Sunday, April 5, 2015

Week 12 Blog Response

Hello and welcome to the Security Administration blog. Below you will find questions pertaining to the text, the course, or the security industry. Please select and answer/respond to at least one of the questions before Midnight Wednesday. To promote full coverage of the topics, try to respond to a question that has not yet been responded to. Place your answer/response in the comment section. To ensure clarity repeat the question in your answer/response, e.g. "3. What are three precautions that can minimize computer crime? One of the three precautions that can minimize computer crime would be to…" Next, reply to at least one of your classmate's answer/responses, below their comment, before Midnight Sunday.

1. Define the difference between policy and procedure.
2. How would you recommend integrating the use of mobile devices into your Security Department?
3. What are three precautions that can minimize computer crime?
4. Compare and contrast three types of devices/methods that can be used to store data. Which is most secure, and which is least secure?
5. How do Electronic Access Control Systems collect data, and what are some inherent risks associated with this type of data collection?
Direct any questions or concerns to me at EMatthews@Park.edu
Posted by at
Labels:

18 comments:

  1. Kendra SnowdenApril 7, 2015 at 1:08 PM

    1. Define the difference between policy and procedure.

    Policy is the statement of what management wants to be done. It also tells the purpose of what is to be done within the company. While on the other hand procedure is defined as the steps that need to be taken in order for the policy to be followed through. These steps are detailed and requires its employee to follow the instructions or plan laid out in order for the overall outcome to be successful for management. The difference between these two is that one talks about what needs to be done and the other tells you how to do it, so Policy is the talk and Procedure is the walk. POP!

    P.olicy O.bjective P.rocedure!

    ReplyDelete
    Replies
    1. UnknownApril 8, 2015 at 2:16 PM

      I totally agree with you Kendra!
      When I think of policy and procedure, I think of policy being the code of the management and procedure, being like what you mentioned, the steps of how to fulfill that specific policy for the management.

      Delete
  2. Justin WilliamsApril 8, 2015 at 1:15 PM

    What are three precautions that can minimize computer crime?

    3 precautions that can minimize computer crime are
    1. Create difficult passwords
    2. Have good anti-virus software
    3. Have a firewall
    other potentials
    4. Have backups
    5. avoid phishing

    ReplyDelete
    Replies
    1. UnknownApril 8, 2015 at 4:12 PM

      Mr. Justin,

      I definitely like your added two precautions. However, have you considered that by having multiple backups, it becomes a greater risk of them being stolen or copied? Though I have no doubt that these backups would be housed in secured storage, or something suchlike, I ran across an article written about digital data storage, and they mentioned that by minimizing the number of copies, one reduces the possibility of theft and copying, however; by the same account, by increasing the copies, one minimizes the amount of destruction that can be wreaked upon the data. Thoughts?

      Delete
    2. Theodore McCordApril 19, 2015 at 4:08 PM

      I agree with you Mr. Pooker. I would limit the amount of copies MAYBE to just one if any at all. Having more then that just, like you said, make the risk of theft a lot larger.

      Delete
  3. UnknownApril 8, 2015 at 2:28 PM

    How do Electronic Access Control Systems collect data, and what are some inherent risks associated with this type of data collection?

    I don't know... I will figure it out. haha

    ReplyDelete
    Replies
    1. UnknownMay 5, 2015 at 8:34 PM

      This comment has been removed by the author.

      Delete
    2. UnknownMay 5, 2015 at 8:36 PM

      When a credential is presented to a reader, the reader sends the credential’s information, usually a number, to a control panel, a highly reliable processor. The control panel compares the credential's number to an access control list, grants or denies the presented request, and sends a transaction log to a database. When access is denied based on the access control list, the door remains locked. If there is a match between the credential and the access control list, the control panel operates a relay that in turn unlocks the door. The control panel also ignores a door open signal to prevent an alarm. Often the reader provides feedback, such as a flashing red LED for an access denied and a flashing green LED for an access granted.

      I got this from park online library.

      Chen, W., Liu, X., Dai, P., Chen, Y., & Jiang, Z. (2014). 10.2 Access of Subway Integrated Supervisory and Control System and All Levels of Mechanical and Electronic Subsystems. In Trans Tech Publications Ltd.

