Information Security System of Foodland Supermarkets Free Sample

Question: Describe about the Information Security System of Foodland Supermarkets. Answer: Introduction Overview of strategic information security With the new emphasis on both the physical and digital information insecurity issues resulting from illegal users and terrorist threats, Asani (2014) points out that many organizations and information security professionals focus on strategies that will help in curbing the issue. Every business currently tries to adopt security systems that will help in protecting the information assets of their businesses. As a result, Kearney andKruger (2016) assert that emphases are made of the broader roles of the different information security systems. The resulting effect is sound security policies in line with the strategic goals that provide insights to organizational managers and IT professionals on issues that are surrounding the protection of valuable information assets (D'Arcy, Herath Shoss 2014, p. 286). In this century, information security system is an emerging issue that has become a big issue in the information systems. Therefore, a strategic information security is used to help in achieving the strategic security goals of an organization (Boss et al. 2016, 850). With the competitive business environment of the 21st century, information security is a major issue that requires strategic planning and implementation so that every organization can be equipped with the insecurity issues experienced in the current market. However, Boss et al. (2015) reiterates that effective information security systems rely not just on procedures and policies or even hardware and software, but hinges on a mindset that the security of an organization is a core part of the business management other than just an afterthought. Objective of the report With the advancement in technology, businesses have not only progressed positively but have also been exposed to different threats according to Sohrabi et al. (2016, p. 56). Information insecurity is hence a major issue of the current business century with increasing reports of fraud, leakage of business secrets, corruption, information loss among other challenges as identified by D'Arcy, Herath, and Shoss (2015, p. 290). It is thus aimed at giving a description of the importance of Information Security systems and the role it plays in the organization. The paper is thus aimed at providing the overview and analysis of the current information security threats and challenges experienced in the current business. Like Foodland Supermarkets, Asani (2014) points out that once an organization incorporates security information systems, it boosts its security and competitive ability, among other useful management practices and effectively use their human resources thus increasing the producti vity of the resources. The management of Foodland Supermarkets can thus take note of its key objectives in their information security system to identify the possible areas of development. Structure of the report This paper presents a case study of the Foodland supermarkets in Australia. The paper gives a case study overview of the information security systems of Foodland Supermarkets adopted with the aim of not only improving the customer satisfaction and increasing their customer base but boosting the security as well. The paper thus begins by presenting an overview of information security systems and the current issues facing the handling of the general information in the current business. With Foodland Supermarkets as a case study, the paper addresses strategies adopted in controlling risks to information security adopted protection mechanisms, and analysis of the personnel involved in the process. It as well examines the PRT network monitor as well as the laws and ethics behind an information security system that governs organizations such as Foodland Supermarkets while implementing the information security systems. Information security assessment and organizational discussion Controlling risk When Colin Rugless made a retirement decision, he needed a clear succession strategy so as to pass the ownership as well as the management of the four Foodland stores to his son and daughter. It was a renowned family business in the community that had a successful performance and management history in the food industry. The succession hence required a strategic solution that would not only provide a peace of mind for Mr. Colin but would also protect the hard-earned assets and maintain the good reputation of the business. Buck (2013) in his article reports that challenges of insecurity were a major issue as a result of technological advancement that was becoming a vital requirement so as to remain competitive in the food industry. As a result, the management and the employees adopted information security systems as one of the modern ways of embracing technology while maintaining the security of the business as well. The adoption of the strategy was adopted under three major steps. First, Foodland Supermarkets ensured that the management and the employees of Foodland Supermarkets received through education and training on information security. In their study, Chen, Ramamurthy, and Wen (2012) point out that education and training is one of an essential information security issues currently affecting many businesses. It has thus been identified by IT directors, CISOs, managers, and staff among other security stakeholders as a major requirement for any business with a