Information security Essay

The secrets of an formation ar protected from competitors. Vital training to a argumentation is protected from competitors by establishing a strong system of internal controls. Protecting the info relating to the operations of a business reduces losses to the business. Poor data security practices can creates a lot of costs to the business through data recovery costs, loss of competitive advantage, cost of investigations, and some others. The business builds confidence among the stakeholders when it protects its tuition.The usance of technology has increased galore(postnominal) a(prenominal) risks upon the protection of information of a business. Organizations provide their employees about the guidelines to be followed to protect the information of the business (Chan, Woon & Kankanhalli, n. d. ). Issues relating to information security galore(postnominal) businesses gull trade secrets which need to be protected from their competitors. If the trade secrets are stolen, th e business may incur losses in terms of competitive disadvantages in the marketplace. The increase in competition in the global business has increased the need to protect information which may be used to out-compete a business.The internationalistic law protects the copyrights of each business and gives the authors of original information the exclusive right to use the information. The long term survival of the business in the market depends on the ability to withhold confidential information. Growth and expansion strategies are based on the ability to protect confidential business information. The management should determine which information is important to them and place strict measures to protect it (Chan, Woon & Kankanhalli, n. d. ).The increase in the use of technology has resulted into exposure of internal information about a business to many risks. The computing technology has created information risks which force the management to introduce systems which ensure the protect ion of information. In the recent years, organizations have increased spending on both(prenominal) physical and IT security technologies, (Chan, Woon & Kankanhalli, n. d. , pp. 3). However, several security incidences continue to occur despite the implementation of the security technologies.The internal security issues are done by the employees when they have errors in their operations or they deliberately misuse the information of the organization. Most of the external threats an organization encounters are linked to the internal staff (College of Education n. d). To protect the information contained in the internet and computers, an organization should use passwords. The passwords should be known to the concerned individuals in the organization and should be changed regularly to ensure safety of the data.The information should be under the control of a responsible person and these individuals should be answerable to the management of the organization. Access to the confidential i nformation should be allowed to a special(a) number of employees (College of Education. n. d. ). The management should educate its employees about security issues of the data they handle. Some employees may not have knowledge about the confidential information of an organization and they may expose it to competitors without knowing.The use of such information should be limited to the organizational activities and should be protected against competitors. Employees should be taught how to use the passwords to ensure information security. The emails of the friendship should be provided with strong passwords to ensure no hackers can access information (Tenby, 2002). The government has spoild some businesses and industries which have great influence to the nation by regulating the use of information. The regulations depend on the nature of the institution and its role in the economy.For example, financial institutions and healthcare companies have been regulated since their contributi on to the economy affects many sectors. Laws are established to protect the interests of the organization and to ensure the business environment is conducted in a fair manner (McConnell & Banks). The Sarbanes-Oxley Act was established in 2002 to regulate the protection of businesses as well as improving corporate governance. The Act was introduced to prevent the misuse of corporate information by the professionals especially the auditors, accountants and the managers.The Sarbanes-Oxley Act of 2002 was created to manner of speaking the high rate of failure by publicized businesses, restatement of financial statements and the corporate improprieties. The act requires the management to be responsible for ensuring adequate internal control measures are in operation within the organization. The auditors should report about the effectiveness of the internal controls during the annual audit reporting. The management should introduce internal controls which protect the information of the b usiness as well as ensuring the professional activities are implemented successfully (McConnell & Banks). ConclusionInformation security is of great importance to the business since it prevents competition from other businesses in the market as well as preventing the misuse of information by the employees. Technology has increased the risks associated with the use of information. A large number of frauds pull in the organization are initiated by the internal staff of the organization. The management should provide a system of accountability where the staff should be responsible for the information provided to them. The management should ensure the employees have adequate knowledge about protecting the information of the organization.