Fill in Order Details

  • Submit paper details for free using our simple order form

Make Payment Securely

  • Add funds to your account. There are no upfront payments. The writer will only be paid once you have approved your paper

Writing Process

  • The best qualified expert writer is assigned to work on your order
  • Your paper is written to standard and delivered as per your instructions

Download your paper

  • Download the completed paper from your online account or your email
  • You can request a plagiarism and quality report along with your paper
Posted on by admin

Insider Theft of Intellectual Property

Insider Theft of Intellectual Property

Insert name

CSIA 303 Foundations of Information System Security

Introduction

Advances in technology and social media networking have provided even the smallest of businesses with the opportunity to extend their business boarders and create a more diverse customer base. While a great asset for the company, this increased visibility is accompanied by increased risk and vulnerabilities as it pertains to preserving the company’s mission, purpose, and goals. In enabling the ability to conduct business online by collecting personal information through a network, accepting online payments, and implementing a password protected portal, small businesses open themselves to previously unknown risks and can suffer great loss at the hands of a malicious individual. Such a breach causes loss not only in the realms of finances and privacy, but also in the sense of the company’s reputation and reliability. This loss is even greater when it happens because of someone on the inside. Fortunately, systems exist that can aid in the protection of confidentiality, integrity, and availability while protecting against risk.

Security Threats and Vulnerabilities

According to Egan (2004), the most common security threats and attacks that occur within a network come in the form of a worm, Trojan, or virus. Each presenting with its own set of dangers, these three entities have the ability to infiltrate an entire system and shut down a business in a relatively short period of time if they go undetected. Having a information security system in place that not only identifies the risk but eliminates it is key. In addition, the following elements must be addressed in order to provide the highest quality of service to customers:

Confidentiality – When collecting sensitive data, whether it be from customers or employees, it is the responsibility of the company to protect that information from being placed into the hands of a malicious individual. It is it the company’s responsibility to protect the consumer’s/employee’s privacy.

Integrity – Refers to maintaining the consistency, accuracy and trustworthiness of data over time (Fitzgerald, 2012). It is imperative that data be protected by an authorization code/password given only to a select few individuals.

Availability – Ensuring that the company’s network is running at all times, providing customers and employees with efficient service while protecting against malware.

Non-repudiation – An unique and personalized data signature that denies an individual the capability of saying that they did not perform a specific action (McCullagh & Caelli, 2000).

Authentication – Service that provides proof that a particular individual performed a specific action

Authorization – Determines who has access to what according to role, title, job responsibilities, etc.

Risk – The function of the likelihood that a threat will occur (Elky, 2006).

A well thought out and effectively implemented information security program can assist in addressing the key elements listed above while also protecting against malware.

Recommended Technologies

Insider theft of intellectual property is a loss many companies may experience at one point or another. One of the major reasons that this theft occurs is the lack of policy surrounding appropriate interactions on the company networks as well as poorly defined consequences that will result from engaging in particular actions (Fitzgerald, 2012). There are two very effective ways to combat this:

Issue-specific policies. The greatest way that companies can safeguard their assets against insider theft is to create issue-specific policies that address the ways in which employees communicate as well as access authorizations, sharing restrictions, and external storage devices that are allowed on the system.

Automated risk assessments. Another way in which companies can safeguard against insider theft is through software that identifies, assesses, monitors, and eliminates system attacks and threats. This type of software is available to small businesses at an affordable rate and provides vast protection.

In addition to the above, the NISTIR 7621 (NIST, 2009) suggests installing commercial spyware and virus scans onto network computers and having them run automatically on a consistent basis both to assess risk and search for updates. Additionally, employee home systems and laptops should be secured with firewalls in order to ensure security of information outside of the office.

Impact

By implementing issue specific policies and automated risk assessments, small business safeguard their ideas, customer base, and future inventions. Billions of dollars are lost and company information is compromised annually as a result of insider theft (Cappelli, Moore, & Trzeciak, 2012). By planning ahead and anticipating the risks involved with conducting business through technology, small business can save themselves from great loss and potential extinction.