competitive strategic objective in the current technological business environment (Cram, Brohman, Gallupe 2016, p. 89). Foodland Supermarkets hence ensured that they went ahead in providing awareness on information security to the staff as a mandatory procedure in their selection and recruitment process as well as training and development for employees. The training process integrated the assistance of external IT communicators and security professionals, some of who were employed by to ensure the p rocess is efficient. Secondly, Foodland Supermarkets management developed an achievable and effective information security system that will strategically respond to the culture and business operation of the food industry so as elevate the security concerns within the business. According to Chatterjee, Sarker, Valacich (2015), effective information security systems helps in outlining high-level priorities and strategic goals of an information security program adopted by an organization. Te strategies should thus demonstrate the relationship of the relationship between the information security and the overall organizational mission so as to identify how the system will assist the organization in achieving its strategic security objectives. Adopting the system has thus enabled the organization to prioritize investments and resources towards information security. Thirdly, the organization planned and implemented next-generation security technologies that can effectively respond to the evolving security threats faced by food industries as a result of the advancement of technology. With the increase in the cloud security concerns and the internet technology, Yue (2015) points out that there are other emerging information security sophisticated threats. It is hence necessary that Foodland Supermarkets adopts technologies and tools that can help in the identification and mitigation of both the existing and emerging threats as one of the utmost essential to the employed IT communicators and security professionals. According to Sohrabi et al. (2016), the planning for an effective next-generation security procedure needs to be done in agreement with the modern ethical legislations and security protocols. As a result, Foodland Supermarkets is assured of integrating the relevant and ethical IT architecture components and roadmap infrastructure that wi ll ensure a secure and stable environment for the business operation of the enterprise. Protection and information security mechanisms With assistance from external advisory committees, the new management held a frequent meeting with the advisory so as to come up with strategic security objectives, management procedures, and necessary counseling that would see the business through to the next level. Such a step hence gave the new management clear understanding of some of the vital insecurity threats that needed to be addressed among other vital management issues. With the assistance from Williams advisory committee, the new management of the enterprise adopted different management strategies that would not only boost the security of the business but will as well improve their customer satisfaction in the competitive market. The protection mechanism adopted by the organization hence focused on the various aspects of the life-cycle involved in building security programs. The step was aimed at emphasizing to the employees and regulation authorities concerned that security was an ongoing effort within the organization. For instance, Bernik and Prislan (2016) point out that open wireless networks, as well as credit card thefts, are common information security threats to many organizations. Foodland Supermarkets have thus implemented robust security procedures and policies that can help in managing such vices within the organization. The mechanism presents a high-level view of the roles of security managers that can be integrated with the strategic focus of the organization. The management hence ensured a distribution of roles by adopting strategies that showed the responsibilities of the chief information security officers and the chief security officers within the enterprise. Foodland Supermarkets IT professionals thus explore the authentication strategies and models that can deliver the relevant or emerging information security overviews depending on the level of advancement of technological tools adopted to secure the business information for the enterprise. The IT information security department of the organization have a listing of the valuable Internet-based information security resources. Chatterjee, Sarker, and Valacich (2015) point out that such resources are essential in examining the information system security tasks and concepts to ensure secure business continuity, information risks management and r eduction, as well as testing and auditing of the information security procedures adopted by an organization. Personnel and Security In the attempt of ensuring an ethical and legal information security procedure, Bernik and Prislan (2016) point out that developing a strategic system is a top issue. As a result, developing such strategies is a step that is essential in establishing information security as an organizational strategy rather than just an operational concern. In their study, Bruwer and Rawbone-Viljoen (2015) point out that the step requires a strategic plan with high set o f priorities that are in line with the organizational strategic security objectives. The study point out that information security system is more than