      Delete
  4. UnknownApril 8, 2015 at 4:08 PM

    4. Compare and contrast three types of devices/methods that can be used to store data. Which is most secure, and which is least secure?

    With information gleaned from the text, the three types of devices/methods that can be used to store data are: hard drives, CD/DVD discs, and USB drives.
    The most secure method of storage would most likely be an internal hard drive as this can be locked down within a computer that is immovable, and can also be encoded to a great extent.
    Followed by this, I would estimate that a disc (CD or DVD) would be the next secure/ It is more easily transported (less secure), but it can be written with encoded information, and can be written also, in such a way as to make rewriting, and copying very hard (more secure).
    The least secure, I would estimate, would be the USB (or other) flashdrive. Though this can be digitally encoded, it is extremely small, and easily concealed. As such, it can be taken, dropped, or misplaced with great ease, thereby making it much less secure.

    As was noted in class on Wednesday, this chapter is severely dated and as such, it has missed a number of things. One data storage option that is becoming more and more common now, is the cloud storage. In terms of security, I can see the advantages of cloud storage (it is easily accessible), but it is also entrusting the data to a third party. Unless, of course, the company is large enough to have its own cloud storage offsite. I know that there are numerous encryption programs out there that are extremely good, but I still have my doubts concerning the entrustment of sensitive material to a third party.
    Perhaps I am a bit oldschool heralding back to the old saying, "Three can keep a secret, if two of them are dead".

    ReplyDelete
    Replies
    1. UnknownApril 8, 2015 at 8:12 PM

      With as fast as technology changes, this text may have been outdated as soon as it was printed.

      Delete
    2. UnknownApril 8, 2015 at 8:21 PM

      I could hardly agree more with you, Mr. Justin. It seems like every time we turn around, something newer, and better has just come out. No matter how soon the last newer and better thing had just come out.

      Delete
    3. Theodore McCordApril 19, 2015 at 4:06 PM

      It seems to me that each time something comes out or updates it makes us more vulnerable though. Look at apple and all of the updates that they push out. Everyone wants them and gets them and them the network crashes , which makes us more susceptible to attack of any sort.

      Delete
  5. UnknownApril 8, 2015 at 8:04 PM

    1. Define the difference between policy and procedure.
    A. Policy is what management wants done and why management wants it done, and procedure is HOW management wants it done.

    ReplyDelete
    Replies
    1. Justin WilliamsMay 4, 2015 at 7:57 AM

      Policy could also include who does it.

      Delete
  6. Kendra SnowdenApril 8, 2015 at 10:44 PM

    Yes, this reminds me of the process that Dr. Matthews had showed us in class and on the Power Points the POP. Policy, Objective and Procedure which had a good explanation of both. Policy is what employment wants done and Procedure is the steps that will be taken to do so.

    ReplyDelete
  7. BJ WatsonApril 16, 2015 at 1:07 AM

    What are three precautions that can minimize computer crime?

    3 precautions that can minimize computer crime are
    1. Create difficult passwords
    2. Have good anti-virus software
    3. Have backups

    ReplyDelete
  8. Theodore McCordApril 19, 2015 at 3:59 PM

    . How would you recommend integrating the use of mobile devices into your Security Department?

    SInce cell phones are all majority smart phones now I believe they can be utilized in a plethora of ways. Integrating them would not be hard since they could pretty much work with the same functions as any computer in any office. They can even utilize the same programs and alert systems. Take a video security system for example. There a many systems out there that have made it possible for one to monitor feed from home at work with just the press of a button on a cell phone. Another way the a cell phone can be integrated is doing daily logs as security officers. If you can access a program from your phone that allows you to do your log on the go, it would be a lot easier.

    ReplyDelete
  9. Sydney HeardApril 26, 2015 at 10:24 AM

    Policy and procedure are distinguishable in they organization and level of operation. While policy is a widespread application of sorts, procedure is a narrow application. Policy would answer major issues within operation, while procedure answers the "how" and "why". Policy is expressed in broad terms, while procedure is very accurate and specific.
    More or less, policy is a formal guide to execute activity, and procedure is the operational process required to do so.

    ReplyDelete

Subscribe to: Post Comments (Atom)