sensing the traffic, it categorizes them into various levels as positive, false positive and even negative. For effective maintenance of security, it is therefore important to introduce or make use of IDS facts. With the mobile security facts, one should be aware of the various security considerations as the infra red, Bluetooth, PDA smart phone, wireless application among others. These are the applications that pose danger to the security of the network if maximum care is not taken (Venkatesh, et L., 2003).
Implementations and Recommendations
Offering an efficient computer security needs an elaborate mechanism, which involves a range of areas both internally and externally of the computer security area. This elaborate mechanism spreads across the whole data life cycle. To function successfully, security management usually relies on the appropriate functioning of some other measures. The process of scanning computers is a continuous process and need regular updates because they are used in a dynamic environment. The constant security checks are because users and system technologies, information in the systems, related threats, and security conditions change frequently. A number of modifications influence system security: linkage to outside networks, technological growth, an alteration in use or value of data, or the introduction of fresh threats all prompt the need for constant checks. Furthermore, security has never been 100% sufficient when a system is executed. System applicants and controllers initiate fresh approaches to bypass security deliberately or inadvertently. Alterations within the environment or the system may develop fresh susceptibilities. Tough observance to process is seldom and processes become obsolete through time. These matters, therefore, make it appropriate to reevaluate from time to time the security of IT forms (Stephen & Daniel, 2000).
In order to safeguard their clients, organizations should protect their workers and associates from security breaks. This is, therefore, the other reason why security scanners must be readily available to users at all the time. The Intranets, Extranets, and Internet allow quick and successful interaction among workers and other associates. Nevertheless, such interaction and efficiency may of course be limited by the influence of a network spasm. Legislation is the other factor, which pushes for the desire to have security scanners. Government identifies both the significance of the Internet as well as the idea that sizeable amounts of world economic output are based on it. Virus scanners are therefore very vital in providing security to information.
Bloomfield, B. (1997).Information technology and organizations: strategies, networks, and integration. New York, NY: Oxford University Press.
Brynjolfsson, E. & Hitt, L. (2000). Beyond Computation: Information Technology, Organizational Transformation and Business Performance.The Journal of Economic Perspectives.Vol. 14, No. 4 (Autumn, 2000), pp. 23-48
Burns, B. (2007). Security power tools. New York, NY: O'Reilly Media, Inc.
Dennis A. Adams, R. Ryan N. & Peter A. (1992). Perceived Usefulness, Ease of Use, and Usage of Information Technology: A Replication.MIS Quarterly.Vol. 16, No. 2 (Jun., 1992), pp. 227-247
Henderson J. C.& Venkatraman, N. (1993). Strategic alignment: leveraging information technology for transforming organizations.IBM Systems Journal archive.Vol.32(1), January 1993
Kurtz, D. and Boon, E. L. (2009) Contemporary Business 2009 Update. New York, NY: Cengage Learning New York, NY: Cengage Learning.
Powner, D. (2009). Information Technology: Federal Laws, Regulations, and Mandatory Standards for Securing Private Sector IT Systems and Data in Critical Infrastructure Sectors. New York, NY: DIANE Publishing.
Stephen D. & Daniel E. (2000).The Resurgence of Growth in the Late 1990s: Is Information Technology the Story? The Journal of Economic Perspectives.Vol. 14, No. 4 (Autumn, 2000), pp. 3-22
Swanson, M. and Guttmann, B. (2006). Generally Accepted Principles and Practices for Securing Information Technology Systems. Retrieved on December 5, 2011, from <http://csrc.nist.gov/publications/nistpubs/800-14/800-14.pdf>
Venkatesh, V., Michael G. Morris, G.,& Fred D. (2003). User Acceptance of Information Technology: Toward a Unified ViewMIS Quarterly.Vol. 27, No. 3 (Sep., 2003), pp. 425-478.