References

Cappelli, D.M., Moore, A.P., & Trzeciak, R.F. (2012). The CERT guide to insider threats: Insider theft of intellectual property. Pearson Education, Inc.: Upper Saddle River, NJ.

Egan, M. (2004). Executive guide to information security: Threats, challenges, and solutions. Pearson Education, Inc. : Upper Saddle River, NJ.

Elky, S. (2006). An introduction to information system risk management. Retrieved from: https://learn.umuc.edu/d2l/le/content/27177/viewContent/1532342/View 

Fitzgerald, Todd. (2012). Information security governance simplified: from the boardroom to the keyboard. [Books24x7 version] Available from http://common.books24x7.com.ezproxy.umuc.edu/toc.aspx?bookid=47187.

McCullagh, A., Caelli, W. (2000). Non-repudiation in the digital environment. Risky Monday. 5(8). Retrieved from: http://pear.accc.uic.edu/ojs/index.php/fm/article/view/778/687National Institute of Standards and Technology. (2009). Small business information security: The fundamentals (NISTIR 7621). Gaithersburg, MD: Department of Commerce.

ORDER A SIMILAR PAPER AND DELEGATE FULFILMENT OF YOUR ASSIGNMENT TO EXPERT ACADEMIC WRITERS. PLAGIARISM-FREE, GUARANTEED A, TIMELY DELIVERY.

strategic planning visioning session

WHAT OUR CURRENT CUSTOMERS SAY

  • Google
  • Sitejabber
  • Trustpilot
Zahraa S
Zahraa S
Absolutely spot on. I have had the best experience with Elite Academic Research and all my work have scored highly. Thank you for your professionalism and using expert writers with vast and outstanding knowledge in their fields. I highly recommend any day and time.
Stuart L
Stuart L
Thanks for keeping me sane for getting everything out of the way, I’ve been stuck working more than full time and balancing the rest but I’m glad you’ve been ensuring my school work is taken care of. I'll recommend Elite Academic Research to anyone who seeks quality academic help, thank you so much!
Mindi D
Mindi D
Brilliant writers and awesome support team. You can tell by the depth of research and the quality of work delivered that the writers care deeply about delivering that perfect grade.
Samuel Y
Samuel Y
I really appreciate the work all your amazing writers do to ensure that my papers are always delivered on time and always of the highest quality. I was at a crossroads last semester and I almost dropped out of school because of the many issues that were bombarding but I am glad a friend referred me to you guys. You came up big for me and continue to do so. I just wish I knew about your services earlier.
Cindy L
Cindy L
You can't fault the paper quality and speed of delivery. I have been using these guys for the past 3 years and I not even once have they ever failed me. They deliver properly researched papers way ahead of time. Each time I think I have had the best their professional writers surprise me with even better quality work. Elite Academic Research is a true Gem among essay writing companies.
Got an A and plagiarism percent was less than 10%! Thanks!
prevnext

ORDER NOW

CategoriesUncategorized

Consider Your Assignments Done

“All my friends and I are getting help from eliteacademicresearch. It’s every college student’s best kept secret!”

Jermaine Byrant
BSN

“I was apprehensive at first. But I must say it was a great experience and well worth the price. I got an A!”

Nicole Johnson
Finance & Economics

ORDER NOW

Our Top Experts

See Why Our Clients Hire Us Again And Again!


OVER

10.3k
Reviews

RATING
4.89/5
Average

YEARS
13
Mastery

Success Guarantee

When you order form the best, some of your greatest problems as a student are solved!

Reliable

Professional

Affordable

Quick

See our Results

ORDER YOUR ASSIGNMENT NOW

Using this writing service is legal and is not prohibited by any law, university or college policies. Services of Elite Academic Research are provided for research and study purposes only with the intent to help students improve their writing and academic experience. We do not condone or encourage cheating, academic dishonesty, or any form of plagiarism. Our original, plagiarism-free, zero-AI expert samples should only be used as references. It is your responsibility to cite any outside sources appropriately. This service will be useful for students looking for quick, reliable, and efficient online class-help on a variety of topics.