MIS

Assignment # 3

Muhammad Shouab – E/MSpr100-59

Unsecured Systems Repercussions
Information security is the ongoing process of exercising due care and due diligence to protect
information, and information systems, from unauthorized access, use, disclosure, destruction,
modification, or disruption or distribution.

These differences lie primarily in the approach to the subject, the methodologies used, and the areas of
concentration. Information security is concerned with the confidentiality, integrity and availability of
data regardless of the form the data may take: electronic, print, or other forms.

Computer security can focus on ensuring the availability and correct operation of a computer system
without concern for the information stored or processed by the computer.

If systems are not secured then following consequences can be happened,

1) Disclosure of information
2) Unauthorized access
3) illegal usage of confidential data
4) Disruption of data
5) Modification of important information
6) Perusalof data
7) Irritating Inspection of information
8) Recording of information
9) Destruction of highly valuable data
10) Loss of capital

1. Disclosure of information
This can be saved by making the information security checks like firewall, antivirus, proxy
policies and proper user rights management.

2. Unauthorized access
Unauthorized access can be cured by limiting user rights to the system.

3. Illegal usage of confidential data

Can be avoided by implementing access rights, physical security, network security.

4. Disruption of data
Proper backups and recovery procedures should be implemented

5. Modification of important information

Different security checks like copy space and read/write can be given according to user
demands.

6. Perusal of data
Unauthorized access can be cured by limiting user rights to the system. Like patient’s data
should be available to only authorized doctors or physicians.

7. Irritating Inspection of information

 Suitable security measures can be made like proxies and firewall to avoid this drawback.

8. Recording of information
Again recording or encryption rights must be made to avoid this .

9. Destruction of highly valuable data

Proper backups and recovery procedures should be implemented to avoid this
conscequence.

10. Loss of capital

This can be minimized by insuring the products and services like if some systems are stolen
or damaged then loess insurance can be claimed to avoid this in future.

Recovery Plan of lost or disrupt information

 Selecting team members
 Define roles, responsibilities and lines of authority
 Define a security incident
 Define a reportable incident
 Training
 Detection
 Classification
 Escalation
 Containment
 Eradication
 Documentation