recitations of the innovative technologies to secure both individual and organizational data. Foodland Supermarket has adopted information security strategies that are flexible so as to enable a quick response to the existing as well as emerging information insecurity issues facing organizations as a result of technological innovations. The system has short- and long T term objectives, metrics, and performance targets as a step towards elevating vital information security management concerns for the enterprise. When it comes to the employment of personnel, the company does not take part in employing the underage. Aside from this being illegal, it is against their set objectives since a minor has no qualified skills. In order for the company to maximize their profits, it cannot depend on unskilled labour since mistakes are bound to happen. Furthermore, the company will be risking their closure since minors are not supposed to labour until they are adults In every organization, teamwork is an essential human resource management strategy that is essential to achieving the set goals and objectives for different organizations. In their study, Steinbart et al. (2016) point out that every employee within the workforce has a responsibility to play in helping business organizations to achieve their strategic objectives. For Foodland supermarkets, the objective of achieving secure organizational and customer security information is not only a responsibility to the IT officials. The management has ensured that all the employees acquire the relevant information security skills as a regular training program for the new and existing employees. However, most of the duty is left to the management as well as the IT officers who have the professional qualifications to ensure that the organization adopts a system that is relevant, sustainable and in line with the strategic objective of the organization. Law and ethics Education and training of most IT specialists and managers of information systems tend to focus mainly on the technical skills and knowledge. However, Bruwer and Rawbone-Viljoen (2013) point out that they focus very little on how the abilities can be misused by many users. In fact, many of the IT professional managers and professionals approach their work and training from a hackers perspective. Most of the IT professionals like software engineers tend to get access to knowledge and confidential data on individuals and companies that can give them a great deal of power (Amrollahi, Ghapanchi, Talaei-Khoei 2014, p. 84). Some of the power can be used deliberately in a wrong way that can harm the progress of other people or result in loss of information. In their study, Sen and Bourne (2016) point out that is essential for a company to ensure that its employees are trained on the ethical and laws governing information security of both the organization and the individual customers. For Foodland Supermarkets, ethics is paramount not only on the issues regarding customers and organizational information but even in customer service as well. The management hence ensures that the IT communicators, as well as other employees, are trained and developed towards achieving ethical professional practices in the process of their service delivery to customers of the business. Foodland Supermarkets hence consider best ISO information security standards and practices that meet the global standards of data protection. In his study, Gupta and Saini (2013) points out ISO/IEC 27001:2013 as essential in the implementation, maintenance, and improvement within any organizational context. Ensuring the organization meets this standard hence enables it to meet the ethical laws and standards that are vital in the data security management for the organization. These ethical standards have enabled the organization to uniform agreement and understanding on both functional and non-functiona l requirements in the process of designing effective information systems that are compatible with a competitive food industry requirement (D'Arcy, Herath Shoss 2014, p. 286). PRT Network Monitor report The use of a network report tool like the PRT network monitor is essential for administrators in keeping control of the organizational network (Amrollahi, Ghapanchi, Talaei-Khoei 2014, p. 84 and Asani 2015, p. 5). The tool is essential in identifying bandwidth usage trends and networks, monitor the uptime and availability of different network devices, as well as checking performance matrix like RAM and CPU usage for the organizations servers and computers. The PRTG Network report hence helps the organization in collecting and displaying monitored information and data in ways that can easily be interpreted and reported (Prislan 2016, p. 1). According to Jingguo, Gupta and Rao (2015), PRT network report is essential for organizations that have adopted different information security system strategies. For Foodland enterprise, the implementation of the network enables the organization to; PRTG enables the enterprise to easily manage and compare the current and historical data that is essential in doing resource planning, troubleshooting window networks, or running Ethernet performance tests within the information security systems. It makes the selected data available upon request to a defined set of users thus initiating the use of presentation tools like graphs for easy interpretation of the information and organizational data. It thus helps in monitoring access to both individual and information data hence preventing access by