Introduction to Information Systems Security Essay

A LAN, or local area network, is a group of computers ranging from small to large within a single office or building. Security and access control has to be robust to secure data, applications, and confidential records. Unauthorized access to the network is a massive security risk for the infrastructure. One way to reduce the risk of access is to implement access doors with key cards to only allow authorized personnel. So if there was a breach in security its only limited to select personnel. The workstation domain is where a user can connect to the business network through the local area network. This can be done by laptops, phones, tablets, and desktops. Each workstation requires a user ID and password. To prevent unauthorized access pass word protection should be enabled. A strong password should consist of uppercase, lowercase letters and special characters. If a workstation is idle for a certain amount of time there should be automatic screen lock, which requires the user to reenter their password for access. Certain user should only have the ability to make changes like downloading and installing something to internet access. This along with an anti-virus program will reduce threats like viruses and malware. So if a virus was present on a workstation it will be removed before it spreads throughout the network. The user domain is the employees who access the organization network and IT infrastructure. There should be a policy in place that defines what the employee can do inside the organization. A employee handbook would be beneficial and should list all of the guidelines and procedures. Many smack threats can be avoided by the lack of knowledge and security violations. Reminders like emails and periodic meetings can help employees be more aware about threats and technology updates. If there is a security violation the employee should be under watch and have a meeting with their supervisor. Employee’s daily usage should also be supervised periodically to find any abnormal activity. There also should be warning in place when employees are trying to operate during restricted hours.