TECHNOLOGICAL INSTITUTE OF THE PHILIPPINES

QUEZON CITY
938 Aurora Blvd. Cubao Quezon City

COLLEGE OF INFORMATION TECHNOLOGY EDUCATION
IS001- INFORMATION SYSTEM

MIDTERM PROJECT

1ST SEMESTER 2016-2017

How Encryption Enables Crucial Data Control: Focuses Role of
Information Systems Department on Managing and Planning

DIVINA, JOSEPH H.
FLORES, JOHN KENNETH R.
LABORTE, SIEGFRED C.
MENDONEZ, ERIKA JOYCE
MIJARES, HAZARMAVETH A.
RAYMUNDO, KATHLEEN O.

IE51FA3
I.

Executive Summary

Statement of the Problem The security problem is not unique to any type of computer system or configuration of a system.The security of business is not always safe from the hacktivists. the massive majority of security breaches are perpetrated by criminal groups focused on financial profit. The human vulnerabilities and individual activity can accidentally or deliberately jeopardize the system's information protection capabilities. The security threats caused by these hacks are penetrating the security thru social engineering. IV. Since very few of these attacks result in the direct theft of currency. and there are vulnerabilities in the organization of the protection system. Hacktivists are group of individuals that can expose data to further an ideological cause. the vast majority of breaches are perpetrated by criminal groups focused on financial profit. Moreover. criminals need a way to turn their stolen data into money. Decision Criteria and Alternative Solutions MIDTERM PROJECT: CASE STUDY 2 2 . III. If a design of a secure system must provide protection against the various kinds of vulnerabilities. communication facilities. II. There are human vulnerabilities and individual activity that can accidentally or deliberately jeopardize the system's information protection capabilities. it applies across the range of computational technology. communication facilities. There are possible software vulnerabilities at all levels of the machine operating system and supporting software. Hardware vulnerabilities are shared among the computer. hardware vulnerabilities that are shared among the computer. remote units and consoles may expose when one could apply a social engineering to hack the system. The nature of computer systems brings together a series of vulnerabilities. and remote units and consoles. Cause of the Problem The security threats from hacktivists groups that can expose data to further an ideological cause. The first security protection of a business is the presence of security management will make attempts to sabotage the system much more visible and detectable beyond different hacks.

such as access control. username and strong password)) b) Enhanced background screening for primary systems administrator or equivalent c) Network firewalls d) Anti-virus software or intrusion prevention system e) Internet security software package f) Encryption between hosts g) Secured zone (where the computers and servers are housed such as LAN closets.  Security system integration The organizations to merge physical security applications. but not limited to: a) Authenticating the user (one-factor authentication (i. into a single. Pros: It helps to enhance the foundation of security against data breaches. such as biometric identification programs that allow employees to use the corporate network. MIDTERM PROJECT: CASE STUDY 2 3 . By following standard procedures in protection of personal information system and physical security are in the global competent.. computer rooms)  System Audit and Certification The information system department should comply BS 10012 – Data Protection: Specification for Personal Information Management System and ISO: 27001. Employees responsible for physical security may join the same department as those responsible for network and computer security. Cons: It opens the data from the series of auditing that may cause of possible leakages. such as.The security solution on business infrastructure should possess the minimize security clearance processes and data monitory of structure consistency.SoA: Creating an information security policy document that amend to breach notification law. An effective IT security should have considered to include procedures.e. comprehensive system. and logical security applications.

V. Implementation and Justification An essential aspect of effective control is standardization of activities and the need for standards throughout the system.Pros: It provides the integrated security system within the organization that protects the data of the company but also the employee itself. Cons: It cost too much for a security features even though the security is may possible at risk upon its employee. The presence of management will make attempts to sabotage the system much more visible and detectable. print-outs and etc. Recommended Solution. The policy and to technical methods. there must be an effective set of management and administrative controls and procedures governing the flow of information to and from the computer system and over the movement and actions within the system environment of people and movable components such as demountable magnetic tapes and discs. MIDTERM PROJECT: CASE STUDY 2 4 .