unauthorized users as a way of monitoring the data (Amrollahi, Ghapanchi, Talaei-Khoei 2014, p. 84). It is a powerful and as well as a cost-effective network monitoring tool that helps in securely generating detailed reports for summary reports according to Steinbart et al. (2016). It hence gives managers and other organizational stakeholders a quick overview of the progress of the organization as well as possible security information risks that can affect the organization. Conclusion Information security is an issue of paramount importance to every business that adopts the current technological business innovations in the connected business world. It is hence essential for institutions to openly share ideas and collaborate so as to assist the business community moving forward with matters of information security. Every business hence needs to develop a strategic and effective information security systems responding to the culture and institutional organization that can elevate concerns of information security to the organizational activities. A competitive business organization also needs to ensure a competitive working environment by adopting regular training and development procedures for the employees on the relevant information security issues effective the current nature of the business industry. It is hence essential to develop security policies for the cloud, mobile, and digital resources to as to help in issues of data access, handling, control, and user- awareness with the aim of reducing the major information insecurity threats faced in the current business environment. References Amrollahi, A, Ghapanchi, AH Talaei-Khoei, A 2014, Three decades of research on strategic information system plan development, Communications of the Association for Information Systems,vol. 34, no. 1, p.84. Asani, E.O., 2014. A Review Of Trends Of Authentication Mechanisms For Access Control.Computing, Information Systems, Development Informatics Allied Research Journal,5(2). Bernik, I, Prislan, K 2016, 'Measuring Information Security Performance with 10 by 10 Model for Holistic State Evaluation',Plos ONE, 11, 9, pp. 1-33, Academic Search Premier, EBSCOhost, viewed 19 October 2016. Boss, S, Galletta, D, Benjamin Lowry, P, Moody, G, Polak, P 2015, 'What do systems users have to fear? using fear appeals to engender threats and fear that motivate protective security behaviors',MIS Quarterly, 39, 4, pp. 837-864, Business Source Premier, EBSCOhost, viewed 19 October 2016. Bruwer, J Rawbone-Viljoen, C 2013, BYOB as a risk-reduction strategy (RRS) for wine consumers in the Australian on-premise foodservice sector: Exploratory insights,International Journal of Hospitality Management,vol. 32, pp.21-30. Chatterjee, S, Sarker, S, Valacich, J 2015, 'The Behavioral Roots of Information Systems Security: Exploring Key Factors Related to Unethical IT Use',Journal Of Management Information Systems, 31, 4, pp. 49-87, Business Source Premier, EBSCOhost, viewed 19 October 2016. Chen, Y, Ramamurthy, K, Wen, K 2012, 'Organizations' Information Security Policy Compliance: Stick or Carrot Approach?',Journal Of Management Information Systems, 29, 3, pp. 157-188, Business Source Premier, EBSCOhost, viewed 19 October 2016. Cram, W, Brohman, K, Gallupe, R 2016, 'Information Systems Control: A Review and Framework for Emerging Information Systems Processes',Journal Of The Association For Information Systems, 17, 4, pp. 216-266, Business Source Premier, EBSCOhost, viewed 19 October 2016. D'Arcy, J, Herath, T, Shoss, M 2014, 'Understanding Employee Responses to Stressful Information Security Requirements: A Coping Perspective',Journal Of Management Information Systems, 31, 2, pp. 285-318, Business Source Premier, EBSCOhost, viewed 19 October 2016. Gupta, S, Saini, A 2013, 'Information System Security and Risk Management: Issues and Impact on Organizations',Global Journal Of Enterprise Information System, 5, 1, pp. 31-35, Business Source Premier, EBSCOhost, viewed 19 October 2016. Jingguo, W, Gupta, M, Rao, H 2015, 'Insider threats in a financial institution: analysis of attack-proneness of information systems applications',MIS Quarterly, 39, 1, pp. 91-A7, Business Source Premier, EBSCOhost, viewed 19 October 2016. Kearney, W, Kruger, H 2016, 'Can perceptual differences account for enigmatic information security behaviour in an organisation?',Computers Security, 61, pp. 46-58, Business Source Premier, EBSCOhost, viewed 19 October 2016. Prislan, K 2016, Network reporting tool: Analyze and visualize network usage trends using prtg network monitor, Retrieved from https://www.paessler.com/network_reporting_tool Sen, R, Borle, S 2015, 'Estimating the Contextual Risk of Data Breach: An Empirical Approach',Journal Of Management Information Systems, 32, 2, pp. 314-341, Business Source Premier, EBSCOhost, viewed 19 October 2016. Sohrabi, N, Safa, N, Von Solms, R, Furnell, S 2016, 'Information security policy compliance model in organizations',Computers Security, 56, pp. 50-72, Business Source Premier, EBSCOhost, viewed 19 October 201 Steinbart, P, Raschke, R, Gal, G, Dilla, W 2016, 'SECURQUAL: An Instrument for Evaluating the Effectiveness of Enterprise Information Security Programs',Journal Of Information Systems, 30, 1, pp. 71-92, Business Source Premier, EBSCOhost, viewed 19 October 2016. Yue, W 2012, 'Information Security Outsourcing with System Interdependency and Mandatory Security Requirement',Journal Of Management Information Systems, 29, 3, pp. 117-156, Business Source Premier, EBSCOhost, viewed 19 October 2016.